00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028
00029
00030
00031
00032
00033
00034
00035
00036
00037
00038
00039
00040
00041
00042
00043
00044
00045
00046
00047
00048
00049
00050
00051
00052
00053
00054
00055
00056
00057
00058
00059
00060
00061
00062
00063
00064
00065
00066
00067
00068
00069
00070
00071
00072
00073
00074
00075
00076
00077
00078
00079
00080
00081
00082
00083
00084
00085
00086
00087
00088
00089
00090
00091
00092
00093
00094
00095
00096
00097
00098
00099
00100
00101
00102
00103
00104
00105
00106
00107
00108
00109
00110
00111
00112
00113
00114 #ifndef __OPAL_H235AUTH_H
00115 #define __OPAL_H235AUTH_H
00116
00117 #ifdef P_USE_PRAGMA
00118 #pragma interface
00119 #endif
00120
00121
00122 class H323TransactionPDU;
00123 class H225_CryptoH323Token;
00124 class H225_ArrayOf_AuthenticationMechanism;
00125 class H225_ArrayOf_PASN_ObjectId;
00126 class H235_ClearToken;
00127 class H235_AuthenticationMechanism;
00128 class PASN_ObjectId;
00129 class PASN_Sequence;
00130 class PASN_Array;
00131
00132 namespace PWLibStupidLinkerHacks {
00133 extern int h235AuthLoader;
00134 };
00135
00139 class H235Authenticator : public PObject
00140 {
00141 PCLASSINFO(H235Authenticator, PObject);
00142 public:
00143 H235Authenticator();
00144
00145 virtual void PrintOn(
00146 ostream & strm
00147 ) const;
00148
00149 virtual const char * GetName() const = 0;
00150
00151 virtual BOOL PrepareTokens(
00152 PASN_Array & clearTokens,
00153 PASN_Array & cryptoTokens
00154 );
00155
00156 virtual H235_ClearToken * CreateClearToken();
00157 virtual H225_CryptoH323Token * CreateCryptoToken();
00158
00159 virtual BOOL Finalise(
00160 PBYTEArray & rawPDU
00161 );
00162
00163 enum ValidationResult {
00164 e_OK = 0,
00165 e_Absent,
00166 e_Error,
00167 e_InvalidTime,
00168 e_BadPassword,
00169 e_ReplyAttack,
00170 e_Disabled
00171 };
00172
00173 virtual ValidationResult ValidateTokens(
00174 const PASN_Array & clearTokens,
00175 const PASN_Array & cryptoTokens,
00176 const PBYTEArray & rawPDU
00177 );
00178
00179 virtual ValidationResult ValidateClearToken(
00180 const H235_ClearToken & clearToken
00181 );
00182
00183 virtual ValidationResult ValidateCryptoToken(
00184 const H225_CryptoH323Token & cryptoToken,
00185 const PBYTEArray & rawPDU
00186 );
00187
00188 virtual BOOL IsCapability(
00189 const H235_AuthenticationMechanism & mechansim,
00190 const PASN_ObjectId & algorithmOID
00191 ) = 0;
00192
00193 virtual BOOL SetCapability(
00194 H225_ArrayOf_AuthenticationMechanism & mechansims,
00195 H225_ArrayOf_PASN_ObjectId & algorithmOIDs
00196 ) = 0;
00197
00198 virtual BOOL UseGkAndEpIdentifiers() const;
00199
00200 virtual BOOL IsSecuredPDU(
00201 unsigned rasPDU,
00202 BOOL received
00203 ) const;
00204
00205 virtual BOOL IsActive() const;
00206
00207 void Enable(
00208 BOOL enab = TRUE
00209 ) { enabled = enab; }
00210 void Disable() { enabled = FALSE; }
00211
00212 const PString & GetRemoteId() const { return remoteId; }
00213 void SetRemoteId(const PString & id) { remoteId = id; }
00214
00215 const PString & GetLocalId() const { return localId; }
00216 void SetLocalId(const PString & id) { localId = id; }
00217
00218 const PString & GetPassword() const { return password; }
00219 void SetPassword(const PString & pw) { password = pw; }
00220
00221
00222 protected:
00223 BOOL AddCapability(
00224 unsigned mechanism,
00225 const PString & oid,
00226 H225_ArrayOf_AuthenticationMechanism & mechansims,
00227 H225_ArrayOf_PASN_ObjectId & algorithmOIDs
00228 );
00229
00230 BOOL enabled;
00231
00232 PString remoteId;
00233 PString localId;
00234 PString password;
00235
00236 unsigned sentRandomSequenceNumber;
00237 unsigned lastRandomSequenceNumber;
00238 unsigned lastTimestamp;
00239 int timestampGracePeriod;
00240
00241 PMutex mutex;
00242 };
00243
00244
00245 PDECLARE_LIST(H235Authenticators, H235Authenticator)
00246 public:
00247 void PreparePDU(
00248 H323TransactionPDU & pdu,
00249 PASN_Array & clearTokens,
00250 unsigned clearOptionalField,
00251 PASN_Array & cryptoTokens,
00252 unsigned cryptoOptionalField
00253 ) const;
00254
00255 H235Authenticator::ValidationResult ValidatePDU(
00256 const H323TransactionPDU & pdu,
00257 const PASN_Array & clearTokens,
00258 unsigned clearOptionalField,
00259 const PASN_Array & cryptoTokens,
00260 unsigned cryptoOptionalField,
00261 const PBYTEArray & rawPDU
00262 ) const;
00263 };
00264
00265
00266
00267
00272 class H235AuthSimpleMD5 : public H235Authenticator
00273 {
00274 PCLASSINFO(H235AuthSimpleMD5, H235Authenticator);
00275 public:
00276 H235AuthSimpleMD5();
00277
00278 PObject * Clone() const;
00279
00280 virtual const char * GetName() const;
00281
00282 virtual H225_CryptoH323Token * CreateCryptoToken();
00283
00284 virtual ValidationResult ValidateCryptoToken(
00285 const H225_CryptoH323Token & cryptoToken,
00286 const PBYTEArray & rawPDU
00287 );
00288
00289 virtual BOOL IsCapability(
00290 const H235_AuthenticationMechanism & mechansim,
00291 const PASN_ObjectId & algorithmOID
00292 );
00293
00294 virtual BOOL SetCapability(
00295 H225_ArrayOf_AuthenticationMechanism & mechansim,
00296 H225_ArrayOf_PASN_ObjectId & algorithmOIDs
00297 );
00298
00299 virtual BOOL IsSecuredPDU(
00300 unsigned rasPDU,
00301 BOOL received
00302 ) const;
00303 };
00304
00305
00312 class H235AuthCAT : public H235Authenticator
00313 {
00314 PCLASSINFO(H235AuthCAT, H235Authenticator);
00315 public:
00316 H235AuthCAT();
00317
00318 PObject * Clone() const;
00319
00320 virtual const char * GetName() const;
00321
00322 virtual H235_ClearToken * CreateClearToken();
00323
00324 virtual ValidationResult ValidateClearToken(
00325 const H235_ClearToken & clearToken
00326 );
00327
00328 virtual BOOL IsCapability(
00329 const H235_AuthenticationMechanism & mechansim,
00330 const PASN_ObjectId & algorithmOID
00331 );
00332
00333 virtual BOOL SetCapability(
00334 H225_ArrayOf_AuthenticationMechanism & mechansim,
00335 H225_ArrayOf_PASN_ObjectId & algorithmOIDs
00336 );
00337
00338 virtual BOOL IsSecuredPDU(
00339 unsigned rasPDU,
00340 BOOL received
00341 ) const;
00342 };
00343
00344
00345 #if P_SSL
00346
00347 namespace PWLibStupidLinkerHacks {
00348 extern int h235AuthProcedure1Loader;
00349 };
00350
00353 class H235AuthProcedure1 : public H235Authenticator
00354 {
00355 PCLASSINFO(H235AuthProcedure1, H235Authenticator);
00356 public:
00357 H235AuthProcedure1();
00358
00359 PObject * Clone() const;
00360
00361 virtual const char * GetName() const;
00362
00363 virtual H225_CryptoH323Token * CreateCryptoToken();
00364
00365 virtual BOOL Finalise(
00366 PBYTEArray & rawPDU
00367 );
00368
00369 virtual ValidationResult ValidateCryptoToken(
00370 const H225_CryptoH323Token & cryptoToken,
00371 const PBYTEArray & rawPDU
00372 );
00373
00374 virtual BOOL IsCapability(
00375 const H235_AuthenticationMechanism & mechansim,
00376 const PASN_ObjectId & algorithmOID
00377 );
00378
00379 virtual BOOL SetCapability(
00380 H225_ArrayOf_AuthenticationMechanism & mechansim,
00381 H225_ArrayOf_PASN_ObjectId & algorithmOIDs
00382 );
00383
00384 virtual BOOL UseGkAndEpIdentifiers() const;
00385 };
00386
00387 #endif
00388
00389
00390 #endif //__OPAL_H235AUTH_H
00391
00392