Qt 4.8
qsslsocket_openssl_p.h
Go to the documentation of this file.
1 /****************************************************************************
2 **
3 ** Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies).
4 ** Contact: http://www.qt-project.org/legal
5 **
6 ** This file is part of the QtNetwork module of the Qt Toolkit.
7 **
8 ** $QT_BEGIN_LICENSE:LGPL$
9 ** Commercial License Usage
10 ** Licensees holding valid commercial Qt licenses may use this file in
11 ** accordance with the commercial license agreement provided with the
12 ** Software or, alternatively, in accordance with the terms contained in
13 ** a written agreement between you and Digia. For licensing terms and
14 ** conditions see http://qt.digia.com/licensing. For further information
15 ** use the contact form at http://qt.digia.com/contact-us.
16 **
17 ** GNU Lesser General Public License Usage
18 ** Alternatively, this file may be used under the terms of the GNU Lesser
19 ** General Public License version 2.1 as published by the Free Software
20 ** Foundation and appearing in the file LICENSE.LGPL included in the
21 ** packaging of this file. Please review the following information to
22 ** ensure the GNU Lesser General Public License version 2.1 requirements
23 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
24 **
25 ** In addition, as a special exception, Digia gives you certain additional
26 ** rights. These rights are described in the Digia Qt LGPL Exception
27 ** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
28 **
29 ** GNU General Public License Usage
30 ** Alternatively, this file may be used under the terms of the GNU
31 ** General Public License version 3.0 as published by the Free Software
32 ** Foundation and appearing in the file LICENSE.GPL included in the
33 ** packaging of this file. Please review the following information to
34 ** ensure the GNU General Public License version 3.0 requirements will be
35 ** met: http://www.gnu.org/copyleft/gpl.html.
36 **
37 **
38 ** $QT_END_LICENSE$
39 **
40 ****************************************************************************/
41 
42 
43 #ifndef QSSLSOCKET_OPENSSL_P_H
44 #define QSSLSOCKET_OPENSSL_P_H
45 
46 //
47 // W A R N I N G
48 // -------------
49 //
50 // This file is not part of the Qt API. It exists for the convenience
51 // of the QLibrary class. This header file may change from
52 // version to version without notice, or even be removed.
53 //
54 // We mean it.
55 //
56 
57 #include "qsslsocket_p.h"
58 
59 #ifdef Q_OS_WIN
60 #include <qt_windows.h>
61 #if defined(OCSP_RESPONSE)
62 #undef OCSP_RESPONSE
63 #endif
64 #endif
65 
66 #include <openssl/asn1.h>
67 #include <openssl/bio.h>
68 #include <openssl/bn.h>
69 #include <openssl/err.h>
70 #include <openssl/evp.h>
71 #include <openssl/pem.h>
72 #include <openssl/pkcs12.h>
73 #include <openssl/pkcs7.h>
74 #include <openssl/rand.h>
75 #include <openssl/ssl.h>
76 #include <openssl/stack.h>
77 #include <openssl/x509.h>
78 #include <openssl/x509v3.h>
79 #include <openssl/x509_vfy.h>
80 #include <openssl/dsa.h>
81 #include <openssl/rsa.h>
82 #include <openssl/crypto.h>
83 #if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT)
84 #include <openssl/tls1.h>
85 #endif
86 
87 #if OPENSSL_VERSION_NUMBER >= 0x10000000L
88 typedef _STACK STACK;
89 #endif
90 
92 
94 {
96 public:
98  virtual ~QSslSocketBackendPrivate();
99 
100  // SSL context
101  bool initSslContext();
102  void destroySslContext();
103  SSL *ssl;
104  SSL_CTX *ctx;
105  EVP_PKEY *pkey;
106  BIO *readBio;
107  BIO *writeBio;
108  SSL_SESSION *session;
109  X509_STORE *certificateStore;
110  X509_STORE_CTX *certificateStoreCtx;
112 
113  // Platform specific functions
114  void startClientEncryption();
115  void startServerEncryption();
116  void transmit();
117  bool startHandshake();
118  void disconnectFromHost();
119  void disconnected();
120  QSslCipher sessionCipher() const;
121 
122  static QSslCipher QSslCipher_from_SSL_CIPHER(SSL_CIPHER *cipher);
124  Q_AUTOTEST_EXPORT static bool isMatchingHostname(const QString &cn, const QString &hostname);
125  static QString getErrorsFromOpenSsl();
126 };
127 
128 #if defined(Q_OS_SYMBIAN)
129 
130 #include <QByteArray>
131 #include <e32base.h>
132 #include <f32file.h>
133 #include <unifiedcertstore.h> // link against certstore.lib
134 #include <ccertattributefilter.h> // link against ctframework.lib
135 
136 // The purpose of this class is to wrap the asynchronous API of Symbian certificate store to one
137 // synchronizable call. The user of this class needs to provide a TRequestStatus object which can
138 // be used with User::WaitForRequest() unlike with the calls of the certificate store API.
139 // A thread is used instead of a CActiveSchedulerWait scheme, because that would make the call
140 // asynchronous (other events might be processed during the call even though the call would be seemingly
141 // synchronous).
142 
143 class CSymbianCertificateRetriever : public CActive
144 {
145 public:
146  static CSymbianCertificateRetriever* NewL();
147  ~CSymbianCertificateRetriever();
148 
149  int GetCertificates(QList<QByteArray> &aCertificates);
150 
151 private:
152  void ConstructL();
153  CSymbianCertificateRetriever();
154  static TInt ThreadEntryPoint(TAny* aParams);
155  void doThreadEntryL();
156  void GetCertificateL();
157  void DoCancel();
158  void RunL();
159  TInt RunError(TInt aError);
160 
161 private:
162  enum {
163  Initializing,
164  Listing,
165  RetrievingCertificates
166  } iState;
167 
168  RThread iThread;
169  CUnifiedCertStore* iCertStore;
170  RMPointerArray<CCTCertInfo> iCertInfos;
171  CCertAttributeFilter* iCertFilter;
172  TInt iCurrentCertIndex;
173  QByteArray iCertificateData;
174  TPtr8 iCertificatePtr;
175  QList<QByteArray>* iCertificates;
176  TInt iSequenceError;
177 };
178 
179 
180 #endif
181 
182 
184 
185 #endif
#define QT_END_NAMESPACE
This macro expands to.
Definition: qglobal.h:90
X509_STORE_CTX * certificateStoreCtx
The QByteArray class provides an array of bytes.
Definition: qbytearray.h:135
The QSslSocket class provides an SSL encrypted socket for both clients and servers.
Definition: qsslsocket.h:67
The QString class provides a Unicode character string.
Definition: qstring.h:83
static QList< QSslCertificate > STACKOFX509_to_QSslCertificates(STACK_OF(X509) *x509)
The QSslCipher class represents an SSL cryptographic cipher.
Definition: qsslcipher.h:59
#define QT_BEGIN_NAMESPACE
This macro expands to.
Definition: qglobal.h:89
struct x509_st X509
void transmit()
Transmits encrypted data between the BIOs and the socket.
#define Q_DECLARE_PUBLIC(Class)
Definition: qglobal.h:2477
QSslCipher sessionCipher() const
#define Q_AUTOTEST_EXPORT
Definition: qglobal.h:1510
QList< QPair< int, int > > errorList
static QSslCipher QSslCipher_from_SSL_CIPHER(SSL_CIPHER *cipher)
static QString getErrorsFromOpenSsl()
STACK_OF(SSL_CIPHER) *SSL_get_ciphers SSL *a
static Q_AUTOTEST_EXPORT bool isMatchingHostname(const QString &cn, const QString &hostname)
The QList class is a template class that provides lists.
Definition: qdatastream.h:62