1// Copyright (C) 2018 The Qt Company Ltd.
2// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
3
4#ifndef QDTLS_H
5#define QDTLS_H
6
7#include <QtNetwork/qtnetworkglobal.h>
8
9#include <QtNetwork/qsslsocket.h>
10#include <QtNetwork/qssl.h>
11
12#include <QtCore/qcryptographichash.h>
13#include <QtCore/qobject.h>
14#include <QtCore/qcontainerfwd.h>
15
16Q_MOC_INCLUDE(<QtNetwork/QSslPreSharedKeyAuthenticator>)
17
18#ifndef Q_QDOC
19QT_REQUIRE_CONFIG(dtls);
20#endif
21
22QT_BEGIN_NAMESPACE
23
24enum class QDtlsError : unsigned char
25{
26 NoError,
27 InvalidInputParameters,
28 InvalidOperation,
29 UnderlyingSocketError,
30 RemoteClosedConnectionError,
31 PeerVerificationError,
32 TlsInitializationError,
33 TlsFatalError,
34 TlsNonFatalError
35};
36
37class QHostAddress;
38class QUdpSocket;
39class QByteArray;
40class QString;
41
42class QDtlsClientVerifierPrivate;
43class Q_NETWORK_EXPORT QDtlsClientVerifier : public QObject
44{
45 Q_OBJECT
46
47public:
48
49 explicit QDtlsClientVerifier(QObject *parent = nullptr);
50 ~QDtlsClientVerifier();
51
52 struct Q_NETWORK_EXPORT GeneratorParameters
53 {
54 GeneratorParameters();
55 GeneratorParameters(QCryptographicHash::Algorithm a, const QByteArray &s);
56 QCryptographicHash::Algorithm hash = QCryptographicHash::Sha1;
57 QByteArray secret;
58 };
59
60 bool setCookieGeneratorParameters(const GeneratorParameters &params);
61 GeneratorParameters cookieGeneratorParameters() const;
62
63 bool verifyClient(QUdpSocket *socket, const QByteArray &dgram,
64 const QHostAddress &address, quint16 port);
65 QByteArray verifiedHello() const;
66
67 QDtlsError dtlsError() const;
68 QString dtlsErrorString() const;
69
70private:
71
72 Q_DECLARE_PRIVATE(QDtlsClientVerifier)
73 Q_DISABLE_COPY(QDtlsClientVerifier)
74};
75
76class QSslPreSharedKeyAuthenticator;
77class QSslConfiguration;
78class QSslCipher;
79class QSslError;
80
81class QDtlsPrivate;
82class Q_NETWORK_EXPORT QDtls : public QObject
83{
84 Q_OBJECT
85
86public:
87
88 enum HandshakeState
89 {
90 HandshakeNotStarted,
91 HandshakeInProgress,
92 PeerVerificationFailed,
93 HandshakeComplete
94 };
95
96 explicit QDtls(QSslSocket::SslMode mode, QObject *parent = nullptr);
97 ~QDtls();
98
99 bool setPeer(const QHostAddress &address, quint16 port,
100 const QString &verificationName = {});
101 bool setPeerVerificationName(const QString &name);
102 QHostAddress peerAddress() const;
103 quint16 peerPort() const;
104 QString peerVerificationName() const;
105 QSslSocket::SslMode sslMode() const;
106
107 void setMtuHint(quint16 mtuHint);
108 quint16 mtuHint() const;
109
110 using GeneratorParameters = QDtlsClientVerifier::GeneratorParameters;
111 bool setCookieGeneratorParameters(const GeneratorParameters &params);
112 GeneratorParameters cookieGeneratorParameters() const;
113
114 bool setDtlsConfiguration(const QSslConfiguration &configuration);
115 QSslConfiguration dtlsConfiguration() const;
116
117 HandshakeState handshakeState() const;
118
119 bool doHandshake(QUdpSocket *socket, const QByteArray &dgram = {});
120 bool handleTimeout(QUdpSocket *socket);
121 bool resumeHandshake(QUdpSocket *socket);
122 bool abortHandshake(QUdpSocket *socket);
123 bool shutdown(QUdpSocket *socket);
124
125 bool isConnectionEncrypted() const;
126 QSslCipher sessionCipher() const;
127 QSsl::SslProtocol sessionProtocol() const;
128
129 qint64 writeDatagramEncrypted(QUdpSocket *socket, const QByteArray &dgram);
130 QByteArray decryptDatagram(QUdpSocket *socket, const QByteArray &dgram);
131
132 QDtlsError dtlsError() const;
133 QString dtlsErrorString() const;
134
135 QList<QSslError> peerVerificationErrors() const;
136 void ignoreVerificationErrors(const QList<QSslError> &errorsToIgnore);
137
138Q_SIGNALS:
139
140 void pskRequired(QSslPreSharedKeyAuthenticator *authenticator);
141 void handshakeTimeout();
142
143private:
144
145 bool startHandshake(QUdpSocket *socket, const QByteArray &dgram);
146 bool continueHandshake(QUdpSocket *socket, const QByteArray &dgram);
147
148 Q_DECLARE_PRIVATE(QDtls)
149 Q_DISABLE_COPY_MOVE(QDtls)
150};
151
152QT_END_NAMESPACE
153
154#endif // QDTLS_H
155

source code of qtbase/src/network/ssl/qdtls.h