Qt Cryptographic Architecture
qca_securelayer.h
Go to the documentation of this file.
1 /*
2  * qca_securelayer.h - Qt Cryptographic Architecture
3  * Copyright (C) 2003-2007 Justin Karneges <justin@affinix.com>
4  * Copyright (C) 2004-2006 Brad Hards <bradh@frogmouth.net>
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or (at your option) any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, write to the Free Software
18  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
19  * 02110-1301 USA
20  *
21  */
22 
32 #ifndef QCA_SECURELAYER_H
33 #define QCA_SECURELAYER_H
34 
35 #include <QObject>
36 #include "qca_core.h"
37 #include "qca_publickey.h"
38 #include "qca_cert.h"
39 
40 namespace QCA {
41 
60 {
66  SL_Highest
67 };
68 
104 class QCA_EXPORT SecureLayer : public QObject
105 {
106  Q_OBJECT
107 public:
114  SecureLayer(QObject *parent = nullptr);
115 
119  virtual bool isClosable() const;
120 
125  virtual int bytesAvailable() const = 0;
126 
131  virtual int bytesOutgoingAvailable() const = 0;
132 
140  virtual void close();
141 
149  virtual void write(const QByteArray &a) = 0;
150 
157  virtual QByteArray read() = 0;
158 
168  virtual void writeIncoming(const QByteArray &a) = 0;
169 
179  virtual QByteArray readOutgoing(int *plainBytes = nullptr) = 0;
180 
188  virtual QByteArray readUnprocessed();
189 
195  virtual int convertBytesWritten(qint64 encryptedBytes) = 0;
196 
197 Q_SIGNALS:
204  void readyRead();
205 
213 
218  void closed();
219 
224  void error();
225 
226 private:
227  Q_DISABLE_COPY(SecureLayer)
228 };
229 
238 class QCA_EXPORT TLSSession : public Algorithm
239 {
240 public:
241  TLSSession();
242 
248  TLSSession(const TLSSession &from);
249 
250  ~TLSSession() override;
251 
258 
262  bool isNull() const;
263 };
264 
289 class QCA_EXPORT TLS : public SecureLayer, public Algorithm
290 {
291  Q_OBJECT
292 public:
296  enum Mode
297  {
299  Datagram
300  };
301 
305  enum Version
306  {
310  DTLS_v1
311  };
312 
316  enum Error
317  {
323  ErrorCrypt
324  };
325 
330  {
334  NoCertificate
335  };
336 
348  explicit TLS(QObject *parent = nullptr, const QString &provider = QString());
349 
361  explicit TLS(Mode mode, QObject *parent = nullptr, const QString &provider = QString());
362 
366  ~TLS() override;
367 
371  void reset();
372 
387  QStringList supportedCipherSuites(const Version &version = TLS_v1) const;
388 
402  void setCertificate(const CertificateChain &cert, const PrivateKey &key);
403 
412  void setCertificate(const KeyBundle &kb);
413 
418 
431 
438 
447  void setConstraints(int minSSF, int maxSSF);
448 
459  void setConstraints(const QStringList &cipherSuiteList);
460 
484 
492 
498  void setSession(const TLSSession &session);
499 
505  bool canCompress() const;
506 
513  bool canSetHostName() const;
514 
522  bool compressionEnabled() const;
523 
530  void setCompressionEnabled(bool b);
531 
536  QString hostName() const;
537 
557  void startClient(const QString &host = QString());
558 
562  void startServer();
563 
574 
582  bool isHandshaken() const;
583 
589  bool isCompressed() const;
590 
594  Version version() const;
595 
602  QString cipherSuite() const;
603 
613  int cipherBits() const;
614 
621  int cipherMaxBits() const;
622 
628 
634  Error errorCode() const;
635 
654 
664 
670 
676 
682 
683  // reimplemented
684  bool isClosable() const override;
685  int bytesAvailable() const override;
686  int bytesOutgoingAvailable() const override;
687  void close() override;
688  void write(const QByteArray &a) override;
689  QByteArray read() override;
690  void writeIncoming(const QByteArray &a) override;
691  QByteArray readOutgoing(int *plainBytes = nullptr) override;
692  QByteArray readUnprocessed() override;
693  int convertBytesWritten(qint64 encryptedBytes) override;
694 
701  int packetsAvailable() const;
702 
710 
716  int packetMTU() const;
717 
725  void setPacketMTU(int size) const;
726 
727 Q_SIGNALS:
740 
753 
765 
777  void handshaken();
778 
779 protected:
786  void connectNotify(const QMetaMethod &signal) override;
787 
794  void disconnectNotify(const QMetaMethod &signal) override;
795 
796 private:
797  Q_DISABLE_COPY(TLS)
798 
799  class Private;
800  friend class Private;
801  Private *d;
802 };
803 
831 class QCA_EXPORT SASL : public SecureLayer, public Algorithm
832 {
833  Q_OBJECT
834 public:
838  enum Error
839  {
842  ErrorCrypt
843  };
844 
849  {
861  RemoteUnavailable
862  };
863 
868  {
869  AuthFlagsNone = 0x00,
870  AllowPlain = 0x01,
871  AllowAnonymous = 0x02,
872  RequireForwardSecrecy = 0x04,
873  RequirePassCredentials = 0x08,
874  RequireMutualAuth = 0x10,
875  RequireAuthzidSupport = 0x20 // server-only
876  };
877 
882  {
883  AllowClientSendFirst,
884  DisableClientSendFirst
885  };
886 
891  {
892  AllowServerSendLast,
893  DisableServerSendLast
894  };
895 
906  class QCA_EXPORT Params
907  {
908  public:
909  Params();
910 
922  Params(bool user, bool authzid, bool pass, bool realm);
923 
929  Params(const Params &from);
930  ~Params();
931 
937  Params & operator=(const Params &from);
938 
942  bool needUsername() const;
943 
947  bool canSendAuthzid() const;
948 
952  bool needPassword() const;
953 
957  bool canSendRealm() const;
958 
959  private:
960  class Private;
961  Private *d;
962  };
963 
972  explicit SASL(QObject *parent = nullptr, const QString &provider = QString());
973 
974  ~SASL() override;
975 
979  void reset();
980 
994 
1010  void setConstraints(AuthFlags f, int minSSF, int maxSSF);
1011 
1018  void setLocalAddress(const QString &addr, quint16 port);
1019 
1026  void setRemoteAddress(const QString &addr, quint16 port);
1027 
1033  void setExternalAuthId(const QString &authid);
1034 
1041  void setExternalSSF(int strength);
1042 
1054  void startClient(const QString &service, const QString &host, const QStringList &mechlist, ClientSendMode mode = AllowClientSendFirst);
1055 
1067  void startServer(const QString &service, const QString &host, const QString &realm, ServerSendMode mode = DisableServerSendLast);
1068 
1078  void putServerFirstStep(const QString &mech);
1079 
1090  void putServerFirstStep(const QString &mech, const QByteArray &clientInit);
1091 
1101  void putStep(const QByteArray &stepData);
1102 
1106  QString mechanism() const;
1107 
1111  QStringList mechanismList() const;
1112 
1116  QStringList realmList() const;
1117 
1121  int ssf() const;
1122 
1126  Error errorCode() const;
1127 
1132 
1138  void setUsername(const QString &user);
1139 
1145  void setAuthzid(const QString &auth);
1146 
1152  void setPassword(const SecureArray &pass);
1153 
1159  void setRealm(const QString &realm);
1160 
1165 
1170 
1171  // reimplemented
1172  int bytesAvailable() const override;
1173  int bytesOutgoingAvailable() const override;
1174  void write(const QByteArray &a) override;
1175  QByteArray read() override;
1176  void writeIncoming(const QByteArray &a) override;
1177  QByteArray readOutgoing(int *plainBytes = nullptr) override;
1178  int convertBytesWritten(qint64 encryptedBytes) override;
1179 
1180 Q_SIGNALS:
1193  void clientStarted(bool clientInit, const QByteArray &clientInitData);
1194 
1200 
1208  void nextStep(const QByteArray &stepData);
1209 
1220  void needParams(const QCA::SASL::Params &params);
1221 
1231  void authCheck(const QString &user, const QString &authzid);
1232 
1237 
1238 private:
1239  Q_DISABLE_COPY(SASL)
1240 
1241  class Private;
1242  friend class Private;
1243  Private *d;
1244 };
1245 
1246 }
1247 
1248 #endif
QCA::TLS::SSL_v3
@ SSL_v3
Secure Socket Layer, version 3.
Definition: qca_securelayer.h:308
QCA::TLS::IdentityResult
IdentityResult
Type of identity.
Definition: qca_securelayer.h:330
QCA::SASL::write
void write(const QByteArray &a) override
This method writes unencrypted (plain) data to the SecureLayer implementation.
QCA::SecureLayer::readUnprocessed
virtual QByteArray readUnprocessed()
This allows you to read data without having it decrypted first.
QCA::TLS::cipherMaxBits
int cipherMaxBits() const
The number of bits of security that the cipher could use.
QObject
QCA::TLS::write
void write(const QByteArray &a) override
This method writes unencrypted (plain) data to the SecureLayer implementation.
QCA::SASL::setPassword
void setPassword(const SecureArray &pass)
Specify the password to use in authentication.
QCA::SecureLayer::readyRead
void readyRead()
This signal is emitted when SecureLayer has decrypted (application side) data ready to be read.
QCA::TLS::isClosable
bool isClosable() const override
Returns true if the layer has a meaningful "close".
QCA::TLS::packetsAvailable
int packetsAvailable() const
Determine the number of packets available to be read on the application side.
QCA::TLS::setCertificate
void setCertificate(const KeyBundle &kb)
This is an overloaded member function, provided for convenience. It differs from the above function o...
QCA::TLS::hostNameReceived
void hostNameReceived()
Emitted if a host name is set by the client.
QCA::TLS::Error
Error
Type of error.
Definition: qca_securelayer.h:317
QCA::TLS::setConstraints
void setConstraints(int minSSF, int maxSSF)
This is an overloaded member function, provided for convenience. It differs from the above function o...
QCA::SASL::setUsername
void setUsername(const QString &user)
Specify the username to use in authentication.
QCA::SASL::putServerFirstStep
void putServerFirstStep(const QString &mech)
Process the first step in server mode (server)
QCA::SASL::Params
Parameter flags for the SASL authentication.
Definition: qca_securelayer.h:907
QCA::SL_High
@ SL_High
must be more than 128 bit
Definition: qca_securelayer.h:65
QCA::TLS::errorCode
Error errorCode() const
This method returns the type of error that has occurred.
QCA::TLS::continueAfterStep
void continueAfterStep()
Resumes TLS processing.
QCA::SASL::NoUser
@ NoUser
User not found (server side only)
Definition: qca_securelayer.h:860
QCA::SASL::readOutgoing
QByteArray readOutgoing(int *plainBytes=nullptr) override
This method provides encoded (typically encrypted) data.
QCA::TLS::setTrustedCertificates
void setTrustedCertificates(const CertificateCollection &trusted)
Set up the set of trusted certificates that will be used to verify that the certificate provided is v...
QCA::TLS::setPacketMTU
void setPacketMTU(int size) const
Set the maximum packet size to use.
QCA::SASL::Params::Params
Params(const Params &from)
Standard copy constructor.
QCA::SASL::continueAfterParams
void continueAfterParams()
Continue negotiation after parameters have been set (client)
QCA::SASL::mechanismList
QStringList mechanismList() const
Return the mechanism list (server)
QCA::SASL::putStep
void putStep(const QByteArray &stepData)
Process an authentication step.
QCA::SecureLayer::writeIncoming
virtual void writeIncoming(const QByteArray &a)=0
This method accepts encoded (typically encrypted) data for processing.
QCA::TLS::TLS
TLS(QObject *parent=nullptr, const QString &provider=QString())
Constructor for Transport Layer Security connection.
QCA::SecureLayer::readOutgoing
virtual QByteArray readOutgoing(int *plainBytes=nullptr)=0
This method provides encoded (typically encrypted) data.
QCA::PrivateKey
Generic private key.
Definition: qca_publickey.h:827
QCA::SASL::authCheck
void authCheck(const QString &user, const QString &authzid)
This signal is emitted when the server needs to perform the authentication check.
QCA::SecureLayer::read
virtual QByteArray read()=0
This method reads decrypted (plain) data from the SecureLayer implementation.
QCA::SASL::startServer
void startServer(const QString &service, const QString &host, const QString &realm, ServerSendMode mode=DisableServerSendLast)
Initialise the server side of the connection.
QCA::TLS::isHandshaken
bool isHandshaken() const
test if the handshake is complete
QCA::TLS::readUnprocessed
QByteArray readUnprocessed() override
This allows you to read data without having it decrypted first.
QCA::TLS::InvalidCertificate
@ InvalidCertificate
invalid cert
Definition: qca_securelayer.h:333
QCA
QCA - the Qt Cryptographic Architecture.
Definition: qca_basic.h:41
QCA::SASL::startClient
void startClient(const QString &service, const QString &host, const QStringList &mechlist, ClientSendMode mode=AllowClientSendFirst)
Initialise the client side of the connection.
QCA::Algorithm
General superclass for an algorithm.
Definition: qca_core.h:1152
QCA::TLS::TLS_v1
@ TLS_v1
Transport Layer Security, version 1.
Definition: qca_securelayer.h:307
QCA::TLS::Version
Version
Version of TLS or SSL.
Definition: qca_securelayer.h:306
QCA::TLS::setConstraints
void setConstraints(const QStringList &cipherSuiteList)
This is an overloaded member function, provided for convenience. It differs from the above function o...
QCA::TLS::TLS
TLS(Mode mode, QObject *parent=nullptr, const QString &provider=QString())
Constructor for Transport Layer Security connection.
QCA::SASL::bytesAvailable
int bytesAvailable() const override
Returns the number of bytes available to be read() on the application side.
QCA::TLS::compressionEnabled
bool compressionEnabled() const
Returns true if compression is enabled.
QCA::SecureLayer::bytesOutgoingAvailable
virtual int bytesOutgoingAvailable() const =0
Returns the number of bytes available to be readOutgoing() on the network side.
QCA::TLS::close
void close() override
Close the link.
QList
QCA::TLS::canCompress
bool canCompress() const
Test if the link can use compression.
qca_cert.h
Header file for PGP key and X.509 certificate related classes.
QCA::SASL::authenticated
void authenticated()
This signal is emitted when authentication is complete.
QCA::TLS::read
QByteArray read() override
This method reads decrypted (plain) data from the SecureLayer implementation.
QCA::TLS::setIssuerList
void setIssuerList(const QList< CertificateInfoOrdered > &issuers)
Sets the issuer list to present to the client.
QCA::SASL::errorCode
Error errorCode() const
Return the error code.
QCA::SASL::authCondition
AuthCondition authCondition() const
Return the reason for authentication failure.
QCA::TLS::setConstraints
void setConstraints(SecurityLevel s)
The security level required for this link.
QCA::TLS::HostMismatch
@ HostMismatch
valid cert provided, but wrong owner
Definition: qca_securelayer.h:332
QCA::TLS::cipherBits
int cipherBits() const
The number of effective bits of security being used for this connection.
QCA::SASL::setLocalAddress
void setLocalAddress(const QString &addr, quint16 port)
Specify the local address.
QCA::SASL::read
QByteArray read() override
This method reads decrypted (plain) data from the SecureLayer implementation.
QCA::SASL::BadProtocol
@ BadProtocol
Bad protocol or cancelled.
Definition: qca_securelayer.h:852
QCA::TLS::session
TLSSession session() const
The session object of the TLS connection, which can be used for resuming.
QCA::SecureLayer
Abstract interface to a security layer.
Definition: qca_securelayer.h:105
QCA::TLS::Mode
Mode
Operating mode.
Definition: qca_securelayer.h:297
QCA::SASL
Simple Authentication and Security Layer protocol implementation.
Definition: qca_securelayer.h:832
QCA::TLS::~TLS
~TLS() override
Destructor.
QCA::CertificateCollection
Bundle of Certificates and CRLs.
Definition: qca_cert.h:1891
QCA::SecurityLevel
SecurityLevel
Specify the lower-bound for acceptable TLS/SASL security layers.
Definition: qca_securelayer.h:60
QCA::TLS::peerCertificateAvailable
void peerCertificateAvailable()
Emitted when a certificate is received from the peer.
QCA::TLS::certificateRequested
void certificateRequested()
Emitted when the server requests a certificate.
QCA::SASL::setConstraints
void setConstraints(AuthFlags f, SecurityLevel s=SL_None)
Specify connection constraints.
QCA::SASL::Params::canSendRealm
bool canSendRealm() const
A Realm can be sent if desired.
QCA::SASL::BadServer
@ BadServer
Server failed mutual authentication (client side only)
Definition: qca_securelayer.h:853
QCA::SASL::setRemoteAddress
void setRemoteAddress(const QString &addr, quint16 port)
Specify the peer address.
QCA::TLS::issuerList
QList< CertificateInfoOrdered > issuerList() const
QCA::TLS::setCompressionEnabled
void setCompressionEnabled(bool b)
Set the link to use compression.
QCA::TLSSession::TLSSession
TLSSession(const TLSSession &from)
Copy constructor.
QCA::TLS::disconnectNotify
void disconnectNotify(const QMetaMethod &signal) override
Called when a connection is removed from a particular signal.
QCA::SASL::ErrorInit
@ ErrorInit
problem starting up SASL
Definition: qca_securelayer.h:840
QCA::TLSSession::operator=
TLSSession & operator=(const TLSSession &from)
Assignment operator.
QCA::TLS::startClient
void startClient(const QString &host=QString())
Start the TLS/SSL connection as a client.
QCA::SecureLayer::closed
void closed()
This signal is emitted when the SecureLayer connection is closed.
QCA::TLS::canSetHostName
bool canSetHostName() const
Test if the link can specify a hostname (Server Name Indication)
QCA::TLSSession::isNull
bool isNull() const
Test if the session token is valid.
QCA::CertificateChain
A chain of related Certificates.
Definition: qca_cert.h:1208
QCA::TLS::writeIncoming
void writeIncoming(const QByteArray &a) override
This method accepts encoded (typically encrypted) data for processing.
QCA::TLS::version
Version version() const
The protocol version that is in use for this connection.
QCA::TLS::readOutgoing
QByteArray readOutgoing(int *plainBytes=nullptr) override
This method provides encoded (typically encrypted) data.
QCA::SASL::Expired
@ Expired
Passphrase expired, has to be reset (server side only)
Definition: qca_securelayer.h:858
QCA::TLS::ErrorCertKeyMismatch
@ ErrorCertKeyMismatch
certificate and private key don't match
Definition: qca_securelayer.h:320
QCA::SASL::writeIncoming
void writeIncoming(const QByteArray &a) override
This method accepts encoded (typically encrypted) data for processing.
QCA::TLS::ErrorHandshake
@ ErrorHandshake
problem during the negotiation
Definition: qca_securelayer.h:322
QCA::SASL::bytesOutgoingAvailable
int bytesOutgoingAvailable() const override
Returns the number of bytes available to be readOutgoing() on the network side.
QCA::SASL::Params::operator=
Params & operator=(const Params &from)
Standard assignment operator.
QCA::SecureLayer::convertBytesWritten
virtual int convertBytesWritten(qint64 encryptedBytes)=0
Convert encrypted bytes written to plain text bytes written.
QCA::TLS::trustedCertificates
CertificateCollection trustedCertificates() const
Return the trusted certificates set for this object.
QCA::SecureArray
Secure array of bytes.
Definition: qca_tools.h:317
QCA::SASL::Params::needPassword
bool needPassword() const
Password is needed.
QCA::TLS
Transport Layer Security / Secure Socket Layer.
Definition: qca_securelayer.h:290
QCA::TLS::reset
void reset()
Reset the connection.
QCA::SL_Highest
@ SL_Highest
SL_High or max possible, whichever is greater.
Definition: qca_securelayer.h:66
QCA::TLS::isCompressed
bool isCompressed() const
test if the link is compressed
QCA::TLS::localCertificateChain
CertificateChain localCertificateChain() const
The CertificateChain for the local host certificate.
QCA::TLS::peerCertificateChain
CertificateChain peerCertificateChain() const
The CertificateChain from the peer (other end of the connection to the trusted root certificate).
QCA::TLS::Stream
@ Stream
stream mode
Definition: qca_securelayer.h:298
QCA::SASL::NeedEncrypt
@ NeedEncrypt
Encryption is needed in order to use mechanism (server side only)
Definition: qca_securelayer.h:857
QCA::KeyBundle
Certificate chain and private key pair.
Definition: qca_cert.h:2136
QCA::TLS::setSession
void setSession(const TLSSession &session)
Resume a TLS session using the given session object.
QCA::SASL::TooWeak
@ TooWeak
Mechanism too weak for this user (server side only)
Definition: qca_securelayer.h:856
QCA::TLS::ErrorSignerExpired
@ ErrorSignerExpired
local certificate is expired
Definition: qca_securelayer.h:318
QCA::SASL::continueAfterAuthCheck
void continueAfterAuthCheck()
Continue negotiation after auth ids have been checked (server)
QCA::TLS::connectNotify
void connectNotify(const QMetaMethod &signal) override
Called when a connection is made to a particular signal.
QCA::SASL::putServerFirstStep
void putServerFirstStep(const QString &mech, const QByteArray &clientInit)
Process the first step in server mode (server)
QCA::TLS::bytesOutgoingAvailable
int bytesOutgoingAvailable() const override
Returns the number of bytes available to be readOutgoing() on the network side.
QCA::SASL::setExternalSSF
void setExternalSSF(int strength)
Specify a security strength factor for an externally secured connection.
QCA::SecureLayer::isClosable
virtual bool isClosable() const
Returns true if the layer has a meaningful "close".
QCA::SASL::setRealm
void setRealm(const QString &realm)
Specify the realm to use in authentication.
QCA::SASL::nextStep
void nextStep(const QByteArray &stepData)
This signal is emitted when there is data required to be sent over the network to complete the next s...
QCA::SL_Integrity
@ SL_Integrity
must at least get integrity protection
Definition: qca_securelayer.h:62
QCA::SASL::realmList
QStringList realmList() const
Return the realm list, if available (client)
QCA::SecureLayer::readyReadOutgoing
void readyReadOutgoing()
This signal is emitted when SecureLayer has encrypted (network side) data ready to be read.
QCA::SASL::ssf
int ssf() const
Return the security strength factor of the connection.
QCA::SASL::Params::Params
Params(bool user, bool authzid, bool pass, bool realm)
Standard constructor.
QCA::SASL::SASL
SASL(QObject *parent=nullptr, const QString &provider=QString())
Standard constructor.
QCA::TLS::SSL_v2
@ SSL_v2
Secure Socket Layer, version 2.
Definition: qca_securelayer.h:309
QCA::SASL::NoMechanism
@ NoMechanism
No compatible/appropriate authentication mechanism.
Definition: qca_securelayer.h:851
QCA::TLS::packetsOutgoingAvailable
int packetsOutgoingAvailable() const
Determine the number of packets available to be read on the network side.
QCA::SASL::Disabled
@ Disabled
Account is disabled (server side only)
Definition: qca_securelayer.h:859
QCA::SecureLayer::close
virtual void close()
Close the link.
QCA::SASL::BadAuth
@ BadAuth
Authentication failure (server side only)
Definition: qca_securelayer.h:854
QCA::SASL::setAuthzid
void setAuthzid(const QString &auth)
Specify the authorization identity to use in authentication.
QCA::SASL::convertBytesWritten
int convertBytesWritten(qint64 encryptedBytes) override
Convert encrypted bytes written to plain text bytes written.
qca_core.h
Header file for core QCA infrastructure.
QCA::SASL::AuthCondition
AuthCondition
Possible authentication error states.
Definition: qca_securelayer.h:849
QCA::TLS::bytesAvailable
int bytesAvailable() const override
Returns the number of bytes available to be read() on the application side.
QCA::SASL::ClientSendMode
ClientSendMode
Mode options for client side sending.
Definition: qca_securelayer.h:882
QCA::SecureLayer::bytesAvailable
virtual int bytesAvailable() const =0
Returns the number of bytes available to be read() on the application side.
QCA::SASL::AuthFlags
AuthFlags
Authentication requirement flag values.
Definition: qca_securelayer.h:868
QCA::SL_Baseline
@ SL_Baseline
must be 128 bit or more
Definition: qca_securelayer.h:64
QCA::SASL::reset
void reset()
Reset the SASL mechanism.
QCA::TLS::localPrivateKey
PrivateKey localPrivateKey() const
The PrivateKey for the local host certificate.
QCA::TLS::peerCertificateValidity
Validity peerCertificateValidity() const
After the SSL/TLS handshake is valid, this method allows you to check if the received certificate fro...
QCA::TLS::supportedCipherSuites
QStringList supportedCipherSuites(const Version &version=TLS_v1) const
Get the list of cipher suites that are available for use.
QCA::TLS::hostName
QString hostName() const
Returns the host name specified or an empty string if no host name is specified.
QCA::TLS::startServer
void startServer()
Start the TLS/SSL connection as a server.
QCA::SASL::Params::canSendAuthzid
bool canSendAuthzid() const
An Authorization ID can be sent if desired.
QCA::SASL::needParams
void needParams(const QCA::SASL::Params &params)
This signal is emitted when the client needs additional parameters.
QCA::SASL::mechanism
QString mechanism() const
Return the mechanism selected (client)
QCA::TLS::ErrorInit
@ ErrorInit
problem starting up TLS
Definition: qca_securelayer.h:321
QCA::TLS::peerIdentityResult
IdentityResult peerIdentityResult() const
After the SSL/TLS handshake is complete, this method allows you to determine if the other end of the ...
QCA::SASL::ErrorHandshake
@ ErrorHandshake
problem during the authentication process
Definition: qca_securelayer.h:841
QCA::SecureLayer::write
virtual void write(const QByteArray &a)=0
This method writes unencrypted (plain) data to the SecureLayer implementation.
QCA::SASL::Error
Error
Possible errors that may occur when using SASL.
Definition: qca_securelayer.h:839
qca_publickey.h
Header file for PublicKey and PrivateKey related classes.
QCA::TLS::cipherSuite
QString cipherSuite() const
The cipher suite that has been negotiated for this connection.
QCA::TLS::ErrorSignerInvalid
@ ErrorSignerInvalid
local certificate is invalid in some way
Definition: qca_securelayer.h:319
QCA::SASL::clientStarted
void clientStarted(bool clientInit, const QByteArray &clientInitData)
This signal is emitted when the client has been successfully started.
QCA::SASL::ServerSendMode
ServerSendMode
Mode options for server side sending.
Definition: qca_securelayer.h:891
QCA::SecureLayer::error
void error()
This signal is emitted when an error is detected.
QCA::TLS::Valid
@ Valid
identity is verified
Definition: qca_securelayer.h:331
QCA::SASL::AuthFail
@ AuthFail
Generic authentication failure.
Definition: qca_securelayer.h:850
QCA::Validity
Validity
The validity (or otherwise) of a certificate.
Definition: qca_cert.h:490
QCA::TLS::handshaken
void handshaken()
Emitted when the protocol handshake is complete.
QCA::TLS::convertBytesWritten
int convertBytesWritten(qint64 encryptedBytes) override
Convert encrypted bytes written to plain text bytes written.
QCA::TLS::setCertificate
void setCertificate(const CertificateChain &cert, const PrivateKey &key)
The local certificate to use.
QCA::TLS::packetMTU
int packetMTU() const
Return the currently configured maximum packet size.
QCA::SL_Export
@ SL_Export
must be export level bits or more
Definition: qca_securelayer.h:63
QCA::SL_None
@ SL_None
indicates that no security is ok
Definition: qca_securelayer.h:61
QCA::SASL::setExternalAuthId
void setExternalAuthId(const QString &authid)
Specify the id of the externally secured connection.
QCA::SASL::Params::needUsername
bool needUsername() const
User is needed.
QCA::SASL::serverStarted
void serverStarted()
This signal is emitted after the server has been successfully started.
QCA::SASL::setConstraints
void setConstraints(AuthFlags f, int minSSF, int maxSSF)
This is an overloaded member function, provided for convenience. It differs from the above function o...
QCA::SecureLayer::SecureLayer
SecureLayer(QObject *parent=nullptr)
Constructor for an abstract secure communications layer.
QCA::SASL::NoAuthzid
@ NoAuthzid
Authorization failure (server side only)
Definition: qca_securelayer.h:855
QCA::TLSSession
Session token, used for TLS resuming.
Definition: qca_securelayer.h:239