32 #ifndef QCA_SECURELAYER_H
33 #define QCA_SECURELAYER_H
119 virtual bool isClosable()
const;
125 virtual int bytesAvailable()
const = 0;
131 virtual int bytesOutgoingAvailable()
const = 0;
140 virtual void close();
149 virtual void write(
const QByteArray &a) = 0;
157 virtual QByteArray read() = 0;
168 virtual void writeIncoming(
const QByteArray &a) = 0;
179 virtual QByteArray readOutgoing(
int *plainBytes = 0) = 0;
188 virtual QByteArray readUnprocessed();
195 virtual int convertBytesWritten(qint64 encryptedBytes) = 0;
212 void readyReadOutgoing();
348 explicit TLS(
QObject *parent = 0,
const QString &provider = QString());
361 explicit TLS(Mode mode,
QObject *parent = 0,
const QString &provider = QString());
387 QStringList supportedCipherSuites(
const Version &version = TLS_v1)
const;
412 void setCertificate(
const KeyBundle &kb);
447 void setConstraints(
int minSSF,
int maxSSF);
459 void setConstraints(
const QStringList &cipherSuiteList);
505 bool canCompress()
const;
513 bool canSetHostName()
const;
522 bool compressionEnabled()
const;
530 void setCompressionEnabled(
bool b);
536 QString hostName()
const;
557 void startClient(
const QString &host = QString());
573 void continueAfterStep();
582 bool isHandshaken()
const;
589 bool isCompressed()
const;
594 Version version()
const;
602 QString cipherSuite()
const;
613 int cipherBits()
const;
621 int cipherMaxBits()
const;
634 Error errorCode()
const;
653 IdentityResult peerIdentityResult()
const;
663 Validity peerCertificateValidity()
const;
684 virtual bool isClosable()
const;
685 virtual int bytesAvailable()
const;
686 virtual int bytesOutgoingAvailable()
const;
687 virtual void close();
688 virtual void write(
const QByteArray &a);
689 virtual QByteArray read();
690 virtual void writeIncoming(
const QByteArray &a);
691 virtual QByteArray readOutgoing(
int *plainBytes = 0);
692 virtual QByteArray readUnprocessed();
693 virtual int convertBytesWritten(qint64 encryptedBytes);
701 int packetsAvailable()
const;
709 int packetsOutgoingAvailable()
const;
716 int packetMTU()
const;
725 void setPacketMTU(
int size)
const;
739 void hostNameReceived();
752 void certificateRequested();
764 void peerCertificateAvailable();
786 #if QT_VERSION >= 0x050000
787 void connectNotify(
const QMetaMethod &signal);
789 void connectNotify(
const char *signal);
798 #if QT_VERSION >= 0x050000
799 void disconnectNotify(
const QMetaMethod &signal);
801 void disconnectNotify(
const char *signal);
808 friend class Private;
877 AuthFlagsNone = 0x00,
879 AllowAnonymous = 0x02,
880 RequireForwardSecrecy = 0x04,
881 RequirePassCredentials = 0x08,
882 RequireMutualAuth = 0x10,
883 RequireAuthzidSupport = 0x20
891 AllowClientSendFirst,
892 DisableClientSendFirst
901 DisableServerSendLast
930 Params(
bool user,
bool authzid,
bool pass,
bool realm);
950 bool needUsername()
const;
955 bool canSendAuthzid()
const;
960 bool needPassword()
const;
965 bool canSendRealm()
const;
980 explicit SASL(
QObject *parent = 0,
const QString &provider = QString());
1018 void setConstraints(
AuthFlags f,
int minSSF,
int maxSSF);
1026 void setLocalAddress(
const QString &addr, quint16 port);
1034 void setRemoteAddress(
const QString &addr, quint16 port);
1041 void setExternalAuthId(
const QString &authid);
1049 void setExternalSSF(
int strength);
1062 void startClient(
const QString &service,
const QString &host,
const QStringList &mechlist,
ClientSendMode mode = AllowClientSendFirst);
1075 void startServer(
const QString &service,
const QString &host,
const QString &realm,
ServerSendMode mode = DisableServerSendLast);
1086 void putServerFirstStep(
const QString &mech);
1098 void putServerFirstStep(
const QString &mech,
const QByteArray &clientInit);
1109 void putStep(
const QByteArray &stepData);
1114 QString mechanism()
const;
1119 QStringList mechanismList()
const;
1124 QStringList realmList()
const;
1134 Error errorCode()
const;
1146 void setUsername(
const QString &user);
1153 void setAuthzid(
const QString &auth);
1167 void setRealm(
const QString &realm);
1172 void continueAfterParams();
1177 void continueAfterAuthCheck();
1180 virtual int bytesAvailable()
const;
1181 virtual int bytesOutgoingAvailable()
const;
1182 virtual void write(
const QByteArray &a);
1183 virtual QByteArray read();
1184 virtual void writeIncoming(
const QByteArray &a);
1185 virtual QByteArray readOutgoing(
int *plainBytes = 0);
1186 virtual int convertBytesWritten(qint64 encryptedBytes);
1201 void clientStarted(
bool clientInit,
const QByteArray &clientInitData);
1207 void serverStarted();
1216 void nextStep(
const QByteArray &stepData);
1239 void authCheck(
const QString &user,
const QString &authzid);
1244 void authenticated();
1247 Q_DISABLE_COPY(
SASL)
1250 friend class Private;
ServerSendMode
Mode options for server side sending.
Definition: qca_securelayer.h:898
Error
Type of error.
Definition: qca_securelayer.h:316
General superclass for an algorithm.
Definition: qca_core.h:1121
Version
Version of TLS or SSL.
Definition: qca_securelayer.h:305
problem starting up TLS
Definition: qca_securelayer.h:321
Parameter flags for the SASL authentication.
Definition: qca_securelayer.h:914
Generic private key.
Definition: qca_publickey.h:826
SL_High or max possible, whichever is greater.
Definition: qca_securelayer.h:66
must at least get integrity protection
Definition: qca_securelayer.h:62
Certificate chain and private key pair.
Definition: qca_cert.h:2135
local certificate is expired
Definition: qca_securelayer.h:318
Header file for PGP key and X.509 certificate related classes.
Mode
Operating mode.
Definition: qca_securelayer.h:296
identity is verified
Definition: qca_securelayer.h:331
Validity
The validity (or otherwise) of a certificate.
Definition: qca_cert.h:489
Simple Authentication and Security Layer protocol implementation.
Definition: qca_securelayer.h:839
must be 128 bit or more
Definition: qca_securelayer.h:64
Abstract interface to a security layer.
Definition: qca_securelayer.h:104
Header file for PublicKey and PrivateKey related classes.
Server failed mutual authentication (client side only)
Definition: qca_securelayer.h:861
invalid cert
Definition: qca_securelayer.h:333
Passphrase expired, has to be reset (server side only)
Definition: qca_securelayer.h:866
must be export level bits or more
Definition: qca_securelayer.h:63
User not found (server side only)
Definition: qca_securelayer.h:868
Transport Layer Security / Secure Socket Layer.
Definition: qca_securelayer.h:289
Header file for core QCA infrastructure.
No compatible/appropriate authentication mechanism.
Definition: qca_securelayer.h:859
Bad protocol or cancelled.
Definition: qca_securelayer.h:860
Authentication failure (server side only)
Definition: qca_securelayer.h:862
valid cert provided, but wrong owner
Definition: qca_securelayer.h:332
Session token, used for TLS resuming.
Definition: qca_securelayer.h:238
indicates that no security is ok
Definition: qca_securelayer.h:61
Secure Socket Layer, version 3.
Definition: qca_securelayer.h:308
QCA - the Qt Cryptographic Architecture.
Definition: qca_basic.h:47
problem starting up SASL
Definition: qca_securelayer.h:848
Account is disabled (server side only)
Definition: qca_securelayer.h:867
certificate and private key don't match
Definition: qca_securelayer.h:320
must be more than 128 bit
Definition: qca_securelayer.h:65
AuthFlags
Authentication requirement flag values.
Definition: qca_securelayer.h:875
SecurityLevel
Specify the lower-bound for acceptable TLS/SASL security layers.
Definition: qca_securelayer.h:59
IdentityResult
Type of identity.
Definition: qca_securelayer.h:329
Secure array of bytes.
Definition: qca_tools.h:316
AuthCondition
Possible authentication error states.
Definition: qca_securelayer.h:856
ClientSendMode
Mode options for client side sending.
Definition: qca_securelayer.h:889
problem during the authentication process
Definition: qca_securelayer.h:849
Generic authentication failure.
Definition: qca_securelayer.h:858
A chain of related Certificates.
Definition: qca_cert.h:1207
Mechanism too weak for this user (server side only)
Definition: qca_securelayer.h:864
Error
Possible errors that may occur when using SASL.
Definition: qca_securelayer.h:846
local certificate is invalid in some way
Definition: qca_securelayer.h:319
problem during the negotiation
Definition: qca_securelayer.h:322
Authorization failure (server side only)
Definition: qca_securelayer.h:863
Encryption is needed in order to use mechanism (server side only)
Definition: qca_securelayer.h:865
Transport Layer Security, version 1.
Definition: qca_securelayer.h:307
Secure Socket Layer, version 2.
Definition: qca_securelayer.h:309
Bundle of Certificates and CRLs.
Definition: qca_cert.h:1890
stream mode
Definition: qca_securelayer.h:298