Mercurial > trustbridge
annotate ui/sslconnection_bare.h @ 1395:a2574a029322
Fix Base 64 signature size calculation.
If the signature byte size is not equally dividable
by three the base 64 encoding needs three additional bytes.
The value is now fixed to avoid such errors in the future.
| author | Andre Heinecke <andre.heinecke@intevation.de> |
|---|---|
| date | Mon, 26 Jan 2015 13:17:32 +0100 |
| parents | 82fab0c689bf |
| children |
| rev | line source |
|---|---|
|
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
1 #ifndef UI_SSLCONNECTION_BARE_H |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
2 #define UI_SSLCONNECTION_BARE_H |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
3 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
4 * Software engineering by Intevation GmbH |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
5 * |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
6 * This file is Free Software under the GNU GPL (v>=2) |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
7 * and comes with ABSOLUTELY NO WARRANTY! |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
8 * See LICENSE.txt for details. |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
9 */ |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
10 |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
11 #include "sslconnection.h" |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
12 |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
13 #include <polarssl/entropy.h> |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
14 #include <polarssl/net.h> |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
15 #include <polarssl/ssl.h> |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
16 #include <polarssl/ctr_drbg.h> |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
17 #include <polarssl/error.h> |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
18 #include <polarssl/certs.h> |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
19 |
|
910
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
20 #include <QDateTime> |
|
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
21 |
|
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
22 /** |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
23 * @file sslconnection_bare.h |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
24 * @brief SSLConnection doing bare SSL over PolarSSL |
|
1255
2a1aa9df8f11
(issue133) Improve API documentation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
990
diff
changeset
|
25 */ |
|
2a1aa9df8f11
(issue133) Improve API documentation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
990
diff
changeset
|
26 /** @brief SSLConnection implementation doing bare SSL over PolarSSL |
|
2a1aa9df8f11
(issue133) Improve API documentation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
990
diff
changeset
|
27 * |
|
2a1aa9df8f11
(issue133) Improve API documentation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
990
diff
changeset
|
28 * This class needs no additional libraries and parses the server responses |
|
2a1aa9df8f11
(issue133) Improve API documentation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
990
diff
changeset
|
29 * directly using QT. |
|
2a1aa9df8f11
(issue133) Improve API documentation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
990
diff
changeset
|
30 */ |
|
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
31 class SSLConnectionBare : public SSLConnection |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
32 { |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
33 public: |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
34 SSLConnectionBare(const QString& url, |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
35 const QByteArray& certificate = QByteArray()); |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
36 |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
37 ~SSLConnectionBare(); |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
38 |
|
910
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
39 int connect(); |
|
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
40 |
|
910
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
41 QDateTime getLastModifiedHeader(const QString &resource); |
|
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
42 |
|
910
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
43 bool downloadFile(const QString &resource, const QString &filename, |
|
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
44 size_t maxSize); |
|
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
45 |
|
990
2949f1842955
(issue90) Add possibility to force cipher suites in bare connection and test for this
Andre Heinecke <andre.heinecke@intevation.de>
parents:
910
diff
changeset
|
46 void setCiphersuites(int ciphers[]); |
|
2949f1842955
(issue90) Add possibility to force cipher suites in bare connection and test for this
Andre Heinecke <andre.heinecke@intevation.de>
parents:
910
diff
changeset
|
47 |
|
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
48 private: |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
49 x509_crt mX509PinnedCert; |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
50 entropy_context mEntropy; |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
51 ctr_drbg_context mCtr_drbg; |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
52 ssl_context mSSL; |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
53 ssl_session mSavedSession; |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
54 |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
55 /* @brief: Initialize polarssl structures |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
56 * |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
57 * This wraps polarssl initialization functions |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
58 * that can return an error. |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
59 * Sets the error state accordingly. |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
60 * |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
61 * @returns: 0 on success a polarssl error otherwise. |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
62 */ |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
63 int init(); |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
64 |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
65 /* @brief Reset the connection. |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
66 * |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
67 * Resets the https connection and does another handshake. |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
68 * |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
69 * @returns: 0 on success a polarssl error or -1 otherwise. */ |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
70 int reset(); |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
71 |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
72 /* @brief validates that the certificate matches the pinned one. |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
73 * |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
74 * Checks the peer certificate of mSSL and validates that the |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
75 * certificate matches mPinnedCertificate. |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
76 * |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
77 * @returns: 0 on success a polarssl error or -1 otherwise. */ |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
78 int validateCertificate(); |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
79 |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
80 /* @brief disconnects the connection */ |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
81 void disconnect(); |
|
910
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
82 |
|
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
83 /** |
|
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
84 * @brief parses the Headers of a repsonse. |
|
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
85 * |
|
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
86 * This removes the headers from the byte array passed as |
|
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
87 * parameter. |
|
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
88 * |
|
1304
82fab0c689bf
Fix doxygen syntax error. Change inout to in,out
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1255
diff
changeset
|
89 * @param[in,out] data: The response to parse. |
|
910
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
90 * |
|
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
91 * @returns: A map of the header fields. Or an empty map on error. |
|
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
92 */ |
|
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
93 QMap<QString, QString> parseHeaders(QByteArray *data); |
|
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
94 |
|
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
95 /** @brief write */ |
|
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
96 int write(const QByteArray& request); |
|
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
97 |
|
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
98 /** |
|
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
99 * @brief read at most len bytes and reset the connection |
|
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
100 * |
|
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
101 * @param [in] len Amount of bytes to read. |
|
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
102 * |
|
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
103 * @returns a byte array containing the data or |
|
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
104 * a NULL byte array on error*/ |
|
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
105 QByteArray read(size_t len); |
|
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
106 |
|
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
107 }; |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
108 |
|
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
109 #endif // UI_SSLCONNECTION_BARE_H |