andre@908: #ifndef UI_SSLCONNECTION_BARE_H
andre@908: #define UI_SSLCONNECTION_BARE_H
andre@908: /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
andre@908:  * Software engineering by Intevation GmbH
andre@908:  *
andre@908:  * This file is Free Software under the GNU GPL (v>=2)
andre@908:  * and comes with ABSOLUTELY NO WARRANTY!
andre@908:  * See LICENSE.txt for details.
andre@908:  */
andre@908: 
andre@908: #include "sslconnection.h"
andre@908: 
andre@908: #include <polarssl/entropy.h>
andre@908: #include <polarssl/net.h>
andre@908: #include <polarssl/ssl.h>
andre@908: #include <polarssl/ctr_drbg.h>
andre@908: #include <polarssl/error.h>
andre@908: #include <polarssl/certs.h>
andre@908: 
andre@910: #include <QDateTime>
andre@910: 
andre@908: /**
andre@908:  * @file sslconnection_bare.h
andre@908:  * @brief SSLConnection doing bare SSL over PolarSSL
andre@908:  * */
andre@908: 
andre@908: class SSLConnectionBare : public SSLConnection
andre@908: {
andre@908: public:
andre@908:     SSLConnectionBare(const QString& url,
andre@908:             const QByteArray& certificate = QByteArray());
andre@908: 
andre@908:     ~SSLConnectionBare();
andre@908: 
andre@910:     int connect();
andre@908: 
andre@910:     QDateTime getLastModifiedHeader(const QString &resource);
andre@908: 
andre@910:     bool downloadFile(const QString &resource, const QString &filename,
andre@910:                       size_t maxSize);
andre@908: 
andre@990:     void setCiphersuites(int ciphers[]);
andre@990: 
andre@908: private:
andre@908:     x509_crt mX509PinnedCert;
andre@908:     entropy_context mEntropy;
andre@908:     ctr_drbg_context mCtr_drbg;
andre@908:     ssl_context mSSL;
andre@908:     ssl_session mSavedSession;
andre@908: 
andre@908:     /* @brief: Initialize polarssl structures
andre@908:      *
andre@908:      * This wraps polarssl initialization functions
andre@908:      * that can return an error.
andre@908:      * Sets the error state accordingly.
andre@908:      *
andre@908:      * @returns: 0 on success a polarssl error otherwise.
andre@908:      */
andre@908:     int init();
andre@908: 
andre@908:     /* @brief Reset the connection.
andre@908:      *
andre@908:      * Resets the https connection and does another handshake.
andre@908:      *
andre@908:      * @returns: 0 on success a polarssl error or -1 otherwise. */
andre@908:     int reset();
andre@908: 
andre@908:     /* @brief validates that the certificate matches the pinned one.
andre@908:      *
andre@908:      * Checks the peer certificate of mSSL and validates that the
andre@908:      * certificate matches mPinnedCertificate.
andre@908:      *
andre@908:      * @returns: 0 on success a polarssl error or -1 otherwise. */
andre@908:     int validateCertificate();
andre@908: 
andre@908:     /* @brief disconnects the connection */
andre@908:     void disconnect();
andre@910: 
andre@910:     /**
andre@910:      * @brief parses the Headers of a repsonse.
andre@910:      *
andre@910:      * This removes the headers from the byte array passed as
andre@910:      * parameter.
andre@910:      *
andre@910:      * @param[inout] data: The response to parse.
andre@910:      *
andre@910:      * @returns: A map of the header fields. Or an empty map on error.
andre@910:      */
andre@910:     QMap<QString, QString> parseHeaders(QByteArray *data);
andre@910: 
andre@910:     /** @brief write */
andre@910:     int write(const QByteArray& request);
andre@910: 
andre@910:     /**
andre@910:      * @brief read at most len bytes and reset the connection
andre@910:      *
andre@910:      * @param [in] len Amount of bytes to read.
andre@910:      *
andre@910:      * @returns a byte array containing the data or
andre@910:      * a NULL byte array on error*/
andre@910:     QByteArray read(size_t len);
andre@910: 
andre@908: };
andre@908: 
andre@908: #endif // UI_SSLCONNECTION_BARE_H