Mercurial > trustbridge
comparison ui/sslconnection.h @ 908:d1c951b3012d
Curl based implementation of sslconnection
| author | Andre Heinecke <andre.heinecke@intevation.de> |
|---|---|
| date | Wed, 13 Aug 2014 19:35:08 +0200 |
| parents | 17e1c8f37d72 |
| children | eaed02defe6a |
comparison
equal
deleted
inserted
replaced
| 907:7bd75417e14e | 908:d1c951b3012d |
|---|---|
| 15 | 15 |
| 16 #include <QDebug> | 16 #include <QDebug> |
| 17 #include <QUrl> | 17 #include <QUrl> |
| 18 #include <QString> | 18 #include <QString> |
| 19 #include <QByteArray> | 19 #include <QByteArray> |
| 20 | |
| 21 #include <polarssl/entropy.h> | |
| 22 #include <polarssl/net.h> | |
| 23 #include <polarssl/ssl.h> | |
| 24 #include <polarssl/ctr_drbg.h> | |
| 25 #include <polarssl/error.h> | |
| 26 #include <polarssl/certs.h> | |
| 27 | 20 |
| 28 class SSLConnection | 21 class SSLConnection |
| 29 { | 22 { |
| 30 public: | 23 public: |
| 31 enum ErrorCode { | 24 enum ErrorCode { |
| 45 * | 38 * |
| 46 * @param[in] url the Url to connect to | 39 * @param[in] url the Url to connect to |
| 47 * @param[in] certificate optional certificate to validate https connection | 40 * @param[in] certificate optional certificate to validate https connection |
| 48 */ | 41 */ |
| 49 SSLConnection(const QString& url, | 42 SSLConnection(const QString& url, |
| 50 const QByteArray& certificate = QByteArray()); | 43 const QByteArray& certificate = QByteArray()) : |
| 44 mUrl(url), | |
| 45 mPinnedCert(certificate), | |
| 46 mInitialized(false), | |
| 47 mConnected(false), | |
| 48 mNeedsReset(false), | |
| 49 mServerFD(-1), | |
| 50 mErrorState(NoError) {}; | |
| 51 | 51 |
| 52 ~SSLConnection(); | 52 virtual ~SSLConnection() {}; |
| 53 | 53 |
| 54 /** @brief write */ | 54 /** @brief write */ |
| 55 int write(const QByteArray& request); | 55 virtual int write(const QByteArray& request) = 0; |
| 56 | 56 |
| 57 /** | 57 /** |
| 58 * @brief read at most len bytes and reset the connection | 58 * @brief read at most len bytes and reset the connection |
| 59 * | 59 * |
| 60 * @param [in] len Amount of bytes to read. | 60 * @param [in] len Amount of bytes to read. |
| 61 * | 61 * |
| 62 * @returns a byte array containing the data or | 62 * @returns a byte array containing the data or |
| 63 * a NULL byte array on error*/ | 63 * a NULL byte array on error*/ |
| 64 QByteArray read(size_t len); | 64 virtual QByteArray read(size_t len) = 0; |
| 65 | 65 |
| 66 bool initialized() { return mInitialized; } | 66 bool initialized() { return mInitialized; } |
| 67 bool connected() { return mConnected; } | 67 bool connected() { return mConnected; } |
| 68 | 68 |
| 69 ErrorCode getLastError() { return mErrorState; } | 69 ErrorCode getLastError() { return mErrorState; } |
| 70 | 70 |
| 71 /** @brief: Establish the connection | 71 /** @brief: Establish the connection |
| 72 * | 72 * |
| 73 * @returns 0 on success otherwise a polarssl error or -1 is returned | 73 * @returns 0 on success otherwise an error or -1 is returned |
| 74 */ | 74 */ |
| 75 int connect(); | 75 virtual int connect() = 0; |
| 76 | 76 |
| 77 private: | 77 protected: |
| 78 QUrl mUrl; | 78 QUrl mUrl; |
| 79 QByteArray mPinnedCert; | 79 QByteArray mPinnedCert; |
| 80 x509_crt mX509PinnedCert; | |
| 81 entropy_context mEntropy; | |
| 82 ctr_drbg_context mCtr_drbg; | |
| 83 ssl_context mSSL; | |
| 84 ssl_session mSavedSession; | |
| 85 bool mInitialized; | 80 bool mInitialized; |
| 86 bool mConnected; /* A connection was established */ | 81 bool mConnected; /* A connection was established */ |
| 87 bool mNeedsReset; /* The connection needs to be reset before the next | 82 bool mNeedsReset; /* The connection needs to be reset before the next |
| 88 write */ | 83 write */ |
| 89 int mServerFD; | 84 int mServerFD; |
| 90 SSLConnection::ErrorCode mErrorState; | 85 SSLConnection::ErrorCode mErrorState; |
| 91 /* @brief: Initialize polarssl structures | |
| 92 * | |
| 93 * This wraps polarssl initialization functions | |
| 94 * that can return an error. | |
| 95 * Sets the error state accordingly. | |
| 96 * | |
| 97 * @returns: 0 on success a polarssl error otherwise. | |
| 98 */ | |
| 99 int init(); | |
| 100 | |
| 101 /* @brief Reset the connection. | |
| 102 * | |
| 103 * Resets the https connection and does another handshake. | |
| 104 * | |
| 105 * @returns: 0 on success a polarssl error or -1 otherwise. */ | |
| 106 int reset(); | |
| 107 | |
| 108 /* @brief validates that the certificate matches the pinned one. | |
| 109 * | |
| 110 * Checks the peer certificate of mSSL and validates that the | |
| 111 * certificate matches mPinnedCertificate. | |
| 112 * | |
| 113 * @returns: 0 on success a polarssl error or -1 otherwise. */ | |
| 114 int validateCertificate(); | |
| 115 | |
| 116 /* @brief disconnects the connection */ | |
| 117 void disconnect(); | |
| 118 }; | 86 }; |
| 119 | 87 |
| 120 #endif | 88 #endif |