Digital Authentication Framework 6.0.1.33

DigitalAuthenticationFramework.h

Go to the documentation of this file.
00001 /*
00002  * (c) 2014 Good Technology Corporation. All rights reserved.
00003  */
00004 
00010 #ifndef DIGITALAUTHENTICATIONFRAMEWORK_H
00011 #define DIGITALAUTHENTICATIONFRAMEWORK_H
00012 
00013 #include <string>
00014 #include <cstring>
00015 #include <vector>
00016 #include <stdint.h>
00017 
00020 extern "C" const char *DAF_SDK_VERSION_string;
00021 
00028 typedef std::vector<uint8_t> DAData;
00029 
00037 typedef std::vector<uint8_t> DAMechanism;
00038 
00039 // forward declarations
00040 class DADriver;
00041 class DAError;
00042 class DADevice;
00043 class DAMetaData;
00044 class DASession;
00045 class DAKey;
00046 class DAMessage;
00047 
00051 class DADriver
00052 {
00053 public:
00059     static void initialize();
00060 
00069     static DADevice *getDevice();
00070 
00075     static DAError &getLastError();
00076 };
00077 
00081 class DAError
00082 {
00083 public:
00084     enum {
00085       SUCCESS             = 0, 
00086       NO_MEMORY           = 1, 
00087       NOT_PROVISIONED     = 2, 
00088       DEVICE_NOT_FOUND    = 3, 
00089       NO_MORE_SESSIONS    = 4, 
00090       DEVICE_DISCONNECTED = 5, 
00091       DEVICE_PROTOCOL_ERR = 6, 
00092       BAD_AUTH_TOKEN      = 7, 
00093       KEY_NOT_FOUND       = 8, 
00094       ATTRIB_NOT_FOUND    = 9, 
00095       MECH_NOT_FOUND      = 10, 
00096       VERIFY_FAILED       = 11, 
00097       NOT_IMPLEMENTED     = 12, 
00098       BAD_PARAMETERS      = 13, 
00099       OS_ERROR            = 14, 
00100       UNSUPPORTED_HASH    = 15, 
00101     };
00102     // ... and so on. Derived classes will doubtless need their own.
00103   
00107     virtual ~DAError() {};
00108 
00113     virtual int getCode() =0;
00114 
00118     bool isError() { return getCode() != SUCCESS; };
00119 
00123     virtual void clear() =0;
00124 
00130     virtual void getAsStringUTF8(std::string &errmsg) =0;
00131 };
00132 
00133 #if !(DOXYGEN)
00134 #define ALL_ERRORS(F) \
00135   F(DAError::SUCCESS, "Success") \
00136   F(DAError::NO_MEMORY, "General memory allocation failure") \
00137   F(DAError::NOT_PROVISIONED, "Driver has not been set up with a device") \
00138   F(DAError::DEVICE_NOT_FOUND, "Cannot find the device") \
00139   F(DAError::NO_MORE_SESSIONS, "The maximum allowed number of concurrent sessions are already connected") \
00140   F(DAError::DEVICE_DISCONNECTED, "Link to device lost unexpectedly") \
00141   F(DAError::DEVICE_PROTOCOL_ERR, "Error from protocol stack talking to device") \
00142   F(DAError::BAD_AUTH_TOKEN, "authToken provided to CreateSession was bad") \
00143   F(DAError::KEY_NOT_FOUND, "Requested key does not exist") \
00144   F(DAError::ATTRIB_NOT_FOUND, "Requested attribute not available") \
00145   F(DAError::MECH_NOT_FOUND, "Requested mechanism is not supported") \
00146   F(DAError::VERIFY_FAILED, "Invalid signature or ciphertext") \
00147   F(DAError::NOT_IMPLEMENTED, "Function or method is not implemented") \
00148   F(DAError::BAD_PARAMETERS, "Missing or invalid parameters to method") \
00149   F(DAError::OS_ERROR, "Operating system call failed") \
00150   F(DAError::UNSUPPORTED_HASH, "Requested hash function cannot be used here")
00151 #endif
00152 
00159 class DADevice
00160 {
00161 public:
00165     virtual ~DADevice() {};
00166 
00173     virtual DAMetaData &getInfo () =0;
00174 
00183     virtual DASession *createSession (DAData &authToken) =0;
00184     
00188     virtual DAError &getLastError() =0;
00189 };
00190 
00196 class DASession
00197 {
00198 public:
00202     virtual ~DASession() {};
00203 
00206     virtual DADevice &getDevice () =0;
00207     
00214     virtual DAMetaData &getInfo () =0;
00215 
00223     virtual bool isConnected() =0;
00224     
00229     virtual int getKeyCount() =0;
00230     
00239     virtual DAKey *getKey(int index) =0;
00240     
00248     virtual DAKey *getKey(const std::string &serial) =0;
00249     
00253     virtual DAError &getLastError() =0;
00254 };
00255 
00260 class DAKey
00261 {
00262 public:
00266     virtual ~DAKey() {};
00267     
00271     virtual DAMetaData &getInfo()=0;
00272 
00276     virtual bool encrypt(DAMessage &msg)=0;
00277 
00281     virtual bool decrypt(DAMessage &msg)=0;
00282 
00286     virtual bool sign(DAMessage &msg)=0;
00287 
00291     virtual bool verify(DAMessage &msg)=0;
00292 
00300     virtual bool getData(DAData &data)=0;
00301 
00313     virtual bool setData(const DAData &data)=0;
00314 
00325     virtual bool generateMaterial()=0;
00326 
00329     virtual std::vector<DAMechanism> getMechanisms() =0;
00330     
00331     static const int STORAGE_MESSAGE_SIZE = 32;
00335     static const int ENCRYPT_MESSAGE_SIZE = 32;
00339     static const int ONEWAY_MESSAGE_SIZE = 32;
00342 };
00343 
00350 typedef enum
00351 {
00352   DA_DIGEST_NONE = 0, 
00353   
00354   DA_DIGEST_SHA1 = 1,   
00355   DA_DIGEST_SHA224 = 2, 
00356   DA_DIGEST_SHA256 = 3, 
00357   DA_DIGEST_SHA384 = 4, 
00358   DA_DIGEST_SHA512 = 5, 
00359   
00360   DA_DIGEST_SSL3_MD5_SHA1 = 6, 
00361 }
00362   DADigestType;
00363 
00369 class DAMessage
00370 {
00371 public:
00375     DAMessage()
00376         : m_plaintext()
00377         , m_ciphertext()
00378         , m_iv()
00379         , m_mech()
00380         , m_flags(0)
00381         , m_digestType(DA_DIGEST_NONE)
00382     {}
00383 
00384     /* Default destructor, copy constructor and assignment operator
00385      * is OK. */
00386     
00396     bool getMechanism(DAMechanism &mech) const
00397     {
00398         if (m_flags & HAVE_MECH)
00399         {
00400             mech = m_mech;
00401             return true;
00402         } else {
00403             return false;
00404         }
00405     }
00406     
00409     bool getIV(DAData &iv) const
00410     {
00411         if (m_flags & HAVE_IV)
00412         {
00413             iv = m_iv;
00414             return true;
00415         } else {
00416             return false;
00417         }
00418     }
00419     
00422     bool getPlaintext(DAData &data) const
00423     {
00424         if (m_flags & HAVE_PLAINTEXT)
00425         {
00426             data = m_plaintext;
00427             return true;
00428         } else {
00429             return false;
00430         }
00431     }
00432 
00435     bool getCiphertext(DAData &data) const
00436     {
00437         if (m_flags & HAVE_CIPHERTEXT)
00438         {
00439             data = m_ciphertext;
00440             return true;
00441         } else {
00442             return false;
00443         }
00444     }
00445 
00449     DADigestType getDigestType() const
00450     {
00451         return m_digestType;
00452     }
00453 
00456     void setMechanism(const DAMechanism &mech)
00457     {
00458         m_mech = mech;
00459         m_flags |= HAVE_MECH;
00460     }
00461 
00470     bool setMechanismForRSAPkcs1Signature();
00471 
00480     bool setMechanismForDSA();
00481     
00490     bool setMechanismForECDSA();
00491 
00494     void setIV(const DAData &iv)
00495     {
00496         m_iv = iv;
00497         m_flags |= HAVE_IV;
00498     }
00499     
00502     void setPlaintext(const DAData &data)
00503     {
00504         m_plaintext = data;
00505         m_flags |= HAVE_PLAINTEXT;
00506     }
00507     
00510     void setCiphertext(const DAData &data)
00511     {
00512         m_ciphertext = data;
00513         m_flags |= HAVE_CIPHERTEXT;
00514     }
00515 
00518     void setDigestType( DADigestType dtype )
00519     {
00520         m_digestType = dtype;
00521     }
00522     
00524     void unsetMechanism()
00525     {
00526         m_mech = DAMechanism();
00527         m_flags &= ~HAVE_MECH;
00528     }
00529 
00531     void unsetIV()
00532     {
00533         m_iv = DAData();
00534         m_flags &= ~HAVE_IV;
00535     }
00536 
00538     void unsetPlaintext()
00539     {
00540         m_plaintext = DAData();
00541         m_flags &= ~HAVE_PLAINTEXT;
00542     }
00543 
00545     void unsetCiphertext()
00546     {
00547         m_ciphertext = DAData();
00548         m_flags &= ~HAVE_CIPHERTEXT;
00549     }
00550     
00552     void unsetDigestType()
00553     {
00554       setDigestType(DA_DIGEST_NONE);
00555     }
00556 
00576     bool applyDefaultDigest();
00577     
00587     bool getPkcs1SignatureData( DAData &msg );
00588     
00595     static DADigestType getDigestFromMech( const DAMechanism &mech );
00596     
00597 protected:
00598     DAData       m_plaintext;   
00599     DAData       m_ciphertext;  
00600     DAData       m_iv;      
00601     DAMechanism  m_mech;    
00602     unsigned     m_flags;   
00603     DADigestType m_digestType; 
00604 
00605     enum {
00606       HAVE_PLAINTEXT = 1,   
00607       HAVE_CIPHERTEXT = 2,  
00608       HAVE_IV = 4,      
00609       HAVE_MECH = 8     
00610     };
00611 };
00612 
00620 typedef enum
00621 {
00622     DA_NAME             = 0,    
00623     DA_SERIAL           = 2,    
00624 
00625     DA_HARDWARE         = 1000, 
00626     DA_PROTECTED_PATH   = 1002, 
00627     DA_AUTHENTIC_PATH   = 1003, 
00628     DA_PASSWORD_AUTH    = 1004, 
00629     
00630     DA_SMIME_SIGN       = 1100, 
00631     DA_SMIME_DECRYPT    = 1101, 
00632     DA_USER_AUTHENTICATE= 1102, 
00633     DA_TLS_CLIENT_AUTH  = 1103, 
00634     DA_READ_WRITE       = 1104, 
00635     DA_STORAGE          = 1105, 
00636     DA_SYMM_CRYPT       = 1106, 
00637     DA_SYMM_SIGN        = 1107, 
00638     
00639     DA_CERTIFICATE      = 2100, 
00640 
00641     DA_SIGNATURE_SIZE   = 3000, 
00642     DA_MAX_DECRYPT_SIZE = 3001, 
00643 } DAAttrib;
00644 
00652 class DAMetaData
00653 {
00654 public:
00658     virtual ~DAMetaData() {};
00659     
00668     virtual bool getString(DAAttrib which, std::string &data) =0;
00669     
00681     virtual bool getFlag(DAAttrib which) =0;
00682 
00695     virtual bool getData(DAAttrib which, DAData &data, size_t index=0) =0;
00696 
00709     virtual bool getSize(DAAttrib which, size_t &len_r) =0; 
00710 
00711 };
00712 
00716 class DAUtils
00717 {
00718 public:
00723     static DAData mkData(const void *data, size_t len)
00724     {
00725         DAData ret;
00726         const uint8_t *ptr = static_cast<const uint8_t *>(data);
00727         while (len-- > 0)
00728             ret.push_back(*ptr++);
00729         return ret;
00730     }
00731 
00736     static DAData mkData(std::string &str)
00737     {
00738         return mkData(str.data(), str.size());
00739     }
00740 
00745     static DAData mkData(const char *str)
00746     {
00747         return mkData(str, strlen(str));
00748     }
00749     
00750 };
00751 
00752 #endif