1 /**************************************************************************** 2 ** 3 ** Copyright (C) 2018 The Qt Company Ltd. 4 ** Contact: https://www.qt.io/licensing/ 5 ** 6 ** This file is part of the QtNetwork module of the Qt Toolkit. 7 ** 8 ** $QT_BEGIN_LICENSE:LGPL$ 9 ** Commercial License Usage 10 ** Licensees holding valid commercial Qt licenses may use this file in 11 ** accordance with the commercial license agreement provided with the 12 ** Software or, alternatively, in accordance with the terms contained in 13 ** a written agreement between you and The Qt Company. For licensing terms 14 ** and conditions see https://www.qt.io/terms-conditions. For further 15 ** information use the contact form at https://www.qt.io/contact-us. 16 ** 17 ** GNU Lesser General Public License Usage 18 ** Alternatively, this file may be used under the terms of the GNU Lesser 19 ** General Public License version 3 as published by the Free Software 20 ** Foundation and appearing in the file LICENSE.LGPL3 included in the 21 ** packaging of this file. Please review the following information to 22 ** ensure the GNU Lesser General Public License version 3 requirements 23 ** will be met: https://www.gnu.org/licenses/lgpl-3.0.html. 24 ** 25 ** GNU General Public License Usage 26 ** Alternatively, this file may be used under the terms of the GNU 27 ** General Public License version 2.0 or (at your option) the GNU General 28 ** Public license version 3 or any later version approved by the KDE Free 29 ** Qt Foundation. The licenses are as published by the Free Software 30 ** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3 31 ** included in the packaging of this file. Please review the following 32 ** information to ensure the GNU General Public License requirements will 33 ** be met: https://www.gnu.org/licenses/gpl-2.0.html and 34 ** https://www.gnu.org/licenses/gpl-3.0.html. 35 ** 36 ** $QT_END_LICENSE$ 37 ** 38 ****************************************************************************/ 39 40 #ifndef QDTLS_H 41 #define QDTLS_H 42 43 #include <QtNetwork/qtnetworkglobal.h> 44 45 #include <QtNetwork/qsslsocket.h> 46 #include <QtNetwork/qssl.h> 47 48 #include <QtCore/qcryptographichash.h> 49 #include <QtCore/qobject.h> 50 51 #ifndef Q_CLANG_QDOC 52 QT_REQUIRE_CONFIG(dtls); 53 #endif 54 55 QT_BEGIN_NAMESPACE 56 57 enum class QDtlsError : unsigned char 58 { 59 NoError, 60 InvalidInputParameters, 61 InvalidOperation, 62 UnderlyingSocketError, 63 RemoteClosedConnectionError, 64 PeerVerificationError, 65 TlsInitializationError, 66 TlsFatalError, 67 TlsNonFatalError 68 }; 69 70 class QHostAddress; 71 class QUdpSocket; 72 class QByteArray; 73 class QString; 74 75 class QDtlsClientVerifierPrivate; 76 class Q_NETWORK_EXPORT QDtlsClientVerifier : public QObject 77 { 78 Q_OBJECT 79 80 public: 81 82 explicit QDtlsClientVerifier(QObject *parent = nullptr); 83 ~QDtlsClientVerifier(); 84 85 struct Q_NETWORK_EXPORT GeneratorParameters 86 { 87 GeneratorParameters(); 88 GeneratorParameters(QCryptographicHash::Algorithm a, const QByteArray &s); 89 QCryptographicHash::Algorithm hash = QCryptographicHash::Sha1; 90 QByteArray secret; 91 }; 92 93 bool setCookieGeneratorParameters(const GeneratorParameters ¶ms); 94 GeneratorParameters cookieGeneratorParameters() const; 95 96 bool verifyClient(QUdpSocket *socket, const QByteArray &dgram, 97 const QHostAddress &address, quint16 port); 98 QByteArray verifiedHello() const; 99 100 QDtlsError dtlsError() const; 101 QString dtlsErrorString() const; 102 103 private: 104 105 Q_DECLARE_PRIVATE(QDtlsClientVerifier) 106 Q_DISABLE_COPY(QDtlsClientVerifier) 107 }; 108 109 class QSslPreSharedKeyAuthenticator; 110 template<class> class QVector; 111 class QSslConfiguration; 112 class QSslCipher; 113 class QSslError; 114 115 class QDtlsPrivate; 116 class Q_NETWORK_EXPORT QDtls : public QObject 117 { 118 Q_OBJECT 119 120 public: 121 122 enum HandshakeState 123 { 124 HandshakeNotStarted, 125 HandshakeInProgress, 126 PeerVerificationFailed, 127 HandshakeComplete 128 }; 129 130 explicit QDtls(QSslSocket::SslMode mode, QObject *parent = nullptr); 131 ~QDtls(); 132 133 bool setPeer(const QHostAddress &address, quint16 port, 134 const QString &verificationName = {}); 135 bool setPeerVerificationName(const QString &name); 136 QHostAddress peerAddress() const; 137 quint16 peerPort() const; 138 QString peerVerificationName() const; 139 QSslSocket::SslMode sslMode() const; 140 141 void setMtuHint(quint16 mtuHint); 142 quint16 mtuHint() const; 143 144 using GeneratorParameters = QDtlsClientVerifier::GeneratorParameters; 145 bool setCookieGeneratorParameters(const GeneratorParameters ¶ms); 146 GeneratorParameters cookieGeneratorParameters() const; 147 148 bool setDtlsConfiguration(const QSslConfiguration &configuration); 149 QSslConfiguration dtlsConfiguration() const; 150 151 HandshakeState handshakeState() const; 152 153 bool doHandshake(QUdpSocket *socket, const QByteArray &dgram = {}); 154 bool handleTimeout(QUdpSocket *socket); 155 bool resumeHandshake(QUdpSocket *socket); 156 bool abortHandshake(QUdpSocket *socket); 157 bool shutdown(QUdpSocket *socket); 158 159 bool isConnectionEncrypted() const; 160 QSslCipher sessionCipher() const; 161 QSsl::SslProtocol sessionProtocol() const; 162 163 qint64 writeDatagramEncrypted(QUdpSocket *socket, const QByteArray &dgram); 164 QByteArray decryptDatagram(QUdpSocket *socket, const QByteArray &dgram); 165 166 QDtlsError dtlsError() const; 167 QString dtlsErrorString() const; 168 169 QVector<QSslError> peerVerificationErrors() const; 170 void ignoreVerificationErrors(const QVector<QSslError> &errorsToIgnore); 171 172 Q_SIGNALS: 173 174 void pskRequired(QSslPreSharedKeyAuthenticator *authenticator); 175 void handshakeTimeout(); 176 177 private: 178 179 bool startHandshake(QUdpSocket *socket, const QByteArray &dgram); 180 bool continueHandshake(QUdpSocket *socket, const QByteArray &dgram); 181 182 Q_DECLARE_PRIVATE(QDtls) 183 Q_DISABLE_COPY(QDtls) 184 }; 185 186 QT_END_NAMESPACE 187 188 #endif // QDTLS_H 189