Mercurial > trustbridge
view ui/sslconnection.h @ 540:d7ab9e734317
Start smaller
author | Andre Heinecke <aheinecke@intevation.de> |
---|---|
date | Tue, 29 Apr 2014 18:07:27 +0000 |
parents | 17e1c8f37d72 |
children | d1c951b3012d |
line wrap: on
line source
/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik * Software engineering by Intevation GmbH * * This file is Free Software under the GNU GPL (v>=2) * and comes with ABSOLUTELY NO WARRANTY! * See LICENSE.txt for details. */ #ifndef SSLCONNECTION_H #define SSLCONNECTION_H /** * @file sslconnection.h * @brief Qt wrapper around polarssl ssl api */ #include <QDebug> #include <QUrl> #include <QString> #include <QByteArray> #include <polarssl/entropy.h> #include <polarssl/net.h> #include <polarssl/ssl.h> #include <polarssl/ctr_drbg.h> #include <polarssl/error.h> #include <polarssl/certs.h> class SSLConnection { public: enum ErrorCode { NoError, NoConnection, SSLHandshakeFailed, InvalidCertificate, InvalidPinnedCertificate, InvalidResponse, ConnectionLost, Timeout, ErrUnknown }; /** * @brief Construct a pinned SSL Connection * * @param[in] url the Url to connect to * @param[in] certificate optional certificate to validate https connection */ SSLConnection(const QString& url, const QByteArray& certificate = QByteArray()); ~SSLConnection(); /** @brief write */ int write(const QByteArray& request); /** * @brief read at most len bytes and reset the connection * * @param [in] len Amount of bytes to read. * * @returns a byte array containing the data or * a NULL byte array on error*/ QByteArray read(size_t len); bool initialized() { return mInitialized; } bool connected() { return mConnected; } ErrorCode getLastError() { return mErrorState; } /** @brief: Establish the connection * * @returns 0 on success otherwise a polarssl error or -1 is returned */ int connect(); private: QUrl mUrl; QByteArray mPinnedCert; x509_crt mX509PinnedCert; entropy_context mEntropy; ctr_drbg_context mCtr_drbg; ssl_context mSSL; ssl_session mSavedSession; bool mInitialized; bool mConnected; /* A connection was established */ bool mNeedsReset; /* The connection needs to be reset before the next write */ int mServerFD; SSLConnection::ErrorCode mErrorState; /* @brief: Initialize polarssl structures * * This wraps polarssl initialization functions * that can return an error. * Sets the error state accordingly. * * @returns: 0 on success a polarssl error otherwise. */ int init(); /* @brief Reset the connection. * * Resets the https connection and does another handshake. * * @returns: 0 on success a polarssl error or -1 otherwise. */ int reset(); /* @brief validates that the certificate matches the pinned one. * * Checks the peer certificate of mSSL and validates that the * certificate matches mPinnedCertificate. * * @returns: 0 on success a polarssl error or -1 otherwise. */ int validateCertificate(); /* @brief disconnects the connection */ void disconnect(); }; #endif