1// Copyright (C) 2011 Richard J. Moore <rich@kde.org>
2// Copyright (C) 2019 The Qt Company Ltd.
3// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
4
5#include "qocspresponse_p.h"
6#include "qocspresponse.h"
7
8#include "qhashfunctions.h"
9
10QT_BEGIN_NAMESPACE
11
12QT_IMPL_METATYPE_EXTERN(QOcspResponse)
13
14/*!
15 \class QOcspResponse
16 \brief This class represents Online Certificate Status Protocol response.
17 \since 5.13
18
19 \ingroup network
20 \ingroup ssl
21 \inmodule QtNetwork
22
23 The QOcspResponse class represents the revocation status of a server's certificate,
24 received by the client-side socket during the TLS handshake. QSslSocket must be
25 configured with OCSP stapling enabled.
26
27 \sa QSslSocket, QSslSocket::ocspResponses(), certificateStatus(),
28 revocationReason(), responder(), subject(), QOcspCertificateStatus, QOcspRevocationReason,
29 QSslConfiguration::setOcspStaplingEnabled(), QSslConfiguration::ocspStaplingEnabled(),
30 QSslConfiguration::peerCertificate()
31*/
32
33/*!
34 \enum QOcspCertificateStatus
35 \brief Describes the Online Certificate Status
36 \relates QOcspResponse
37 \since 5.13
38
39 \ingroup network
40 \ingroup ssl
41 \inmodule QtNetwork
42
43 \value Good The certificate is not revoked, but this does not necessarily
44 mean that the certificate was ever issued or that the time at which
45 the response was produced is within the certificate's validity interval.
46 \value Revoked This state indicates that the certificate has been revoked
47 (either permanently or temporarily - on hold).
48 \value Unknown This state indicates that the responder doesn't know about
49 the certificate being requested.
50
51 \sa QOcspRevocationReason
52*/
53
54/*!
55 \enum QOcspRevocationReason
56 \brief Describes the reason for revocation
57 \relates QOcspResponse
58 \since 5.13
59
60 \ingroup network
61 \ingroup ssl
62 \inmodule QtNetwork
63
64
65 This enumeration describes revocation reasons, defined in \l{RFC 5280, section 5.3.1}
66
67 \value None
68 \value Unspecified
69 \value KeyCompromise
70 \value CACompromise
71 \value AffiliationChanged
72 \value Superseded
73 \value CessationOfOperation
74 \value CertificateHold
75 \value RemoveFromCRL
76*/
77
78/*!
79 \since 5.13
80
81 Creates a new response with status QOcspCertificateStatus::Unknown
82 and revocation reason QOcspRevocationReason::None.
83
84 \sa QOcspCertificateStatus
85*/
86QOcspResponse::QOcspResponse()
87 : d(new QOcspResponsePrivate)
88{
89}
90
91/*!
92 \since 5.13
93
94 Copy-constructs a QOcspResponse instance.
95*/
96QOcspResponse::QOcspResponse(const QOcspResponse &) = default;
97
98/*!
99 \since 5.13
100
101 Move-constructs a QOcspResponse instance.
102*/
103QOcspResponse::QOcspResponse(QOcspResponse &&) noexcept = default;
104
105/*!
106 \since 5.13
107
108 Destroys the response.
109*/
110QOcspResponse::~QOcspResponse() = default;
111
112/*!
113 \since 5.13
114
115 Copy-assigns \a other and returns a reference to this response.
116*/
117QOcspResponse &QOcspResponse::operator=(const QOcspResponse &) = default;
118
119/*!
120 \since 5.13
121
122 Move-assigns \a other to this QOcspResponse instance.
123*/
124QOcspResponse &QOcspResponse::operator=(QOcspResponse &&) noexcept = default;
125
126/*!
127 \fn void QOcspResponse::swap(QOcspResponse &other)
128 \since 5.13
129 \memberswap{response}
130*/
131
132/*!
133 \since 5.13
134
135 Returns the certificate status.
136
137 \sa QOcspCertificateStatus
138*/
139QOcspCertificateStatus QOcspResponse::certificateStatus() const
140{
141 return d->certificateStatus;
142}
143
144/*!
145 \since 5.13
146
147 Returns the reason for revocation.
148*/
149QOcspRevocationReason QOcspResponse::revocationReason() const
150{
151 return d->revocationReason;
152}
153
154/*!
155 \since 5.13
156
157 This function returns a certificate used to sign OCSP response.
158*/
159QSslCertificate QOcspResponse::responder() const
160{
161 return d->signerCert;
162}
163
164/*!
165 \since 5.13
166
167 This function returns a certificate, for which this response was issued.
168*/
169QSslCertificate QOcspResponse::subject() const
170{
171 return d->subjectCert;
172}
173
174/*!
175 \fn bool QOcspResponse::operator==(const QOcspResponse &lhs, const QOcspResponse &rhs)
176
177 Returns \c true if \a lhs and \a rhs are the responses for the same
178 certificate, signed by the same responder, have the same
179 revocation reason and the same certificate status.
180
181 \since 5.13
182*/
183
184/*!
185 \fn bool QOcspResponse::operator!=(const QOcspResponse &lhs, const QOcspResponse &rhs)
186
187 Returns \c true if \a lhs and \a rhs are responses for different certificates,
188 or signed by different responders, or have different revocation reasons, or different
189 certificate statuses.
190
191 \since 5.13
192*/
193
194/*!
195 \internal
196*/
197bool QOcspResponse::isEqual(const QOcspResponse &other) const
198{
199 return d == other.d || *d == *other.d;
200}
201
202/*!
203 \fn size_t qHash(const QOcspResponse &key, size_t seed)
204 \since 5.13
205 \qhashold{QHash}
206*/
207size_t qHash(const QOcspResponse &response, size_t seed) noexcept
208{
209 const QOcspResponsePrivate *d = response.d.data();
210 Q_ASSERT(d);
211
212 QtPrivate::QHashCombine hasher;
213 size_t hash = hasher(seed, int(d->certificateStatus));
214 hash = hasher(hash, int(d->revocationReason));
215 if (!d->signerCert.isNull())
216 hash = hasher(hash, d->signerCert);
217 if (!d->subjectCert.isNull())
218 hash = hasher(hash, d->subjectCert);
219
220 return hash;
221}
222
223QT_END_NAMESPACE
224

Provided by KDAB

Privacy Policy
Learn Advanced QML with KDAB
Find out more

source code of qtbase/src/network/ssl/qocspresponse.cpp