00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028
00029
00030
00031 #ifndef OPAL_H323_H235AUTH_H
00032 #define OPAL_H323_H235AUTH_H
00033
00034 #ifdef P_USE_PRAGMA
00035 #pragma interface
00036 #endif
00037
00038 #include <opal/buildopts.h>
00039
00040 #if OPAL_H323
00041
00042 #include <ptlib/pfactory.h>
00043
00044
00045 class H323TransactionPDU;
00046 class H225_CryptoH323Token;
00047 class H225_ArrayOf_AuthenticationMechanism;
00048 class H225_ArrayOf_PASN_ObjectId;
00049 class H235_ClearToken;
00050 class H235_AuthenticationMechanism;
00051 class PASN_ObjectId;
00052 class PASN_Sequence;
00053 class PASN_Array;
00054
00055
00059 class H235Authenticator : public PObject
00060 {
00061 PCLASSINFO(H235Authenticator, PObject);
00062 public:
00063 H235Authenticator();
00064
00065 virtual void PrintOn(
00066 ostream & strm
00067 ) const;
00068
00069 virtual const char * GetName() const = 0;
00070
00071 virtual PBoolean PrepareTokens(
00072 PASN_Array & clearTokens,
00073 PASN_Array & cryptoTokens
00074 );
00075
00076 virtual H235_ClearToken * CreateClearToken();
00077 virtual H225_CryptoH323Token * CreateCryptoToken(bool digits);
00078
00079 virtual PBoolean Finalise(
00080 PBYTEArray & rawPDU
00081 );
00082
00083 enum ValidationResult {
00084 e_OK = 0,
00085 e_Absent,
00086 e_Error,
00087 e_InvalidTime,
00088 e_BadPassword,
00089 e_ReplyAttack,
00090 e_Disabled
00091 };
00092
00093 virtual ValidationResult ValidateTokens(
00094 const PASN_Array & clearTokens,
00095 const PASN_Array & cryptoTokens,
00096 const PBYTEArray & rawPDU
00097 );
00098
00099 virtual ValidationResult ValidateClearToken(
00100 const H235_ClearToken & clearToken
00101 );
00102
00103 virtual ValidationResult ValidateCryptoToken(
00104 const H225_CryptoH323Token & cryptoToken,
00105 const PBYTEArray & rawPDU
00106 );
00107
00108 virtual PBoolean IsCapability(
00109 const H235_AuthenticationMechanism & mechansim,
00110 const PASN_ObjectId & algorithmOID
00111 ) = 0;
00112
00113 virtual PBoolean SetCapability(
00114 H225_ArrayOf_AuthenticationMechanism & mechansims,
00115 H225_ArrayOf_PASN_ObjectId & algorithmOIDs
00116 ) = 0;
00117
00118 virtual PBoolean UseGkAndEpIdentifiers() const;
00119
00120 virtual PBoolean IsSecuredPDU(
00121 unsigned rasPDU,
00122 PBoolean received
00123 ) const;
00124
00125 virtual PBoolean IsActive() const;
00126
00127 void Enable(
00128 PBoolean enab = true
00129 ) { enabled = enab; }
00130 void Disable() { enabled = false; }
00131
00132 const PString & GetRemoteId() const { return remoteId; }
00133 void SetRemoteId(const PString & id) { remoteId = id; }
00134
00135 const PString & GetLocalId() const { return localId; }
00136 void SetLocalId(const PString & id) { localId = id; }
00137
00138 const PString & GetPassword() const { return password; }
00139 void SetPassword(const PString & pw) { password = pw; }
00140
00141 enum Application {
00142 GKAdmission,
00143 EPAuthentication,
00144 LRQOnly,
00145 AnyApplication,
00146 };
00147
00148 Application GetApplication() { return usage; }
00149
00150
00151 protected:
00152 PBoolean AddCapability(
00153 unsigned mechanism,
00154 const PString & oid,
00155 H225_ArrayOf_AuthenticationMechanism & mechansims,
00156 H225_ArrayOf_PASN_ObjectId & algorithmOIDs
00157 );
00158
00159 PBoolean enabled;
00160
00161 PString remoteId;
00162 PString localId;
00163 PString password;
00164
00165 unsigned sentRandomSequenceNumber;
00166 unsigned lastRandomSequenceNumber;
00167 unsigned lastTimestamp;
00168 int timestampGracePeriod;
00169
00170 Application usage;
00171
00172 PMutex mutex;
00173
00174 private:
00175 P_REMOVE_VIRTUAL(H225_CryptoH323Token *,CreateCryptoToken(),NULL);
00176 };
00177
00178
00179 PDECLARE_LIST(H235Authenticators, H235Authenticator)
00180 public:
00181 void PreparePDU(
00182 H323TransactionPDU & pdu,
00183 PASN_Array & clearTokens,
00184 unsigned clearOptionalField,
00185 PASN_Array & cryptoTokens,
00186 unsigned cryptoOptionalField
00187 );
00188
00189 H235Authenticator::ValidationResult ValidatePDU(
00190 const H323TransactionPDU & pdu,
00191 const PASN_Array & clearTokens,
00192 unsigned clearOptionalField,
00193 const PASN_Array & cryptoTokens,
00194 unsigned cryptoOptionalField,
00195 const PBYTEArray & rawPDU
00196 );
00197 };
00198
00199
00200
00201
00206 class H235AuthSimpleMD5 : public H235Authenticator
00207 {
00208 PCLASSINFO(H235AuthSimpleMD5, H235Authenticator);
00209 public:
00210 H235AuthSimpleMD5();
00211
00212 PObject * Clone() const;
00213
00214 virtual const char * GetName() const;
00215
00216 virtual H225_CryptoH323Token * CreateCryptoToken(bool digits);
00217
00218 virtual ValidationResult ValidateCryptoToken(
00219 const H225_CryptoH323Token & cryptoToken,
00220 const PBYTEArray & rawPDU
00221 );
00222
00223 virtual PBoolean IsCapability(
00224 const H235_AuthenticationMechanism & mechansim,
00225 const PASN_ObjectId & algorithmOID
00226 );
00227
00228 virtual PBoolean SetCapability(
00229 H225_ArrayOf_AuthenticationMechanism & mechansim,
00230 H225_ArrayOf_PASN_ObjectId & algorithmOIDs
00231 );
00232
00233 virtual PBoolean IsSecuredPDU(
00234 unsigned rasPDU,
00235 PBoolean received
00236 ) const;
00237 };
00238
00239 PFACTORY_LOAD(H235AuthSimpleMD5);
00240
00241
00248 class H235AuthCAT : public H235Authenticator
00249 {
00250 PCLASSINFO(H235AuthCAT, H235Authenticator);
00251 public:
00252 H235AuthCAT();
00253
00254 PObject * Clone() const;
00255
00256 virtual const char * GetName() const;
00257
00258 virtual H235_ClearToken * CreateClearToken();
00259
00260 virtual ValidationResult ValidateClearToken(
00261 const H235_ClearToken & clearToken
00262 );
00263
00264 virtual PBoolean IsCapability(
00265 const H235_AuthenticationMechanism & mechansim,
00266 const PASN_ObjectId & algorithmOID
00267 );
00268
00269 virtual PBoolean SetCapability(
00270 H225_ArrayOf_AuthenticationMechanism & mechansim,
00271 H225_ArrayOf_PASN_ObjectId & algorithmOIDs
00272 );
00273
00274 virtual PBoolean IsSecuredPDU(
00275 unsigned rasPDU,
00276 PBoolean received
00277 ) const;
00278 };
00279
00280 PFACTORY_LOAD(H235AuthCAT);
00281
00282
00283 #if OPAL_PTLIB_SSL
00284
00287 class H235AuthProcedure1 : public H235Authenticator
00288 {
00289 PCLASSINFO(H235AuthProcedure1, H235Authenticator);
00290 public:
00291 H235AuthProcedure1();
00292
00293 PObject * Clone() const;
00294
00295 virtual const char * GetName() const;
00296
00297 virtual H225_CryptoH323Token * CreateCryptoToken(bool digits);
00298
00299 virtual PBoolean Finalise(
00300 PBYTEArray & rawPDU
00301 );
00302
00303 virtual ValidationResult ValidateCryptoToken(
00304 const H225_CryptoH323Token & cryptoToken,
00305 const PBYTEArray & rawPDU
00306 );
00307
00308 virtual PBoolean IsCapability(
00309 const H235_AuthenticationMechanism & mechansim,
00310 const PASN_ObjectId & algorithmOID
00311 );
00312
00313 virtual PBoolean SetCapability(
00314 H225_ArrayOf_AuthenticationMechanism & mechansim,
00315 H225_ArrayOf_PASN_ObjectId & algorithmOIDs
00316 );
00317
00318 virtual PBoolean UseGkAndEpIdentifiers() const;
00319 };
00320
00321 PFACTORY_LOAD(H235AuthProcedure1);
00322
00323 #endif // OPAL_PTLIB_SSL
00324
00325 #endif // OPAL_H323
00326
00327 #endif //OPAL_H323_H235AUTH_H
00328
00329