OPAL  Version 3.12.9
h235auth.h
Go to the documentation of this file.
1 /*
2  * h235auth.h
3  *
4  * H.235 authorisation PDU's
5  *
6  * Open H323 Library
7  *
8  * Copyright (c) 1998-2001 Equivalence Pty. Ltd.
9  *
10  * The contents of this file are subject to the Mozilla Public License
11  * Version 1.0 (the "License"); you may not use this file except in
12  * compliance with the License. You may obtain a copy of the License at
13  * http://www.mozilla.org/MPL/
14  *
15  * Software distributed under the License is distributed on an "AS IS"
16  * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
17  * the License for the specific language governing rights and limitations
18  * under the License.
19  *
20  * The Original Code is Open H323 Library.
21  *
22  * The Initial Developer of the Original Code is Equivalence Pty. Ltd.
23  *
24  * Contributor(s): Fürbass Franz <franz.fuerbass@infonova.at>
25  *
26  * $Revision: 26465 $
27  * $Author: rjongbloed $
28  * $Date: 2011-09-24 13:00:15 +1000 (Sat, 24 Sep 2011) $
29  */
30 
31 #ifndef OPAL_H323_H235AUTH_H
32 #define OPAL_H323_H235AUTH_H
33 
34 #ifdef P_USE_PRAGMA
35 #pragma interface
36 #endif
37 
38 #include <opal/buildopts.h>
39 
40 #if OPAL_H323
41 
42 #include <ptlib/pfactory.h>
43 
44 
45 class H323TransactionPDU;
46 class H225_CryptoH323Token;
47 class H225_ArrayOf_AuthenticationMechanism;
48 class H225_ArrayOf_PASN_ObjectId;
49 class H235_ClearToken;
50 class H235_AuthenticationMechanism;
51 class PASN_ObjectId;
52 class PASN_Sequence;
53 class PASN_Array;
54 
55 
59 class H235Authenticator : public PObject
60 {
61  PCLASSINFO(H235Authenticator, PObject);
62  public:
63  H235Authenticator();
64 
65  virtual void PrintOn(
66  ostream & strm
67  ) const;
68 
69  virtual const char * GetName() const = 0;
70 
71  virtual PBoolean PrepareTokens(
72  PASN_Array & clearTokens,
73  PASN_Array & cryptoTokens
74  );
75 
76  virtual H235_ClearToken * CreateClearToken();
77  virtual H225_CryptoH323Token * CreateCryptoToken(bool digits);
78 
79  virtual PBoolean Finalise(
80  PBYTEArray & rawPDU
81  );
82 
83  enum ValidationResult {
84  e_OK = 0,
85  e_Absent,
86  e_Error,
87  e_InvalidTime,
88  e_BadPassword,
89  e_ReplyAttack,
90  e_Disabled
91  };
92 
93  virtual ValidationResult ValidateTokens(
94  const PASN_Array & clearTokens,
95  const PASN_Array & cryptoTokens,
96  const PBYTEArray & rawPDU
97  );
98 
99  virtual ValidationResult ValidateClearToken(
100  const H235_ClearToken & clearToken
101  );
102 
103  virtual ValidationResult ValidateCryptoToken(
104  const H225_CryptoH323Token & cryptoToken,
105  const PBYTEArray & rawPDU
106  );
107 
108  virtual PBoolean IsCapability(
109  const H235_AuthenticationMechanism & mechansim,
110  const PASN_ObjectId & algorithmOID
111  ) = 0;
112 
113  virtual PBoolean SetCapability(
114  H225_ArrayOf_AuthenticationMechanism & mechansims,
115  H225_ArrayOf_PASN_ObjectId & algorithmOIDs
116  ) = 0;
117 
118  virtual PBoolean UseGkAndEpIdentifiers() const;
119 
120  virtual PBoolean IsSecuredPDU(
121  unsigned rasPDU,
122  PBoolean received
123  ) const;
124 
125  virtual PBoolean IsActive() const;
126 
127  void Enable(
128  PBoolean enab = true
129  ) { enabled = enab; }
130  void Disable() { enabled = false; }
131 
132  const PString & GetRemoteId() const { return remoteId; }
133  void SetRemoteId(const PString & id) { remoteId = id; }
134 
135  const PString & GetLocalId() const { return localId; }
136  void SetLocalId(const PString & id) { localId = id; }
137 
138  const PString & GetPassword() const { return password; }
139  void SetPassword(const PString & pw) { password = pw; }
140 
141  enum Application {
142  GKAdmission,
143  EPAuthentication,
144  LRQOnly,
145  AnyApplication,
146  };
147 
148  Application GetApplication() { return usage; }
149 
150 
151  protected:
152  PBoolean AddCapability(
153  unsigned mechanism,
154  const PString & oid,
155  H225_ArrayOf_AuthenticationMechanism & mechansims,
156  H225_ArrayOf_PASN_ObjectId & algorithmOIDs
157  );
158 
159  PBoolean enabled;
160 
161  PString remoteId; // ID of remote entity
162  PString localId; // ID of local entity
163  PString password; // shared secret
164 
165  unsigned sentRandomSequenceNumber;
166  unsigned lastRandomSequenceNumber;
167  unsigned lastTimestamp;
168  int timestampGracePeriod;
169 
170  Application usage;
171 
172  PMutex mutex;
173 
174  private:
175  P_REMOVE_VIRTUAL(H225_CryptoH323Token *,CreateCryptoToken(),NULL);
176 };
177 
178 
179 PDECLARE_LIST(H235Authenticators, H235Authenticator)
180  public:
181  void PreparePDU(
182  H323TransactionPDU & pdu,
183  PASN_Array & clearTokens,
184  unsigned clearOptionalField,
185  PASN_Array & cryptoTokens,
186  unsigned cryptoOptionalField
187  );
188 
189  H235Authenticator::ValidationResult ValidatePDU(
190  const H323TransactionPDU & pdu,
191  const PASN_Array & clearTokens,
192  unsigned clearOptionalField,
193  const PASN_Array & cryptoTokens,
194  unsigned cryptoOptionalField,
195  const PBYTEArray & rawPDU
196  );
197 };
198 
199 
200 
201 
206 class H235AuthSimpleMD5 : public H235Authenticator
207 {
208  PCLASSINFO(H235AuthSimpleMD5, H235Authenticator);
209  public:
210  H235AuthSimpleMD5();
211 
212  PObject * Clone() const;
213 
214  virtual const char * GetName() const;
215 
216  virtual H225_CryptoH323Token * CreateCryptoToken(bool digits);
217 
218  virtual ValidationResult ValidateCryptoToken(
219  const H225_CryptoH323Token & cryptoToken,
220  const PBYTEArray & rawPDU
221  );
222 
223  virtual PBoolean IsCapability(
224  const H235_AuthenticationMechanism & mechansim,
225  const PASN_ObjectId & algorithmOID
226  );
227 
228  virtual PBoolean SetCapability(
229  H225_ArrayOf_AuthenticationMechanism & mechansim,
230  H225_ArrayOf_PASN_ObjectId & algorithmOIDs
231  );
232 
233  virtual PBoolean IsSecuredPDU(
234  unsigned rasPDU,
235  PBoolean received
236  ) const;
237 };
238 
239 PFACTORY_LOAD(H235AuthSimpleMD5);
240 
241 
248 class H235AuthCAT : public H235Authenticator
249 {
250  PCLASSINFO(H235AuthCAT, H235Authenticator);
251  public:
252  H235AuthCAT();
253 
254  PObject * Clone() const;
255 
256  virtual const char * GetName() const;
257 
258  virtual H235_ClearToken * CreateClearToken();
259 
260  virtual ValidationResult ValidateClearToken(
261  const H235_ClearToken & clearToken
262  );
263 
264  virtual PBoolean IsCapability(
265  const H235_AuthenticationMechanism & mechansim,
266  const PASN_ObjectId & algorithmOID
267  );
268 
269  virtual PBoolean SetCapability(
270  H225_ArrayOf_AuthenticationMechanism & mechansim,
271  H225_ArrayOf_PASN_ObjectId & algorithmOIDs
272  );
273 
274  virtual PBoolean IsSecuredPDU(
275  unsigned rasPDU,
276  PBoolean received
277  ) const;
278 };
279 
280 PFACTORY_LOAD(H235AuthCAT);
281 
282 
283 #if OPAL_PTLIB_SSL
284 
287 class H235AuthProcedure1 : public H235Authenticator
288 {
289  PCLASSINFO(H235AuthProcedure1, H235Authenticator);
290  public:
291  H235AuthProcedure1();
292 
293  PObject * Clone() const;
294 
295  virtual const char * GetName() const;
296 
297  virtual H225_CryptoH323Token * CreateCryptoToken(bool digits);
298 
299  virtual PBoolean Finalise(
300  PBYTEArray & rawPDU
301  );
302 
303  virtual ValidationResult ValidateCryptoToken(
304  const H225_CryptoH323Token & cryptoToken,
305  const PBYTEArray & rawPDU
306  );
307 
308  virtual PBoolean IsCapability(
309  const H235_AuthenticationMechanism & mechansim,
310  const PASN_ObjectId & algorithmOID
311  );
312 
313  virtual PBoolean SetCapability(
314  H225_ArrayOf_AuthenticationMechanism & mechansim,
315  H225_ArrayOf_PASN_ObjectId & algorithmOIDs
316  );
317 
318  virtual PBoolean UseGkAndEpIdentifiers() const;
319 };
320 
321 PFACTORY_LOAD(H235AuthProcedure1);
322 
323 #endif // OPAL_PTLIB_SSL
324 
325 #endif // OPAL_H323
326 
327 #endif //OPAL_H323_H235AUTH_H
328 
329