FX::FXSSLPKey

FX::FXSSLPKey Class Reference
[Writing secure code]

#include <QSSLDevice.h>

List of all members.

Detailed Description

A container holding a variable length asymmetric encryption key.

This is a generic container of an asymmetric encryption key used with FX::QSSLDevice and FX::FXSSLKey which can be dumped to and from storage. Its internal state resides within the FX::Secure namespace and thus is automatically zeroed on deletion.

Currently the only supported key format is RSA. The somewhat tricky implementation details are abstracted away from you so even if new formats were to be added in the future, there would be almost no code changes.

Support for public/private key interoperability with PGP, SSH or Apache is provided by readFromPEM() and writeToPEM() which use the standard PEM format without encryption. You should even be able to give these routines X509 certificates without a problem.

Saving and loading saves the full key (both private and public parts). This is because a key takes up so little space you might as well save regenerating the public part of a key. Obviously, the storage of private keys should be secure. If you want to save just the public or private part alone, hatch it off using publicKey() and privateKey() and save just that part.

Note:
To prevent accidental sending of the private part in an IPC msg, QSSLDevice will not permit encryption using a FXSSLKey containing a private part. This should help you catch accidental programming errors which would severely impact security.

If you are dealing with a party who you cannot trust (ie; non- local software), run verify() on any FXSSLPKey's you receive from a third party before use.

File format:

+0: Key size in bits
+4: Key type (the enum)
+6: "PUB1" or "PRV1" denoting public or private key respectively
+10: length of key in bytes
+14: Key data in big-endian format
+n: next tag, or "ENDK" for no more

Definition at line 82 of file QSSLDevice.h.

Public Types

 NoEncryption
 RSA
 DH
enum  KeyType { NoEncryption, RSA, DH }

Public Member Functions

 FXSSLPKey (FXuint bitsize=0, KeyType type=NoEncryption)
 ~FXSSLPKey ()
 FXSSLPKey (const FXSSLPKey &other)
FXSSLPKeyoperator= (const FXSSLPKey &other)
bool operator== (const FXSSLPKey &other) const
bool operator!= (const FXSSLPKey &other) const
bool operator< (const FXSSLPKey &other) const
bool operator> (const FXSSLPKey &other) const
KeyType type () const throw ()
void setType (KeyType type)
FXString typeAsString () const
FXuint bytesLen () const throw ()
FXuint bitsLen () const throw ()
void setBitsLen (FXuint newsize)
bool hasPublicKey () const throw ()
FXSSLPKey publicKey () const
FXString publicKeyAsString () const
Secure::TigerHashValue publicKeyAsHash () const
bool hasPrivateKey () const throw ()
FXSSLPKey privateKey () const
void generate ()
bool verify () const
void readFromPEM (QIODevice *dev)
void writeAsPEM (QIODevice *dev) const

Static Public Member Functions

static FXSSLPKey publicKeyFromString (const FXString &s, KeyType type)

Friends

class QSSLDevice
FXAPI FXStreamoperator<< (FXStream &s, const FXSSLPKey &i)
FXAPI FXStreamoperator>> (FXStream &s, FXSSLPKey &i)

The documentation for this class was generated from the following file:
(C) 2002-2009 Niall Douglas. Some parts (C) to assorted authors.
Generated on Fri Nov 20 18:37:44 2009 for TnFOX by doxygen v1.4.7