d6/d35/qtlsbackend_8cpp_source.html

// Copyright (C) 2021 The Qt Company Ltd.

// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only


#include "qtlsbackend_p.h"


#if QT_CONFIG(ssl)

#include "qsslpresharedkeyauthenticator_p.h"

#include "qsslpresharedkeyauthenticator.h"

#include "qsslsocket_p.h"

#include "qsslcipher_p.h"

#include "qsslkey_p.h"

#include "qsslkey.h"

#endif


#include "qssl_p.h"


#include <QtCore/private/qfactoryloader_p.h>


#include "QtCore/qapplicationstatic.h"

#include <QtCore/qbytearray.h>

#include <QtCore/qmutex.h>


#include <algorithm>

#include <vector>


QT_BEGIN_NAMESPACE


using namespace Qt::StringLiterals;


Q_APPLICATION_STATIC(QFactoryLoader, qtlsbLoader, QTlsBackend_iid,

                     QStringLiteral("/tls"))


namespace {


class BackendCollection

{

public:

    void addBackend(QTlsBackend *backend)

    {

        Q_ASSERT(backend);

        Q_ASSERT(std::find(backends.begin(), backends.end(), backend) == backends.end());

        const QMutexLocker locker(&collectionMutex);

        backends.push_back(backend);

    }


    void removeBackend(QTlsBackend *backend)

    {

        Q_ASSERT(backend);

        const QMutexLocker locker(&collectionMutex);

        const auto it = std::find(backends.begin(), backends.end(), backend);

        Q_ASSERT(it != backends.end());

        backends.erase(it);

    }


    bool tryPopulateCollection()

    {

        if (!qtlsbLoader())

            return false;


        Q_CONSTINIT static QBasicMutex mutex;

        const QMutexLocker locker(&mutex);

        if (backends.size())

            return true;


#if QT_CONFIG(library)

        qtlsbLoader->update();

#endif

        int index = 0;

        while (qtlsbLoader->instance(index))

            ++index;


        return true;

    }


    QList<QString> backendNames()

    {

        QList<QString> names;

        if (!tryPopulateCollection())

            return names;


        const QMutexLocker locker(&collectionMutex);

        if (!backends.size())

            return names;


        names.reserve(backends.size());

        for (const auto *backend : backends) {

            if (backend->isValid())

                names.append(backend->backendName());

        }


        return names;

    }


    QTlsBackend *backend(const QString &name)

    {

        if (!tryPopulateCollection())

            return nullptr;


        const QMutexLocker locker(&collectionMutex);

        const auto it = std::find_if(backends.begin(), backends.end(),

                                     [&name](const auto *fct) {return fct->backendName() == name;});


        return it == backends.end()  ? nullptr : *it;

    }


private:

    std::vector<QTlsBackend *> backends;

    QMutex collectionMutex;

};


} // Unnamed namespace


Q_GLOBAL_STATIC(BackendCollection, backends);


const QString QTlsBackend::builtinBackendNames[] = {

    QStringLiteral("schannel"),

    QStringLiteral("securetransport"),

    QStringLiteral("openssl"),

    QStringLiteral("cert-only")

};


QTlsBackend::QTlsBackend()

{

    if (backends())

        backends->addBackend(this);


    if (QCoreApplication::instance()) {

        connect(QCoreApplication::instance(), &QCoreApplication::destroyed, this, [this] {

            delete this;

        });

    }

}


QTlsBackend::~QTlsBackend()

{

    if (backends())

        backends->removeBackend(this);

}


bool QTlsBackend::isValid() const

{

    return true;

}


long QTlsBackend::tlsLibraryVersionNumber() const

{

    return 0;

}


QString QTlsBackend::tlsLibraryVersionString() const

{

    return {};

}


long QTlsBackend::tlsLibraryBuildVersionNumber() const

{

    return 0;

}


QString QTlsBackend::tlsLibraryBuildVersionString() const

{

    return {};

}


void QTlsBackend::ensureInitialized() const

{

}


#define REPORT_MISSING_SUPPORT(message) \

    qCWarning(lcSsl) << "The backend" << backendName() << message


QTlsPrivate::TlsKey *QTlsBackend::createKey() const

{

    REPORT_MISSING_SUPPORT("does not support QSslKey");

    return nullptr;

}


QTlsPrivate::X509Certificate *QTlsBackend::createCertificate() const

{

    REPORT_MISSING_SUPPORT("does not support QSslCertificate");

    return nullptr;

}


QList<QSslCertificate> QTlsBackend::systemCaCertificates() const

{

    REPORT_MISSING_SUPPORT("does not provide system CA certificates");

    return {};

}


QTlsPrivate::TlsCryptograph *QTlsBackend::createTlsCryptograph() const

{

    REPORT_MISSING_SUPPORT("does not support QSslSocket");

    return nullptr;

}


QTlsPrivate::DtlsCryptograph *QTlsBackend::createDtlsCryptograph(QDtls *qObject, int mode) const

{

    Q_UNUSED(qObject);

    Q_UNUSED(mode);

    REPORT_MISSING_SUPPORT("does not support QDtls");

    return nullptr;

}


QTlsPrivate::DtlsCookieVerifier *QTlsBackend::createDtlsCookieVerifier() const

{

    REPORT_MISSING_SUPPORT("does not support DTLS cookies");

    return nullptr;

}


QTlsPrivate::X509ChainVerifyPtr QTlsBackend::X509Verifier() const

{

    REPORT_MISSING_SUPPORT("does not support (manual) certificate verification");

    return nullptr;

}


QTlsPrivate::X509PemReaderPtr QTlsBackend::X509PemReader() const

{

    REPORT_MISSING_SUPPORT("cannot read PEM format");

    return nullptr;

}


QTlsPrivate::X509DerReaderPtr QTlsBackend::X509DerReader() const

{

    REPORT_MISSING_SUPPORT("cannot read DER format");

    return nullptr;

}


QTlsPrivate::X509Pkcs12ReaderPtr QTlsBackend::X509Pkcs12Reader() const

{

    REPORT_MISSING_SUPPORT("cannot read PKCS12 format");

    return nullptr;

}


QList<int> QTlsBackend::ellipticCurvesIds() const

{

    REPORT_MISSING_SUPPORT("does not support QSslEllipticCurve");

    return {};

}


int QTlsBackend::curveIdFromShortName(const QString &name) const

{

    Q_UNUSED(name);

    REPORT_MISSING_SUPPORT("does not support QSslEllipticCurve");

    return 0;

}


int QTlsBackend::curveIdFromLongName(const QString &name) const

{

    Q_UNUSED(name);

    REPORT_MISSING_SUPPORT("does not support QSslEllipticCurve");

    return 0;

}


QString QTlsBackend::shortNameForId(int cid) const

{

    Q_UNUSED(cid);

    REPORT_MISSING_SUPPORT("does not support QSslEllipticCurve");

    return {};

}


QString QTlsBackend::longNameForId(int cid) const

{

    Q_UNUSED(cid);

    REPORT_MISSING_SUPPORT("does not support QSslEllipticCurve");

    return {};

}


bool QTlsBackend::isTlsNamedCurve(int cid) const

{

    Q_UNUSED(cid);

    REPORT_MISSING_SUPPORT("does not support QSslEllipticCurve");

    return false;

}


int QTlsBackend::dhParametersFromDer(const QByteArray &derData, QByteArray *data) const

{

    Q_UNUSED(derData);

    Q_UNUSED(data);

    REPORT_MISSING_SUPPORT("does not support QSslDiffieHellmanParameters in DER format");

    return {};

}


int QTlsBackend::dhParametersFromPem(const QByteArray &pemData, QByteArray *data) const

{

    Q_UNUSED(pemData);

    Q_UNUSED(data);

    REPORT_MISSING_SUPPORT("does not support QSslDiffieHellmanParameters in PEM format");

    return {};

}


QList<QString> QTlsBackend::availableBackendNames()

{

    if (!backends())

        return {};


    return backends->backendNames();

}


QString QTlsBackend::defaultBackendName()

{

    // We prefer OpenSSL as default:

    const auto names = availableBackendNames();

    auto name = builtinBackendNames[nameIndexOpenSSL];

    if (names.contains(name))

        return name;

    name = builtinBackendNames[nameIndexSchannel];

    if (names.contains(name))

        return name;

    name = builtinBackendNames[nameIndexSecureTransport];

    if (names.contains(name))

        return name;


    const auto pos = std::find_if(names.begin(), names.end(), [](const auto &name) {

        return name != builtinBackendNames[nameIndexCertOnly];

    });


    if (pos != names.end())

        return *pos;


    if (names.size())

        return names[0];


    return {};

}


QTlsBackend *QTlsBackend::findBackend(const QString &backendName)

{

    if (!backends())

        return {};


    if (auto *fct = backends->backend(backendName))

        return fct;


    qCWarning(lcSsl) << "Cannot create unknown backend named" << backendName;

    return nullptr;

}


QTlsBackend *QTlsBackend::activeOrAnyBackend()

{

#if QT_CONFIG(ssl)

    return QSslSocketPrivate::tlsBackendInUse();

#else

    return findBackend(defaultBackendName());

#endif // QT_CONFIG(ssl)

}


QList<QSsl::SslProtocol> QTlsBackend::supportedProtocols(const QString &backendName)

{

    if (!backends())

        return {};


    if (const auto *fct = backends->backend(backendName))

        return fct->supportedProtocols();


    return {};

}


QList<QSsl::SupportedFeature> QTlsBackend::supportedFeatures(const QString &backendName)

{

    if (!backends())

        return {};


    if (const auto *fct = backends->backend(backendName))

        return fct->supportedFeatures();


    return {};

}


QList<QSsl::ImplementedClass> QTlsBackend::implementedClasses(const QString &backendName)

{

    if (!backends())

        return {};


    if (const auto *fct = backends->backend(backendName))

        return fct->implementedClasses();


    return {};

}


void QTlsBackend::resetBackend(QSslKey &key, QTlsPrivate::TlsKey *keyBackend)

{

#if QT_CONFIG(ssl)

    key.d->backend.reset(keyBackend);

#else

    Q_UNUSED(key);

    Q_UNUSED(keyBackend);

#endif // QT_CONFIG(ssl)

}


void QTlsBackend::setupClientPskAuth(QSslPreSharedKeyAuthenticator *auth, const char *hint,

                                     int hintLength, unsigned maxIdentityLen, unsigned maxPskLen)

{

    Q_ASSERT(auth);

#if QT_CONFIG(ssl)

    if (hint)

        auth->d->identityHint = QByteArray::fromRawData(hint, hintLength); // it's NUL terminated, but do not include the NUL


    auth->d->maximumIdentityLength = int(maxIdentityLen) - 1; // needs to be NUL terminated

    auth->d->maximumPreSharedKeyLength = int(maxPskLen);

#else

    Q_UNUSED(auth);

    Q_UNUSED(hint);

    Q_UNUSED(hintLength);

    Q_UNUSED(maxIdentityLen);

    Q_UNUSED(maxPskLen);

#endif

}


void QTlsBackend::setupServerPskAuth(QSslPreSharedKeyAuthenticator *auth, const char *identity,

                                     const QByteArray &identityHint, unsigned int maxPskLen)

{

#if QT_CONFIG(ssl)

    Q_ASSERT(auth);

    auth->d->identityHint = identityHint;

    auth->d->identity = identity;

    auth->d->maximumIdentityLength = 0; // user cannot set an identity

    auth->d->maximumPreSharedKeyLength = int(maxPskLen);

#else

    Q_UNUSED(auth);

    Q_UNUSED(identity);

    Q_UNUSED(identityHint);

    Q_UNUSED(maxPskLen);

#endif

}


#if QT_CONFIG(ssl)

QSslCipher QTlsBackend::createCiphersuite(const QString &descriptionOneLine, int bits, int supportedBits)

{

    QSslCipher ciph;


    const auto descriptionList = QStringView{descriptionOneLine}.split(u' ', Qt::SkipEmptyParts);

    if (descriptionList.size() > 5) {

        ciph.d->isNull = false;

        ciph.d->name = descriptionList.at(0).toString();


        QStringView protoString = descriptionList.at(1);

        ciph.d->protocolString = protoString.toString();

        ciph.d->protocol = QSsl::UnknownProtocol;

QT_WARNING_PUSH

QT_WARNING_DISABLE_DEPRECATED

        if (protoString.startsWith(u"TLSv1")) {

            QStringView tail = protoString.sliced(5);

            if (tail.startsWith(u'.')) {

                tail = tail.sliced(1);

                if (tail == u"3")

                    ciph.d->protocol = QSsl::TlsV1_3;

                else if (tail == u"2")

                    ciph.d->protocol = QSsl::TlsV1_2;

                else if (tail == u"1")

                    ciph.d->protocol = QSsl::TlsV1_1;

            } else if (tail.isEmpty()) {

                ciph.d->protocol = QSsl::TlsV1_0;

            }

        }

QT_WARNING_POP


        if (descriptionList.at(2).startsWith("Kx="_L1))

            ciph.d->keyExchangeMethod = descriptionList.at(2).mid(3).toString();

        if (descriptionList.at(3).startsWith("Au="_L1))

            ciph.d->authenticationMethod = descriptionList.at(3).mid(3).toString();

        if (descriptionList.at(4).startsWith("Enc="_L1))

            ciph.d->encryptionMethod = descriptionList.at(4).mid(4).toString();

        ciph.d->exportable = (descriptionList.size() > 6 && descriptionList.at(6) == "export"_L1);


        ciph.d->bits = bits;

        ciph.d->supportedBits = supportedBits;

    }


    return ciph;

}


QSslCipher QTlsBackend::createCiphersuite(const QString &suiteName, QSsl::SslProtocol protocol,

                                          const QString &protocolString)

{

    QSslCipher ciph;


    if (!suiteName.size())

        return ciph;


    ciph.d->isNull = false;

    ciph.d->name = suiteName;

    ciph.d->protocol = protocol;

    ciph.d->protocolString = protocolString;


    const auto bits = QStringView{ciph.d->name}.split(u'-');

    if (bits.size() >= 2) {

        if (bits.size() == 2 || bits.size() == 3)

            ciph.d->keyExchangeMethod = "RSA"_L1;

        else if (bits.front() == "DH"_L1 || bits.front() == "DHE"_L1)

            ciph.d->keyExchangeMethod = "DH"_L1;

        else if (bits.front() == "ECDH"_L1 || bits.front() == "ECDHE"_L1)

            ciph.d->keyExchangeMethod = "ECDH"_L1;

        else

            qCWarning(lcSsl) << "Unknown Kx" << ciph.d->name;


        if (bits.size() == 2 || bits.size() == 3)

            ciph.d->authenticationMethod = "RSA"_L1;

        else if (ciph.d->name.contains("-ECDSA-"_L1))

            ciph.d->authenticationMethod = "ECDSA"_L1;

        else if (ciph.d->name.contains("-RSA-"_L1))

            ciph.d->authenticationMethod = "RSA"_L1;

        else

            qCWarning(lcSsl) << "Unknown Au" << ciph.d->name;


        if (ciph.d->name.contains("RC4-"_L1)) {

            ciph.d->encryptionMethod = "RC4(128)"_L1;

            ciph.d->bits = 128;

            ciph.d->supportedBits = 128;

        } else if (ciph.d->name.contains("DES-CBC3-"_L1)) {

            ciph.d->encryptionMethod = "3DES(168)"_L1;

            ciph.d->bits = 168;

            ciph.d->supportedBits = 168;

        } else if (ciph.d->name.contains("AES128-"_L1)) {

            ciph.d->encryptionMethod = "AES(128)"_L1;

            ciph.d->bits = 128;

            ciph.d->supportedBits = 128;

        } else if (ciph.d->name.contains("AES256-GCM"_L1)) {

            ciph.d->encryptionMethod = "AESGCM(256)"_L1;

            ciph.d->bits = 256;

            ciph.d->supportedBits = 256;

        } else if (ciph.d->name.contains("AES256-"_L1)) {

            ciph.d->encryptionMethod = "AES(256)"_L1;

            ciph.d->bits = 256;

            ciph.d->supportedBits = 256;

        } else if (ciph.d->name.contains("CHACHA20-"_L1)) {

            ciph.d->encryptionMethod = "CHACHA20"_L1;

            ciph.d->bits = 256;

            ciph.d->supportedBits = 256;

        } else if (ciph.d->name.contains("NULL-"_L1)) {

            ciph.d->encryptionMethod = "NULL"_L1;

        } else {

            qCWarning(lcSsl) << "Unknown Enc" << ciph.d->name;

        }

    }

    return ciph;

}


QSslCipher QTlsBackend::createCiphersuite(const QString &name, const QString &keyExchangeMethod,

                                          const QString &encryptionMethod,

                                          const QString &authenticationMethod,

                                          int bits, QSsl::SslProtocol protocol,

                                          const QString &protocolString)

{

    QSslCipher cipher;

    cipher.d->isNull = false;

    cipher.d->name = name;

    cipher.d->bits = bits;

    cipher.d->supportedBits = bits;

    cipher.d->keyExchangeMethod = keyExchangeMethod;

    cipher.d->encryptionMethod = encryptionMethod;

    cipher.d->authenticationMethod = authenticationMethod;

    cipher.d->protocol = protocol;

    cipher.d->protocolString = protocolString;

    return cipher;

}


QList<QSslCipher> QTlsBackend::defaultCiphers()

{

    return QSslSocketPrivate::defaultCiphers();

}


QList<QSslCipher> QTlsBackend::defaultDtlsCiphers()

{

    return QSslSocketPrivate::defaultDtlsCiphers();

}


void QTlsBackend::setDefaultCiphers(const QList<QSslCipher> &ciphers)

{

    QSslSocketPrivate::setDefaultCiphers(ciphers);

}


void QTlsBackend::setDefaultDtlsCiphers(const QList<QSslCipher> &ciphers)

{

    QSslSocketPrivate::setDefaultDtlsCiphers(ciphers);

}


void QTlsBackend::setDefaultSupportedCiphers(const QList<QSslCipher> &ciphers)

{

    QSslSocketPrivate::setDefaultSupportedCiphers(ciphers);

}


void QTlsBackend::resetDefaultEllipticCurves()

{

    QSslSocketPrivate::resetDefaultEllipticCurves();

}


void QTlsBackend::setDefaultCaCertificates(const QList<QSslCertificate> &certs)

{

    QSslSocketPrivate::setDefaultCaCertificates(certs);

}


bool QTlsBackend::rootLoadingOnDemandAllowed(const QSslConfiguration &configuration)

{

    return configuration.d->allowRootCertOnDemandLoading;

}


void QTlsBackend::storePeerCertificate(QSslConfiguration &configuration,

                                       const QSslCertificate &peerCert)

{

    configuration.d->peerCertificate = peerCert;

}


void QTlsBackend::storePeerCertificateChain(QSslConfiguration &configuration,

                                            const QList<QSslCertificate> &peerChain)

{

    configuration.d->peerCertificateChain = peerChain;

}


void QTlsBackend::clearPeerCertificates(QSslConfiguration &configuration)

{

    configuration.d->peerCertificate.clear();

    configuration.d->peerCertificateChain.clear();

}


void QTlsBackend::clearPeerCertificates(QSslSocketPrivate *d)

{

    Q_ASSERT(d);

    d->configuration.peerCertificate.clear();

    d->configuration.peerCertificateChain.clear();

}


void QTlsBackend::setPeerSessionShared(QSslSocketPrivate *d, bool shared)

{

    Q_ASSERT(d);

    d->configuration.peerSessionShared = shared;

}


void QTlsBackend::setSessionAsn1(QSslSocketPrivate *d, const QByteArray &asn1)

{

    Q_ASSERT(d);

    d->configuration.sslSession = asn1;

}


void QTlsBackend::setSessionLifetimeHint(QSslSocketPrivate *d, int hint)

{

    Q_ASSERT(d);

    d->configuration.sslSessionTicketLifeTimeHint = hint;

}


void QTlsBackend::setAlpnStatus(QSslSocketPrivate *d, AlpnNegotiationStatus st)

{

    Q_ASSERT(d);

    d->configuration.nextProtocolNegotiationStatus = st;

}


void QTlsBackend::setNegotiatedProtocol(QSslSocketPrivate *d, const QByteArray &protocol)

{

    Q_ASSERT(d);

    d->configuration.nextNegotiatedProtocol = protocol;

}


void QTlsBackend::storePeerCertificate(QSslSocketPrivate *d, const QSslCertificate &peerCert)

{

    Q_ASSERT(d);

    d->configuration.peerCertificate = peerCert;

}


void QTlsBackend::storePeerCertificateChain(QSslSocketPrivate *d,

                                            const QList<QSslCertificate> &peerChain)

{

    Q_ASSERT(d);

    d->configuration.peerCertificateChain = peerChain;

}


void QTlsBackend::addTustedRoot(QSslSocketPrivate *d, const QSslCertificate &rootCert)

{

    Q_ASSERT(d);

    if (!d->configuration.caCertificates.contains(rootCert))

        d->configuration.caCertificates += rootCert;

}


void QTlsBackend::setEphemeralKey(QSslSocketPrivate *d, const QSslKey &key)

{

    Q_ASSERT(d);

    d->configuration.ephemeralServerKey = key;

}


void QTlsBackend::forceAutotestSecurityLevel()

{

}


#endif // QT_CONFIG(ssl)


namespace QTlsPrivate {


TlsKey::~TlsKey() = default;


QByteArray TlsKey::pemHeader() const

{

    if (type() == QSsl::PublicKey)

        return QByteArrayLiteral("-----BEGIN PUBLIC KEY-----");

    else if (algorithm() == QSsl::Rsa)

        return QByteArrayLiteral("-----BEGIN RSA PRIVATE KEY-----");

    else if (algorithm() == QSsl::Dsa)

        return QByteArrayLiteral("-----BEGIN DSA PRIVATE KEY-----");

    else if (algorithm() == QSsl::Ec)

        return QByteArrayLiteral("-----BEGIN EC PRIVATE KEY-----");

    else if (algorithm() == QSsl::Dh)

        return QByteArrayLiteral("-----BEGIN PRIVATE KEY-----");


    Q_UNREACHABLE_RETURN({});

}


QByteArray TlsKey::pemFooter() const

{

    if (type() == QSsl::PublicKey)

        return QByteArrayLiteral("-----END PUBLIC KEY-----");

    else if (algorithm() == QSsl::Rsa)

        return QByteArrayLiteral("-----END RSA PRIVATE KEY-----");

    else if (algorithm() == QSsl::Dsa)

        return QByteArrayLiteral("-----END DSA PRIVATE KEY-----");

    else if (algorithm() == QSsl::Ec)

        return QByteArrayLiteral("-----END EC PRIVATE KEY-----");

    else if (algorithm() == QSsl::Dh)

        return QByteArrayLiteral("-----END PRIVATE KEY-----");


    Q_UNREACHABLE_RETURN({});

}


X509Certificate::~X509Certificate() = default;


TlsKey *X509Certificate::publicKey() const

{

    return nullptr;

}


#if QT_CONFIG(ssl)


TlsCryptograph::~TlsCryptograph() = default;


void TlsCryptograph::checkSettingSslContext(std::shared_ptr<QSslContext> tlsContext)

{

    Q_UNUSED(tlsContext);

}


std::shared_ptr<QSslContext> TlsCryptograph::sslContext() const

{

    return {};

}


void TlsCryptograph::enableHandshakeContinuation()

{

}


void TlsCryptograph::cancelCAFetch()

{

}


bool TlsCryptograph::hasUndecryptedData() const

{

    return false;

}


QList<QOcspResponse> TlsCryptograph::ocsps() const

{

    return {};

}


bool TlsCryptograph::isMatchingHostname(const QSslCertificate &certificate, const QString &peerName)

{

    return QSslSocketPrivate::isMatchingHostname(certificate, peerName);

}


void TlsCryptograph::setErrorAndEmit(QSslSocketPrivate *d, QAbstractSocket::SocketError errorCode,

                                     const QString &errorDescription) const

{

    Q_ASSERT(d);

    d->setErrorAndEmit(errorCode, errorDescription);

}


#if QT_CONFIG(dtls)

DtlsBase::~DtlsBase() = default;


#endif // QT_CONFIG(dtls)

#endif // QT_CONFIG(ssl)


} // namespace QTlsPrivate


#if QT_CONFIG(ssl)

Q_NETWORK_EXPORT void qt_ForceTlsSecurityLevel()

{

    if (auto *backend = QSslSocketPrivate::tlsBackendInUse())

        backend->forceAutotestSecurityLevel();

}


#endif // QT_CONFIG(ssl)


QT_END_NAMESPACE


#include "moc_qtlsbackend_p.cpp"

QAbstractSocket::SocketError
SocketError
This enum describes the socket errors that can occur.
Definition qabstractsocket.h:61

QByteArray
\inmodule QtCore
Definition qbytearray.h:57

QByteArray::fromRawData
static QByteArray fromRawData(const char *data, qsizetype size)
Constructs a QByteArray that uses the first size bytes of the data array.
Definition qbytearray.h:409

QCoreApplication::instance
static QCoreApplication * instance() noexcept
Returns a pointer to the application's QCoreApplication (or QGuiApplication/QApplication) instance.
Definition qcoreapplication.h:97

QDtls
This class provides encryption for UDP sockets.
Definition qdtls.h:83

QFactoryLoader
Definition qfactoryloader_p.h:62

QList::clear
void clear()
Definition qlist.h:434

QMutexLocker
\inmodule QtCore
Definition qmutex.h:313

QMutex
\inmodule QtCore
Definition qmutex.h:281

QObject::connect
static QMetaObject::Connection connect(const QObject *sender, const char *signal, const QObject *receiver, const char *member, Qt::ConnectionType=Qt::AutoConnection)
\threadsafe
Definition qobject.cpp:2960

QObject::destroyed
void destroyed(QObject *=nullptr)
This signal is emitted immediately before the object obj is destroyed, after any instances of QPointe...

QSet::end
iterator end()
Definition qset.h:140

QSslCertificate
The QSslCertificate class provides a convenient API for an X509 certificate.
Definition qsslcertificate.h:35

QSslCertificate::clear
void clear()
Clears the contents of this certificate, making it a null certificate.
Definition qsslcertificate.cpp:307

QSslCipher
The QSslCipher class represents an SSL cryptographic cipher.
Definition qsslcipher.h:22

QSslConfigurationPrivate::allowRootCertOnDemandLoading
bool allowRootCertOnDemandLoading
Definition qsslconfiguration_p.h:78

QSslConfigurationPrivate::peerCertificateChain
QList< QSslCertificate > peerCertificateChain
Definition qsslconfiguration_p.h:65

QSslConfigurationPrivate::peerCertificate
QSslCertificate peerCertificate
Definition qsslconfiguration_p.h:64

QSslConfiguration
The QSslConfiguration class holds the configuration and state of an SSL connection.
Definition qsslconfiguration.h:41

QSslKey
The QSslKey class provides an interface for private and public keys.
Definition qsslkey.h:23

QSslPreSharedKeyAuthenticator
The QSslPreSharedKeyAuthenticator class provides authentication data for pre shared keys (PSK) cipher...
Definition qsslpresharedkeyauthenticator.h:18

QSslSocketPrivate
Definition qsslsocket_p.h:42

QSslSocketPrivate::setDefaultCaCertificates
static void setDefaultCaCertificates(const QList< QSslCertificate > &certs)
Definition qsslsocket.cpp:2213

QSslSocketPrivate::setDefaultDtlsCiphers
static void setDefaultDtlsCiphers(const QList< QSslCipher > &ciphers)
Definition qsslsocket.cpp:2162

QSslSocketPrivate::tlsBackendInUse
static QTlsBackend * tlsBackendInUse()
Definition qsslsocket.cpp:3094

QSslSocketPrivate::setDefaultCiphers
static void setDefaultCiphers(const QList< QSslCipher > &ciphers)
Definition qsslsocket.cpp:2114

QSslSocketPrivate::defaultDtlsCiphers
static QList< QSslCipher > defaultDtlsCiphers()
Definition qsslsocket.cpp:2172

QSslSocketPrivate::resetDefaultEllipticCurves
static void resetDefaultEllipticCurves()
Definition qsslsocket.cpp:2134

QSslSocketPrivate::isMatchingHostname
static bool isMatchingHostname(const QSslCertificate &cert, const QString &peerName)
Definition qsslsocket.cpp:3008

QSslSocketPrivate::defaultCiphers
static QList< QSslCipher > defaultCiphers()
Definition qsslsocket.cpp:2094

QSslSocketPrivate::setDefaultSupportedCiphers
static void setDefaultSupportedCiphers(const QList< QSslCipher > &ciphers)
Definition qsslsocket.cpp:2124

QStringView
\inmodule QtCore
Definition qstringview.h:78

QStringView::startsWith
bool startsWith(QStringView s, Qt::CaseSensitivity cs=Qt::CaseSensitive) const noexcept
Definition qstringview.h:257

QStringView::isEmpty
constexpr bool isEmpty() const noexcept
Returns whether this string view is empty - that is, whether {size() == 0}.
Definition qstringview.h:412

QStringView::split
Q_CORE_EXPORT QList< QStringView > split(QStringView sep, Qt::SplitBehavior behavior=Qt::KeepEmptyParts, Qt::CaseSensitivity cs=Qt::CaseSensitive) const
Splits the view into substring views wherever sep occurs, and returns the list of those string views.
Definition qstring.cpp:8249

QStringView::at
constexpr QChar at(qsizetype n) const noexcept
Returns the character at position n in this string view.
Definition qstringview.h:201

QStringView::sliced
constexpr QStringView sliced(qsizetype pos) const noexcept
Definition qstringview.h:226

QString
\macro QT_RESTRICTED_CAST_FROM_ASCII
Definition qstring.h:129

QTlsBackend
QTlsBackend is a factory class, providing implementations for the QSsl classes.
Definition qtlsbackend_p.h:266

QTlsBackend::systemCaCertificates
virtual QList< QSslCertificate > systemCaCertificates() const
Definition qtlsbackend.cpp:312

QTlsBackend::X509PemReader
virtual QTlsPrivate::X509PemReaderPtr X509PemReader() const
Definition qtlsbackend.cpp:388

QTlsBackend::tlsLibraryVersionNumber
virtual long tlsLibraryVersionNumber() const
Definition qtlsbackend.cpp:216

QTlsBackend::supportedFeatures
virtual QList< QSsl::SupportedFeature > supportedFeatures() const =0

QTlsBackend::curveIdFromLongName
virtual int curveIdFromLongName(const QString &name) const
Definition qtlsbackend.cpp:466

QTlsBackend::resetBackend
static void resetBackend(QSslKey &key, QTlsPrivate::TlsKey *keyBackend)
Definition qtlsbackend.cpp:706

QTlsBackend::createDtlsCryptograph
virtual QTlsPrivate::DtlsCryptograph * createDtlsCryptograph(class QDtls *qObject, int mode) const
Definition qtlsbackend.cpp:342

QTlsBackend::~QTlsBackend
~QTlsBackend() override
Definition qtlsbackend.cpp:185

QTlsBackend::nameIndexSchannel
static constexpr const int nameIndexSchannel
Definition qtlsbackend_p.h:326

QTlsBackend::createDtlsCookieVerifier
virtual QTlsPrivate::DtlsCookieVerifier * createDtlsCookieVerifier() const
Definition qtlsbackend.cpp:359

QTlsBackend::nameIndexSecureTransport
static constexpr const int nameIndexSecureTransport
Definition qtlsbackend_p.h:327

QTlsBackend::shortNameForId
virtual QString shortNameForId(int cid) const
Definition qtlsbackend.cpp:483

QTlsBackend::backendName
virtual QString backendName() const =0

QTlsBackend::setupClientPskAuth
static void setupClientPskAuth(QSslPreSharedKeyAuthenticator *auth, const char *hint, int hintLength, unsigned maxIdentityLen, unsigned maxPskLen)
Definition qtlsbackend.cpp:721

QTlsBackend::dhParametersFromPem
virtual int dhParametersFromPem(const QByteArray &pemData, QByteArray *data) const
Definition qtlsbackend.cpp:550

QTlsBackend::supportedProtocols
virtual QList< QSsl::SslProtocol > supportedProtocols() const =0

QTlsBackend::availableBackendNames
static QList< QString > availableBackendNames()
Definition qtlsbackend.cpp:566

QTlsBackend::createTlsCryptograph
virtual QTlsPrivate::TlsCryptograph * createTlsCryptograph() const
Definition qtlsbackend.cpp:327

QTlsBackend::QTlsBackend
QTlsBackend()
Definition qtlsbackend.cpp:167

QTlsBackend::createKey
virtual QTlsPrivate::TlsKey * createKey() const
Definition qtlsbackend.cpp:283

QTlsBackend::implementedClasses
virtual QList< QSsl::ImplementedClass > implementedClasses() const =0

QTlsBackend::tlsLibraryBuildVersionNumber
virtual long tlsLibraryBuildVersionNumber() const
Definition qtlsbackend.cpp:244

QTlsBackend::longNameForId
virtual QString longNameForId(int cid) const
Definition qtlsbackend.cpp:500

QTlsBackend::ensureInitialized
virtual void ensureInitialized() const
Definition qtlsbackend.cpp:267

QTlsBackend::isTlsNamedCurve
virtual bool isTlsNamedCurve(int cid) const
Definition qtlsbackend.cpp:515

QTlsBackend::nameIndexOpenSSL
static constexpr const int nameIndexOpenSSL
Definition qtlsbackend_p.h:328

QTlsBackend::ellipticCurvesIds
virtual QList< int > ellipticCurvesIds() const
Definition qtlsbackend.cpp:431

QTlsBackend::X509Pkcs12Reader
virtual QTlsPrivate::X509Pkcs12ReaderPtr X509Pkcs12Reader() const
Definition qtlsbackend.cpp:414

QTlsBackend::tlsLibraryBuildVersionString
virtual QString tlsLibraryBuildVersionString() const
Definition qtlsbackend.cpp:257

QTlsBackend::isValid
virtual bool isValid() const
Definition qtlsbackend.cpp:203

QTlsBackend::defaultBackendName
static QString defaultBackendName()
Definition qtlsbackend.cpp:579

QTlsBackend::tlsLibraryVersionString
virtual QString tlsLibraryVersionString() const
Definition qtlsbackend.cpp:230

QTlsBackend::curveIdFromShortName
virtual int curveIdFromShortName(const QString &name) const
Definition qtlsbackend.cpp:448

QTlsBackend::createCertificate
virtual QTlsPrivate::X509Certificate * createCertificate() const
Definition qtlsbackend.cpp:298

QTlsBackend::builtinBackendNames
static const QString builtinBackendNames[]
Definition qtlsbackend_p.h:154

QTlsBackend::X509DerReader
virtual QTlsPrivate::X509DerReaderPtr X509DerReader() const
Definition qtlsbackend.cpp:401

QTlsBackend::activeOrAnyBackend
static QTlsBackend * activeOrAnyBackend()
Definition qtlsbackend.cpp:632

QTlsBackend::findBackend
static QTlsBackend * findBackend(const QString &backendName)
Definition qtlsbackend.cpp:613

QTlsBackend::X509Verifier
virtual QTlsPrivate::X509ChainVerifyPtr X509Verifier() const
Definition qtlsbackend.cpp:375

QTlsBackend::dhParametersFromDer
virtual int dhParametersFromDer(const QByteArray &derData, QByteArray *data) const
Definition qtlsbackend.cpp:532

QTlsBackend::setupServerPskAuth
static void setupServerPskAuth(QSslPreSharedKeyAuthenticator *auth, const char *identity, const QByteArray &identityHint, unsigned maxPskLen)
Definition qtlsbackend.cpp:745

QTlsPrivate::TlsKey
TlsKey is an abstract class, that allows a TLS plugin to provide an underlying implementation for the...
Definition qtlsbackend_p.h:60

QTlsPrivate::TlsKey::type
virtual KeyType type() const =0

QTlsPrivate::TlsKey::pemHeader
QByteArray pemHeader() const
Definition qtlsbackend.cpp:1380

QTlsPrivate::TlsKey::~TlsKey
virtual ~TlsKey()

QTlsPrivate::TlsKey::pemFooter
QByteArray pemFooter() const
Definition qtlsbackend.cpp:1401

QTlsPrivate::TlsKey::algorithm
virtual KeyAlgorithm algorithm() const =0

QTlsPrivate::X509Certificate
X509Certificate is an abstract class that allows a TLS backend to provide an implementation of the QS...
Definition qtlsbackend_p.h:98

QTlsPrivate::X509Certificate::~X509Certificate
virtual ~X509Certificate()

QTlsPrivate::X509Certificate::publicKey
virtual TlsKey * publicKey() const
Definition qtlsbackend.cpp:1695

it
QSet< QString >::iterator it
Definition doc_src_qset.cpp:85

QSsl::PublicKey
@ PublicKey
Definition qssl.h:24

QSsl::Rsa
@ Rsa
Definition qssl.h:36

QSsl::Ec
@ Ec
Definition qssl.h:38

QSsl::Dsa
@ Dsa
Definition qssl.h:37

QSsl::Dh
@ Dh
Definition qssl.h:39

QSsl::SslProtocol
SslProtocol
Describes the protocol of the cipher.
Definition qssl.h:50

QSsl::TlsV1_3
@ TlsV1_3
Definition qssl.h:66

QSsl::TlsV1_2
@ TlsV1_2
Definition qssl.h:53

QSsl::UnknownProtocol
@ UnknownProtocol
Definition qssl.h:69

QT_BEGIN_NAMESPACE
Combined button and popup list for selecting options.
Definition qstandardpaths_haiku.cpp:21

QT_END_NAMESPACE
Definition qsharedpointer.cpp:1590

QTlsPrivate
Namespace containing onternal types that TLS backends implement.
Definition qocspresponse.h:40

QTlsPrivate::X509PemReaderPtr
QList< QSslCertificate >(*)(const QByteArray &pem, int count) X509PemReaderPtr
Definition qtlsbackend_p.h:146

QTlsPrivate::X509Pkcs12ReaderPtr
bool(*)(QIODevice *device, QSslKey *key, QSslCertificate *cert, QList< QSslCertificate > *caCertificates, const QByteArray &passPhrase) X509Pkcs12ReaderPtr
Definition qtlsbackend_p.h:148

QTlsPrivate::X509ChainVerifyPtr
QList< QSslError >(*)(const QList< QSslCertificate > &chain, const QString &hostName) X509ChainVerifyPtr
Definition qtlsbackend_p.h:144

QTlsPrivate::X509DerReaderPtr
X509PemReaderPtr X509DerReaderPtr
Definition qtlsbackend_p.h:147

Qt::StringLiterals
Definition qbytearray.h:803

Qt::SkipEmptyParts
@ SkipEmptyParts
Definition qnamespace.h:128

Q_APPLICATION_STATIC
#define Q_APPLICATION_STATIC(TYPE, NAME,...)
Definition qapplicationstatic.h:72

QByteArrayLiteral
#define QByteArrayLiteral(str)
Definition qbytearray.h:52

QT_WARNING_POP
#define QT_WARNING_POP
Definition qcompilerdetection.h:1169

QT_WARNING_DISABLE_DEPRECATED
#define QT_WARNING_DISABLE_DEPRECATED
Definition qcompilerdetection.h:1174

QT_WARNING_PUSH
#define QT_WARNING_PUSH
Definition qcompilerdetection.h:1168

backendName
static QString backendName
Definition qglibnetworkinformationbackend.cpp:34

Q_GLOBAL_STATIC
#define Q_GLOBAL_STATIC(TYPE, NAME,...)
Definition qglobalstatic.h:124

qCWarning
#define qCWarning(category,...)
Definition qloggingcategory.h:125

mode
GLenum mode
Definition qopengles2ext.h:333

key
GLuint64 key
Definition qopengles2ext.h:2268

index
GLuint index
[2]
Definition qopengles2ext.h:331

data
GLint GLsizei GLsizei GLenum GLenum GLsizei void * data
Definition qopengles2ext.h:206

name
GLuint name
Definition qopengles2ext.h:156

names
GLuint GLuint * names
Definition qopenglext.h:5654

bits
GLenum GLint GLenum GLsizei GLsizei GLsizei GLint GLsizei const void * bits
Definition qopenglext.h:6904

Q_ASSERT
#define Q_ASSERT(cond)
Definition qrandom.cpp:47

qssl_p.h

qsslcipher_p.h

qsslkey.h

qsslkey_p.h

qsslpresharedkeyauthenticator.h

qsslpresharedkeyauthenticator_p.h

qsslsocket_p.h

QStringLiteral
#define QStringLiteral(str)
Definition qstringliteral.h:36

hint
static QT_BEGIN_NAMESPACE QVariant hint(QPlatformIntegration::StyleHint h)
Definition qstylehints.cpp:13

REPORT_MISSING_SUPPORT
#define REPORT_MISSING_SUPPORT(message)
Definition qtlsbackend.cpp:271

qtlsbackend_p.h

QTlsBackend_iid
#define QTlsBackend_iid
Definition qtlsbackend_p.h:397

Q_UNUSED
#define Q_UNUSED(x)
Definition qtpreprocessorsupport.h:20

pos
pos
[7]
Definition src_corelib_io_qsettings.cpp:57

nullptr
QObject::connect nullptr
Definition src_corelib_kernel_qobject.cpp:255

d
double d
Definition src_corelib_text_qlocale.cpp:9

mutex
QMutex mutex
[2]
Definition src_corelib_thread_qmutex.cpp:49

certs
const auto certs
[1]
Definition src_network_ssl_qsslcertificate.cpp:5