Differential D16226 Diff 43660 include/QtCrypto/qca_publickey.h

Changeset View

Standalone View

include/QtCrypto/qca_publickey.h

Show All 30 Lines
31	*/	31		*/
32		32
33	#ifndef QCA_PUBLICKEY_H	33		#ifndef QCA_PUBLICKEY_H
34	#define QCA_PUBLICKEY_H	34		#define QCA_PUBLICKEY_H
35		35
36	#include <QObject>	36		#include <QObject>
37	#include "qca_core.h"	37		#include "qca_core.h"
38		38
39	namespace QCA {	39		namespace QCA
		40		{
40		41
41	class PublicKey;	42		class PublicKey;
42	class PrivateKey;	43		class PrivateKey;
43	class KeyGenerator;	44		class KeyGenerator;
44	class RSAPublicKey;	45		class RSAPublicKey;
45	class RSAPrivateKey;	46		class RSAPrivateKey;
46	class DSAPublicKey;	47		class DSAPublicKey;
47	class DSAPrivateKey;	48		class DSAPrivateKey;
48	class DHPublicKey;	49		class DHPublicKey;
49	class DHPrivateKey;	50		class DHPrivateKey;
50		51
51	/**	52		/**
52	Encryption algorithms	53		Encryption algorithms
53	*/	54		*/
54	enum EncryptionAlgorithm	55		enum EncryptionAlgorithm {
55	{
56	EME_PKCS1v15, ///< Block type 2 (PKCS#1, Version 1.5)	56		EME_PKCS1v15, ///< Block type 2 (PKCS#1, Version 1.5)
57	EME_PKCS1_OAEP, ///< Optimal asymmetric encryption padding (PKCS#1, Version 2.0)	57		EME_PKCS1_OAEP, ///< Optimal asymmetric encryption padding (PKCS#1, Version 2.0)
58	EME_PKCS1v15_SSL, ///< PKCS#1, Version 1.5 with an SSL-specific modification	58		EME_PKCS1v15_SSL, ///< PKCS#1, Version 1.5 with an SSL-specific modification
59	EME_NO_PADDING ///< Raw RSA encryption	59		EME_NO_PADDING ///< Raw RSA encryption
60	};	60		};
61		61
62	/**	62		/**
63	Signature algorithm variants	63		Signature algorithm variants
64		64
65	Note that most signature algorithms follow a process of first hashing the	65		Note that most signature algorithms follow a process of first hashing the
66	plaintext data to be signed, creating a payload format that wraps the hash	66		plaintext data to be signed, creating a payload format that wraps the hash
67	value (among other things), and then signing the payload with the private	67		value (among other things), and then signing the payload with the private
68	key. So, for example, an EMSA3(SHA1) signature outputted by QCA cannot be	68		key. So, for example, an EMSA3(SHA1) signature outputted by QCA cannot be
69	verified by merely performing RSA and SHA1 operations (e.g.	69		verified by merely performing RSA and SHA1 operations (e.g.
70	"openssl rsautl -verify" and comparing with sha1sum), because that would not	70		"openssl rsautl -verify" and comparing with sha1sum), because that would not
71	take the EMSA3 payload format into consideration.	71		take the EMSA3 payload format into consideration.
72	*/	72		*/
73	enum SignatureAlgorithm	73		enum SignatureAlgorithm {
74	{
75	SignatureUnknown, ///< Unknown signing algorithm	74		SignatureUnknown, ///< Unknown signing algorithm
76	EMSA1_SHA1, ///< SHA1, with EMSA1 (IEEE1363-2000) encoding (this is the usual DSA algorithm - FIPS186)	75		EMSA1_SHA1, ///< SHA1, with EMSA1 (IEEE1363-2000) encoding (this is the usual DSA algorithm - FIPS186)
77	EMSA3_SHA1, ///< SHA1, with EMSA3 (ie PKCS#1 Version 1.5) encoding	76		EMSA3_SHA1, ///< SHA1, with EMSA3 (ie PKCS#1 Version 1.5) encoding
78	EMSA3_MD5, ///< MD5, with EMSA3 (ie PKCS#1 Version 1.5) encoding (this is the usual RSA algorithm)	77		EMSA3_MD5, ///< MD5, with EMSA3 (ie PKCS#1 Version 1.5) encoding (this is the usual RSA algorithm)
79	EMSA3_MD2, ///< MD2, with EMSA3 (ie PKCS#1 Version 1.5) encoding	78		EMSA3_MD2, ///< MD2, with EMSA3 (ie PKCS#1 Version 1.5) encoding
80	EMSA3_RIPEMD160, ///< RIPEMD160, with EMSA3 (ie PKCS#1 Version 1.5) encoding	79		EMSA3_RIPEMD160, ///< RIPEMD160, with EMSA3 (ie PKCS#1 Version 1.5) encoding
81	EMSA3_Raw, ///< EMSA3 without computing a message digest or a DigestInfo encoding (identical to PKCS#11's CKM_RSA_PKCS mechanism)	80		EMSA3_Raw, ///< EMSA3 without computing a message digest or a DigestInfo encoding (identical to PKCS#11's CKM_RSA_PKCS mechanism)
82	EMSA3_SHA224, ///< SHA224, with EMSA3 (ie PKCS#1 Version 1.5) encoding	81		EMSA3_SHA224, ///< SHA224, with EMSA3 (ie PKCS#1 Version 1.5) encoding
83	EMSA3_SHA256, ///< SHA256, with EMSA3 (ie PKCS#1 Version 1.5) encoding	82		EMSA3_SHA256, ///< SHA256, with EMSA3 (ie PKCS#1 Version 1.5) encoding
84	EMSA3_SHA384, ///< SHA384, with EMSA3 (ie PKCS#1 Version 1.5) encoding	83		EMSA3_SHA384, ///< SHA384, with EMSA3 (ie PKCS#1 Version 1.5) encoding
85	EMSA3_SHA512 ///< SHA512, with EMSA3 (ie PKCS#1 Version 1.5) encoding	84		EMSA3_SHA512 ///< SHA512, with EMSA3 (ie PKCS#1 Version 1.5) encoding
86	};	85		};
87		86
88	/**	87		/**
89	Signature formats (DSA only)	88		Signature formats (DSA only)
90	*/	89		*/
91	enum SignatureFormat	90		enum SignatureFormat {
92	{
93	DefaultFormat, ///< For DSA, this is the same as IEEE_1363	91		DefaultFormat, ///< For DSA, this is the same as IEEE_1363
94	IEEE_1363, ///< 40-byte format from IEEE 1363 (Botan/.NET)	92		IEEE_1363, ///< 40-byte format from IEEE 1363 (Botan/.NET)
95	DERSequence ///< Signature wrapped in DER formatting (OpenSSL/Java)	93		DERSequence ///< Signature wrapped in DER formatting (OpenSSL/Java)
96	};	94		};
97		95
98	/**	96		/**
99	Password-based encryption	97		Password-based encryption
100	*/	98		*/
101	enum PBEAlgorithm	99		enum PBEAlgorithm {
102	{
103	PBEDefault, ///< Use modern default (same as PBES2_TripleDES_SHA1)	100		PBEDefault, ///< Use modern default (same as PBES2_TripleDES_SHA1)
104	PBES2_DES_SHA1, ///< PKCS#5 v2.0 DES/CBC,SHA1	101		PBES2_DES_SHA1, ///< PKCS#5 v2.0 DES/CBC,SHA1
105	PBES2_TripleDES_SHA1, ///< PKCS#5 v2.0 TripleDES/CBC,SHA1	102		PBES2_TripleDES_SHA1, ///< PKCS#5 v2.0 TripleDES/CBC,SHA1
106	PBES2_AES128_SHA1, ///< PKCS#5 v2.0 AES-128/CBC,SHA1	103		PBES2_AES128_SHA1, ///< PKCS#5 v2.0 AES-128/CBC,SHA1
107	PBES2_AES192_SHA1, ///< PKCS#5 v2.0 AES-192/CBC,SHA1	104		PBES2_AES192_SHA1, ///< PKCS#5 v2.0 AES-192/CBC,SHA1
108	PBES2_AES256_SHA1 ///< PKCS#5 v2.0 AES-256/CBC,SHA1	105		PBES2_AES256_SHA1 ///< PKCS#5 v2.0 AES-256/CBC,SHA1
109	};	106		};
110		107
111	/**	108		/**
112	Return value from a format conversion	109		Return value from a format conversion
113		110
114	Note that if you are checking for any result other than ConvertGood,	111		Note that if you are checking for any result other than ConvertGood,
115	then you may be introducing a provider specific dependency.	112		then you may be introducing a provider specific dependency.
116	*/	113		*/
117	enum ConvertResult	114		enum ConvertResult {
118	{
119	ConvertGood, ///< Conversion succeeded, results should be valid	115		ConvertGood, ///< Conversion succeeded, results should be valid
120	ErrorDecode, ///< General failure in the decode stage	116		ErrorDecode, ///< General failure in the decode stage
121	ErrorPassphrase, ///< Failure because of incorrect passphrase	117		ErrorPassphrase, ///< Failure because of incorrect passphrase
122	ErrorFile ///< Failure because of incorrect file	118		ErrorFile ///< Failure because of incorrect file
123	};	119		};
124		120
125	/**	121		/**
126	Well known discrete logarithm group sets	122		Well known discrete logarithm group sets
127		123
128	These sets are derived from three main sources:	124		These sets are derived from three main sources:
129	Java Cryptographic Extensions,	125		Java Cryptographic Extensions,
130	<a href="http://www.ietf.org/rfc/rfc2412.txt">RFC2412</a> and	126		<a href="http://www.ietf.org/rfc/rfc2412.txt">RFC2412</a> and
131	<a href="http://www.ietf.org/rfc/rfc3526.txt">RFC3526</a>.	127		<a href="http://www.ietf.org/rfc/rfc3526.txt">RFC3526</a>.
132	*/	128		*/
133	enum DLGroupSet	129		enum DLGroupSet {
134	{
135	DSA_512, ///< 512 bit group, for compatibility with JCE	130		DSA_512, ///< 512 bit group, for compatibility with JCE
136	DSA_768, ///< 768 bit group, for compatibility with JCE	131		DSA_768, ///< 768 bit group, for compatibility with JCE
137	DSA_1024, ///< 1024 bit group, for compatibility with JCE	132		DSA_1024, ///< 1024 bit group, for compatibility with JCE
138	IETF_768, ///< Group 1 from RFC 2412, Section E.1	133		IETF_768, ///< Group 1 from RFC 2412, Section E.1
139	IETF_1024, ///< Group 2 from RFC 2412, Section E.2	134		IETF_1024, ///< Group 2 from RFC 2412, Section E.2
140	IETF_1536, ///< 1536-bit MODP Group ("group 5") from RFC3526 Section 2.	135		IETF_1536, ///< 1536-bit MODP Group ("group 5") from RFC3526 Section 2.
141	IETF_2048, ///< 2048-bit MODP Group ("group 14") from RFC3526 Section 3.	136		IETF_2048, ///< 2048-bit MODP Group ("group 14") from RFC3526 Section 3.
142	IETF_3072, ///< 3072-bit MODP Group ("group 15") from RFC3526 Section 4.	137		IETF_3072, ///< 3072-bit MODP Group ("group 15") from RFC3526 Section 4.
▲ Show 20 Lines • Show All 54 Lines • ▼ Show 20 Line(s)		167	public:
197	DLGroup(const DLGroup &from);	192		DLGroup(const DLGroup &from);
198	~DLGroup();	193		~DLGroup();
199		194
200	/**	195		/**
201	Standard assignment operator	196		Standard assignment operator
202		197
203	\param from the DLGroup to copy from	198		\param from the DLGroup to copy from
204	*/	199		*/
205	DLGroup & operator=(const DLGroup &from);	200		DLGroup &operator=(const DLGroup &from);
206		201
207	/**	202		/**
208	Provide a list of the supported group sets	203		Provide a list of the supported group sets
209		204
210	\param provider the provider to report which group sets are	205		\param provider the provider to report which group sets are
211	available. If not specified, all providers will be checked	206		available. If not specified, all providers will be checked
212	*/	207		*/
213	static QList<DLGroupSet> supportedGroupSets(const QString &provider = QString());	208		static QList<DLGroupSet> supportedGroupSets(const QString &provider = QString());
▲ Show 20 Lines • Show All 58 Lines • ▼ Show 20 Line(s)		246	public:
272		267
273	~PKey();	268		~PKey();
274		269
275	/**	270		/**
276	Standard assignment operator	271		Standard assignment operator
277		272
278	\param from the PKey to copy from	273		\param from the PKey to copy from
279	*/	274		*/
280	PKey & operator=(const PKey &from);	275		PKey &operator=(const PKey &from);
281		276
282	/**	277		/**
283	Test what types of keys are supported.	278		Test what types of keys are supported.
284		279
285	Normally you would just test if the capability is present, however	280		Normally you would just test if the capability is present, however
286	for PKey, you also need to test which types of keys are available.	281		for PKey, you also need to test which types of keys are available.
287	So if you want to figure out if RSA keys are supported, you need to	282		So if you want to figure out if RSA keys are supported, you need to
288	do something like:	283		do something like:
▲ Show 20 Lines • Show All 267 Lines • ▼ Show 20 Line(s)		523	public:
556		551
557	~PublicKey();	552		~PublicKey();
558		553
559	/**	554		/**
560	Assignment operator	555		Assignment operator
561		556
562	\param from the PublicKey to copy from	557		\param from the PublicKey to copy from
563	*/	558		*/
564	PublicKey & operator=(const PublicKey &from);	559		PublicKey &operator=(const PublicKey &from);
565		560
566	/**	561		/**
567	Convenience method to convert this key to an RSAPublicKey	562		Convenience method to convert this key to an RSAPublicKey
568		563
569	Note that if the key is not an RSA key (eg it is DSA or DH),	564		Note that if the key is not an RSA key (eg it is DSA or DH),
570	then this will produce a null key.	565		then this will produce a null key.
571	*/	566		*/
572	RSAPublicKey toRSA() const;	567		RSAPublicKey toRSA() const;
▲ Show 20 Lines • Show All 280 Lines • ▼ Show 20 Line(s)		823	public:
853		848
854	~PrivateKey();	849		~PrivateKey();
855		850
856	/**	851		/**
857	Assignment operator	852		Assignment operator
858		853
859	\param from the PrivateKey to copy from	854		\param from the PrivateKey to copy from
860	*/	855		*/
861	PrivateKey & operator=(const PrivateKey &from);	856		PrivateKey &operator=(const PrivateKey &from);
862		857
863	/**	858		/**
864	Interpret / convert the key to an RSA key	859		Interpret / convert the key to an RSA key
865	*/	860		*/
866	RSAPrivateKey toRSA() const;	861		RSAPrivateKey toRSA() const;
867		862
868	/**	863		/**
869	Interpret / convert the key to a DSA key	864		Interpret / convert the key to a DSA key
▲ Show 20 Lines • Show All 671 Lines • Show Last 20 Lines