1// Copyright (C) 2015 Mikkel Krautz <mikkel@krautz.dk>
2// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
3
4
5/*!
6 \class QSslDiffieHellmanParameters
7 \brief The QSslDiffieHellmanParameters class provides an interface for Diffie-Hellman parameters for servers.
8 \since 5.8
9
10 \reentrant
11 \ingroup network
12 \ingroup ssl
13 \ingroup shared
14 \inmodule QtNetwork
15
16 QSslDiffieHellmanParameters provides an interface for setting Diffie-Hellman parameters to servers based on QSslSocket.
17
18 \sa QSslSocket, QSslCipher, QSslConfiguration
19*/
20
21#include "qssldiffiehellmanparameters.h"
22#include "qssldiffiehellmanparameters_p.h"
23#include "qtlsbackend_p.h"
24#include "qsslsocket.h"
25#include "qsslsocket_p.h"
26
27#include <QtCore/qcoreapplication.h>
28#include <QtCore/qatomic.h>
29#include <QtCore/qbytearray.h>
30#include <QtCore/qbytearraymatcher.h>
31#include <QtCore/qiodevice.h>
32#include <QtCore/qdebug.h>
33
34QT_BEGIN_NAMESPACE
35
36// The 2048-bit MODP group from RFC 3526
37Q_AUTOTEST_EXPORT extern const char qssl_dhparams_default_base64[] =
38 "MIIBCAKCAQEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxObIlFKCHmO"
39 "NATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjftawv/XLb0Brft7jhr"
40 "+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXTmmkWP6j9JM9fg2VdI9yjrZYc"
41 "YvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhghfDKQXkYuNs474553LBgOhgObJ4Oi7Aei"
42 "j7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq5RXSJhiY+gUQFXKOWoqsqmj//////////wIBAg==";
43
44/*!
45 Returns the default QSslDiffieHellmanParameters used by QSslSocket.
46
47 This is currently the 2048-bit MODP group from RFC 3526.
48*/
49QSslDiffieHellmanParameters QSslDiffieHellmanParameters::defaultParameters()
50{
51 QSslDiffieHellmanParameters def;
52 def.d->derData = QByteArray::fromBase64(base64: QByteArray(qssl_dhparams_default_base64));
53 return def;
54}
55
56/*!
57 Constructs an empty QSslDiffieHellmanParameters instance.
58
59 If an empty QSslDiffieHellmanParameters instance is set on a
60 QSslConfiguration object, Diffie-Hellman negotiation will
61 be disabled.
62
63 \sa isValid()
64 \sa QSslConfiguration
65*/
66QSslDiffieHellmanParameters::QSslDiffieHellmanParameters()
67 : d(new QSslDiffieHellmanParametersPrivate)
68{
69 d->ref.ref();
70}
71
72/*!
73 Constructs a QSslDiffieHellmanParameters object using
74 the byte array \a encoded in either PEM or DER form as specified by \a encoding.
75
76 Use the isValid() method on the returned object to
77 check whether the Diffie-Hellman parameters were valid and
78 loaded correctly.
79
80 \sa isValid()
81 \sa QSslConfiguration
82*/
83QSslDiffieHellmanParameters QSslDiffieHellmanParameters::fromEncoded(const QByteArray &encoded, QSsl::EncodingFormat encoding)
84{
85 QSslDiffieHellmanParameters result;
86 const auto *tlsBackend = QSslSocketPrivate::tlsBackendInUse();
87 if (!tlsBackend)
88 return result;
89 switch (encoding) {
90 case QSsl::Der:
91 result.d->initFromDer(der: encoded);
92 break;
93 case QSsl::Pem:
94 result.d->initFromPem(pem: encoded);
95 break;
96 }
97 return result;
98}
99
100/*!
101 Constructs a QSslDiffieHellmanParameters object by
102 reading from \a device in either PEM or DER form as specified by \a encoding.
103
104 Use the isValid() method on the returned object
105 to check whether the Diffie-Hellman parameters were valid
106 and loaded correctly.
107
108 In particular, if \a device is \nullptr or not open for reading, an invalid
109 object will be returned.
110
111 \sa isValid()
112 \sa QSslConfiguration
113*/
114QSslDiffieHellmanParameters QSslDiffieHellmanParameters::fromEncoded(QIODevice *device, QSsl::EncodingFormat encoding)
115{
116 if (device)
117 return fromEncoded(encoded: device->readAll(), encoding);
118 else
119 return QSslDiffieHellmanParameters();
120}
121
122/*!
123 Constructs an identical copy of \a other.
124*/
125QSslDiffieHellmanParameters::QSslDiffieHellmanParameters(const QSslDiffieHellmanParameters &other)
126 : d(other.d)
127{
128 if (d)
129 d->ref.ref();
130}
131
132/*!
133 \fn QSslDiffieHellmanParameters::QSslDiffieHellmanParameters(QSslDiffieHellmanParameters &&other)
134
135 Move-constructs from \a other.
136
137 \note The moved-from object \a other is placed in a partially-formed state, in which
138 the only valid operations are destruction and assignment of a new value.
139*/
140
141/*!
142 Destroys the QSslDiffieHellmanParameters object.
143*/
144QSslDiffieHellmanParameters::~QSslDiffieHellmanParameters()
145{
146 if (d && !d->ref.deref())
147 delete d;
148}
149
150/*!
151 Copies the contents of \a other into this QSslDiffieHellmanParameters, making the two QSslDiffieHellmanParameters
152 identical.
153
154 Returns a reference to this QSslDiffieHellmanParameters.
155*/
156QSslDiffieHellmanParameters &QSslDiffieHellmanParameters::operator=(const QSslDiffieHellmanParameters &other)
157{
158 QSslDiffieHellmanParameters copy(other);
159 swap(other&: copy);
160 return *this;
161}
162
163/*!
164 \fn QSslDiffieHellmanParameters &QSslDiffieHellmanParameters::operator=(QSslDiffieHellmanParameters &&other)
165
166 Move-assigns \a other to this QSslDiffieHellmanParameters instance.
167
168 \note The moved-from object \a other is placed in a partially-formed state, in which
169 the only valid operations are destruction and assignment of a new value.
170*/
171
172/*!
173 \fn void QSslDiffieHellmanParameters::swap(QSslDiffieHellmanParameters &other)
174 \memberswap{QSslDiffieHellmanParameters}
175*/
176
177/*!
178 Returns \c true if this is a an empty QSslDiffieHellmanParameters instance.
179
180 Setting an empty QSslDiffieHellmanParameters instance on a QSslSocket-based
181 server will disable Diffie-Hellman key exchange.
182*/
183bool QSslDiffieHellmanParameters::isEmpty() const noexcept
184{
185 return d->derData.isNull() && d->error == QSslDiffieHellmanParameters::NoError;
186}
187
188/*!
189 Returns \c true if this is a valid QSslDiffieHellmanParameters; otherwise false.
190
191 This method should be used after constructing a QSslDiffieHellmanParameters
192 object to determine its validity.
193
194 If a QSslDiffieHellmanParameters object is not valid, you can use the error()
195 method to determine what error prevented the object from being constructed.
196
197 \sa error()
198*/
199bool QSslDiffieHellmanParameters::isValid() const noexcept
200{
201 return d->error == QSslDiffieHellmanParameters::NoError;
202}
203
204/*!
205 \enum QSslDiffieHellmanParameters::Error
206
207 Describes a QSslDiffieHellmanParameters error.
208
209 \value NoError No error occurred.
210
211 \value InvalidInputDataError The given input data could not be used to
212 construct a QSslDiffieHellmanParameters
213 object.
214
215 \value UnsafeParametersError The Diffie-Hellman parameters are unsafe
216 and should not be used.
217*/
218
219/*!
220 Returns the error that caused the QSslDiffieHellmanParameters object
221 to be invalid.
222*/
223QSslDiffieHellmanParameters::Error QSslDiffieHellmanParameters::error() const noexcept
224{
225 return d->error;
226}
227
228/*!
229 Returns a human-readable description of the error that caused the
230 QSslDiffieHellmanParameters object to be invalid.
231*/
232QString QSslDiffieHellmanParameters::errorString() const noexcept
233{
234 switch (d->error) {
235 case QSslDiffieHellmanParameters::NoError:
236 return QCoreApplication::translate(context: "QSslDiffieHellmanParameter", key: "No error");
237 case QSslDiffieHellmanParameters::InvalidInputDataError:
238 return QCoreApplication::translate(context: "QSslDiffieHellmanParameter", key: "Invalid input data");
239 case QSslDiffieHellmanParameters::UnsafeParametersError:
240 return QCoreApplication::translate(context: "QSslDiffieHellmanParameter", key: "The given Diffie-Hellman parameters are deemed unsafe");
241 }
242
243 Q_UNREACHABLE_RETURN(QString());
244}
245
246/*!
247 \fn bool QSslDiffieHellmanParameters::operator==(const QSslDiffieHellmanParameters &lhs, const QSslDiffieHellmanParameters &rhs) noexcept
248 \since 5.8
249
250 Returns \c true if \a lhs is equal to \a rhs; otherwise returns \c false.
251*/
252
253/*!
254 \fn bool QSslDiffieHellmanParameters::operator!=(const QSslDiffieHellmanParameters &lhs, const QSslDiffieHellmanParameters &rhs) noexcept
255 \since 5.8
256
257 Returns \c true if \a lhs is not equal to \a rhs; otherwise returns \c false.
258*/
259
260/*!
261 \internal
262*/
263bool QSslDiffieHellmanParameters::isEqual(const QSslDiffieHellmanParameters &other) const noexcept
264{
265 return d->derData == other.d->derData;
266}
267
268/*!
269 \internal
270*/
271void QSslDiffieHellmanParametersPrivate::initFromDer(const QByteArray &der)
272{
273 if (const auto *tlsBackend = QSslSocketPrivate::tlsBackendInUse())
274 error = QSslDiffieHellmanParameters::Error(tlsBackend->dhParametersFromDer(derData: der, data: &derData));
275}
276
277/*!
278 \internal
279*/
280void QSslDiffieHellmanParametersPrivate::initFromPem(const QByteArray &pem)
281{
282 if (const auto *tlsBackend = QSslSocketPrivate::tlsBackendInUse())
283 error = QSslDiffieHellmanParameters::Error(tlsBackend->dhParametersFromPem(pemData: pem, data: &derData));
284}
285
286#ifndef QT_NO_DEBUG_STREAM
287/*!
288 \since 5.8
289 \relates QSslDiffieHellmanParameters
290
291 Writes the set of Diffie-Hellman parameters in \a dhparam into the debug object \a debug for
292 debugging purposes.
293
294 The Diffie-Hellman parameters will be represented in Base64-encoded DER form.
295
296 \sa {Debugging Techniques}
297*/
298QDebug operator<<(QDebug debug, const QSslDiffieHellmanParameters &dhparam)
299{
300 QDebugStateSaver saver(debug);
301 debug.resetFormat().nospace();
302 debug << "QSslDiffieHellmanParameters(" << dhparam.d->derData.toBase64() << ')';
303 return debug;
304}
305#endif
306
307/*!
308 \fn size_t qHash(const QSslDiffieHellmanParameters &key, size_t seed)
309 \since 5.8
310 \qhashold{QSslDiffieHellmanParameters}
311*/
312size_t qHash(const QSslDiffieHellmanParameters &dhparam, size_t seed) noexcept
313{
314 return qHash(key: dhparam.d->derData, seed);
315}
316
317QT_END_NAMESPACE
318

source code of qtbase/src/network/ssl/qssldiffiehellmanparameters.cpp