This is content-crypto-operations-specific part of the datamodel.
More...
#include <contentencryptionmodel.h>
|
| ContentEncryptionModel (MController *aMController, const MModelProtocolInterface &aModel) |
|
| ~ContentEncryptionModel () |
|
Hash | generateKeyPair () |
|
bool | deleteKeyPair (const Hash &aHash) |
|
int | changeKeyPassword (const Hash &aFingerPrint, const QString &aNewPassword) |
|
int | sign (const Hash &aSigningKey, const QByteArray &aData, QByteArray &aResultingSignature, const QByteArray *aOptionalMetadata=NULL) |
|
bool | verify (const Hash &aPresumedSigningKey, const QByteArray &aDataToVerify, const QByteArray &aSignatureToVerify, const QByteArray *aOptionalMetadata=NULL, bool emitErrorMessage=true) |
|
bool | verify (const QByteArray &aPemBytesOfSigningKey, const QByteArray &aDataToVerify, const QByteArray &aSignatureToVerify, const QByteArray *aOptionalMetadata=NULL, bool emitErrorMessage=true) |
|
bool | encrypt (const QList< Hash > aRecipients, const QByteArray &aPlainText, QByteArray &aResultingCipherText) |
|
bool | decrypt (const QByteArray &aCipherText, QByteArray &aResultingPlainText, bool aEmitErrorOnFailure=true) |
|
QList< Hash > | listKeys (bool aPrivateKeys, char *aKeyUidToSearch) |
|
bool | insertOrUpdatePublicKey (const QByteArray &aPublicKey, const Hash &aFingerPrintOfKey, const QString *aDisplayName=NULL) |
|
bool | insertOrUpdatePrivateKey (const QByteArray &aPrivateKey, const Hash &aFingerPrintOfKey) |
|
bool | PublicKey (const Hash &aFingerPrintOfKeyToFind, QByteArray &aPossibleKeyFound, quint32 *aTimeStampOfKeyFound=NULL) |
|
bool | PrivateKey (const Hash &aFingerPrintOfKeyToFind, QByteArray &aPossibleKeyFound) |
|
EVP_PKEY * | PrivateKeyFromPem (const QByteArray &aPemBytes, bool aEmitErrorMessage=true) |
|
EVP_PKEY * | PublicKeyFromPem (const QByteArray &aPemBytes) |
|
Hash | hashOfPublicKey (const QByteArray &aPemBytes) |
|
QByteArray | randomBytes (int aNumberOfBytes) |
|
|
bool | doVerify (const QByteArray &aPemBytesOfSigningKey, const QByteArray &aDataToVerify, const QByteArray &aSignatureToVerify, const QByteArray *aOptionalMetadata=NULL, bool emitErrorMessage=true) |
|
This is content-crypto-operations-specific part of the datamodel.
This handles encryption keys and encryption operations too.
◆ ContentEncryptionModel()
◆ ~ContentEncryptionModel()
ContentEncryptionModel::~ContentEncryptionModel |
( |
| ) |
|
◆ changeKeyPassword()
int ContentEncryptionModel::changeKeyPassword |
( |
const Hash & |
aFingerPrint, |
|
|
const QString & |
aNewPassword |
|
) |
| |
method for changing password of (private) key.
Old valid password of aFingerPrint key must be stored inside controller before this method is called. Upon successful pwd change, this method will replace the password stored inside controller with the new one.
- Parameters
-
aFingerPrint | fingerprint of the key that is to have the passwd changed |
- Returns
- 0 on success
◆ decrypt()
bool ContentEncryptionModel::decrypt |
( |
const QByteArray & |
aCipherText, |
|
|
QByteArray & |
aResultingPlainText, |
|
|
bool |
aEmitErrorOnFailure = true |
|
) |
| |
Reverse of method ContentEncryptionModel::encrypt.
- Parameters
-
aCipherText | contains the data to decrypt using private key whose fingerprint is returned by MController::profileInUse method. |
aResultingCipherText | on successful completion, this bytearray will contain the decryped data ready to be opened. |
aEmitErrorOnFailure | if true, will emit an error signal so that UI can respond accordingly. There are situations where decrypt is likely to fail because selected operator is not in list of readers and in those obvious cases we don't want to flood the UI with error messages, so "false" value is supplied there. |
- Returns
- true on success.
◆ deleteKeyPair()
bool ContentEncryptionModel::deleteKeyPair |
( |
const Hash & |
aHash | ) |
|
method for permanently deleting keypair (and related data)
- Parameters
-
aHash | is fingerprint of the profile to get rid of |
- Returns
- true on success
◆ doVerify()
bool ContentEncryptionModel::doVerify |
( |
const QByteArray & |
aPemBytesOfSigningKey, |
|
|
const QByteArray & |
aDataToVerify, |
|
|
const QByteArray & |
aSignatureToVerify, |
|
|
const QByteArray * |
aOptionalMetadata = NULL , |
|
|
bool |
emitErrorMessage = true |
|
) |
| |
|
private |
work-horse of verify-methods, this is called from actual "verify" variants
◆ encrypt()
bool ContentEncryptionModel::encrypt |
( |
const QList< Hash > |
aRecipients, |
|
|
const QByteArray & |
aPlainText, |
|
|
QByteArray & |
aResultingCipherText |
|
) |
| |
for encrypting content.
- Parameters
-
aRecipients | is list of fingerprints for that we wish to have public keys for ; those fingerprints listed but having no public key in database will be silently omitted. If less than 1 valid public key is found, this method returns false. |
aPlainText | contains the data to encrypt |
aResultingCipherText | on successful completion, this bytearray will contain the encrypted data ready to be signed. |
- Returns
- true on success.
◆ error
this is not method but signal ; if in error, get emit()ted
◆ generateKeyPair()
Hash ContentEncryptionModel::generateKeyPair |
( |
| ) |
|
method for generating a new RSA key-pair.
- Returns
- Fingerprint of new key, null-key on failure
◆ hashOfPublicKey()
Hash ContentEncryptionModel::hashOfPublicKey |
( |
const QByteArray & |
aPemBytes | ) |
|
method for getting x509 fingerprint of a PEM key
◆ insertOrUpdatePrivateKey()
bool ContentEncryptionModel::insertOrUpdatePrivateKey |
( |
const QByteArray & |
aPrivateKey, |
|
|
const Hash & |
aFingerPrintOfKey |
|
) |
| |
Inserts or updates a pŕivate key into storage.
- Parameters
-
aPrivateKey | Key must be in PEM-format private key. |
aFingerPrintOfKey | expected fingerprint of aPrivateKey |
◆ insertOrUpdatePublicKey()
bool ContentEncryptionModel::insertOrUpdatePublicKey |
( |
const QByteArray & |
aPublicKey, |
|
|
const Hash & |
aFingerPrintOfKey, |
|
|
const QString * |
aDisplayName = NULL |
|
) |
| |
Inserts or updates a public key into storage.
- Parameters
-
aPublicKey | Key must be in X509 PEM. |
aFingerPrintOfKey | SHA1 of given key |
aInsertWasDone | output variable ; if set to non-null on calling, this method will set value of pointed boolean to be true if a new row was inserted into table |
true | on success |
◆ listKeys()
QList<Hash> ContentEncryptionModel::listKeys |
( |
bool |
aPrivateKeys, |
|
|
char * |
aKeyUidToSearch |
|
) |
| |
method for retrieving list of private keys ; these are supposed to have something to with user profiles we have
- Parameters
-
aPrivateKeys | if set to true, returns list of known private keys |
aKeyUidToSearch | is a string that is matched against UID:s of keys. If NULL is passed, then all keys are returned. |
- Returns
- list of private key fingerprints
◆ PrivateKey()
bool ContentEncryptionModel::PrivateKey |
( |
const Hash & |
aFingerPrintOfKeyToFind, |
|
|
QByteArray & |
aPossibleKeyFound |
|
) |
| |
Method for finding a private encryption key.
- Parameters
-
aFingerPrintOfKeyToFind | fingerprint of key to seek if key is found, this bytearray will after return contain the key |
- Returns
- true if key is found
◆ PrivateKeyFromPem()
EVP_PKEY* ContentEncryptionModel::PrivateKeyFromPem |
( |
const QByteArray & |
aPemBytes, |
|
|
bool |
aEmitErrorMessage = true |
|
) |
| |
Method for opening PEM bytes previously obtained using PrivateKey method.
- Parameters
-
aPemByteArray | the key that routine tries to open+return if set to true, will emit() error messages to application controller to handle. In profile change situation it hurts. |
- Returns
- key if success, NULL if error. Caller of this method is responsible for free()ing the key using EVP_PKEY_free()
◆ PublicKey()
bool ContentEncryptionModel::PublicKey |
( |
const Hash & |
aFingerPrintOfKeyToFind, |
|
|
QByteArray & |
aPossibleKeyFound, |
|
|
quint32 * |
aTimeStampOfKeyFound = NULL |
|
) |
| |
Method for finding a public encryption key.
- Parameters
-
aFingerPrintOfKeyToFind | fingerprint of key to seek if key is found, this bytearray will after return contain the key |
aTimeStampOfKeyFound | pointer to quint32 that, if not null, will be written to value of time when associated profile was last published. If we have only key, no profile, then 0 will be returned in this parameter. |
- Returns
- true if key is found
◆ PublicKeyFromPem()
EVP_PKEY* ContentEncryptionModel::PublicKeyFromPem |
( |
const QByteArray & |
aPemBytes | ) |
|
Method for opening PEM bytes previously obtained using PublicKey method.
- Parameters
-
- Returns
- key if success, NULL if error. Caller of this method is responsible for free()ing the key using EVP_PKEY_free()
◆ randomBytes()
QByteArray ContentEncryptionModel::randomBytes |
( |
int |
aNumberOfBytes | ) |
|
method for getting (pseudo) random bytes
◆ sign()
int ContentEncryptionModel::sign |
( |
const Hash & |
aSigningKey, |
|
|
const QByteArray & |
aData, |
|
|
QByteArray & |
aResultingSignature, |
|
|
const QByteArray * |
aOptionalMetadata = NULL |
|
) |
| |
for signing content
- Parameters
-
aSigningKey | is fingerprint of the private key that will be used to sign aData |
aData | is octets to sign |
aResultingSignature | will contain resulting digital signature saying that aSigningKey was most likely present when aData was sent around.. |
aOptionalMetadata | is optional part of aData that will be included into octets from which the hash is calculated. This is because binary blobs have separate content and metadata but we want't to sign both of them -> 2 separate signatures is stupid, contatenating content+metadata would be possible but heap-consuming so lets have a 2nd bytearray |
- Returns
- 0 on success
◆ verify() [1/2]
bool ContentEncryptionModel::verify |
( |
const Hash & |
aPresumedSigningKey, |
|
|
const QByteArray & |
aDataToVerify, |
|
|
const QByteArray & |
aSignatureToVerify, |
|
|
const QByteArray * |
aOptionalMetadata = NULL , |
|
|
bool |
emitErrorMessage = true |
|
) |
| |
for verifying content
- Returns
- true if aDataToVerify as indeed signed by aPresumedSigningKey
◆ verify() [2/2]
bool ContentEncryptionModel::verify |
( |
const QByteArray & |
aPemBytesOfSigningKey, |
|
|
const QByteArray & |
aDataToVerify, |
|
|
const QByteArray & |
aSignatureToVerify, |
|
|
const QByteArray * |
aOptionalMetadata = NULL , |
|
|
bool |
emitErrorMessage = true |
|
) |
| |
for verifying content
- Returns
- true if aDataToVerify as indeed signed by aPresumedSigningKey
◆ iController
◆ iModel
The documentation for this class was generated from the following file: