Digital Authentication Framework 6.0.1.33
|
00001 /* 00002 * (c) 2014 Good Technology Corporation. All rights reserved. 00003 */ 00004 00010 #ifndef DIGITALAUTHENTICATIONFRAMEWORK_H 00011 #define DIGITALAUTHENTICATIONFRAMEWORK_H 00012 00013 #include <string> 00014 #include <cstring> 00015 #include <vector> 00016 #include <stdint.h> 00017 00020 extern "C" const char *DAF_SDK_VERSION_string; 00021 00028 typedef std::vector<uint8_t> DAData; 00029 00037 typedef std::vector<uint8_t> DAMechanism; 00038 00039 // forward declarations 00040 class DADriver; 00041 class DAError; 00042 class DADevice; 00043 class DAMetaData; 00044 class DASession; 00045 class DAKey; 00046 class DAMessage; 00047 00051 class DADriver 00052 { 00053 public: 00059 static void initialize(); 00060 00069 static DADevice *getDevice(); 00070 00075 static DAError &getLastError(); 00076 }; 00077 00081 class DAError 00082 { 00083 public: 00084 enum { 00085 SUCCESS = 0, 00086 NO_MEMORY = 1, 00087 NOT_PROVISIONED = 2, 00088 DEVICE_NOT_FOUND = 3, 00089 NO_MORE_SESSIONS = 4, 00090 DEVICE_DISCONNECTED = 5, 00091 DEVICE_PROTOCOL_ERR = 6, 00092 BAD_AUTH_TOKEN = 7, 00093 KEY_NOT_FOUND = 8, 00094 ATTRIB_NOT_FOUND = 9, 00095 MECH_NOT_FOUND = 10, 00096 VERIFY_FAILED = 11, 00097 NOT_IMPLEMENTED = 12, 00098 BAD_PARAMETERS = 13, 00099 OS_ERROR = 14, 00100 UNSUPPORTED_HASH = 15, 00101 }; 00102 // ... and so on. Derived classes will doubtless need their own. 00103 00107 virtual ~DAError() {}; 00108 00113 virtual int getCode() =0; 00114 00118 bool isError() { return getCode() != SUCCESS; }; 00119 00123 virtual void clear() =0; 00124 00130 virtual void getAsStringUTF8(std::string &errmsg) =0; 00131 }; 00132 00133 #if !(DOXYGEN) 00134 #define ALL_ERRORS(F) \ 00135 F(DAError::SUCCESS, "Success") \ 00136 F(DAError::NO_MEMORY, "General memory allocation failure") \ 00137 F(DAError::NOT_PROVISIONED, "Driver has not been set up with a device") \ 00138 F(DAError::DEVICE_NOT_FOUND, "Cannot find the device") \ 00139 F(DAError::NO_MORE_SESSIONS, "The maximum allowed number of concurrent sessions are already connected") \ 00140 F(DAError::DEVICE_DISCONNECTED, "Link to device lost unexpectedly") \ 00141 F(DAError::DEVICE_PROTOCOL_ERR, "Error from protocol stack talking to device") \ 00142 F(DAError::BAD_AUTH_TOKEN, "authToken provided to CreateSession was bad") \ 00143 F(DAError::KEY_NOT_FOUND, "Requested key does not exist") \ 00144 F(DAError::ATTRIB_NOT_FOUND, "Requested attribute not available") \ 00145 F(DAError::MECH_NOT_FOUND, "Requested mechanism is not supported") \ 00146 F(DAError::VERIFY_FAILED, "Invalid signature or ciphertext") \ 00147 F(DAError::NOT_IMPLEMENTED, "Function or method is not implemented") \ 00148 F(DAError::BAD_PARAMETERS, "Missing or invalid parameters to method") \ 00149 F(DAError::OS_ERROR, "Operating system call failed") \ 00150 F(DAError::UNSUPPORTED_HASH, "Requested hash function cannot be used here") 00151 #endif 00152 00159 class DADevice 00160 { 00161 public: 00165 virtual ~DADevice() {}; 00166 00173 virtual DAMetaData &getInfo () =0; 00174 00183 virtual DASession *createSession (DAData &authToken) =0; 00184 00188 virtual DAError &getLastError() =0; 00189 }; 00190 00196 class DASession 00197 { 00198 public: 00202 virtual ~DASession() {}; 00203 00206 virtual DADevice &getDevice () =0; 00207 00214 virtual DAMetaData &getInfo () =0; 00215 00223 virtual bool isConnected() =0; 00224 00229 virtual int getKeyCount() =0; 00230 00239 virtual DAKey *getKey(int index) =0; 00240 00248 virtual DAKey *getKey(const std::string &serial) =0; 00249 00253 virtual DAError &getLastError() =0; 00254 }; 00255 00260 class DAKey 00261 { 00262 public: 00266 virtual ~DAKey() {}; 00267 00271 virtual DAMetaData &getInfo()=0; 00272 00276 virtual bool encrypt(DAMessage &msg)=0; 00277 00281 virtual bool decrypt(DAMessage &msg)=0; 00282 00286 virtual bool sign(DAMessage &msg)=0; 00287 00291 virtual bool verify(DAMessage &msg)=0; 00292 00300 virtual bool getData(DAData &data)=0; 00301 00313 virtual bool setData(const DAData &data)=0; 00314 00325 virtual bool generateMaterial()=0; 00326 00329 virtual std::vector<DAMechanism> getMechanisms() =0; 00330 00331 static const int STORAGE_MESSAGE_SIZE = 32; 00335 static const int ENCRYPT_MESSAGE_SIZE = 32; 00339 static const int ONEWAY_MESSAGE_SIZE = 32; 00342 }; 00343 00350 typedef enum 00351 { 00352 DA_DIGEST_NONE = 0, 00353 00354 DA_DIGEST_SHA1 = 1, 00355 DA_DIGEST_SHA224 = 2, 00356 DA_DIGEST_SHA256 = 3, 00357 DA_DIGEST_SHA384 = 4, 00358 DA_DIGEST_SHA512 = 5, 00359 00360 DA_DIGEST_SSL3_MD5_SHA1 = 6, 00361 } 00362 DADigestType; 00363 00369 class DAMessage 00370 { 00371 public: 00375 DAMessage() 00376 : m_plaintext() 00377 , m_ciphertext() 00378 , m_iv() 00379 , m_mech() 00380 , m_flags(0) 00381 , m_digestType(DA_DIGEST_NONE) 00382 {} 00383 00384 /* Default destructor, copy constructor and assignment operator 00385 * is OK. */ 00386 00396 bool getMechanism(DAMechanism &mech) const 00397 { 00398 if (m_flags & HAVE_MECH) 00399 { 00400 mech = m_mech; 00401 return true; 00402 } else { 00403 return false; 00404 } 00405 } 00406 00409 bool getIV(DAData &iv) const 00410 { 00411 if (m_flags & HAVE_IV) 00412 { 00413 iv = m_iv; 00414 return true; 00415 } else { 00416 return false; 00417 } 00418 } 00419 00422 bool getPlaintext(DAData &data) const 00423 { 00424 if (m_flags & HAVE_PLAINTEXT) 00425 { 00426 data = m_plaintext; 00427 return true; 00428 } else { 00429 return false; 00430 } 00431 } 00432 00435 bool getCiphertext(DAData &data) const 00436 { 00437 if (m_flags & HAVE_CIPHERTEXT) 00438 { 00439 data = m_ciphertext; 00440 return true; 00441 } else { 00442 return false; 00443 } 00444 } 00445 00449 DADigestType getDigestType() const 00450 { 00451 return m_digestType; 00452 } 00453 00456 void setMechanism(const DAMechanism &mech) 00457 { 00458 m_mech = mech; 00459 m_flags |= HAVE_MECH; 00460 } 00461 00470 bool setMechanismForRSAPkcs1Signature(); 00471 00480 bool setMechanismForDSA(); 00481 00490 bool setMechanismForECDSA(); 00491 00494 void setIV(const DAData &iv) 00495 { 00496 m_iv = iv; 00497 m_flags |= HAVE_IV; 00498 } 00499 00502 void setPlaintext(const DAData &data) 00503 { 00504 m_plaintext = data; 00505 m_flags |= HAVE_PLAINTEXT; 00506 } 00507 00510 void setCiphertext(const DAData &data) 00511 { 00512 m_ciphertext = data; 00513 m_flags |= HAVE_CIPHERTEXT; 00514 } 00515 00518 void setDigestType( DADigestType dtype ) 00519 { 00520 m_digestType = dtype; 00521 } 00522 00524 void unsetMechanism() 00525 { 00526 m_mech = DAMechanism(); 00527 m_flags &= ~HAVE_MECH; 00528 } 00529 00531 void unsetIV() 00532 { 00533 m_iv = DAData(); 00534 m_flags &= ~HAVE_IV; 00535 } 00536 00538 void unsetPlaintext() 00539 { 00540 m_plaintext = DAData(); 00541 m_flags &= ~HAVE_PLAINTEXT; 00542 } 00543 00545 void unsetCiphertext() 00546 { 00547 m_ciphertext = DAData(); 00548 m_flags &= ~HAVE_CIPHERTEXT; 00549 } 00550 00552 void unsetDigestType() 00553 { 00554 setDigestType(DA_DIGEST_NONE); 00555 } 00556 00576 bool applyDefaultDigest(); 00577 00587 bool getPkcs1SignatureData( DAData &msg ); 00588 00595 static DADigestType getDigestFromMech( const DAMechanism &mech ); 00596 00597 protected: 00598 DAData m_plaintext; 00599 DAData m_ciphertext; 00600 DAData m_iv; 00601 DAMechanism m_mech; 00602 unsigned m_flags; 00603 DADigestType m_digestType; 00604 00605 enum { 00606 HAVE_PLAINTEXT = 1, 00607 HAVE_CIPHERTEXT = 2, 00608 HAVE_IV = 4, 00609 HAVE_MECH = 8 00610 }; 00611 }; 00612 00620 typedef enum 00621 { 00622 DA_NAME = 0, 00623 DA_SERIAL = 2, 00624 00625 DA_HARDWARE = 1000, 00626 DA_PROTECTED_PATH = 1002, 00627 DA_AUTHENTIC_PATH = 1003, 00628 DA_PASSWORD_AUTH = 1004, 00629 00630 DA_SMIME_SIGN = 1100, 00631 DA_SMIME_DECRYPT = 1101, 00632 DA_USER_AUTHENTICATE= 1102, 00633 DA_TLS_CLIENT_AUTH = 1103, 00634 DA_READ_WRITE = 1104, 00635 DA_STORAGE = 1105, 00636 DA_SYMM_CRYPT = 1106, 00637 DA_SYMM_SIGN = 1107, 00638 00639 DA_CERTIFICATE = 2100, 00640 00641 DA_SIGNATURE_SIZE = 3000, 00642 DA_MAX_DECRYPT_SIZE = 3001, 00643 } DAAttrib; 00644 00652 class DAMetaData 00653 { 00654 public: 00658 virtual ~DAMetaData() {}; 00659 00668 virtual bool getString(DAAttrib which, std::string &data) =0; 00669 00681 virtual bool getFlag(DAAttrib which) =0; 00682 00695 virtual bool getData(DAAttrib which, DAData &data, size_t index=0) =0; 00696 00709 virtual bool getSize(DAAttrib which, size_t &len_r) =0; 00710 00711 }; 00712 00716 class DAUtils 00717 { 00718 public: 00723 static DAData mkData(const void *data, size_t len) 00724 { 00725 DAData ret; 00726 const uint8_t *ptr = static_cast<const uint8_t *>(data); 00727 while (len-- > 0) 00728 ret.push_back(*ptr++); 00729 return ret; 00730 } 00731 00736 static DAData mkData(std::string &str) 00737 { 00738 return mkData(str.data(), str.size()); 00739 } 00740 00745 static DAData mkData(const char *str) 00746 { 00747 return mkData(str, strlen(str)); 00748 } 00749 00750 }; 00751 00752 #endif