Mercurial > trustbridge
view ui/sslconnection_bare.h @ 1012:a80abef948fa
(issue86) Initialize NSS db with empty pin in case it needs it.
author | Andre Heinecke <andre.heinecke@intevation.de> |
---|---|
date | Tue, 02 Sep 2014 15:20:24 +0200 |
parents | 2949f1842955 |
children | 2a1aa9df8f11 |
line wrap: on
line source
#ifndef UI_SSLCONNECTION_BARE_H #define UI_SSLCONNECTION_BARE_H /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik * Software engineering by Intevation GmbH * * This file is Free Software under the GNU GPL (v>=2) * and comes with ABSOLUTELY NO WARRANTY! * See LICENSE.txt for details. */ #include "sslconnection.h" #include <polarssl/entropy.h> #include <polarssl/net.h> #include <polarssl/ssl.h> #include <polarssl/ctr_drbg.h> #include <polarssl/error.h> #include <polarssl/certs.h> #include <QDateTime> /** * @file sslconnection_bare.h * @brief SSLConnection doing bare SSL over PolarSSL * */ class SSLConnectionBare : public SSLConnection { public: SSLConnectionBare(const QString& url, const QByteArray& certificate = QByteArray()); ~SSLConnectionBare(); int connect(); QDateTime getLastModifiedHeader(const QString &resource); bool downloadFile(const QString &resource, const QString &filename, size_t maxSize); void setCiphersuites(int ciphers[]); private: x509_crt mX509PinnedCert; entropy_context mEntropy; ctr_drbg_context mCtr_drbg; ssl_context mSSL; ssl_session mSavedSession; /* @brief: Initialize polarssl structures * * This wraps polarssl initialization functions * that can return an error. * Sets the error state accordingly. * * @returns: 0 on success a polarssl error otherwise. */ int init(); /* @brief Reset the connection. * * Resets the https connection and does another handshake. * * @returns: 0 on success a polarssl error or -1 otherwise. */ int reset(); /* @brief validates that the certificate matches the pinned one. * * Checks the peer certificate of mSSL and validates that the * certificate matches mPinnedCertificate. * * @returns: 0 on success a polarssl error or -1 otherwise. */ int validateCertificate(); /* @brief disconnects the connection */ void disconnect(); /** * @brief parses the Headers of a repsonse. * * This removes the headers from the byte array passed as * parameter. * * @param[inout] data: The response to parse. * * @returns: A map of the header fields. Or an empty map on error. */ QMap<QString, QString> parseHeaders(QByteArray *data); /** @brief write */ int write(const QByteArray& request); /** * @brief read at most len bytes and reset the connection * * @param [in] len Amount of bytes to read. * * @returns a byte array containing the data or * a NULL byte array on error*/ QByteArray read(size_t len); }; #endif // UI_SSLCONNECTION_BARE_H