OPAL
Version 3.10.4
|
00001 /* 00002 * h235auth.h 00003 * 00004 * H.235 authorisation PDU's 00005 * 00006 * Open H323 Library 00007 * 00008 * Copyright (c) 1998-2001 Equivalence Pty. Ltd. 00009 * 00010 * The contents of this file are subject to the Mozilla Public License 00011 * Version 1.0 (the "License"); you may not use this file except in 00012 * compliance with the License. You may obtain a copy of the License at 00013 * http://www.mozilla.org/MPL/ 00014 * 00015 * Software distributed under the License is distributed on an "AS IS" 00016 * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See 00017 * the License for the specific language governing rights and limitations 00018 * under the License. 00019 * 00020 * The Original Code is Open H323 Library. 00021 * 00022 * The Initial Developer of the Original Code is Equivalence Pty. Ltd. 00023 * 00024 * Contributor(s): Fürbass Franz <franz.fuerbass@infonova.at> 00025 * 00026 * $Revision: 24838 $ 00027 * $Author: rjongbloed $ 00028 * $Date: 2010-10-28 18:14:16 -0500 (Thu, 28 Oct 2010) $ 00029 */ 00030 00031 #ifndef OPAL_H323_H235AUTH_H 00032 #define OPAL_H323_H235AUTH_H 00033 00034 #ifdef P_USE_PRAGMA 00035 #pragma interface 00036 #endif 00037 00038 #include <opal/buildopts.h> 00039 00040 #if OPAL_H323 00041 00042 #include <ptlib/pfactory.h> 00043 00044 00045 class H323TransactionPDU; 00046 class H225_CryptoH323Token; 00047 class H225_ArrayOf_AuthenticationMechanism; 00048 class H225_ArrayOf_PASN_ObjectId; 00049 class H235_ClearToken; 00050 class H235_AuthenticationMechanism; 00051 class PASN_ObjectId; 00052 class PASN_Sequence; 00053 class PASN_Array; 00054 00055 00059 class H235Authenticator : public PObject 00060 { 00061 PCLASSINFO(H235Authenticator, PObject); 00062 public: 00063 H235Authenticator(); 00064 00065 virtual void PrintOn( 00066 ostream & strm 00067 ) const; 00068 00069 virtual const char * GetName() const = 0; 00070 00071 virtual PBoolean PrepareTokens( 00072 PASN_Array & clearTokens, 00073 PASN_Array & cryptoTokens 00074 ); 00075 00076 virtual H235_ClearToken * CreateClearToken(); 00077 virtual H225_CryptoH323Token * CreateCryptoToken(bool digits); 00078 00079 virtual PBoolean Finalise( 00080 PBYTEArray & rawPDU 00081 ); 00082 00083 enum ValidationResult { 00084 e_OK = 0, 00085 e_Absent, 00086 e_Error, 00087 e_InvalidTime, 00088 e_BadPassword, 00089 e_ReplyAttack, 00090 e_Disabled 00091 }; 00092 00093 virtual ValidationResult ValidateTokens( 00094 const PASN_Array & clearTokens, 00095 const PASN_Array & cryptoTokens, 00096 const PBYTEArray & rawPDU 00097 ); 00098 00099 virtual ValidationResult ValidateClearToken( 00100 const H235_ClearToken & clearToken 00101 ); 00102 00103 virtual ValidationResult ValidateCryptoToken( 00104 const H225_CryptoH323Token & cryptoToken, 00105 const PBYTEArray & rawPDU 00106 ); 00107 00108 virtual PBoolean IsCapability( 00109 const H235_AuthenticationMechanism & mechansim, 00110 const PASN_ObjectId & algorithmOID 00111 ) = 0; 00112 00113 virtual PBoolean SetCapability( 00114 H225_ArrayOf_AuthenticationMechanism & mechansims, 00115 H225_ArrayOf_PASN_ObjectId & algorithmOIDs 00116 ) = 0; 00117 00118 virtual PBoolean UseGkAndEpIdentifiers() const; 00119 00120 virtual PBoolean IsSecuredPDU( 00121 unsigned rasPDU, 00122 PBoolean received 00123 ) const; 00124 00125 virtual PBoolean IsActive() const; 00126 00127 void Enable( 00128 PBoolean enab = true 00129 ) { enabled = enab; } 00130 void Disable() { enabled = false; } 00131 00132 const PString & GetRemoteId() const { return remoteId; } 00133 void SetRemoteId(const PString & id) { remoteId = id; } 00134 00135 const PString & GetLocalId() const { return localId; } 00136 void SetLocalId(const PString & id) { localId = id; } 00137 00138 const PString & GetPassword() const { return password; } 00139 void SetPassword(const PString & pw) { password = pw; } 00140 00141 00142 protected: 00143 PBoolean AddCapability( 00144 unsigned mechanism, 00145 const PString & oid, 00146 H225_ArrayOf_AuthenticationMechanism & mechansims, 00147 H225_ArrayOf_PASN_ObjectId & algorithmOIDs 00148 ); 00149 00150 PBoolean enabled; 00151 00152 PString remoteId; // ID of remote entity 00153 PString localId; // ID of local entity 00154 PString password; // shared secret 00155 00156 unsigned sentRandomSequenceNumber; 00157 unsigned lastRandomSequenceNumber; 00158 unsigned lastTimestamp; 00159 int timestampGracePeriod; 00160 00161 PMutex mutex; 00162 00163 private: 00164 P_REMOVE_VIRTUAL(H225_CryptoH323Token *,CreateCryptoToken(),NULL); 00165 }; 00166 00167 00168 PDECLARE_LIST(H235Authenticators, H235Authenticator) 00169 public: 00170 void PreparePDU( 00171 H323TransactionPDU & pdu, 00172 PASN_Array & clearTokens, 00173 unsigned clearOptionalField, 00174 PASN_Array & cryptoTokens, 00175 unsigned cryptoOptionalField 00176 ); 00177 00178 H235Authenticator::ValidationResult ValidatePDU( 00179 const H323TransactionPDU & pdu, 00180 const PASN_Array & clearTokens, 00181 unsigned clearOptionalField, 00182 const PASN_Array & cryptoTokens, 00183 unsigned cryptoOptionalField, 00184 const PBYTEArray & rawPDU 00185 ); 00186 }; 00187 00188 00189 00190 00195 class H235AuthSimpleMD5 : public H235Authenticator 00196 { 00197 PCLASSINFO(H235AuthSimpleMD5, H235Authenticator); 00198 public: 00199 H235AuthSimpleMD5(); 00200 00201 PObject * Clone() const; 00202 00203 virtual const char * GetName() const; 00204 00205 virtual H225_CryptoH323Token * CreateCryptoToken(bool digits); 00206 00207 virtual ValidationResult ValidateCryptoToken( 00208 const H225_CryptoH323Token & cryptoToken, 00209 const PBYTEArray & rawPDU 00210 ); 00211 00212 virtual PBoolean IsCapability( 00213 const H235_AuthenticationMechanism & mechansim, 00214 const PASN_ObjectId & algorithmOID 00215 ); 00216 00217 virtual PBoolean SetCapability( 00218 H225_ArrayOf_AuthenticationMechanism & mechansim, 00219 H225_ArrayOf_PASN_ObjectId & algorithmOIDs 00220 ); 00221 00222 virtual PBoolean IsSecuredPDU( 00223 unsigned rasPDU, 00224 PBoolean received 00225 ) const; 00226 }; 00227 00228 PFACTORY_LOAD(H235AuthSimpleMD5); 00229 00230 00237 class H235AuthCAT : public H235Authenticator 00238 { 00239 PCLASSINFO(H235AuthCAT, H235Authenticator); 00240 public: 00241 H235AuthCAT(); 00242 00243 PObject * Clone() const; 00244 00245 virtual const char * GetName() const; 00246 00247 virtual H235_ClearToken * CreateClearToken(); 00248 00249 virtual ValidationResult ValidateClearToken( 00250 const H235_ClearToken & clearToken 00251 ); 00252 00253 virtual PBoolean IsCapability( 00254 const H235_AuthenticationMechanism & mechansim, 00255 const PASN_ObjectId & algorithmOID 00256 ); 00257 00258 virtual PBoolean SetCapability( 00259 H225_ArrayOf_AuthenticationMechanism & mechansim, 00260 H225_ArrayOf_PASN_ObjectId & algorithmOIDs 00261 ); 00262 00263 virtual PBoolean IsSecuredPDU( 00264 unsigned rasPDU, 00265 PBoolean received 00266 ) const; 00267 }; 00268 00269 PFACTORY_LOAD(H235AuthCAT); 00270 00271 00272 #if OPAL_PTLIB_SSL 00273 00276 class H235AuthProcedure1 : public H235Authenticator 00277 { 00278 PCLASSINFO(H235AuthProcedure1, H235Authenticator); 00279 public: 00280 H235AuthProcedure1(); 00281 00282 PObject * Clone() const; 00283 00284 virtual const char * GetName() const; 00285 00286 virtual H225_CryptoH323Token * CreateCryptoToken(bool digits); 00287 00288 virtual PBoolean Finalise( 00289 PBYTEArray & rawPDU 00290 ); 00291 00292 virtual ValidationResult ValidateCryptoToken( 00293 const H225_CryptoH323Token & cryptoToken, 00294 const PBYTEArray & rawPDU 00295 ); 00296 00297 virtual PBoolean IsCapability( 00298 const H235_AuthenticationMechanism & mechansim, 00299 const PASN_ObjectId & algorithmOID 00300 ); 00301 00302 virtual PBoolean SetCapability( 00303 H225_ArrayOf_AuthenticationMechanism & mechansim, 00304 H225_ArrayOf_PASN_ObjectId & algorithmOIDs 00305 ); 00306 00307 virtual PBoolean UseGkAndEpIdentifiers() const; 00308 }; 00309 00310 PFACTORY_LOAD(H235AuthProcedure1); 00311 00312 #endif // OPAL_PTLIB_SSL 00313 00314 #endif // OPAL_H323 00315 00316 #endif //OPAL_H323_H235AUTH_H 00317 00318