andre@908: #ifndef UI_SSLCONNECTION_BARE_H andre@908: #define UI_SSLCONNECTION_BARE_H andre@908: /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik andre@908: * Software engineering by Intevation GmbH andre@908: * andre@908: * This file is Free Software under the GNU GPL (v>=2) andre@908: * and comes with ABSOLUTELY NO WARRANTY! andre@908: * See LICENSE.txt for details. andre@908: */ andre@908: andre@908: #include "sslconnection.h" andre@908: andre@908: #include andre@908: #include andre@908: #include andre@908: #include andre@908: #include andre@908: #include andre@908: andre@910: #include andre@910: andre@908: /** andre@908: * @file sslconnection_bare.h andre@908: * @brief SSLConnection doing bare SSL over PolarSSL andre@1255: */ andre@1255: /** @brief SSLConnection implementation doing bare SSL over PolarSSL andre@1255: * andre@1255: * This class needs no additional libraries and parses the server responses andre@1255: * directly using QT. andre@1255: */ andre@908: class SSLConnectionBare : public SSLConnection andre@908: { andre@908: public: andre@908: SSLConnectionBare(const QString& url, andre@908: const QByteArray& certificate = QByteArray()); andre@908: andre@908: ~SSLConnectionBare(); andre@908: andre@910: int connect(); andre@908: andre@910: QDateTime getLastModifiedHeader(const QString &resource); andre@908: andre@910: bool downloadFile(const QString &resource, const QString &filename, andre@910: size_t maxSize); andre@908: andre@990: void setCiphersuites(int ciphers[]); andre@990: andre@908: private: andre@908: x509_crt mX509PinnedCert; andre@908: entropy_context mEntropy; andre@908: ctr_drbg_context mCtr_drbg; andre@908: ssl_context mSSL; andre@908: ssl_session mSavedSession; andre@908: andre@908: /* @brief: Initialize polarssl structures andre@908: * andre@908: * This wraps polarssl initialization functions andre@908: * that can return an error. andre@908: * Sets the error state accordingly. andre@908: * andre@908: * @returns: 0 on success a polarssl error otherwise. andre@908: */ andre@908: int init(); andre@908: andre@908: /* @brief Reset the connection. andre@908: * andre@908: * Resets the https connection and does another handshake. andre@908: * andre@908: * @returns: 0 on success a polarssl error or -1 otherwise. */ andre@908: int reset(); andre@908: andre@908: /* @brief validates that the certificate matches the pinned one. andre@908: * andre@908: * Checks the peer certificate of mSSL and validates that the andre@908: * certificate matches mPinnedCertificate. andre@908: * andre@908: * @returns: 0 on success a polarssl error or -1 otherwise. */ andre@908: int validateCertificate(); andre@908: andre@908: /* @brief disconnects the connection */ andre@908: void disconnect(); andre@910: andre@910: /** andre@910: * @brief parses the Headers of a repsonse. andre@910: * andre@910: * This removes the headers from the byte array passed as andre@910: * parameter. andre@910: * andre@1304: * @param[in,out] data: The response to parse. andre@910: * andre@910: * @returns: A map of the header fields. Or an empty map on error. andre@910: */ andre@910: QMap parseHeaders(QByteArray *data); andre@910: andre@910: /** @brief write */ andre@910: int write(const QByteArray& request); andre@910: andre@910: /** andre@910: * @brief read at most len bytes and reset the connection andre@910: * andre@910: * @param [in] len Amount of bytes to read. andre@910: * andre@910: * @returns a byte array containing the data or andre@910: * a NULL byte array on error*/ andre@910: QByteArray read(size_t len); andre@910: andre@908: }; andre@908: andre@908: #endif // UI_SSLCONNECTION_BARE_H