Mercurial > trustbridge
comparison ui/sslconnection.h @ 908:d1c951b3012d
Curl based implementation of sslconnection
author | Andre Heinecke <andre.heinecke@intevation.de> |
---|---|
date | Wed, 13 Aug 2014 19:35:08 +0200 |
parents | 17e1c8f37d72 |
children | eaed02defe6a |
comparison
equal
deleted
inserted
replaced
907:7bd75417e14e | 908:d1c951b3012d |
---|---|
15 | 15 |
16 #include <QDebug> | 16 #include <QDebug> |
17 #include <QUrl> | 17 #include <QUrl> |
18 #include <QString> | 18 #include <QString> |
19 #include <QByteArray> | 19 #include <QByteArray> |
20 | |
21 #include <polarssl/entropy.h> | |
22 #include <polarssl/net.h> | |
23 #include <polarssl/ssl.h> | |
24 #include <polarssl/ctr_drbg.h> | |
25 #include <polarssl/error.h> | |
26 #include <polarssl/certs.h> | |
27 | 20 |
28 class SSLConnection | 21 class SSLConnection |
29 { | 22 { |
30 public: | 23 public: |
31 enum ErrorCode { | 24 enum ErrorCode { |
45 * | 38 * |
46 * @param[in] url the Url to connect to | 39 * @param[in] url the Url to connect to |
47 * @param[in] certificate optional certificate to validate https connection | 40 * @param[in] certificate optional certificate to validate https connection |
48 */ | 41 */ |
49 SSLConnection(const QString& url, | 42 SSLConnection(const QString& url, |
50 const QByteArray& certificate = QByteArray()); | 43 const QByteArray& certificate = QByteArray()) : |
44 mUrl(url), | |
45 mPinnedCert(certificate), | |
46 mInitialized(false), | |
47 mConnected(false), | |
48 mNeedsReset(false), | |
49 mServerFD(-1), | |
50 mErrorState(NoError) {}; | |
51 | 51 |
52 ~SSLConnection(); | 52 virtual ~SSLConnection() {}; |
53 | 53 |
54 /** @brief write */ | 54 /** @brief write */ |
55 int write(const QByteArray& request); | 55 virtual int write(const QByteArray& request) = 0; |
56 | 56 |
57 /** | 57 /** |
58 * @brief read at most len bytes and reset the connection | 58 * @brief read at most len bytes and reset the connection |
59 * | 59 * |
60 * @param [in] len Amount of bytes to read. | 60 * @param [in] len Amount of bytes to read. |
61 * | 61 * |
62 * @returns a byte array containing the data or | 62 * @returns a byte array containing the data or |
63 * a NULL byte array on error*/ | 63 * a NULL byte array on error*/ |
64 QByteArray read(size_t len); | 64 virtual QByteArray read(size_t len) = 0; |
65 | 65 |
66 bool initialized() { return mInitialized; } | 66 bool initialized() { return mInitialized; } |
67 bool connected() { return mConnected; } | 67 bool connected() { return mConnected; } |
68 | 68 |
69 ErrorCode getLastError() { return mErrorState; } | 69 ErrorCode getLastError() { return mErrorState; } |
70 | 70 |
71 /** @brief: Establish the connection | 71 /** @brief: Establish the connection |
72 * | 72 * |
73 * @returns 0 on success otherwise a polarssl error or -1 is returned | 73 * @returns 0 on success otherwise an error or -1 is returned |
74 */ | 74 */ |
75 int connect(); | 75 virtual int connect() = 0; |
76 | 76 |
77 private: | 77 protected: |
78 QUrl mUrl; | 78 QUrl mUrl; |
79 QByteArray mPinnedCert; | 79 QByteArray mPinnedCert; |
80 x509_crt mX509PinnedCert; | |
81 entropy_context mEntropy; | |
82 ctr_drbg_context mCtr_drbg; | |
83 ssl_context mSSL; | |
84 ssl_session mSavedSession; | |
85 bool mInitialized; | 80 bool mInitialized; |
86 bool mConnected; /* A connection was established */ | 81 bool mConnected; /* A connection was established */ |
87 bool mNeedsReset; /* The connection needs to be reset before the next | 82 bool mNeedsReset; /* The connection needs to be reset before the next |
88 write */ | 83 write */ |
89 int mServerFD; | 84 int mServerFD; |
90 SSLConnection::ErrorCode mErrorState; | 85 SSLConnection::ErrorCode mErrorState; |
91 /* @brief: Initialize polarssl structures | |
92 * | |
93 * This wraps polarssl initialization functions | |
94 * that can return an error. | |
95 * Sets the error state accordingly. | |
96 * | |
97 * @returns: 0 on success a polarssl error otherwise. | |
98 */ | |
99 int init(); | |
100 | |
101 /* @brief Reset the connection. | |
102 * | |
103 * Resets the https connection and does another handshake. | |
104 * | |
105 * @returns: 0 on success a polarssl error or -1 otherwise. */ | |
106 int reset(); | |
107 | |
108 /* @brief validates that the certificate matches the pinned one. | |
109 * | |
110 * Checks the peer certificate of mSSL and validates that the | |
111 * certificate matches mPinnedCertificate. | |
112 * | |
113 * @returns: 0 on success a polarssl error or -1 otherwise. */ | |
114 int validateCertificate(); | |
115 | |
116 /* @brief disconnects the connection */ | |
117 void disconnect(); | |
118 }; | 86 }; |
119 | 87 |
120 #endif | 88 #endif |