qsslconfiguration.h source code [qtbase/src/network/ssl/qsslconfiguration.h]

1	// Copyright (C) 2016 The Qt Company Ltd.
2	// Copyright (C) 2014 BlackBerry Limited. All rights reserved.
3	// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
4
5	/****************************************************************************
6	**
7	** In addition, as a special exception, the copyright holders listed above give
8	** permission to link the code of its release of Qt with the OpenSSL project's
9	** "OpenSSL" library (or modified versions of the "OpenSSL" library that use the
10	** same license as the original version), and distribute the linked executables.
11	**
12	** You must comply with the GNU General Public License version 2 in all
13	** respects for all of the code used other than the "OpenSSL" code. If you
14	** modify this file, you may extend this exception to your version of the file,
15	** but you are not obligated to do so. If you do not wish to do so, delete
16	** this exception statement from your version of this file.
17	**
18	****************************************************************************/
19
20	#ifndef QSSLCONFIGURATION_H
21	#define QSSLCONFIGURATION_H
22
23	#include <QtNetwork/qtnetworkglobal.h>
24	#include <QtCore/qmap.h>
25	#include <QtCore/qshareddata.h>
26	#include <QtNetwork/qsslsocket.h>
27	#include <QtNetwork/qssl.h>
28
29	#ifndef QT_NO_SSL
30
31	QT_BEGIN_NAMESPACE
32
33	class QSslCertificate;
34	class QSslCipher;
35	class QSslKey;
36	class QSslEllipticCurve;
37	class QSslDiffieHellmanParameters;
38
39	class QSslConfigurationPrivate;
40	class Q_NETWORK_EXPORT QSslConfiguration
41	{
42	public:
43	QSslConfiguration();
44	QSslConfiguration(const QSslConfiguration &other);
45	~QSslConfiguration();
46	QSslConfiguration &operator=(QSslConfiguration &&other) noexcept { swap(other); return *this; }
47	QSslConfiguration &operator=(const QSslConfiguration &other);
48
49	void swap(QSslConfiguration &other) noexcept
50	{ d.swap(other&: other.d); }
51
52	bool operator==(const QSslConfiguration &other) const;
53	inline bool operator!=(const QSslConfiguration &other) const
54	{ return !(*this == other); }
55
56	bool isNull() const;
57
58	QSsl::SslProtocol protocol() const;
59	void setProtocol(QSsl::SslProtocol protocol);
60
61	// Verification
62	QSslSocket::PeerVerifyMode peerVerifyMode() const;
63	void setPeerVerifyMode(QSslSocket::PeerVerifyMode mode);
64
65	int peerVerifyDepth() const;
66	void setPeerVerifyDepth(int depth);
67
68	// Certificate & cipher configuration
69	QList<QSslCertificate> localCertificateChain() const;
70	void setLocalCertificateChain(const QList<QSslCertificate> &localChain);
71
72	QSslCertificate localCertificate() const;
73	void setLocalCertificate(const QSslCertificate &certificate);
74
75	QSslCertificate peerCertificate() const;
76	QList<QSslCertificate> peerCertificateChain() const;
77	QSslCipher sessionCipher() const;
78	QSsl::SslProtocol sessionProtocol() const;
79
80	// Private keys, for server sockets
81	QSslKey privateKey() const;
82	void setPrivateKey(const QSslKey &key);
83
84	// Cipher settings
85	QList<QSslCipher> ciphers() const;
86	void setCiphers(const QList<QSslCipher> &ciphers);
87	void setCiphers(const QString &ciphers);
88	static QList<QSslCipher> supportedCiphers();
89
90	// Certificate Authority (CA) settings
91	QList<QSslCertificate> caCertificates() const;
92	void setCaCertificates(const QList<QSslCertificate> &certificates);
93	bool addCaCertificates(
94	const QString &path, QSsl::EncodingFormat format = QSsl::Pem,
95	QSslCertificate::PatternSyntax syntax = QSslCertificate::PatternSyntax::FixedString);
96	void addCaCertificate(const QSslCertificate &certificate);
97	void addCaCertificates(const QList<QSslCertificate> &certificates);
98
99	static QList<QSslCertificate> systemCaCertificates();
100
101	void setSslOption(QSsl::SslOption option, bool on);
102	bool testSslOption(QSsl::SslOption option) const;
103
104	QByteArray sessionTicket() const;
105	void setSessionTicket(const QByteArray &sessionTicket);
106	int sessionTicketLifeTimeHint() const;
107
108	QSslKey ephemeralServerKey() const;
109
110	// EC settings
111	QList<QSslEllipticCurve> ellipticCurves() const;
112	void setEllipticCurves(const QList<QSslEllipticCurve> &curves);
113	static QList<QSslEllipticCurve> supportedEllipticCurves();
114
115	QByteArray preSharedKeyIdentityHint() const;
116	void setPreSharedKeyIdentityHint(const QByteArray &hint);
117
118	QSslDiffieHellmanParameters diffieHellmanParameters() const;
119	void setDiffieHellmanParameters(const QSslDiffieHellmanParameters &dhparams);
120
121	QMap<QByteArray, QVariant> backendConfiguration() const;
122	void setBackendConfigurationOption(const QByteArray &name, const QVariant &value);
123	void setBackendConfiguration(const QMap<QByteArray, QVariant> &backendConfiguration = QMap<QByteArray, QVariant>());
124
125	static QSslConfiguration defaultConfiguration();
126	static void setDefaultConfiguration(const QSslConfiguration &configuration);
127
128	#if QT_CONFIG(dtls) \|\| defined(Q_QDOC)
129	bool dtlsCookieVerificationEnabled() const;
130	void setDtlsCookieVerificationEnabled(bool enable);
131
132	static QSslConfiguration defaultDtlsConfiguration();
133	static void setDefaultDtlsConfiguration(const QSslConfiguration &configuration);
134	#endif // dtls
135
136	bool handshakeMustInterruptOnError() const;
137	void setHandshakeMustInterruptOnError(bool interrupt);
138
139	bool missingCertificateIsFatal() const;
140	void setMissingCertificateIsFatal(bool cannotRecover);
141
142	void setOcspStaplingEnabled(bool enable);
143	bool ocspStaplingEnabled() const;
144
145	enum NextProtocolNegotiationStatus {
146	NextProtocolNegotiationNone,
147	NextProtocolNegotiationNegotiated,
148	NextProtocolNegotiationUnsupported
149	};
150
151	void setAllowedNextProtocols(const QList<QByteArray> &protocols);
152	QList<QByteArray> allowedNextProtocols() const;
153
154	QByteArray nextNegotiatedProtocol() const;
155	NextProtocolNegotiationStatus nextProtocolNegotiationStatus() const;
156
157	static const char ALPNProtocolHTTP2[];
158	static const char NextProtocolHttp1_1[];
159
160	private:
161	friend class QSslSocket;
162	friend class QSslConfigurationPrivate;
163	friend class QSslContext;
164	friend class QTlsBackend;
165	QSslConfiguration(QSslConfigurationPrivate *dd);
166	QSharedDataPointer<QSslConfigurationPrivate> d;
167	};
168
169	Q_DECLARE_SHARED(QSslConfiguration)
170
171	QT_END_NAMESPACE
172
173	QT_DECL_METATYPE_EXTERN(QSslConfiguration, Q_NETWORK_EXPORT)
174
175	#endif // QT_NO_SSL
176
177	#endif
178

source code of qtbase/src/network/ssl/qsslconfiguration.h