qcoapsecurityconfiguration.cpp source code [qtcoap/src/coap/qcoapsecurityconfiguration.cpp]

1	// Copyright (C) 2019 The Qt Company Ltd.
2	// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only
3	// Qt-Security score:significant reason:default
4
5	#include "qcoapsecurityconfiguration.h"
6
7	#include <QtCore/QByteArray>
8	#include <QtCore/QIODevice>
9	#include <QtCore/QList>
10	#include <QtNetwork/QSslCertificate>
11
12	QT_BEGIN_NAMESPACE
13
14	class QCoapPrivateKeyPrivate : public QSharedData
15	{
16	public:
17	QByteArray key;
18	Qt::HANDLE opaqueKey = nullptr;
19	QSsl::KeyAlgorithm algorithm = QSsl::Opaque;
20	QSsl::EncodingFormat encodingFormat;
21	QByteArray passPhrase;
22	};
23
24	class QCoapSecurityConfigurationPrivate : public QSharedData
25	{
26	public:
27	QByteArray identity;
28	QByteArray preSharedKey;
29	QString defaultCipherString;
30	QList<QSslCertificate> caCertificates;
31	QList<QSslCertificate> localCertificateChain;
32	QCoapPrivateKey privateKey;
33	};
34
35	/!*
36	\class QCoapPrivateKey
37	\inmodule QtCoap
38
39	\brief The QCoapPrivateKey class provides an interface for managing
40	CoAP security keys.
41
42	A QCoapPrivateKey packages a private key used in negotiating CoAP connections
43	securely. It holds the information required for authentication using
44	\c pre-shared keys and X.509 certificates.
45	*/
46
47	/!*
48	\fn void QCoapPrivateKey::swap(QCoapPrivateKey &other)
49
50	Swaps this private key with \a other. This operation is very fast and never fails.
51	*/
52
53	/!*
54	Constructs an empty instance of QCoapPrivateKey.
55	*/
56	QCoapPrivateKey::QCoapPrivateKey()
57	: d (new QCoapPrivateKeyPrivate)
58	{
59	}
60
61	/!*
62	Constructs a QCoapPrivateKey from the byte array \a key using
63	the specified \a algorithm and encoding \a format.
64
65	If the key is encrypted then \a passPhrase is required to decrypt it.
66	*/
67	QCoapPrivateKey::QCoapPrivateKey(const QByteArray &key, QSsl::KeyAlgorithm algorithm,
68	QSsl::EncodingFormat format, const QByteArray &passPhrase)
69	: d (new QCoapPrivateKeyPrivate)
70	{
71	d ->key = key;
72	d ->opaqueKey = nullptr;
73	d ->algorithm = algorithm;
74	d ->encodingFormat = format;
75	d ->passPhrase = passPhrase;
76	}
77
78	/!*
79	Constructs a QCoapPrivateKey from a native key \a handle.
80	*/
81	QCoapPrivateKey::QCoapPrivateKey(const Qt::HANDLE &handle)
82	: d (new QCoapPrivateKeyPrivate)
83	{
84	d ->opaqueKey = handle;
85	d ->algorithm = QSsl::Opaque;
86	}
87
88	/!*
89	Copies the contents of \a other into this key, making the two keys
90	identical.
91	*/
92	QCoapPrivateKey::QCoapPrivateKey(const QCoapPrivateKey &other)
93	: d (other.d)
94	{
95	}
96
97	/!*
98	Move-constructs a QCoapPrivateKey, making it point to the same
99	object as \a other was pointing to.
100	*/
101	QCoapPrivateKey::QCoapPrivateKey(QCoapPrivateKey &&other) noexcept
102	: d (other.d)
103	{
104	other.d = nullptr;
105	}
106
107	/!*
108	Releases any resources held by QCoapPrivateKey.
109	*/
110	QCoapPrivateKey::~QCoapPrivateKey()
111	{
112	}
113
114	/!*
115	Copies the contents of \a other into this key, making the two keys
116	identical.
117
118	Returns a reference to this QCoapPrivateKey.
119	*/
120	QCoapPrivateKey &QCoapPrivateKey::operator=(const QCoapPrivateKey &other)
121	{
122	d = other.d;
123	return *this;
124	}
125
126	/!*
127	Returns \c true if the private key is null, returns \c false otherwise.
128	*/
129	bool QCoapPrivateKey::isNull() const
130	{
131	return d ->algorithm == QSsl::Opaque ? !d ->opaqueKey : d ->key.isEmpty();
132	}
133
134	/!*
135	Returns the encoded private key.
136	*/
137	QByteArray QCoapPrivateKey::key() const
138	{
139	return d ->key;
140	}
141
142	/!*
143	Returns a pointer to the native key handle.
144	*/
145	Qt::HANDLE QCoapPrivateKey::handle() const
146	{
147	return d ->opaqueKey;
148	}
149
150	/!*
151	Returns the key algorithm.
152	*/
153	QSsl::KeyAlgorithm QCoapPrivateKey::algorithm() const
154	{
155	return d ->algorithm;
156	}
157
158	/!*
159	Returns the encoding format of the key.
160	*/
161	QSsl::EncodingFormat QCoapPrivateKey::encodingFormat() const
162	{
163	return d ->encodingFormat;
164	}
165
166	/!*
167	Returns the passphrase for the key.
168	*/
169	QByteArray QCoapPrivateKey::passPhrase() const
170	{
171	return d ->passPhrase;
172	}
173
174	/!*
175	\class QCoapSecurityConfiguration
176	\inmodule QtCoap
177
178	\brief The QCoapSecurityConfiguration class holds configuration
179	options during the authentication process.
180
181	It holds information such as client identity, pre shared key, information
182	about certificates, and so on.
183	*/
184
185
186	/!*
187	\fn void QCoapSecurityConfiguration::swap(QCoapSecurityConfiguration &other)
188
189	Swaps this security configuration with \a other. This operation is very fast
190	and never fails.
191	*/
192
193	/!*
194	Constructs a new QCoapSecurityConfiguration.
195	*/
196	QCoapSecurityConfiguration::QCoapSecurityConfiguration()
197	: d (new QCoapSecurityConfigurationPrivate)
198	{
199	}
200
201	/!*
202	Copies the configuration and state of \a other.
203	*/
204	QCoapSecurityConfiguration::QCoapSecurityConfiguration(const QCoapSecurityConfiguration &other)
205	: d (other.d)
206	{
207	}
208
209	/!*
210	Move-constructs a QCoapSecurityConfiguration, making it point to the same
211	object as \a other was pointing to.
212	*/
213	QCoapSecurityConfiguration::QCoapSecurityConfiguration(
214	QCoapSecurityConfiguration &&other) noexcept
215	: d (other.d)
216	{
217	other.d = nullptr;
218	}
219
220	/!*
221	Copies the configuration and state of \a other.
222	*/
223	QCoapSecurityConfiguration &QCoapSecurityConfiguration::operator=(
224	const QCoapSecurityConfiguration &other)
225	{
226	d = other.d;
227	return *this;
228	}
229
230	/!*
231	Releases any resources held by QCoapSecurityConfiguration.
232	*/
233	QCoapSecurityConfiguration::~QCoapSecurityConfiguration()
234	{
235	}
236
237	/!*
238	Sets the PSK client identity (to be advised to the server) to \a identity.
239
240	\sa preSharedKeyIdentity()
241	*/
242	void QCoapSecurityConfiguration::setPreSharedKeyIdentity(const QByteArray &identity)
243	{
244	d ->identity = identity;
245	}
246
247	/!*
248	Returns the PSK client identity.
249
250	\sa setPreSharedKeyIdentity()
251	*/
252	QByteArray QCoapSecurityConfiguration::preSharedKeyIdentity() const
253	{
254	return d ->identity;
255	}
256
257	/!*
258	Sets the pre shared key to \a preSharedKey.
259
260	\sa preSharedKey()
261	*/
262	void QCoapSecurityConfiguration::setPreSharedKey(const QByteArray &preSharedKey)
263	{
264	d ->preSharedKey = preSharedKey;
265	}
266
267	/!*
268	Returns the pre shared key.
269
270	\sa setPreSharedKey()
271	*/
272	QByteArray QCoapSecurityConfiguration::preSharedKey() const
273	{
274	return d ->preSharedKey;
275	}
276
277	/!*
278	Sets the SSL cipher string to \a cipherString.
279
280	The security back-end (for example OpenSSL) might not include ciphers required
281	for \l{https://tools.ietf.org/html/rfc7252#section-9}{RFC 7252} by default.
282	This method specifies which ciphers the back-end should use.
283	For example to enable CCM ciphers required by RFC, "AESCCM" can be passed
284	as \a cipherString.
285
286	See the \l{https://www.openssl.org/docs/manmaster/man1/ciphers.html#CIPHER-STRINGS}
287	{OpenSSL docs} for more information about cipher strings.
288
289	\sa defaultCipherString()
290	*/
291	void QCoapSecurityConfiguration::setDefaultCipherString(const QString &cipherString)
292	{
293	d ->defaultCipherString = cipherString;
294	}
295
296	/!*
297	Returns the default cipher string.
298
299	\sa setDefaultCipherString()
300	*/
301	QString QCoapSecurityConfiguration::defaultCipherString() const
302	{
303	return d ->defaultCipherString;
304	}
305
306	/!*
307	Sets \a certificates as the certificate authority database for the connection.
308
309	\sa caCertificates()
310	*/
311	void QCoapSecurityConfiguration::setCaCertificates(const QList<QSslCertificate> &certificates)
312	{
313	d ->caCertificates = certificates;
314	}
315
316	/!*
317	Returns this connection's certificate authority certificate database.
318
319	\sa setCaCertificates()
320	*/
321	QList<QSslCertificate> QCoapSecurityConfiguration::caCertificates() const
322	{
323	return d ->caCertificates;
324	}
325
326	/!*
327	Sets \a localChain as the certificate chain to present to the peer
328	during the handshake.
329
330	\sa localCertificateChain()
331	*/
332	void QCoapSecurityConfiguration::setLocalCertificateChain(const QList<QSslCertificate> &localChain)
333	{
334	d ->localCertificateChain = localChain;
335	}
336
337	/!*
338	Returns the certificate chain to be presented to the peer during the handshake.
339
340	\sa setLocalCertificateChain()
341	*/
342	QList<QSslCertificate> QCoapSecurityConfiguration::localCertificateChain() const
343	{
344	return d ->localCertificateChain;
345	}
346
347	/!*
348	Sets the connection's private key to \a key.
349
350	\sa privateKey(), setLocalCertificateChain()
351	*/
352	void QCoapSecurityConfiguration::setPrivateKey(const QCoapPrivateKey &key)
353	{
354	d ->privateKey = key;
355	}
356
357	/!*
358	Returns the private key assigned to the connection.
359
360	\sa setPrivateKey(), localCertificateChain()
361	*/
362	QCoapPrivateKey QCoapSecurityConfiguration::privateKey() const
363	{
364	return d ->privateKey;
365	}
366
367	QT_END_NAMESPACE
368

source code of qtcoap/src/coap/qcoapsecurityconfiguration.cpp