qsslerror.cpp source code [qtbase/src/network/ssl/qsslerror.cpp]

1	// Copyright (C) 2016 The Qt Company Ltd.
2	// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
3
4
5	/!*
6	\class QSslError
7	\brief The QSslError class provides an SSL error.
8	\since 4.3
9
10	\reentrant
11	\ingroup network
12	\ingroup ssl
13	\ingroup shared
14	\inmodule QtNetwork
15
16	QSslError provides a simple API for managing errors during QSslSocket's
17	SSL handshake.
18
19	\sa QSslSocket, QSslCertificate, QSslCipher
20	*/
21
22	/!*
23	\enum QSslError::SslError
24
25	Describes all recognized errors that can occur during an SSL handshake.
26
27	\value NoError
28	\value UnableToGetIssuerCertificate
29	\value UnableToDecryptCertificateSignature
30	\value UnableToDecodeIssuerPublicKey
31	\value CertificateSignatureFailed
32	\value CertificateNotYetValid
33	\value CertificateExpired
34	\value InvalidNotBeforeField
35	\value InvalidNotAfterField
36	\value SelfSignedCertificate
37	\value SelfSignedCertificateInChain
38	\value UnableToGetLocalIssuerCertificate
39	\value UnableToVerifyFirstCertificate
40	\value CertificateRevoked
41	\value InvalidCaCertificate
42	\value PathLengthExceeded
43	\value InvalidPurpose
44	\value CertificateUntrusted
45	\value CertificateRejected
46	\value SubjectIssuerMismatch
47	\value AuthorityIssuerSerialNumberMismatch
48	\value NoPeerCertificate
49	\value HostNameMismatch
50	\value UnspecifiedError
51	\value NoSslSupport
52	\value CertificateBlacklisted
53	\value CertificateStatusUnknown
54	\value OcspNoResponseFound
55	\value OcspMalformedRequest
56	\value OcspMalformedResponse
57	\value OcspInternalError
58	\value OcspTryLater
59	\value OcspSigRequred
60	\value OcspUnauthorized
61	\value OcspResponseCannotBeTrusted
62	\value OcspResponseCertIdUnknown
63	\value OcspResponseExpired
64	\value OcspStatusUnknown
65
66
67	\sa QSslError::errorString()
68	*/
69
70	#include "qsslerror.h"
71	#include "qsslsocket.h"
72	#ifndef QT_NO_DEBUG_STREAM
73	#include <QtCore/qdebug.h>
74	#endif
75
76	QT_BEGIN_NAMESPACE
77
78	#ifndef QT_NO_SSL
79	QT_IMPL_METATYPE_EXTERN_TAGGED(QList<QSslError>, QList_QSslError)
80	#endif
81
82
83	#if QT_VERSION < QT_VERSION_CHECK(7, 0, 0)
84	// Avoid an ABI break due to the QScopedPointer->std::unique_ptr change
85	static_assert(sizeof(QScopedPointer<QSslErrorPrivate>) == sizeof(std::unique_ptr<QSslErrorPrivate>));
86	#endif
87
88	class QSslErrorPrivate
89	{
90	public:
91	QSslError::SslError error = QSslError::NoError;
92	QSslCertificate certificate;
93	};
94
95	// RVCT compiler in debug build does not like about default values in const-
96	// So as an workaround we define all constructor overloads here explicitly
97	/!*
98	Constructs a QSslError object with no error and default certificate.
99
100	*/
101
102	QSslError::QSslError()
103	: d (new QSslErrorPrivate)
104	{
105	}
106
107	/!*
108	Constructs a QSslError object. The argument specifies the \a
109	error that occurred.
110
111	*/
112	QSslError::QSslError(SslError error)
113	: d (new QSslErrorPrivate)
114	{
115	d ->error = error;
116	}
117
118	/!*
119	Constructs a QSslError object. The two arguments specify the \a
120	error that occurred, and which \a certificate the error relates to.
121
122	\sa QSslCertificate
123	*/
124	QSslError::QSslError(SslError error, const QSslCertificate &certificate)
125	: d (new QSslErrorPrivate)
126	{
127	d ->error = error;
128	d ->certificate = certificate;
129	}
130
131	/!*
132	Constructs an identical copy of \a other.
133	*/
134	QSslError::QSslError(const QSslError &other)
135	: d (new QSslErrorPrivate)
136	{
137	d.get() = other.d.get();
138	}
139
140	/!*
141	Destroys the QSslError object.
142	*/
143	QSslError::~QSslError()
144	{
145	}
146
147	/!*
148	\since 4.4
149
150	Assigns the contents of \a other to this error.
151	*/
152	QSslError &QSslError::operator=(const QSslError &other)
153	{
154	d.get() = other.d.get();
155	return *this;
156	}
157
158	/!*
159	\fn void QSslError::swap(QSslError &other)
160	\since 5.0
161	\memberswap{error instance}
162	*/
163
164	/!*
165	\since 4.4
166
167	Returns \c true if this error is equal to \a other; otherwise returns \c false.
168	*/
169	bool QSslError::operator==(const QSslError &other) const
170	{
171	return d ->error == other.d ->error
172	&& d ->certificate == other.d ->certificate;
173	}
174
175	/!*
176	\fn bool QSslError::operator!=(const QSslError &other) const
177	\since 4.4
178
179	Returns \c true if this error is not equal to \a other; otherwise returns
180	false.
181	*/
182
183	/!*
184	Returns the type of the error.
185
186	\sa errorString(), certificate()
187	*/
188	QSslError::SslError QSslError::error() const
189	{
190	return d ->error;
191	}
192
193	/!*
194	Returns a short localized human-readable description of the error.
195
196	\sa error(), certificate()
197	*/
198	QString QSslError::errorString() const
199	{
200	QString errStr;
201	switch (d ->error) {
202	case NoError:
203	errStr = QSslSocket::tr(s: "No error");
204	break;
205	case UnableToGetIssuerCertificate:
206	errStr = QSslSocket::tr(s: "The issuer certificate could not be found");
207	break;
208	case UnableToDecryptCertificateSignature:
209	errStr = QSslSocket::tr(s: "The certificate signature could not be decrypted");
210	break;
211	case UnableToDecodeIssuerPublicKey:
212	errStr = QSslSocket::tr(s: "The public key in the certificate could not be read");
213	break;
214	case CertificateSignatureFailed:
215	errStr = QSslSocket::tr(s: "The signature of the certificate is invalid");
216	break;
217	case CertificateNotYetValid:
218	errStr = QSslSocket::tr(s: "The certificate is not yet valid");
219	break;
220	case CertificateExpired:
221	errStr = QSslSocket::tr(s: "The certificate has expired");
222	break;
223	case InvalidNotBeforeField:
224	errStr = QSslSocket::tr(s: "The certificate's notBefore field contains an invalid time");
225	break;
226	case InvalidNotAfterField:
227	errStr = QSslSocket::tr(s: "The certificate's notAfter field contains an invalid time");
228	break;
229	case SelfSignedCertificate:
230	errStr = QSslSocket::tr(s: "The certificate is self-signed, and untrusted");
231	break;
232	case SelfSignedCertificateInChain:
233	errStr = QSslSocket::tr(s: "The root certificate of the certificate chain is self-signed, and untrusted");
234	break;
235	case UnableToGetLocalIssuerCertificate:
236	errStr = QSslSocket::tr(s: "The issuer certificate of a locally looked up certificate could not be found");
237	break;
238	case UnableToVerifyFirstCertificate:
239	errStr = QSslSocket::tr(s: "No certificates could be verified");
240	break;
241	case InvalidCaCertificate:
242	errStr = QSslSocket::tr(s: "One of the CA certificates is invalid");
243	break;
244	case PathLengthExceeded:
245	errStr = QSslSocket::tr(s: "The basicConstraints path length parameter has been exceeded");
246	break;
247	case InvalidPurpose:
248	errStr = QSslSocket::tr(s: "The supplied certificate is unsuitable for this purpose");
249	break;
250	case CertificateUntrusted:
251	errStr = QSslSocket::tr(s: "The root CA certificate is not trusted for this purpose");
252	break;
253	case CertificateRejected:
254	errStr = QSslSocket::tr(s: "The root CA certificate is marked to reject the specified purpose");
255	break;
256	case SubjectIssuerMismatch: // hostname mismatch
257	errStr = QSslSocket::tr(s: "The current candidate issuer certificate was rejected because its"
258	" subject name did not match the issuer name of the current certificate");
259	break;
260	case AuthorityIssuerSerialNumberMismatch:
261	errStr = QSslSocket::tr(s: "The current candidate issuer certificate was rejected because"
262	" its issuer name and serial number was present and did not match the"
263	" authority key identifier of the current certificate");
264	break;
265	case NoPeerCertificate:
266	errStr = QSslSocket::tr(s: "The peer did not present any certificate");
267	break;
268	case HostNameMismatch:
269	errStr = QSslSocket::tr(s: "The host name did not match any of the valid hosts"
270	" for this certificate");
271	break;
272	case NoSslSupport:
273	break;
274	case CertificateBlacklisted:
275	errStr = QSslSocket::tr(s: "The peer certificate is blacklisted");
276	break;
277	case OcspNoResponseFound:
278	errStr = QSslSocket::tr(s: "No OCSP status response found");
279	break;
280	case OcspMalformedRequest:
281	errStr = QSslSocket::tr(s: "The OCSP status request had invalid syntax");
282	break;
283	case OcspMalformedResponse:
284	errStr = QSslSocket::tr(s: "OCSP response contains an unexpected number of SingleResponse structures");
285	break;
286	case OcspInternalError:
287	errStr = QSslSocket::tr(s: "OCSP responder reached an inconsistent internal state");
288	break;
289	case OcspTryLater:
290	errStr = QSslSocket::tr(s: "OCSP responder was unable to return a status for the requested certificate");
291	break;
292	case OcspSigRequred:
293	errStr = QSslSocket::tr(s: "The server requires the client to sign the OCSP request in order to construct a response");
294	break;
295	case OcspUnauthorized:
296	errStr = QSslSocket::tr(s: "The client is not authorized to request OCSP status from this server");
297	break;
298	case OcspResponseCannotBeTrusted:
299	errStr = QSslSocket::tr(s: "OCSP responder's identity cannot be verified");
300	break;
301	case OcspResponseCertIdUnknown:
302	errStr = QSslSocket::tr(s: "The identity of a certificate in an OCSP response cannot be established");
303	break;
304	case OcspResponseExpired:
305	errStr = QSslSocket::tr(s: "The certificate status response has expired");
306	break;
307	case OcspStatusUnknown:
308	errStr = QSslSocket::tr(s: "The certificate's status is unknown");
309	break;
310	default:
311	errStr = QSslSocket::tr(s: "Unknown error");
312	break;
313	}
314
315	return errStr;
316	}
317
318	/!*
319	Returns the certificate associated with this error, or a null certificate
320	if the error does not relate to any certificate.
321
322	\sa error(), errorString()
323	*/
324	QSslCertificate QSslError::certificate() const
325	{
326	return d ->certificate;
327	}
328
329	/!*
330	\since 5.4
331	\qhashold{QHash}
332	*/
333	size_t qHash(const QSslError &key, size_t seed) noexcept
334	{
335	QtPrivate::QHashCombine hash;
336	seed = hash (seed, key.error());
337	seed = hash (seed, key.certificate());
338	return seed;
339	}
340
341	#ifndef QT_NO_DEBUG_STREAM
342	//class QDebug;
343	QDebug operator<<(QDebug debug, const QSslError &error)
344	{
345	debug << error.errorString();
346	return debug;
347	}
348
349	QDebug print(QDebug debug, QSslError::SslError error)
350	{
351	debug << QSslError (error).errorString();
352	return debug;
353	}
354	#endif
355
356	QT_END_NAMESPACE
357
358	#include "moc_qsslerror.cpp"
359

source code of qtbase/src/network/ssl/qsslerror.cpp