qocspresponse.cpp source code [qtbase/src/network/ssl/qocspresponse.cpp]

1	/****************************************************************************
2	** Copyright (C) 2011 Richard J. Moore <rich@kde.org>
3	** Copyright (C) 2019 The Qt Company Ltd.
4	** Contact: https://www.qt.io/licensing/
5	**
6	** This file is part of the QtNetwork module of the Qt Toolkit.
7	**
8	** $QT_BEGIN_LICENSE:LGPL$
9	** Commercial License Usage
10	** Licensees holding valid commercial Qt licenses may use this file in
11	** accordance with the commercial license agreement provided with the
12	** Software or, alternatively, in accordance with the terms contained in
13	** a written agreement between you and The Qt Company. For licensing terms
14	** and conditions see https://www.qt.io/terms-conditions. For further
15	** information use the contact form at https://www.qt.io/contact-us.
16	**
17	** GNU Lesser General Public License Usage
18	** Alternatively, this file may be used under the terms of the GNU Lesser
19	** General Public License version 3 as published by the Free Software
20	** Foundation and appearing in the file LICENSE.LGPL3 included in the
21	** packaging of this file. Please review the following information to
22	** ensure the GNU Lesser General Public License version 3 requirements
23	** will be met: https://www.gnu.org/licenses/lgpl-3.0.html.
24	**
25	** GNU General Public License Usage
26	** Alternatively, this file may be used under the terms of the GNU
27	** General Public License version 2.0 or (at your option) the GNU General
28	** Public license version 3 or any later version approved by the KDE Free
29	** Qt Foundation. The licenses are as published by the Free Software
30	** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3
31	** included in the packaging of this file. Please review the following
32	** information to ensure the GNU General Public License requirements will
33	** be met: https://www.gnu.org/licenses/gpl-2.0.html and
34	** https://www.gnu.org/licenses/gpl-3.0.html.
35	**
36	** $QT_END_LICENSE$
37	**
38	****************************************************************************/
39
40	#include "qocspresponse_p.h"
41	#include "qocspresponse.h"
42
43	#include "qhashfunctions.h"
44
45	QT_BEGIN_NAMESPACE
46
47	/!*
48	\class QOcspResponse
49	\brief This class represents Online Certificate Status Protocol response.
50	\since 5.13
51
52	\ingroup network
53	\ingroup ssl
54	\inmodule QtNetwork
55
56	The QOcspResponse class represents the revocation status of a server's certificate,
57	received by the client-side socket during the TLS handshake. QSslSocket must be
58	configured with OCSP stapling enabled.
59
60	\sa QSslSocket, QSslSocket::ocspResponses(), certificateStatus(),
61	revocationReason(), responder(), subject(), QOcspCertificateStatus, QOcspRevocationReason,
62	QSslConfiguration::setOcspStaplingEnabled(), QSslConfiguration::ocspStaplingEnabled(),
63	QSslConfiguration::peerCertificate()
64	*/
65
66	/!*
67	\enum QOcspCertificateStatus
68	\brief Describes the Online Certificate Status
69	\relates QOcspResponse
70	\since 5.13
71
72	\ingroup network
73	\ingroup ssl
74	\inmodule QtNetwork
75
76	\value Good The certificate is not revoked, but this does not necessarily
77	mean that the certificate was ever issued or that the time at which
78	the response was produced is within the certificate's validity interval.
79	\value Revoked This state indicates that the certificate has been revoked
80	(either permanently or temporarily - on hold).
81	\value Unknown This state indicates that the responder doesn't know about
82	the certificate being requested.
83
84	\sa QOcspRevocationReason
85	*/
86
87	/!*
88	\enum QOcspRevocationReason
89	\brief Describes the reason for revocation
90	\relates QOcspResponse
91	\since 5.13
92
93	\ingroup network
94	\ingroup ssl
95	\inmodule QtNetwork
96
97
98	This enumeration describes revocation reasons, defined in \l{https://tools.ietf.org/html/rfc5280#section-5.3.1}{RFC 5280, section 5.3.1}
99
100	\value None
101	\value Unspecified
102	\value KeyCompromise
103	\value CACompromise
104	\value AffiliationChanged
105	\value Superseded
106	\value CessationOfOperation
107	\value CertificateHold
108	\value RemoveFromCRL
109	*/
110
111	/!*
112	\since 5.13
113
114	Creates a new response with status QOcspCertificateStatus::Unknown
115	and revocation reason QOcspRevocationReason::None.
116
117	\sa QOcspCertificateStatus
118	*/
119	QOcspResponse::QOcspResponse()
120	: d (new QOcspResponsePrivate)
121	{
122	}
123
124	/!*
125	\since 5.13
126
127	Copy-constructs a QOcspResponse instance.
128	*/
129	QOcspResponse::QOcspResponse(const QOcspResponse &) = default;
130
131	/!*
132	\since 5.13
133
134	Move-constructs a QOcspResponse instance.
135	*/
136	QOcspResponse::QOcspResponse(QOcspResponse &&) noexcept = default;
137
138	/!*
139	\since 5.13
140
141	Destroys the response.
142	*/
143	QOcspResponse::~QOcspResponse() = default;
144
145	/!*
146	\since 5.13
147
148	Copy-assigns \a other and returns a reference to this response.
149	*/
150	QOcspResponse &QOcspResponse::operator=(const QOcspResponse &) = default;
151
152	/!*
153	\since 5.13
154
155	Move-assigns \a other to this QOcspResponse instance.
156	*/
157	QOcspResponse &QOcspResponse::operator=(QOcspResponse &&) noexcept = default;
158
159	/!*
160	\fn void QOcspResponse::swap(QOcspResponse &other)
161	\since 5.13
162
163	Swaps this response with \a other.
164	*/
165
166	/!*
167	\since 5.13
168
169	Returns the certificate status.
170
171	\sa QOcspCertificateStatus
172	*/
173	QOcspCertificateStatus QOcspResponse::certificateStatus() const
174	{
175	return d ->certificateStatus;
176	}
177
178	/!*
179	\since 5.13
180
181	Returns the reason for revocation.
182	*/
183	QOcspRevocationReason QOcspResponse::revocationReason() const
184	{
185	return d ->revocationReason;
186	}
187
188	/!*
189	\since 5.13
190
191	This function returns a certificate used to sign OCSP response.
192	*/
193	QSslCertificate QOcspResponse::responder() const
194	{
195	return d ->signerCert;
196	}
197
198	/!*
199	\since 5.13
200
201	This function returns a certificate, for which this response was issued.
202	*/
203	QSslCertificate QOcspResponse::subject() const
204	{
205	return d ->subjectCert;
206	}
207
208	/!*
209	\fn bool operator==(const QOcspResponse &lhs, const QOcspResponse &rhs)
210
211	Returns \c true if \a lhs and \a rhs are the responses for the same
212	certificate, signed by the same responder, have the same
213	revocation reason and the same certificate status.
214
215	\since 5.13
216	\relates QOcspResponse
217	*/
218	Q_NETWORK_EXPORT bool operator==(const QOcspResponse &lhs, const QOcspResponse &rhs)
219	{
220	return lhs.d == rhs.d \|\| lhs.d == rhs.d;
221	}
222
223	/!*
224	\fn bool operator != (const QOcspResponse &lhs, const QOcspResponse &rhs)
225
226	Returns \c true if \a lhs and \a rhs are responses for different certificates,
227	or signed by different responders, or have different revocation reasons, or different
228	certificate statuses.
229
230	\since 5.13
231	\relates QOcspResponse
232	*/
233
234	/!*
235	\fn uint qHash(const QOcspResponse &response, uint seed)
236
237	Returns the hash value for the \a response, using \a seed to seed the calculation.
238
239	\since 5.13
240	\relates QHash
241	*/
242	uint qHash(const QOcspResponse &response, uint seed) noexcept
243	{
244	const QOcspResponsePrivate *d = response.d.data();
245	Q_ASSERT(d);
246
247	QtPrivate::QHashCombine hasher;
248	uint hash = hasher (seed, int(d->certificateStatus));
249	hash = hasher (hash, int(d->revocationReason));
250	if (!d->signerCert.isNull())
251	hash = hasher (hash, d->signerCert);
252	if (!d->subjectCert.isNull())
253	hash = hasher (hash, d->subjectCert);
254
255	return hash;
256	}
257
258	QT_END_NAMESPACE
259

source code of qtbase/src/network/ssl/qocspresponse.cpp