1/****************************************************************************
2**
3** Copyright (C) 2018 The Qt Company Ltd.
4** Contact: https://www.qt.io/licensing/
5**
6** This file is part of the QtNetwork module of the Qt Toolkit.
7**
8** $QT_BEGIN_LICENSE:LGPL$
9** Commercial License Usage
10** Licensees holding valid commercial Qt licenses may use this file in
11** accordance with the commercial license agreement provided with the
12** Software or, alternatively, in accordance with the terms contained in
13** a written agreement between you and The Qt Company. For licensing terms
14** and conditions see https://www.qt.io/terms-conditions. For further
15** information use the contact form at https://www.qt.io/contact-us.
16**
17** GNU Lesser General Public License Usage
18** Alternatively, this file may be used under the terms of the GNU Lesser
19** General Public License version 3 as published by the Free Software
20** Foundation and appearing in the file LICENSE.LGPL3 included in the
21** packaging of this file. Please review the following information to
22** ensure the GNU Lesser General Public License version 3 requirements
23** will be met: https://www.gnu.org/licenses/lgpl-3.0.html.
24**
25** GNU General Public License Usage
26** Alternatively, this file may be used under the terms of the GNU
27** General Public License version 2.0 or (at your option) the GNU General
28** Public license version 3 or any later version approved by the KDE Free
29** Qt Foundation. The licenses are as published by the Free Software
30** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3
31** included in the packaging of this file. Please review the following
32** information to ensure the GNU General Public License requirements will
33** be met: https://www.gnu.org/licenses/gpl-2.0.html and
34** https://www.gnu.org/licenses/gpl-3.0.html.
35**
36** $QT_END_LICENSE$
37**
38****************************************************************************/
39
40#ifndef QDTLS_H
41#define QDTLS_H
42
43#include <QtNetwork/qtnetworkglobal.h>
44
45#include <QtNetwork/qsslsocket.h>
46#include <QtNetwork/qssl.h>
47
48#include <QtCore/qcryptographichash.h>
49#include <QtCore/qobject.h>
50
51#ifndef Q_CLANG_QDOC
52QT_REQUIRE_CONFIG(dtls);
53#endif
54
55QT_BEGIN_NAMESPACE
56
57enum class QDtlsError : unsigned char
58{
59 NoError,
60 InvalidInputParameters,
61 InvalidOperation,
62 UnderlyingSocketError,
63 RemoteClosedConnectionError,
64 PeerVerificationError,
65 TlsInitializationError,
66 TlsFatalError,
67 TlsNonFatalError
68};
69
70class QHostAddress;
71class QUdpSocket;
72class QByteArray;
73class QString;
74
75class QDtlsClientVerifierPrivate;
76class Q_NETWORK_EXPORT QDtlsClientVerifier : public QObject
77{
78 Q_OBJECT
79
80public:
81
82 explicit QDtlsClientVerifier(QObject *parent = nullptr);
83 ~QDtlsClientVerifier();
84
85 struct Q_NETWORK_EXPORT GeneratorParameters
86 {
87 GeneratorParameters();
88 GeneratorParameters(QCryptographicHash::Algorithm a, const QByteArray &s);
89 QCryptographicHash::Algorithm hash = QCryptographicHash::Sha1;
90 QByteArray secret;
91 };
92
93 bool setCookieGeneratorParameters(const GeneratorParameters &params);
94 GeneratorParameters cookieGeneratorParameters() const;
95
96 bool verifyClient(QUdpSocket *socket, const QByteArray &dgram,
97 const QHostAddress &address, quint16 port);
98 QByteArray verifiedHello() const;
99
100 QDtlsError dtlsError() const;
101 QString dtlsErrorString() const;
102
103private:
104
105 Q_DECLARE_PRIVATE(QDtlsClientVerifier)
106 Q_DISABLE_COPY(QDtlsClientVerifier)
107};
108
109class QSslPreSharedKeyAuthenticator;
110template<class> class QVector;
111class QSslConfiguration;
112class QSslCipher;
113class QSslError;
114
115class QDtlsPrivate;
116class Q_NETWORK_EXPORT QDtls : public QObject
117{
118 Q_OBJECT
119
120public:
121
122 enum HandshakeState
123 {
124 HandshakeNotStarted,
125 HandshakeInProgress,
126 PeerVerificationFailed,
127 HandshakeComplete
128 };
129
130 explicit QDtls(QSslSocket::SslMode mode, QObject *parent = nullptr);
131 ~QDtls();
132
133 bool setPeer(const QHostAddress &address, quint16 port,
134 const QString &verificationName = {});
135 bool setPeerVerificationName(const QString &name);
136 QHostAddress peerAddress() const;
137 quint16 peerPort() const;
138 QString peerVerificationName() const;
139 QSslSocket::SslMode sslMode() const;
140
141 void setMtuHint(quint16 mtuHint);
142 quint16 mtuHint() const;
143
144 using GeneratorParameters = QDtlsClientVerifier::GeneratorParameters;
145 bool setCookieGeneratorParameters(const GeneratorParameters &params);
146 GeneratorParameters cookieGeneratorParameters() const;
147
148 bool setDtlsConfiguration(const QSslConfiguration &configuration);
149 QSslConfiguration dtlsConfiguration() const;
150
151 HandshakeState handshakeState() const;
152
153 bool doHandshake(QUdpSocket *socket, const QByteArray &dgram = {});
154 bool handleTimeout(QUdpSocket *socket);
155 bool resumeHandshake(QUdpSocket *socket);
156 bool abortHandshake(QUdpSocket *socket);
157 bool shutdown(QUdpSocket *socket);
158
159 bool isConnectionEncrypted() const;
160 QSslCipher sessionCipher() const;
161 QSsl::SslProtocol sessionProtocol() const;
162
163 qint64 writeDatagramEncrypted(QUdpSocket *socket, const QByteArray &dgram);
164 QByteArray decryptDatagram(QUdpSocket *socket, const QByteArray &dgram);
165
166 QDtlsError dtlsError() const;
167 QString dtlsErrorString() const;
168
169 QVector<QSslError> peerVerificationErrors() const;
170 void ignoreVerificationErrors(const QVector<QSslError> &errorsToIgnore);
171
172Q_SIGNALS:
173
174 void pskRequired(QSslPreSharedKeyAuthenticator *authenticator);
175 void handshakeTimeout();
176
177private:
178
179 bool startHandshake(QUdpSocket *socket, const QByteArray &dgram);
180 bool continueHandshake(QUdpSocket *socket, const QByteArray &dgram);
181
182 Q_DECLARE_PRIVATE(QDtls)
183 Q_DISABLE_COPY(QDtls)
184};
185
186QT_END_NAMESPACE
187
188#endif // QDTLS_H
189

source code of qtbase/src/network/ssl/qdtls.h