annotate ui/sslconnection_bare.h @ 1395:a2574a029322

Fix Base 64 signature size calculation. If the signature byte size is not equally dividable by three the base 64 encoding needs three additional bytes. The value is now fixed to avoid such errors in the future.
author Andre Heinecke <andre.heinecke@intevation.de>
date Mon, 26 Jan 2015 13:17:32 +0100
parents 82fab0c689bf
children
rev   line source
908
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
1 #ifndef UI_SSLCONNECTION_BARE_H
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
2 #define UI_SSLCONNECTION_BARE_H
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
3 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
4 * Software engineering by Intevation GmbH
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
5 *
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
6 * This file is Free Software under the GNU GPL (v>=2)
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
7 * and comes with ABSOLUTELY NO WARRANTY!
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
8 * See LICENSE.txt for details.
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
9 */
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
10
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
11 #include "sslconnection.h"
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
12
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
13 #include <polarssl/entropy.h>
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
14 #include <polarssl/net.h>
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
15 #include <polarssl/ssl.h>
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
16 #include <polarssl/ctr_drbg.h>
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
17 #include <polarssl/error.h>
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
18 #include <polarssl/certs.h>
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
19
910
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
20 #include <QDateTime>
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
21
908
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
22 /**
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
23 * @file sslconnection_bare.h
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
24 * @brief SSLConnection doing bare SSL over PolarSSL
1255
2a1aa9df8f11 (issue133) Improve API documentation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 990
diff changeset
25 */
2a1aa9df8f11 (issue133) Improve API documentation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 990
diff changeset
26 /** @brief SSLConnection implementation doing bare SSL over PolarSSL
2a1aa9df8f11 (issue133) Improve API documentation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 990
diff changeset
27 *
2a1aa9df8f11 (issue133) Improve API documentation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 990
diff changeset
28 * This class needs no additional libraries and parses the server responses
2a1aa9df8f11 (issue133) Improve API documentation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 990
diff changeset
29 * directly using QT.
2a1aa9df8f11 (issue133) Improve API documentation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 990
diff changeset
30 */
908
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
31 class SSLConnectionBare : public SSLConnection
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
32 {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
33 public:
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
34 SSLConnectionBare(const QString& url,
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
35 const QByteArray& certificate = QByteArray());
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
36
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
37 ~SSLConnectionBare();
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
38
910
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
39 int connect();
908
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
40
910
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
41 QDateTime getLastModifiedHeader(const QString &resource);
908
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
42
910
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
43 bool downloadFile(const QString &resource, const QString &filename,
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
44 size_t maxSize);
908
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
45
990
2949f1842955 (issue90) Add possibility to force cipher suites in bare connection and test for this
Andre Heinecke <andre.heinecke@intevation.de>
parents: 910
diff changeset
46 void setCiphersuites(int ciphers[]);
2949f1842955 (issue90) Add possibility to force cipher suites in bare connection and test for this
Andre Heinecke <andre.heinecke@intevation.de>
parents: 910
diff changeset
47
908
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
48 private:
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
49 x509_crt mX509PinnedCert;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
50 entropy_context mEntropy;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
51 ctr_drbg_context mCtr_drbg;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
52 ssl_context mSSL;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
53 ssl_session mSavedSession;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
54
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
55 /* @brief: Initialize polarssl structures
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
56 *
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
57 * This wraps polarssl initialization functions
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
58 * that can return an error.
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
59 * Sets the error state accordingly.
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
60 *
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
61 * @returns: 0 on success a polarssl error otherwise.
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
62 */
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
63 int init();
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
64
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
65 /* @brief Reset the connection.
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
66 *
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
67 * Resets the https connection and does another handshake.
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
68 *
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
69 * @returns: 0 on success a polarssl error or -1 otherwise. */
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
70 int reset();
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
71
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
72 /* @brief validates that the certificate matches the pinned one.
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
73 *
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
74 * Checks the peer certificate of mSSL and validates that the
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
75 * certificate matches mPinnedCertificate.
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
76 *
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
77 * @returns: 0 on success a polarssl error or -1 otherwise. */
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
78 int validateCertificate();
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
79
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
80 /* @brief disconnects the connection */
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
81 void disconnect();
910
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
82
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
83 /**
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
84 * @brief parses the Headers of a repsonse.
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
85 *
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
86 * This removes the headers from the byte array passed as
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
87 * parameter.
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
88 *
1304
82fab0c689bf Fix doxygen syntax error. Change inout to in,out
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1255
diff changeset
89 * @param[in,out] data: The response to parse.
910
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
90 *
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
91 * @returns: A map of the header fields. Or an empty map on error.
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
92 */
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
93 QMap<QString, QString> parseHeaders(QByteArray *data);
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
94
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
95 /** @brief write */
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
96 int write(const QByteArray& request);
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
97
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
98 /**
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
99 * @brief read at most len bytes and reset the connection
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
100 *
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
101 * @param [in] len Amount of bytes to read.
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
102 *
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
103 * @returns a byte array containing the data or
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
104 * a NULL byte array on error*/
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
105 QByteArray read(size_t len);
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
106
908
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
107 };
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
108
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
109 #endif // UI_SSLCONNECTION_BARE_H

http://wald.intevation.org/projects/trustbridge/