tree changes

libs/main/crypt/piauth.h

@@ -0,0 +1,110 @@
+/*! \file piauth.h
+ * \brief PIP Authentication API
+*/
+/*
+	PIP - Platform Independent Primitives
+	PIP Authentication API
+	Andrey Bychkov work.a.b@yandex.ru
+
+	This program is free software: you can redistribute it and/or modify
+	it under the terms of the GNU Lesser General Public License as published by
+	the Free Software Foundation, either version 3 of the License, or
+	(at your option) any later version.
+
+	This program is distributed in the hope that it will be useful,
+	but WITHOUT ANY WARRANTY; without even the implied warranty of
+	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	GNU Lesser General Public License for more details.
+
+	You should have received a copy of the GNU Lesser General Public License
+	along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#ifndef PIAUTH_H
+#define PIAUTH_H
+
+#include "pip_crypt_export.h"
+#include "piobject.h"
+#include "picrypt.h"
+
+
+class PIP_CRYPT_EXPORT PIAuth : public PIObject
+{
+	PIOBJECT(PIAuth)
+public:
+	enum Role {Client, Server};
+	enum State {NotConnected, AuthProbe, PassRequest, AuthReply, KeyExchange, Connected};
+
+	//! Create PIAuth with your digital sign
+	PIAuth(const PIByteArray & sign);
+
+	//! Set server info data for client authorize event
+	void setInfoData(const PIByteArray & info) {custom_info = info;}
+
+	//! Set server password for check
+	void setServerPassword(const PIString & ps);
+
+	//! Set list of trusted clients/servers public digital sign keys
+	void setAuthorizedPublicKeys(const PIVector<PIByteArray> & pkeys) {auth_pkeys = pkeys;}
+
+	//! Get list of trusted clients/servers public digital sign keys
+	PIVector<PIByteArray> getAuthorizedPublicKeys() {return auth_pkeys;}
+
+	//! Get your digital sign public key
+	PIByteArray getSignPublicKey() {return sign_pk;}
+
+
+	//! Stop authorization
+	void stop();
+
+	//! Start authorization as client
+	void startClient();
+
+	//! Start authorization as server, return first server message for client
+	PIByteArray startServer();
+
+	//! Process reseived message both for client and server, return current state and new message writed in "ba"
+	State receive(PIByteArray & ba);
+
+	//! Get session secret key, return key only when Connected state
+	PIByteArray getSecretKey();
+
+	//! Generate digital sign from seed
+	static PIByteArray generateSign(const PIByteArray & seed);
+
+
+	//! Disconneted event
+	EVENT1(disconnected, PIString, reason)
+
+	//! Conneted event
+	EVENT1(connected, PIString, info)
+
+	//! Client event for authorize new server
+	EVENT2(authorize, PIByteArray, info, bool *, ok)
+
+	//! Client event for input server password
+	EVENT1(passwordRequest, PIString *, pass)
+
+	//! Server event on check client password
+	EVENT1(passwordCheck, bool, result)
+
+private:
+	State disconnect(PIByteArray & ba, const PIString & error = PIString());
+	bool isAuthorizedKey(const PIByteArray & pkey);
+
+	PIByteArray createSKMessage();
+
+	Role role;
+	State state;
+	PIByteArray custom_info;
+	PICrypt crypt;
+	PIByteArray sign_sk, sign_pk;
+	PIByteArray auth_sign;
+	PIByteArray box_sk, box_pk;
+	PIByteArray my_pk;
+	PIByteArray secret_key;
+	PIByteArray pass_hash;
+	PIVector<PIByteArray> auth_pkeys;
+};
+
+#endif // PIAUTH_H

libs/main/crypt/picrypt.h

@@ -0,0 +1,117 @@
+/*! \file picrypt.h
+ * \brief Cryptographic class using lib Sodium
+*/
+/*
+	PIP - Platform Independent Primitives
+	Cryptographic class using lib Sodium
+	Andrey Bychkov work.a.b@yandex.ru
+
+	This program is free software: you can redistribute it and/or modify
+	it under the terms of the GNU Lesser General Public License as published by
+	the Free Software Foundation, either version 3 of the License, or
+	(at your option) any later version.
+
+	This program is distributed in the hope that it will be useful,
+	but WITHOUT ANY WARRANTY; without even the implied warranty of
+	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	GNU Lesser General Public License for more details.
+
+	You should have received a copy of the GNU Lesser General Public License
+	along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#ifndef PICRYPT_H
+#define PICRYPT_H
+
+#include "pip_crypt_export.h"
+#include "pistring.h"
+
+class PIP_CRYPT_EXPORT PICrypt {
+public:
+	//! Construct and generate random key
+	PICrypt();
+
+	//! Set key to "key", key size must be a \a sizeKey()
+	bool setKey(const PIByteArray & key);
+
+	//! Generate and set key from keyphrase "secret"
+	PIByteArray setKey(const PIString & secret);
+
+	//! Returns current key
+	PIByteArray key() {return key_;}
+
+	//! Encrypt given data "data", result size will be increased by \a sizeCrypt()
+	PIByteArray crypt(const PIByteArray & data);
+
+	//! Decrypt given data "crypt_data"
+	PIByteArray decrypt(const PIByteArray & crypt_data, bool * ok = 0);
+
+	//! Encrypt given data "data" with key "key", result size will be increased by \a sizeCrypt()
+	static PIByteArray crypt(const PIByteArray & data, PIByteArray key);
+
+	//! Decrypt given data "crypt_data" with key "key"
+	static PIByteArray decrypt(const PIByteArray & crypt_data, PIByteArray key, bool * ok = 0);
+
+	//! Generate hash from keyphrase "secret", may be used as a key for encryption
+	static PIByteArray hash(const PIString & secret);
+
+	//! Generate hash from bytearray
+	static PIByteArray hash(const PIByteArray & data);
+
+	//! Generate short hash from string "s", may be used for hash table
+	static ullong shorthash(const PIString & s, PIByteArray key = PIByteArray());
+
+	//! Generate random key
+	static PIByteArray generateKey();
+
+	//! Generate random buffer
+	static PIByteArray generateRandomBuff(int size);
+
+	//! Returns key size
+	static size_t sizeKey();
+
+	//! Returns size which be added to data size in encryption process
+	static size_t sizeCrypt();
+
+	//! Function randomly generates a secret key and a corresponding public key for digital signature
+	static void generateSignKeys(PIByteArray & public_key, PIByteArray & secret_key);
+
+	//! Function generates a secret key from input data and a corresponding public key for digital signature
+	static void generateSignKeys(PIByteArray & public_key, PIByteArray & secret_key, const PIByteArray & seed);
+
+	//! Function extract sign public key from sing secret key
+	static PIByteArray extractSignPublicKey(const PIByteArray & secret_key);
+
+	//! Calculate digital signature for data
+	PIByteArray signMessage(const PIByteArray & data,  PIByteArray secret_key);
+
+	//! Verify digital signature of signed message
+	bool verifySign(const PIByteArray & data, const PIByteArray & signature, PIByteArray public_key);
+
+	//! Function randomly generates a secret key and a corresponding public key for authenticated encryption
+	static void generateKeypair(PIByteArray & public_key, PIByteArray & secret_key);
+
+	//! Function generates a secret key from input data and a corresponding public key for authenticated encryption
+	static void generateKeypair(PIByteArray & public_key, PIByteArray & secret_key, const PIByteArray & seed);
+
+	//! Encrypt given data "data"
+	PIByteArray crypt(const PIByteArray &data, const PIByteArray & public_key, const PIByteArray & secret_key);
+
+	//! Decrypt given data "crypt_data"
+	PIByteArray decrypt(const PIByteArray & crypt_data, const PIByteArray & public_key, const PIByteArray & secret_key, bool * ok = 0);
+
+	//! Generate password hash from "password"
+	static PIByteArray passwordHash(const PIString & password, const PIByteArray & seed);
+
+	//! Returns libsodium version
+	static PIString version();
+
+
+private:
+	static bool init();
+
+	PIByteArray nonce_, key_;
+
+};
+
+#endif // PICRYPT_H

libs/main/crypt/picryptmodule.h

@@ -0,0 +1,26 @@
+/*
+	PIP - Platform Independent Primitives
+	Module includes
+	Andrey Bychkov work.a.b@yandex.ru
+
+	This program is free software: you can redistribute it and/or modify
+	it under the terms of the GNU Lesser General Public License as published by
+	the Free Software Foundation, either version 3 of the License, or
+	(at your option) any later version.
+
+	This program is distributed in the hope that it will be useful,
+	but WITHOUT ANY WARRANTY; without even the implied warranty of
+	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	GNU Lesser General Public License for more details.
+
+	You should have received a copy of the GNU Lesser General Public License
+	along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#ifndef PICRYPTMODULE_H
+#define PICRYPTMODULE_H
+
+#include "picrypt.h"
+#include "piauth.h"
+
+#endif // PICRYPTMODULE_H