qsslconfiguration.h source code [qtbase/src/network/ssl/qsslconfiguration.h]

1	// Copyright (C) 2016 The Qt Company Ltd.
2	// Copyright (C) 2014 BlackBerry Limited. All rights reserved.
3	// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
4	// Qt-Security score:significant reason:default
5
6	/****************************************************************************
7	**
8	** In addition, as a special exception, the copyright holders listed above give
9	** permission to link the code of its release of Qt with the OpenSSL project's
10	** "OpenSSL" library (or modified versions of the "OpenSSL" library that use the
11	** same license as the original version), and distribute the linked executables.
12	**
13	** You must comply with the GNU General Public License version 2 in all
14	** respects for all of the code used other than the "OpenSSL" code. If you
15	** modify this file, you may extend this exception to your version of the file,
16	** but you are not obligated to do so. If you do not wish to do so, delete
17	** this exception statement from your version of this file.
18	**
19	****************************************************************************/
20
21	#ifndef QSSLCONFIGURATION_H
22	#define QSSLCONFIGURATION_H
23
24	#include <QtNetwork/qtnetworkglobal.h>
25	#include <QtCore/qmap.h>
26	#include <QtCore/qshareddata.h>
27	#include <QtNetwork/qsslsocket.h>
28	#include <QtNetwork/qssl.h>
29
30	#ifndef QT_NO_SSL
31
32	QT_BEGIN_NAMESPACE
33
34	class QSslCertificate;
35	class QSslCipher;
36	class QSslKey;
37	class QSslEllipticCurve;
38	class QSslDiffieHellmanParameters;
39
40	class QSslConfigurationPrivate;
41	class Q_NETWORK_EXPORT QSslConfiguration
42	{
43	public:
44	QSslConfiguration();
45	QSslConfiguration(const QSslConfiguration &other);
46	~QSslConfiguration();
47	QSslConfiguration &operator=(QSslConfiguration &&other) noexcept { swap(other); return *this; }
48	QSslConfiguration &operator=(const QSslConfiguration &other);
49
50	void swap(QSslConfiguration &other) noexcept
51	{ d.swap(other&: other.d); }
52
53	bool operator==(const QSslConfiguration &other) const;
54	inline bool operator!=(const QSslConfiguration &other) const
55	{ return !(*this == other); }
56
57	bool isNull() const;
58
59	QSsl::SslProtocol protocol() const;
60	void setProtocol(QSsl::SslProtocol protocol);
61
62	// Verification
63	QSslSocket::PeerVerifyMode peerVerifyMode() const;
64	void setPeerVerifyMode(QSslSocket::PeerVerifyMode mode);
65
66	int peerVerifyDepth() const;
67	void setPeerVerifyDepth(int depth);
68
69	// Certificate & cipher configuration
70	QList<QSslCertificate> localCertificateChain() const;
71	void setLocalCertificateChain(const QList<QSslCertificate> &localChain);
72
73	QSslCertificate localCertificate() const;
74	void setLocalCertificate(const QSslCertificate &certificate);
75
76	QSslCertificate peerCertificate() const;
77	QList<QSslCertificate> peerCertificateChain() const;
78	QSslCipher sessionCipher() const;
79	QSsl::SslProtocol sessionProtocol() const;
80
81	// Private keys, for server sockets
82	QSslKey privateKey() const;
83	void setPrivateKey(const QSslKey &key);
84
85	// Cipher settings
86	QList<QSslCipher> ciphers() const;
87	void setCiphers(const QList<QSslCipher> &ciphers);
88	void setCiphers(const QString &ciphers);
89	static QList<QSslCipher> supportedCiphers();
90
91	// Certificate Authority (CA) settings
92	QList<QSslCertificate> caCertificates() const;
93	void setCaCertificates(const QList<QSslCertificate> &certificates);
94	bool addCaCertificates(
95	const QString &path, QSsl::EncodingFormat format = QSsl::Pem,
96	QSslCertificate::PatternSyntax syntax = QSslCertificate::PatternSyntax::FixedString);
97	void addCaCertificate(const QSslCertificate &certificate);
98	void addCaCertificates(const QList<QSslCertificate> &certificates);
99
100	static QList<QSslCertificate> systemCaCertificates();
101
102	void setSslOption(QSsl::SslOption option, bool on);
103	bool testSslOption(QSsl::SslOption option) const;
104
105	QByteArray sessionTicket() const;
106	void setSessionTicket(const QByteArray &sessionTicket);
107	int sessionTicketLifeTimeHint() const;
108
109	QSslKey ephemeralServerKey() const;
110
111	// EC settings
112	QList<QSslEllipticCurve> ellipticCurves() const;
113	void setEllipticCurves(const QList<QSslEllipticCurve> &curves);
114	static QList<QSslEllipticCurve> supportedEllipticCurves();
115
116	QByteArray preSharedKeyIdentityHint() const;
117	void setPreSharedKeyIdentityHint(const QByteArray &hint);
118
119	QSslDiffieHellmanParameters diffieHellmanParameters() const;
120	void setDiffieHellmanParameters(const QSslDiffieHellmanParameters &dhparams);
121
122	QMap<QByteArray, QVariant> backendConfiguration() const;
123	void setBackendConfigurationOption(const QByteArray &name, const QVariant &value);
124	void setBackendConfiguration(const QMap<QByteArray, QVariant> &backendConfiguration = QMap<QByteArray, QVariant>());
125
126	static QSslConfiguration defaultConfiguration();
127	static void setDefaultConfiguration(const QSslConfiguration &configuration);
128
129	#if QT_CONFIG(dtls) \|\| defined(Q_QDOC)
130	bool dtlsCookieVerificationEnabled() const;
131	void setDtlsCookieVerificationEnabled(bool enable);
132
133	static QSslConfiguration defaultDtlsConfiguration();
134	static void setDefaultDtlsConfiguration(const QSslConfiguration &configuration);
135	#endif // dtls
136
137	bool handshakeMustInterruptOnError() const;
138	void setHandshakeMustInterruptOnError(bool interrupt);
139
140	bool missingCertificateIsFatal() const;
141	void setMissingCertificateIsFatal(bool cannotRecover);
142
143	void setOcspStaplingEnabled(bool enable);
144	bool ocspStaplingEnabled() const;
145
146	enum NextProtocolNegotiationStatus {
147	NextProtocolNegotiationNone,
148	NextProtocolNegotiationNegotiated,
149	NextProtocolNegotiationUnsupported
150	};
151
152	void setAllowedNextProtocols(const QList<QByteArray> &protocols);
153	QList<QByteArray> allowedNextProtocols() const;
154
155	QByteArray nextNegotiatedProtocol() const;
156	NextProtocolNegotiationStatus nextProtocolNegotiationStatus() const;
157
158	static const char ALPNProtocolHTTP2[];
159	static const char NextProtocolHttp1_1[];
160
161	private:
162	friend class QSslSocket;
163	friend class QSslConfigurationPrivate;
164	friend class QSslContext;
165	friend class QTlsBackend;
166	QSslConfiguration(QSslConfigurationPrivate *dd);
167	QSharedDataPointer<QSslConfigurationPrivate> d;
168	};
169
170	Q_DECLARE_SHARED(QSslConfiguration)
171
172	QT_END_NAMESPACE
173
174	QT_DECL_METATYPE_EXTERN(QSslConfiguration, Q_NETWORK_EXPORT)
175
176	#endif // QT_NO_SSL
177
178	#endif
179

source code of qtbase/src/network/ssl/qsslconfiguration.h