1berry/qtbase
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix a BIC introduced by extending the namespace QSsl in _p.h files

Browse Source 
Renamed the private part of the namespace to QTlsPrivate.

Pick-to: dev
Fixes: QTBUG-91531
Change-Id: Id2d9c458d8d958b35e437eee42889177dad0a7a7
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
This commit is contained in:
Timur Pocheptsov 2021-03-04 10:52:44 +01:00
parent d23cd35e45
commit e4efa00c72
44 changed files with 241 additions and 267 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/network/ssl/qdtls_base_p.h
View File

@ -73,7 +73,7 @@ QT_BEGIN_NAMESPACE
// This class exists to re-implement the shared error/cookie handling
// for both QDtls and QDtlsClientVerifier classes. Use it if/when
// you need it. Backend neutral.
class QDtlsBasePrivate : virtual public QSsl::DtlsBase
class QDtlsBasePrivate : virtual public QTlsPrivate::DtlsBase
{
public:
QDtlsBasePrivate(QSslSocket::SslMode m, const QByteArray &s) : mode(m), secret(s) {}

8
src/network/ssl/qdtls_openssl.cpp
View File

@ -259,7 +259,7 @@ extern "C" int q_X509DtlsCallback(int ok, X509_STORE_CTX *ctx)
}
auto dtls = static_cast<dtlsopenssl::DtlsState *>(generic);
dtls->x509Errors.append(QSsl::X509CertificateOpenSSL::errorEntryFromStoreContext(ctx));
dtls->x509Errors.append(QTlsPrivate::X509CertificateOpenSSL::errorEntryFromStoreContext(ctx));
}
// Always return 1 (OK) to allow verification to continue. We handle the
@ -1372,7 +1372,7 @@ bool QDtlsPrivateOpenSSL::verifyPeer()
}
// Translate errors from the error list into QSslErrors
using CertClass = QSsl::X509CertificateOpenSSL;
using CertClass = QTlsPrivate::X509CertificateOpenSSL;
errors.reserve(errors.size() + opensslErrors.size());
for (const auto &error : qAsConst(opensslErrors)) {
const auto value = dtlsConfiguration.peerCertificateChain.value(error.depth);
@ -1391,11 +1391,11 @@ void QDtlsPrivateOpenSSL::storePeerCertificates()
// peer certificate and the chain may be empty if the peer didn't present
// any certificate.
X509 *x509 = q_SSL_get_peer_certificate(dtls.tlsConnection.data());
dtlsConfiguration.peerCertificate = QSsl::X509CertificateOpenSSL::certificateFromX509(x509);
dtlsConfiguration.peerCertificate = QTlsPrivate::X509CertificateOpenSSL::certificateFromX509(x509);
q_X509_free(x509);
if (dtlsConfiguration.peerCertificateChain.isEmpty()) {
auto stack = q_SSL_get_peer_cert_chain(dtls.tlsConnection.data());
dtlsConfiguration.peerCertificateChain = QSsl::X509CertificateOpenSSL::stackOfX509ToQSslCertificates(stack);
dtlsConfiguration.peerCertificateChain = QTlsPrivate::X509CertificateOpenSSL::stackOfX509ToQSslCertificates(stack);
if (!dtlsConfiguration.peerCertificate.isNull() && mode == QSslSocket::SslServerMode)
dtlsConfiguration.peerCertificateChain.prepend(dtlsConfiguration.peerCertificate);
}

6
src/network/ssl/qdtls_openssl_p.h
View File

@ -133,7 +133,7 @@ private:
} // namespace dtlsopenssl
class QDtlsClientVerifierOpenSSL : public QSsl::DtlsCookieVerifier, public QDtlsBasePrivate
class QDtlsClientVerifierOpenSSL : public QTlsPrivate::DtlsCookieVerifier, public QDtlsBasePrivate
{
public:
QDtlsClientVerifierOpenSSL();
@ -147,7 +147,7 @@ private:
QByteArray verifiedClientHello;
};
class QDtlsPrivateOpenSSL : public QSsl::DtlsCryptograph, public QDtlsBasePrivate
class QDtlsPrivateOpenSSL : public QTlsPrivate::DtlsCryptograph, public QDtlsBasePrivate
{
public:
@ -236,8 +236,6 @@ private:
QByteArray identityHint;
};
QT_END_NAMESPACE
#endif // QDTLS_OPENSSL_P_H

4
src/network/ssl/qdtls_p.h
View File

@ -67,7 +67,7 @@ class QDtlsClientVerifierPrivate : public QObjectPrivate
public:
QDtlsClientVerifierPrivate();
~QDtlsClientVerifierPrivate();
std::unique_ptr<QSsl::DtlsCookieVerifier> backend;
std::unique_ptr<QTlsPrivate::DtlsCookieVerifier> backend;
};
class QDtlsPrivate : public QObjectPrivate
@ -75,7 +75,7 @@ class QDtlsPrivate : public QObjectPrivate
public:
QDtlsPrivate();
~QDtlsPrivate();
std::unique_ptr<QSsl::DtlsCryptograph> backend;
std::unique_ptr<QTlsPrivate::DtlsCryptograph> backend;
};
QT_END_NAMESPACE

4
src/network/ssl/qssl_p.h
View File

@ -60,7 +60,7 @@ QT_BEGIN_NAMESPACE
Q_DECLARE_LOGGING_CATEGORY(lcSsl)
namespace QSsl {
namespace QTlsPrivate {
enum class Cipher {
DesCbc,
@ -71,7 +71,7 @@ enum class Cipher {
Aes256Cbc
};
} // namespace QSsl
} // namespace QTlsPrivate
QT_END_NAMESPACE

10
src/network/ssl/qsslcertificate.cpp
View File

@ -987,16 +987,6 @@ QString QSslCertificate::subjectDisplayName() const
return QString();
}
/*!
\internal
Returns X509 backend this QSslCertificate is using.
*/
QSsl::X509Certificate *QSslCertificate::backendImplementation() const
{
return d->backend.get();
}
/*!
\fn size_t qHash(const QSslCertificate &key, size_t seed)

7
src/network/ssl/qsslcertificate.h
View File

@ -66,12 +66,6 @@ class QSslCertificate;
// qHash is a friend, but we can't use default arguments for friends (§8.3.6.4)
Q_NETWORK_EXPORT size_t qHash(const QSslCertificate &key, size_t seed = 0) noexcept;
namespace QSsl {
class X509Certificate;
} // namespace QSsl.
class QSslCertificatePrivate;
class Q_NETWORK_EXPORT QSslCertificate
{
@ -158,7 +152,6 @@ public:
Qt::HANDLE handle() const;
private:
QSsl::X509Certificate *backendImplementation() const;
QExplicitlySharedDataPointer<QSslCertificatePrivate> d;
friend class QSslCertificatePrivate;
friend class QSslSocketBackendPrivate;

2
src/network/ssl/qsslcertificate_p.h
View File

@ -77,7 +77,7 @@ public:
friend class QSslSocketBackendPrivate;
QAtomicInt ref;
std::unique_ptr<QSsl::X509Certificate> backend;
std::unique_ptr<QTlsPrivate::X509Certificate> backend;
};
QT_END_NAMESPACE

6
src/network/ssl/qsslkey.h
View File

@ -52,10 +52,6 @@ QT_BEGIN_NAMESPACE
#ifndef QT_NO_SSL
namespace QSsl {
class TlsKey;
}
class QIODevice;
class QSslKeyPrivate;
@ -97,8 +93,6 @@ public:
inline bool operator!=(const QSslKey &key) const { return !operator==(key); }
private:
QSsl::TlsKey *backendImplementation() const;
QExplicitlySharedDataPointer<QSslKeyPrivate> d;
friend class QSslCertificate;
friend class QSslSocketBackendPrivate;

44
src/network/ssl/qsslkey_p.cpp
View File

@ -98,9 +98,9 @@ QSslKeyPrivate::QSslKeyPrivate()
const auto *tlsBackend = QSslSocketPrivate::tlsBackendInUse();
if (!tlsBackend)
return;
keyBackend.reset(tlsBackend->createKey());
if (keyBackend.get())
keyBackend->clear(false /*not deep clear*/);
backend.reset(tlsBackend->createKey());
if (backend.get())
backend->clear(false /*not deep clear*/);
else
qCWarning(lcSsl, "Active TLS backend does not support key creation");
}
@ -110,14 +110,14 @@ QSslKeyPrivate::QSslKeyPrivate()
*/
QSslKeyPrivate::~QSslKeyPrivate()
{
if (keyBackend.get())
keyBackend->clear(true /*deep clear*/);
if (backend.get())
backend->clear(true /*deep clear*/);
}
QByteArray QSslKeyPrivate::decrypt(Cipher cipher, const QByteArray &data, const QByteArray &key, const QByteArray &iv)
{
if (const auto *tlsBackend = QSslSocketPrivate::tlsBackendInUse()) {
const std::unique_ptr<QSsl::TlsKey> cryptor(tlsBackend->createKey());
const std::unique_ptr<QTlsPrivate::TlsKey> cryptor(tlsBackend->createKey());
return cryptor->decrypt(cipher, data, key, iv);
}
@ -127,7 +127,7 @@ QByteArray QSslKeyPrivate::decrypt(Cipher cipher, const QByteArray &data, const
QByteArray QSslKeyPrivate::encrypt(Cipher cipher, const QByteArray &data, const QByteArray &key, const QByteArray &iv)
{
if (const auto *tlsBackend = QSslSocketPrivate::tlsBackendInUse()) {
const std::unique_ptr<QSsl::TlsKey> cryptor(tlsBackend->createKey());
const std::unique_ptr<QTlsPrivate::TlsKey> cryptor(tlsBackend->createKey());
return cryptor->encrypt(cipher, data, key, iv);
}
@ -158,7 +158,7 @@ QSslKey::QSslKey(const QByteArray &encoded, QSsl::KeyAlgorithm algorithm,
QSsl::EncodingFormat encoding, QSsl::KeyType type, const QByteArray &passPhrase)
: d(new QSslKeyPrivate)
{
if (auto *tlsKey = d->keyBackend.get()) {
if (auto *tlsKey = d->backend.get()) {
if (encoding == QSsl::Der)
tlsKey->decodeDer(type, algorithm, encoded, passPhrase, true /*deep clear*/);
else
@ -184,7 +184,7 @@ QSslKey::QSslKey(QIODevice *device, QSsl::KeyAlgorithm algorithm, QSsl::Encoding
if (device)
encoded = device->readAll();
if (auto *tlsKey = d->keyBackend.get()) {
if (auto *tlsKey = d->backend.get()) {
if (encoding == QSsl::Der)
tlsKey->decodeDer(type, algorithm, encoded, passPhrase, true /*deep clear*/);
else
@ -203,7 +203,7 @@ QSslKey::QSslKey(QIODevice *device, QSsl::KeyAlgorithm algorithm, QSsl::Encoding
QSslKey::QSslKey(Qt::HANDLE handle, QSsl::KeyType type)
: d(new QSslKeyPrivate)
{
if (auto *tlsKey = d->keyBackend.get())
if (auto *tlsKey = d->backend.get())
tlsKey->fromHandle(handle, type);
}
@ -266,7 +266,7 @@ QSslKey &QSslKey::operator=(const QSslKey &other)
*/
bool QSslKey::isNull() const
{
if (const auto *tlsKey = d->keyBackend.get())
if (const auto *tlsKey = d->backend.get())
return tlsKey->isNull();
return true;
@ -287,7 +287,7 @@ void QSslKey::clear()
*/
int QSslKey::length() const
{
if (const auto *tlsKey = d->keyBackend.get())
if (const auto *tlsKey = d->backend.get())
return tlsKey->length();
return -1;
@ -298,7 +298,7 @@ int QSslKey::length() const
*/
QSsl::KeyType QSslKey::type() const
{
if (const auto *tlsKey = d->keyBackend.get())
if (const auto *tlsKey = d->backend.get())
return tlsKey->type();
return QSsl::PublicKey;
@ -309,7 +309,7 @@ QSsl::KeyType QSslKey::type() const
*/
QSsl::KeyAlgorithm QSslKey::algorithm() const
{
if (const auto *tlsKey = d->keyBackend.get())
if (const auto *tlsKey = d->backend.get())
return tlsKey->algorithm();
return QSsl::Opaque;
@ -331,7 +331,7 @@ QByteArray QSslKey::toDer(const QByteArray &passPhrase) const
return {};
QMap<QByteArray, QByteArray> headers;
if (const auto *tlsKey = d->keyBackend.get())
if (const auto *tlsKey = d->backend.get())
return tlsKey->derFromPem(toPem(passPhrase), &headers);
return {};
@ -344,7 +344,7 @@ QByteArray QSslKey::toDer(const QByteArray &passPhrase) const
*/
QByteArray QSslKey::toPem(const QByteArray &passPhrase) const
{
if (const auto *tlsKey = d->keyBackend.get())
if (const auto *tlsKey = d->backend.get())
return tlsKey->toPem(passPhrase);
return {};
@ -363,8 +363,8 @@ QByteArray QSslKey::toPem(const QByteArray &passPhrase) const
*/
Qt::HANDLE QSslKey::handle() const
{
if (d->keyBackend.get())
return d->keyBackend->handle();
if (d->backend.get())
return d->backend->handle();
return nullptr;
}
@ -389,14 +389,6 @@ bool QSslKey::operator==(const QSslKey &other) const
return toDer() == other.toDer();
}
/*!
\since 6.1
Returns TLS backend-specific implementation this QSslKey is using.
*/
QSsl::TlsKey *QSslKey::backendImplementation() const
{
return d->keyBackend.get();
}
/*! \fn bool QSslKey::operator!=(const QSslKey &other) const
Returns \c true if this key is not equal to key \a other; otherwise

6
src/network/ssl/qsslkey_p.h
View File

@ -61,7 +61,7 @@
QT_BEGIN_NAMESPACE
namespace QSsl {
namespace QTlsPrivate {
class TlsKey;
}
@ -71,12 +71,12 @@ public:
QSslKeyPrivate();
~QSslKeyPrivate();
using Cipher = QSsl::Cipher;
using Cipher = QTlsPrivate::Cipher;
Q_AUTOTEST_EXPORT static QByteArray decrypt(Cipher cipher, const QByteArray &data, const QByteArray &key, const QByteArray &iv);
Q_AUTOTEST_EXPORT static QByteArray encrypt(Cipher cipher, const QByteArray &data, const QByteArray &key, const QByteArray &iv);
std::unique_ptr<QSsl::TlsKey> keyBackend;
std::unique_ptr<QTlsPrivate::TlsKey> backend;
QAtomicInt ref;
private:

22
src/network/ssl/qsslsocket_openssl.cpp
View File

@ -605,7 +605,7 @@ int q_X509Callback(int ok, X509_STORE_CTX *ctx)
return 0;
}
errors->append(QSsl::X509CertificateOpenSSL::errorEntryFromStoreContext(ctx));
errors->append(QTlsPrivate::X509CertificateOpenSSL::errorEntryFromStoreContext(ctx));
}
// Always return OK to allow verification to continue. We handle the
// errors gracefully after collecting all errors, after verification has
@ -1366,7 +1366,7 @@ bool QSslSocketBackendPrivate::startHandshake()
if (!errorsReportedFromCallback) {
for (const auto &currentError : qAsConst(lastErrors)) {
emit q->peerVerifyError(QSsl::X509CertificateOpenSSL::openSSLErrorToQSslError(currentError.code,
emit q->peerVerifyError(QTlsPrivate::X509CertificateOpenSSL::openSSLErrorToQSslError(currentError.code,
configuration.peerCertificateChain.value(currentError.depth)));
if (q->state() != QAbstractSocket::ConnectedState)
break;
@ -1482,7 +1482,7 @@ bool QSslSocketBackendPrivate::startHandshake()
// Translate errors from the error list into QSslErrors.
errors.reserve(errors.size() + errorList.size());
for (const auto &error : qAsConst(errorList))
errors << QSsl::X509CertificateOpenSSL::openSSLErrorToQSslError(error.code, configuration.peerCertificateChain.value(error.depth));
errors << QTlsPrivate::X509CertificateOpenSSL::openSSLErrorToQSslError(error.code, configuration.peerCertificateChain.value(error.depth));
if (!errors.isEmpty()) {
sslErrors = errors;
@ -1533,10 +1533,10 @@ void QSslSocketBackendPrivate::storePeerCertificates()
// peer certificate and the chain may be empty if the peer didn't present
// any certificate.
X509 *x509 = q_SSL_get_peer_certificate(ssl);
configuration.peerCertificate = QSsl::X509CertificateOpenSSL::certificateFromX509(x509);
configuration.peerCertificate = QTlsPrivate::X509CertificateOpenSSL::certificateFromX509(x509);
q_X509_free(x509);
if (configuration.peerCertificateChain.isEmpty()) {
configuration.peerCertificateChain = QSsl::X509CertificateOpenSSL::stackOfX509ToQSslCertificates(q_SSL_get_peer_cert_chain(ssl));
configuration.peerCertificateChain = QTlsPrivate::X509CertificateOpenSSL::stackOfX509ToQSslCertificates(q_SSL_get_peer_cert_chain(ssl));
if (!configuration.peerCertificate.isNull() && mode == QSslSocket::SslServerMode)
configuration.peerCertificateChain.prepend(configuration.peerCertificate);
}
@ -1876,7 +1876,7 @@ bool QSslSocketBackendPrivate::checkOcspStatus()
matchFound = qt_OCSP_certificate_match(singleResponse, peerX509, issuer);
if (matchFound) {
if (q_X509_check_issued(issuer, peerX509) == X509_V_OK) {
dResponse->signerCert = QSsl::X509CertificateOpenSSL::certificateFromX509(issuer);
dResponse->signerCert = QTlsPrivate::X509CertificateOpenSSL::certificateFromX509(issuer);
break;
}
matchFound = false;
@ -1978,9 +1978,9 @@ int QSslSocketBackendPrivate::emitErrorFromCallback(X509_STORE_CTX *ctx)
return 0;
}
const QSslCertificate certificate = QSsl::X509CertificateOpenSSL::certificateFromX509(x509);
const auto errorAndDepth = QSsl::X509CertificateOpenSSL::errorEntryFromStoreContext(ctx);
const QSslError tlsError = QSsl::X509CertificateOpenSSL::openSSLErrorToQSslError(errorAndDepth.code, certificate);
const QSslCertificate certificate = QTlsPrivate::X509CertificateOpenSSL::certificateFromX509(x509);
const auto errorAndDepth = QTlsPrivate::X509CertificateOpenSSL::errorEntryFromStoreContext(ctx);
const QSslError tlsError = QTlsPrivate::X509CertificateOpenSSL::openSSLErrorToQSslError(errorAndDepth.code, certificate);
errorsReportedFromCallback = true;
handshakeInterrupted = true;
@ -2257,14 +2257,14 @@ void QSslSocketPrivate::ensureCiphersAndCertsLoaded()
QList<QSslError> QSslSocketBackendPrivate::verify(const QList<QSslCertificate> &certificateChain,
const QString &hostName)
{
return QSsl::X509CertificateOpenSSL::verify(certificateChain, hostName);
return QTlsPrivate::X509CertificateOpenSSL::verify(certificateChain, hostName);
}
QList<QSslError> QSslSocketBackendPrivate::verify(const QList<QSslCertificate> &caCertificates,
const QList<QSslCertificate> &certificateChain,
const QString &hostName)
{
return QSsl::X509CertificateOpenSSL::verify(caCertificates, certificateChain, hostName);
return QTlsPrivate::X509CertificateOpenSSL::verify(caCertificates, certificateChain, hostName);
}
void QSslSocketPrivate::registerAdHocFactory()

2
src/network/ssl/qsslsocket_qt.cpp
View File

@ -200,7 +200,7 @@ static QByteArray _q_PKCS12_shroudedKeyBag(const QSslKey &key, const QString &pa
QByteArray plain;
QDataStream plainStream(&plain, QIODevice::WriteOnly);
_q_PKCS12_key(key).write(plainStream);
QByteArray crypted = QSslKeyPrivate::encrypt(QSsl::Cipher::DesEde3Cbc,
QByteArray crypted = QSslKeyPrivate::encrypt(QTlsPrivate::Cipher::DesEde3Cbc,
plain, cKey, cIv);
QList<QAsn1Element> items;

20
src/network/ssl/qsslsocket_schannel.cpp
View File

@ -212,24 +212,24 @@ QList<QSsl::ImplementedClass> QSchannelBackend::implementedClasses() const
return classes;
}
QSsl::TlsKey *QSchannelBackend::createKey() const
QTlsPrivate::TlsKey *QSchannelBackend::createKey() const
{
return new QSsl::TlsKeySchannel;
return new QTlsPrivate::TlsKeySchannel;
}
QSsl::X509Certificate *QSchannelBackend::createCertificate() const
QTlsPrivate::X509Certificate *QSchannelBackend::createCertificate() const
{
return new QSsl::X509CertificateSchannel;
return new QTlsPrivate::X509CertificateSchannel;
}
QSsl::X509PemReaderPtr QSchannelBackend::X509PemReader() const
QTlsPrivate::X509PemReaderPtr QSchannelBackend::X509PemReader() const
{
return QSsl::X509CertificateGeneric::certificatesFromPem;
return QTlsPrivate::X509CertificateGeneric::certificatesFromPem;
}
QSsl::X509DerReaderPtr QSchannelBackend::X509DerReader() const
QTlsPrivate::X509DerReaderPtr QSchannelBackend::X509DerReader() const
{
return QSsl::X509CertificateGeneric::certificatesFromDer;
return QTlsPrivate::X509CertificateGeneric::certificatesFromDer;
}
Q_GLOBAL_STATIC(QSchannelBackend, backend)
@ -630,7 +630,7 @@ QList<QSslCertificate> QSslSocketPrivate::systemCaCertificates()
PCCERT_CONTEXT pc = nullptr;
while ((pc = CertFindCertificateInStore(hSystemStore.get(), X509_ASN_ENCODING, 0,
CERT_FIND_ANY, nullptr, pc))) {
systemCerts.append(QSsl::X509CertificateSchannel::QSslCertificate_from_CERT_CONTEXT(pc));
systemCerts.append(QTlsPrivate::X509CertificateSchannel::QSslCertificate_from_CERT_CONTEXT(pc));
}
}
return systemCerts;
@ -1991,7 +1991,7 @@ bool QSslSocketBackendPrivate::verifyCertContext(CERT_CONTEXT *certContext)
return QSslCertificate();
const CERT_CONTEXT *certContext = element->pCertContext;
return QSsl::X509CertificateSchannel::QSslCertificate_from_CERT_CONTEXT(certContext);
return QTlsPrivate::X509CertificateSchannel::QSslCertificate_from_CERT_CONTEXT(certContext);
};
// Pick a chain to use as the certificate chain, if multiple are available:

26
src/network/ssl/qtlsbackend.cpp
View File

@ -153,7 +153,7 @@ private:
Q_GLOBAL_STATIC(BackendCollection, backends);
namespace QSsl {
namespace QTlsPrivate {
TlsKey::~TlsKey() = default;
@ -203,7 +203,7 @@ TlsKey *X509Certificate::publicKey() const
DtlsBase::~DtlsBase() = default;
#endif // QT_CONFIG(dtls)
} // namespace QSsl
} // namespace QTlsPrivate
const QString QTlsBackend::builtinBackendNames[] = {
QStringLiteral("schannel"),
@ -236,25 +236,25 @@ QString QTlsBackend::backendName() const
#define REPORT_MISSING_SUPPORT(message) \
qCWarning(lcSsl) << "The backend" << backendName() << message
QSsl::TlsKey *QTlsBackend::createKey() const
QTlsPrivate::TlsKey *QTlsBackend::createKey() const
{
REPORT_MISSING_SUPPORT("does not support QSslKey");
return nullptr;
}
QSsl::X509Certificate *QTlsBackend::createCertificate() const
QTlsPrivate::X509Certificate *QTlsBackend::createCertificate() const
{
REPORT_MISSING_SUPPORT("does not support QSslCertificate");
return nullptr;
}
QSsl::TlsCryptograph *QTlsBackend::createTlsCryptograph() const
QTlsPrivate::TlsCryptograph *QTlsBackend::createTlsCryptograph() const
{
REPORT_MISSING_SUPPORT("does not support QSslSocket");
return nullptr;
}
QSsl::DtlsCryptograph *QTlsBackend::createDtlsCryptograph(QDtls *qObject, int mode) const
QTlsPrivate::DtlsCryptograph *QTlsBackend::createDtlsCryptograph(QDtls *qObject, int mode) const
{
Q_UNUSED(qObject);
Q_UNUSED(mode);
@ -262,31 +262,31 @@ QSsl::DtlsCryptograph *QTlsBackend::createDtlsCryptograph(QDtls *qObject, int mo
return nullptr;
}
QSsl::DtlsCookieVerifier *QTlsBackend::createDtlsCookieVerifier() const
QTlsPrivate::DtlsCookieVerifier *QTlsBackend::createDtlsCookieVerifier() const
{
REPORT_MISSING_SUPPORT("does not support DTLS cookies");
return nullptr;
}
QSsl::X509ChainVerifyPtr QTlsBackend::X509Verifier() const
QTlsPrivate::X509ChainVerifyPtr QTlsBackend::X509Verifier() const
{
REPORT_MISSING_SUPPORT("does not support (manual) certificate verification");
return nullptr;
}
QSsl::X509PemReaderPtr QTlsBackend::X509PemReader() const
QTlsPrivate::X509PemReaderPtr QTlsBackend::X509PemReader() const
{
REPORT_MISSING_SUPPORT("cannot read PEM format");
return nullptr;
}
QSsl::X509DerReaderPtr QTlsBackend::X509DerReader() const
QTlsPrivate::X509DerReaderPtr QTlsBackend::X509DerReader() const
{
REPORT_MISSING_SUPPORT("cannot read DER format");
return nullptr;
}
QSsl::X509Pkcs12ReaderPtr QTlsBackend::X509Pkcs12Reader() const
QTlsPrivate::X509Pkcs12ReaderPtr QTlsBackend::X509Pkcs12Reader() const
{
REPORT_MISSING_SUPPORT("cannot read PKCS12 format");
return nullptr;
@ -431,10 +431,10 @@ QList<QSsl::ImplementedClass> QTlsBackend::implementedClasses(const QString &bac
return {};
}
void QTlsBackend::resetBackend(QSslKey &key, QSsl::TlsKey *keyBackend)
void QTlsBackend::resetBackend(QSslKey &key, QTlsPrivate::TlsKey *keyBackend)
{
#if QT_CONFIG(ssl)
key.d->keyBackend.reset(keyBackend);
key.d->backend.reset(keyBackend);
#else
Q_UNUSED(key);
Q_UNUSED(keyBackend);

12
src/network/ssl/qtlsbackend_cert.cpp
View File

@ -75,19 +75,19 @@ QList<QSsl::ImplementedClass> QTlsBackendCertOnly::implementedClasses() const
return classes;
}
QSsl::X509Certificate *QTlsBackendCertOnly::createCertificate() const
QTlsPrivate::X509Certificate *QTlsBackendCertOnly::createCertificate() const
{
return new QSsl::X509CertificateGeneric;
return new QTlsPrivate::X509CertificateGeneric;
}
QSsl::X509PemReaderPtr QTlsBackendCertOnly::X509PemReader() const
QTlsPrivate::X509PemReaderPtr QTlsBackendCertOnly::X509PemReader() const
{
return QSsl::X509CertificateGeneric::certificatesFromPem;
return QTlsPrivate::X509CertificateGeneric::certificatesFromPem;
}
QSsl::X509DerReaderPtr QTlsBackendCertOnly::X509DerReader() const
QTlsPrivate::X509DerReaderPtr QTlsBackendCertOnly::X509DerReader() const
{
return QSsl::X509CertificateGeneric::certificatesFromDer;
return QTlsPrivate::X509CertificateGeneric::certificatesFromDer;
}
QT_END_NAMESPACE

9
src/network/ssl/qtlsbackend_cert_p.h
View File

@ -57,6 +57,7 @@
#include <QtCore/qglobal.h>
#ifdef QT_NO_SSL
QT_BEGIN_NAMESPACE
@ -70,11 +71,13 @@ private:
QList<QSsl::SupportedFeature> supportedFeatures() const override;
QList<QSsl::ImplementedClass> implementedClasses() const override;
QSsl::X509Certificate *createCertificate() const override;
QSsl::X509PemReaderPtr X509PemReader() const override;
QSsl::X509DerReaderPtr X509DerReader() const override;
QTlsPrivate::X509Certificate *createCertificate() const override;
QTlsPrivate::X509PemReaderPtr X509PemReader() const override;
QTlsPrivate::X509DerReaderPtr X509DerReader() const override;
};
QT_END_NAMESPACE
#endif // QT_NO_SSL
#endif // QTLSBACKEND_CERT_P_H

28
src/network/ssl/qtlsbackend_openssl.cpp
View File

@ -157,17 +157,17 @@ QList<QSsl::ImplementedClass> QTlsBackendOpenSSL::implementedClasses() const
return classes;
}
QSsl::TlsKey *QTlsBackendOpenSSL::createKey() const
QTlsPrivate::TlsKey *QTlsBackendOpenSSL::createKey() const
{
return new QSsl::TlsKeyOpenSSL;
return new QTlsPrivate::TlsKeyOpenSSL;
}
QSsl::X509Certificate *QTlsBackendOpenSSL::createCertificate() const
QTlsPrivate::X509Certificate *QTlsBackendOpenSSL::createCertificate() const
{
return new QSsl::X509CertificateOpenSSL;
return new QTlsPrivate::X509CertificateOpenSSL;
}
QSsl::DtlsCookieVerifier *QTlsBackendOpenSSL::createDtlsCookieVerifier() const
QTlsPrivate::DtlsCookieVerifier *QTlsBackendOpenSSL::createDtlsCookieVerifier() const
{
#if QT_CONFIG(dtls)
return new QDtlsClientVerifierOpenSSL;
@ -177,7 +177,7 @@ QSsl::DtlsCookieVerifier *QTlsBackendOpenSSL::createDtlsCookieVerifier() const
#endif // QT_CONFIG(dtls)
}
QSsl::DtlsCryptograph *QTlsBackendOpenSSL::createDtlsCryptograph(QDtls *q, int mode) const
QTlsPrivate::DtlsCryptograph *QTlsBackendOpenSSL::createDtlsCryptograph(QDtls *q, int mode) const
{
#if QT_CONFIG(dtls)
return new QDtlsPrivateOpenSSL(q, QSslSocket::SslMode(mode));
@ -189,24 +189,24 @@ QSsl::DtlsCryptograph *QTlsBackendOpenSSL::createDtlsCryptograph(QDtls *q, int m
#endif // QT_CONFIG(dtls)
}
QSsl::X509ChainVerifyPtr QTlsBackendOpenSSL::X509Verifier() const
QTlsPrivate::X509ChainVerifyPtr QTlsBackendOpenSSL::X509Verifier() const
{
return QSsl::X509CertificateOpenSSL::verify;
return QTlsPrivate::X509CertificateOpenSSL::verify;
}
QSsl::X509PemReaderPtr QTlsBackendOpenSSL::X509PemReader() const
QTlsPrivate::X509PemReaderPtr QTlsBackendOpenSSL::X509PemReader() const
{
return QSsl::X509CertificateOpenSSL::certificatesFromPem;
return QTlsPrivate::X509CertificateOpenSSL::certificatesFromPem;
}
QSsl::X509DerReaderPtr QTlsBackendOpenSSL::X509DerReader() const
QTlsPrivate::X509DerReaderPtr QTlsBackendOpenSSL::X509DerReader() const
{
return QSsl::X509CertificateOpenSSL::certificatesFromDer;
return QTlsPrivate::X509CertificateOpenSSL::certificatesFromDer;
}
QSsl::X509Pkcs12ReaderPtr QTlsBackendOpenSSL::X509Pkcs12Reader() const
QTlsPrivate::X509Pkcs12ReaderPtr QTlsBackendOpenSSL::X509Pkcs12Reader() const
{
return QSsl::X509CertificateOpenSSL::importPkcs12;
return QTlsPrivate::X509CertificateOpenSSL::importPkcs12;
}
QList<int> QTlsBackendOpenSSL::ellipticCurvesIds() const

16
src/network/ssl/qtlsbackend_openssl_p.h
View File

@ -76,18 +76,18 @@ private:
QList<QSsl::ImplementedClass> implementedClasses() const override;
// QSslKey:
QSsl::TlsKey *createKey() const override;
QTlsPrivate::TlsKey *createKey() const override;
// QSslCertificate:
QSsl::X509Certificate *createCertificate() const override;
QTlsPrivate::X509Certificate *createCertificate() const override;
QSsl::DtlsCookieVerifier *createDtlsCookieVerifier() const override;
QSsl::DtlsCryptograph *createDtlsCryptograph(QDtls *q, int mode) const override;
QTlsPrivate::DtlsCookieVerifier *createDtlsCookieVerifier() const override;
QTlsPrivate::DtlsCryptograph *createDtlsCryptograph(QDtls *q, int mode) const override;
QSsl::X509ChainVerifyPtr X509Verifier() const override;
QSsl::X509PemReaderPtr X509PemReader() const override;
QSsl::X509DerReaderPtr X509DerReader() const override;
QSsl::X509Pkcs12ReaderPtr X509Pkcs12Reader() const override;
QTlsPrivate::X509ChainVerifyPtr X509Verifier() const override;
QTlsPrivate::X509PemReaderPtr X509PemReader() const override;
QTlsPrivate::X509DerReaderPtr X509DerReader() const override;
QTlsPrivate::X509Pkcs12ReaderPtr X509Pkcs12Reader() const override;
// Elliptic curves:
QList<int> ellipticCurvesIds() const override;

35
src/network/ssl/qtlsbackend_p.h
View File

@ -85,7 +85,7 @@ class QUdpSocket;
class QIODevice;
class QSslKey;
namespace QSsl {
namespace QTlsPrivate {
// The class TlsKey encapsulates key's data (DER) or backend-specific
// data-structure, like RSA/DSA/DH structs in OpenSSL.
@ -99,6 +99,9 @@ class TlsKey {
public:
virtual ~TlsKey();
using KeyType = QSsl::KeyType;
using KeyAlgorithm = QSsl::KeyAlgorithm;
virtual void decodeDer(KeyType type, KeyAlgorithm algorithm, const QByteArray &der,
const QByteArray &passPhrase, bool deepClear) = 0;
virtual void decodePem(KeyType type, KeyAlgorithm algorithm, const QByteArray &pem,
@ -121,7 +124,6 @@ public:
// Needed by QSslKeyPrivate::pemFromDer() for non-OpenSSL backends.
virtual bool isPkcs8() const = 0;
using Cipher = QSsl::Cipher;
virtual QByteArray decrypt(Cipher cipher, const QByteArray &data,
const QByteArray &key, const QByteArray &iv) const = 0;
virtual QByteArray encrypt(Cipher cipher, const QByteArray &data,
@ -265,10 +267,7 @@ class DtlsCryptograph;
#endif // QT_CONFIG(dtls)
} // namespace QSsl
} // namespace QTlsPrivate
// Factory, creating back-end specific implementations of
// different entities QSslSocket is using.
@ -287,20 +286,20 @@ public:
virtual QList<QSsl::ImplementedClass> implementedClasses() const = 0;
// X509 and keys:
virtual QSsl::TlsKey *createKey() const;
virtual QSsl::X509Certificate *createCertificate() const;
virtual QTlsPrivate::TlsKey *createKey() const;
virtual QTlsPrivate::X509Certificate *createCertificate() const;
// TLS and DTLS:
virtual QSsl::TlsCryptograph *createTlsCryptograph() const;
virtual QSsl::DtlsCryptograph *createDtlsCryptograph(class QDtls *qObject, int mode) const;
virtual QSsl::DtlsCookieVerifier *createDtlsCookieVerifier() const;
virtual QTlsPrivate::TlsCryptograph *createTlsCryptograph() const;
virtual QTlsPrivate::DtlsCryptograph *createDtlsCryptograph(class QDtls *qObject, int mode) const;
virtual QTlsPrivate::DtlsCookieVerifier *createDtlsCookieVerifier() const;
// TLSTODO - get rid of these function pointers, make them virtuals in
// the backend itself. X509 machinery:
virtual QSsl::X509ChainVerifyPtr X509Verifier() const;
virtual QSsl::X509PemReaderPtr X509PemReader() const;
virtual QSsl::X509DerReaderPtr X509DerReader() const;
virtual QSsl::X509Pkcs12ReaderPtr X509Pkcs12Reader() const;
virtual QTlsPrivate::X509ChainVerifyPtr X509Verifier() const;
virtual QTlsPrivate::X509PemReaderPtr X509PemReader() const;
virtual QTlsPrivate::X509DerReaderPtr X509DerReader() const;
virtual QTlsPrivate::X509Pkcs12ReaderPtr X509Pkcs12Reader() const;
// Elliptic curves:
virtual QList<int> ellipticCurvesIds() const;
@ -331,13 +330,13 @@ public:
static const QString builtinBackendNames[];
template<class DynamicType, class TLSObject>
template<class DynamicType, class TLSObject>
static DynamicType *backend(const TLSObject &o)
{
return static_cast<DynamicType *>(o.backendImplementation());
return static_cast<DynamicType *>(o.d->backend.get());
}
static void resetBackend(QSslKey &key, QSsl::TlsKey *keyBackend);
static void resetBackend(QSslKey &key, QTlsPrivate::TlsKey *keyBackend);
Q_DISABLE_COPY_MOVE(QTlsBackend)
};

8
src/network/ssl/qtlsbackend_schannel_p.h
View File

@ -68,11 +68,11 @@ private:
QList<QSsl::SupportedFeature> supportedFeatures() const override;
QList<QSsl::ImplementedClass> implementedClasses() const override;
QSsl::TlsKey *createKey() const override;
QSsl::X509Certificate *createCertificate() const override;
QTlsPrivate::TlsKey *createKey() const override;
QTlsPrivate::X509Certificate *createCertificate() const override;
QSsl::X509PemReaderPtr X509PemReader() const override;
QSsl::X509DerReaderPtr X509DerReader() const override;
QTlsPrivate::X509PemReaderPtr X509PemReader() const override;
QTlsPrivate::X509DerReaderPtr X509DerReader() const override;
};
QT_END_NAMESPACE

16
src/network/ssl/qtlsbackend_st.cpp
View File

@ -50,14 +50,14 @@ QString QSecureTransportBackend::backendName() const
return builtinBackendNames[nameIndexSecureTransport];
}
QSsl::TlsKey *QSecureTransportBackend::createKey() const
QTlsPrivate::TlsKey *QSecureTransportBackend::createKey() const
{
return new QSsl::TlsKeySecureTransport;
return new QTlsPrivate::TlsKeySecureTransport;
}
QSsl::X509Certificate *QSecureTransportBackend::createCertificate() const
QTlsPrivate::X509Certificate *QSecureTransportBackend::createCertificate() const
{
return new QSsl::X509CertificateSecureTransport;
return new QTlsPrivate::X509CertificateSecureTransport;
}
QList<QSsl::SslProtocol> QSecureTransportBackend::supportedProtocols() const
@ -94,14 +94,14 @@ QList<QSsl::ImplementedClass> QSecureTransportBackend::implementedClasses() cons
return classes;
}
QSsl::X509PemReaderPtr QSecureTransportBackend::X509PemReader() const
QTlsPrivate::X509PemReaderPtr QSecureTransportBackend::X509PemReader() const
{
return QSsl::X509CertificateGeneric::certificatesFromPem;
return QTlsPrivate::X509CertificateGeneric::certificatesFromPem;
}
QSsl::X509DerReaderPtr QSecureTransportBackend::X509DerReader() const
QTlsPrivate::X509DerReaderPtr QSecureTransportBackend::X509DerReader() const
{
return QSsl::X509CertificateGeneric::certificatesFromDer;
return QTlsPrivate::X509CertificateGeneric::certificatesFromDer;
}
QT_END_NAMESPACE

8
src/network/ssl/qtlsbackend_st_p.h
View File

@ -69,11 +69,11 @@ private:
QList<QSsl::SupportedFeature> supportedFeatures() const override;
QList<QSsl::ImplementedClass> implementedClasses() const override;
QSsl::TlsKey *createKey() const override;
QSsl::X509Certificate *createCertificate() const override;
QTlsPrivate::TlsKey *createKey() const override;
QTlsPrivate::X509Certificate *createCertificate() const override;
QSsl::X509PemReaderPtr X509PemReader() const override;
QSsl::X509DerReaderPtr X509DerReader() const override;
QTlsPrivate::X509PemReaderPtr X509PemReader() const override;
QTlsPrivate::X509DerReaderPtr X509DerReader() const override;
};
QT_END_NAMESPACE

4
src/network/ssl/qtlskey_base.cpp
View File

@ -42,7 +42,7 @@
QT_BEGIN_NAMESPACE
namespace QSsl {
namespace QTlsPrivate {
QByteArray TlsKeyBase::pemFromDer(const QByteArray &der, const QMap<QByteArray, QByteArray> &headers) const
{
@ -126,7 +126,7 @@ bool TlsKeyBase::isEncryptedPkcs8(const QByteArray &der)
|| encryptionScheme.startsWith(PKCS12_OID);
}
} // namespace QSsl
} // namespace QTlsPrivate
QT_END_NAMESPACE

14
src/network/ssl/qtlskey_base_p.h
View File

@ -61,14 +61,14 @@
QT_BEGIN_NAMESPACE
namespace QSsl {
namespace QTlsPrivate {
// TLSTODO: Note, 'base' is supposed to move to plugins together with
// 'generic' and 'backendXXX'.
class TlsKeyBase : public TlsKey
{
public:
TlsKeyBase(KeyType type = PublicKey, KeyAlgorithm algorithm = Opaque)
TlsKeyBase(KeyType type = QSsl::PublicKey, KeyAlgorithm algorithm = QSsl::Opaque)
: keyType(type),
keyAlgorithm(algorithm)
{
@ -78,11 +78,11 @@ public:
{
return keyIsNull;
}
QSsl::KeyType type() const override
KeyType type() const override
{
return keyType;
}
QSsl::KeyAlgorithm algorithm() const override
KeyAlgorithm algorithm() const override
{
return keyAlgorithm;
}
@ -101,11 +101,11 @@ public:
// TLSTODO: this public is quick fix needed by old _openssl classes
// will become non-public as soon as those classes fixed.
bool keyIsNull = true;
KeyType keyType = PublicKey;
KeyAlgorithm keyAlgorithm = Opaque;
KeyType keyType = QSsl::PublicKey;
KeyAlgorithm keyAlgorithm = QSsl::Opaque;
};
} // namespace QSsl
} // namespace QTlsPrivate
QT_END_NAMESPACE

34
src/network/ssl/qtlskey_generic.cpp
View File

@ -60,7 +60,7 @@ QT_BEGIN_NAMESPACE
// The code here is essentially what we had in qsslkey_qt.cpp before, with
// minimal changes/restructure.
namespace QSsl {
namespace QTlsPrivate {
// OIDs of named curves allowed in TLS as per RFCs 4492 and 7027,
// see also https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
@ -414,7 +414,7 @@ QByteArray deriveAesKey(QSslKeyPrivate::Cipher cipher, const QByteArray &passPhr
hash.addData(data);
if (cipher == QSsl::Cipher::Aes128Cbc)
if (cipher == Cipher::Aes128Cbc)
return hash.result();
QByteArray key(hash.result());
@ -422,7 +422,7 @@ QByteArray deriveAesKey(QSslKeyPrivate::Cipher cipher, const QByteArray &passPhr
hash.addData(key);
hash.addData(data);
if (cipher == QSsl::Cipher::Aes192Cbc)
if (cipher == Cipher::Aes192Cbc)
return key.append(hash.result().constData(), 8);
return key.append(hash.result());
@ -436,10 +436,10 @@ QByteArray deriveKey(QSslKeyPrivate::Cipher cipher, const QByteArray &passPhrase
hash.addData(passPhrase);
hash.addData(iv);
switch (cipher) {
case QSsl::Cipher::DesCbc:
case Cipher::DesCbc:
key = hash.result().left(8);
break;
case QSsl::Cipher::DesEde3Cbc:
case Cipher::DesEde3Cbc:
key = hash.result();
hash.reset();
hash.addData(key);
@ -447,12 +447,12 @@ QByteArray deriveKey(QSslKeyPrivate::Cipher cipher, const QByteArray &passPhrase
hash.addData(iv);
key += hash.result().left(8);
break;
case QSsl::Cipher::Rc2Cbc:
case Cipher::Rc2Cbc:
key = hash.result();
break;
case QSsl::Cipher::Aes128Cbc:
case QSsl::Cipher::Aes192Cbc:
case QSsl::Cipher::Aes256Cbc:
case Cipher::Aes128Cbc:
case Cipher::Aes192Cbc:
case Cipher::Aes256Cbc:
return deriveAesKey(cipher, passPhrase, iv);
}
return key;
@ -688,17 +688,17 @@ void TlsKeyGeneric::decodePem(QSsl::KeyType type, QSsl::KeyAlgorithm algorithm,
QSslKeyPrivate::Cipher cipher;
if (dekInfo.first() == "DES-CBC") {
cipher = QSsl::Cipher::DesCbc;
cipher = Cipher::DesCbc;
} else if (dekInfo.first() == "DES-EDE3-CBC") {
cipher = QSsl::Cipher::DesEde3Cbc;
cipher = Cipher::DesEde3Cbc;
} else if (dekInfo.first() == "RC2-CBC") {
cipher = QSsl::Cipher::Rc2Cbc;
cipher = Cipher::Rc2Cbc;
} else if (dekInfo.first() == "AES-128-CBC") {
cipher = QSsl::Cipher::Aes128Cbc;
cipher = Cipher::Aes128Cbc;
} else if (dekInfo.first() == "AES-192-CBC") {
cipher = QSsl::Cipher::Aes192Cbc;
cipher = Cipher::Aes192Cbc;
} else if (dekInfo.first() == "AES-256-CBC") {
cipher = QSsl::Cipher::Aes256Cbc;
cipher = Cipher::Aes256Cbc;
} else {
clear(deepClear);
return;
@ -722,7 +722,7 @@ QByteArray TlsKeyGeneric::toPem(const QByteArray &passPhrase) const
quint64 random = QRandomGenerator::system()->generate64();
QByteArray iv = QByteArray::fromRawData(reinterpret_cast<const char *>(&random), sizeof(random));
auto cipher = QSsl::Cipher::DesEde3Cbc;
auto cipher = Cipher::DesEde3Cbc;
const QByteArray key = deriveKey(cipher, passPhrase, iv);
data = encrypt(cipher, derData, key, iv);
@ -879,6 +879,6 @@ QByteArray TlsKeyGeneric::decryptPkcs8(const QByteArray &encrypted, const QByteA
return decryptedKeyElement.value();
}
} // namespace QSsl
} // namespace QTlsPrivate
QT_END_NAMESPACE

4
src/network/ssl/qtlskey_generic_p.h
View File

@ -61,7 +61,7 @@
QT_BEGIN_NAMESPACE
namespace QSsl {
namespace QTlsPrivate {
// This class is what previously was known as qsslkey_qt:
// it implements most of functionality needed by QSslKey
@ -110,7 +110,7 @@ private:
int keyLength = -1;
};
} // namespace QSsl
} // namespace QTlsPrivate
QT_END_NAMESPACE

18
src/network/ssl/qtlskey_openssl.cpp
View File

@ -46,7 +46,7 @@
QT_BEGIN_NAMESPACE
namespace QSsl {
namespace QTlsPrivate {
void TlsKeyOpenSSL::decodeDer(QSsl::KeyType type, QSsl::KeyAlgorithm algorithm, const QByteArray &der,
const QByteArray &passPhrase, bool deepClear)
@ -401,28 +401,28 @@ QByteArray doCrypt(QSslKeyPrivate::Cipher cipher, const QByteArray &data,
int i = 0, len = 0;
switch (cipher) {
case QSsl::Cipher::DesCbc:
case Cipher::DesCbc:
#ifndef OPENSSL_NO_DES
type = q_EVP_des_cbc();
#endif
break;
case QSsl::Cipher::DesEde3Cbc:
case Cipher::DesEde3Cbc:
#ifndef OPENSSL_NO_DES
type = q_EVP_des_ede3_cbc();
#endif
break;
case QSsl::Cipher::Rc2Cbc:
case Cipher::Rc2Cbc:
#ifndef OPENSSL_NO_RC2
type = q_EVP_rc2_cbc();
#endif
break;
case QSsl::Cipher::Aes128Cbc:
case Cipher::Aes128Cbc:
type = q_EVP_aes_128_cbc();
break;
case QSsl::Cipher::Aes192Cbc:
case Cipher::Aes192Cbc:
type = q_EVP_aes_192_cbc();
break;
case QSsl::Cipher::Aes256Cbc:
case Cipher::Aes256Cbc:
type = q_EVP_aes_256_cbc();
break;
}
@ -437,7 +437,7 @@ QByteArray doCrypt(QSslKeyPrivate::Cipher cipher, const QByteArray &data,
q_EVP_CIPHER_CTX_reset(ctx);
q_EVP_CipherInit(ctx, type, nullptr, nullptr, enc);
q_EVP_CIPHER_CTX_set_key_length(ctx, key.size());
if (cipher == QSsl::Cipher::Rc2Cbc)
if (cipher == Cipher::Rc2Cbc)
q_EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_RC2_KEY_BITS, 8 * key.size(), nullptr);
q_EVP_CipherInit_ex(ctx, nullptr, nullptr,
@ -504,6 +504,6 @@ TlsKeyOpenSSL *TlsKeyOpenSSL::publicKeyFromX509(X509 *x)
return keyRaii.release();
}
} // namespace QSsl
} // namespace QTlsPrivate
QT_END_NAMESPACE

4
src/network/ssl/qtlskey_openssl_p.h
View File

@ -70,7 +70,7 @@ QT_BEGIN_NAMESPACE
QT_REQUIRE_CONFIG(ssl);
namespace QSsl {
namespace QTlsPrivate {
class TlsKeyOpenSSL final : public TlsKeyBase
{
@ -119,7 +119,7 @@ public:
bool fromEVP_PKEY(EVP_PKEY *pkey);
};
} // namespace QCrypto
} // namespace QTlsPrivate
QT_END_NAMESPACE

16
src/network/ssl/qtlskey_schannel.cpp
View File

@ -55,15 +55,15 @@ namespace {
const wchar_t *getName(QSslKeyPrivate::Cipher cipher)
{
switch (cipher) {
case QSsl::Cipher::DesCbc:
case QTlsPrivate::Cipher::DesCbc:
return BCRYPT_DES_ALGORITHM;
case QSsl::Cipher::DesEde3Cbc:
case QTlsPrivate::Cipher::DesEde3Cbc:
return BCRYPT_3DES_ALGORITHM;
case QSsl::Cipher::Rc2Cbc:
case QTlsPrivate::Cipher::Rc2Cbc:
return BCRYPT_RC2_ALGORITHM;
case QSsl::Cipher::Aes128Cbc:
case QSsl::Cipher::Aes192Cbc:
case QSsl::Cipher::Aes256Cbc:
case QTlsPrivate::Cipher::Aes128Cbc:
case QTlsPrivate::Cipher::Aes192Cbc:
case QTlsPrivate::Cipher::Aes256Cbc:
return BCRYPT_AES_ALGORITHM;
}
Q_UNREACHABLE();
@ -167,7 +167,7 @@ QByteArray doCrypt(QSslKeyPrivate::Cipher cipher, const QByteArray &data, const
}
} // anonymous namespace
namespace QSsl {
namespace QTlsPrivate {
QByteArray TlsKeySchannel::decrypt(Cipher cipher, const QByteArray &data, const QByteArray &key,
const QByteArray &iv) const
@ -181,7 +181,7 @@ QByteArray TlsKeySchannel::encrypt(Cipher cipher, const QByteArray &data, const
return doCrypt(cipher, data, key, iv, true);
}
} // namespace QSsl
} // namespace QTlsPrivate
QT_END_NAMESPACE

4
src/network/ssl/qtlskey_schannel_p.h
View File

@ -61,7 +61,7 @@ QT_REQUIRE_CONFIG(ssl);
QT_BEGIN_NAMESPACE
namespace QSsl {
namespace QTlsPrivate {
class TlsKeySchannel final : public TlsKeyGeneric
{
@ -74,7 +74,7 @@ public:
const QByteArray &iv) const override;
};
} // namespace QSsl
} // namespace QTlsPrivate
QT_END_NAMESPACE

4
src/network/ssl/qtlskey_st.cpp
View File

@ -49,7 +49,7 @@
QT_BEGIN_NAMESPACE
namespace QSsl {
namespace QTlsPrivate {
namespace {
// Before this code was located in qsslkey_mac.cpp.
@ -105,6 +105,6 @@ QByteArray TlsKeySecureTransport::encrypt(Cipher cipher, const QByteArray &data,
return wrapCCCrypt(kCCEncrypt, cipher, data, key, iv);
}
} // namespace QSsl.
} // namespace QTlsPrivate
QT_END_NAMESPACE

4
src/network/ssl/qtlskey_st_p.h
View File

@ -61,7 +61,7 @@ QT_REQUIRE_CONFIG(ssl);
QT_BEGIN_NAMESPACE
namespace QSsl {
namespace QTlsPrivate {
class TlsKeySecureTransport final : public TlsKeyGeneric
{
@ -76,7 +76,7 @@ public:
Q_DISABLE_COPY_MOVE(TlsKeySecureTransport)
};
} // namespace QSsl
} // namespace QTlsPrivate
QT_END_NAMESPACE

4
src/network/ssl/qx509_base.cpp
View File

@ -41,7 +41,7 @@
QT_BEGIN_NAMESPACE
namespace QSsl {
namespace QTlsPrivate {
QByteArray X509CertificateBase::subjectInfoToString(QSslCertificate::SubjectInfo info)
{
@ -173,6 +173,6 @@ bool X509CertificateBase::isExtensionSupported(qsizetype index) const
return extensions[index].supported;
}
} // namespace QSsl
} // namespace QTlsPrivate
QT_END_NAMESPACE

4
src/network/ssl/qx509_base_p.h
View File

@ -64,7 +64,7 @@
QT_BEGIN_NAMESPACE
namespace QSsl {
namespace QTlsPrivate {
class X509CertificateBase : public X509Certificate
{
@ -118,7 +118,7 @@ protected:
QList<X509CertificateExtension> extensions;
};
} // namespace QSsl
} // namespace QTlsPrivate
QT_END_NAMESPACE

5
src/network/ssl/qx509_generic.cpp
View File

@ -37,6 +37,7 @@
**
****************************************************************************/
#include "qsslcertificate_p.h"
#include "qx509_generic_p.h"
#include "qasn1element_p.h"
@ -50,7 +51,7 @@
QT_BEGIN_NAMESPACE
namespace QSsl {
namespace QTlsPrivate {
namespace {
@ -461,6 +462,6 @@ bool X509CertificateGeneric::parseExtension(const QByteArray &data, X509Certific
return true;
}
} // namespace QSsl
} // namespace QTlsPrivate
QT_END_NAMESPACE

4
src/network/ssl/qx509_generic_p.h
View File

@ -60,7 +60,7 @@
QT_BEGIN_NAMESPACE
namespace QSsl {
namespace QTlsPrivate {
// TLSTODO: This class is what previously was known as qsslcertificate_qt.
// A part of SecureTransport and Schannel plugin.
@ -94,7 +94,7 @@ protected:
bool parseExtension(const QByteArray &data, X509CertificateExtension &extension);
};
} // namespace QSsl
} // namespace QTlsPrivate
QT_END_NAMESPACE

5
src/network/ssl/qx509_openssl.cpp
View File

@ -38,6 +38,7 @@
****************************************************************************/
#include "qtlsbackend_openssl_p.h"
#include "qsslcertificate_p.h"
#include "qtlskey_openssl_p.h"
#include "qx509_openssl_p.h"
@ -56,7 +57,7 @@
QT_BEGIN_NAMESPACE
namespace QSsl {
namespace QTlsPrivate {
namespace {
@ -922,6 +923,6 @@ X509CertificateBase::X509CertificateExtension X509CertificateOpenSSL::convertExt
return result;
}
} // namespace QSsl
} // namespace QTlsPrivate
QT_END_NAMESPACE

4
src/network/ssl/qx509_openssl_p.h
View File

@ -69,7 +69,7 @@
QT_BEGIN_NAMESPACE
namespace QSsl {
namespace QTlsPrivate {
// TLSTODO: This class is essentially what qsslcertificate_openssl.cpp
// contains - OpenSSL-based version of QSslCertificatePrivate. Remove
@ -127,7 +127,7 @@ private:
extern "C" int qt_X509Callback(int ok, X509_STORE_CTX *ctx);
} // namespace QSsl.
} // namespace QTlsPrivate
QT_END_NAMESPACE

9
src/network/ssl/qx509_schannel.cpp
View File

@ -38,13 +38,14 @@
****************************************************************************/
#include "qtlskey_schannel_p.h"
#include "qsslcertificate_p.h"
#include "qx509_schannel_p.h"
#include <memory>
QT_BEGIN_NAMESPACE
namespace QSsl {
namespace QTlsPrivate {
X509CertificateSchannel::X509CertificateSchannel() = default;
@ -56,9 +57,9 @@ X509CertificateSchannel::~X509CertificateSchannel()
TlsKey *X509CertificateSchannel::publicKey() const
{
auto key = std::make_unique<TlsKeySchannel>(PublicKey);
auto key = std::make_unique<TlsKeySchannel>(QSsl::PublicKey);
if (publicKeyAlgorithm != QSsl::Opaque)
key->decodeDer(PublicKey, publicKeyAlgorithm, publicKeyDerData, {}, false);
key->decodeDer(QSsl::PublicKey, publicKeyAlgorithm, publicKeyDerData, {}, false);
return key.release();
}
@ -80,7 +81,7 @@ QSslCertificate X509CertificateSchannel::QSslCertificate_from_CERT_CONTEXT(const
return certificate;
}
} // namespace QSsl.
} // namespace QTlsPrivate
QT_END_NAMESPACE

4
src/network/ssl/qx509_schannel_p.h
View File

@ -62,7 +62,7 @@
QT_BEGIN_NAMESPACE
namespace QSsl {
namespace QTlsPrivate {
class X509CertificateSchannel final : public X509CertificateGeneric
{
@ -80,7 +80,7 @@ private:
Q_DISABLE_COPY_MOVE(X509CertificateSchannel);
};
} // namespace QSsl.
} // namespace QTlsPrivate
QT_END_NAMESPACE

8
src/network/ssl/qx509_st.cpp
View File

@ -44,18 +44,18 @@
QT_BEGIN_NAMESPACE
namespace QSsl {
namespace QTlsPrivate {
TlsKey *X509CertificateSecureTransport::publicKey() const
{
auto key = std::make_unique<TlsKeySecureTransport>(PublicKey);
auto key = std::make_unique<TlsKeySecureTransport>(QSsl::PublicKey);
if (publicKeyAlgorithm != QSsl::Opaque)
key->decodeDer(PublicKey, publicKeyAlgorithm, publicKeyDerData, {}, false);
key->decodeDer(QSsl::PublicKey, publicKeyAlgorithm, publicKeyDerData, {}, false);
return key.release();
}
} // namespace QSsl.
} // namespace QTlsPrivate
QT_END_NAMESPACE

4
src/network/ssl/qx509_st_p.h
View File

@ -59,7 +59,7 @@
QT_BEGIN_NAMESPACE
namespace QSsl {
namespace QTlsPrivate {
class X509CertificateSecureTransport final : public X509CertificateGeneric
{
@ -67,7 +67,7 @@ public:
TlsKey *publicKey() const override;
};
} // namespace QSsl.
} // namespace QTlsPrivate
QT_END_NAMESPACE

50
tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp
View File

@ -614,7 +614,9 @@ Q_DECLARE_METATYPE(QSslKeyPrivate::Cipher)
void tst_QSslKey::encrypt_data()
{
QTest::addColumn<QSsl::Cipher>("cipher");
using QTlsPrivate::Cipher;
QTest::addColumn<Cipher>("cipher");
QTest::addColumn<QByteArray>("key");
QTest::addColumn<QByteArray>("plainText");
QTest::addColumn<QByteArray>("cipherText");
@ -622,91 +624,91 @@ void tst_QSslKey::encrypt_data()
QByteArray iv("abcdefgh");
QTest::newRow("DES-CBC, length 0")
<< QSsl::Cipher::DesCbc << QByteArray("01234567")
<< Cipher::DesCbc << QByteArray("01234567")
<< QByteArray()
<< QByteArray::fromHex("956585228BAF9B1F")
<< iv;
QTest::newRow("DES-CBC, length 1")
<< QSsl::Cipher::DesCbc << QByteArray("01234567")
<< Cipher::DesCbc << QByteArray("01234567")
<< QByteArray(1, 'a')
<< QByteArray::fromHex("E6880AF202BA3C12")
<< iv;
QTest::newRow("DES-CBC, length 2")
<< QSsl::Cipher::DesCbc << QByteArray("01234567")
<< Cipher::DesCbc << QByteArray("01234567")
<< QByteArray(2, 'a')
<< QByteArray::fromHex("A82492386EED6026")
<< iv;
QTest::newRow("DES-CBC, length 3")
<< QSsl::Cipher::DesCbc << QByteArray("01234567")
<< Cipher::DesCbc << QByteArray("01234567")
<< QByteArray(3, 'a')
<< QByteArray::fromHex("90B76D5B79519CBA")
<< iv;
QTest::newRow("DES-CBC, length 4")
<< QSsl::Cipher::DesCbc << QByteArray("01234567")
<< Cipher::DesCbc << QByteArray("01234567")
<< QByteArray(4, 'a')
<< QByteArray::fromHex("63E3DD6FED87052A")
<< iv;
QTest::newRow("DES-CBC, length 5")
<< QSsl::Cipher::DesCbc << QByteArray("01234567")
<< Cipher::DesCbc << QByteArray("01234567")
<< QByteArray(5, 'a')
<< QByteArray::fromHex("03ACDB0EACBDFA94")
<< iv;
QTest::newRow("DES-CBC, length 6")
<< QSsl::Cipher::DesCbc << QByteArray("01234567")
<< Cipher::DesCbc << QByteArray("01234567")
<< QByteArray(6, 'a')
<< QByteArray::fromHex("7D95024E42A3A88A")
<< iv;
QTest::newRow("DES-CBC, length 7")
<< QSsl::Cipher::DesCbc << QByteArray("01234567")
<< Cipher::DesCbc << QByteArray("01234567")
<< QByteArray(7, 'a')
<< QByteArray::fromHex("5003436B8A8E42E9")
<< iv;
QTest::newRow("DES-CBC, length 8")
<< QSsl::Cipher::DesCbc << QByteArray("01234567")
<< Cipher::DesCbc << QByteArray("01234567")
<< QByteArray(8, 'a')
<< QByteArray::fromHex("E4C1F054BF5521C0A4A0FD4A2BC6C1B1")
<< iv;
QTest::newRow("DES-EDE3-CBC, length 0")
<< QSsl::Cipher::DesEde3Cbc << QByteArray("0123456789abcdefghijklmn")
<< Cipher::DesEde3Cbc << QByteArray("0123456789abcdefghijklmn")
<< QByteArray()
<< QByteArray::fromHex("3B2B4CD0B0FD495F")
<< iv;
QTest::newRow("DES-EDE3-CBC, length 8")
<< QSsl::Cipher::DesEde3Cbc << QByteArray("0123456789abcdefghijklmn")
<< Cipher::DesEde3Cbc << QByteArray("0123456789abcdefghijklmn")
<< QByteArray(8, 'a')
<< QByteArray::fromHex("F2A5A87763C54A72A3224103D90CDB03")
<< iv;
QTest::newRow("RC2-40-CBC, length 0")
<< QSsl::Cipher::Rc2Cbc << QByteArray("01234")
<< Cipher::Rc2Cbc << QByteArray("01234")
<< QByteArray()
<< QByteArray::fromHex("6D05D52392FF6E7A")
<< iv;
QTest::newRow("RC2-40-CBC, length 8")
<< QSsl::Cipher::Rc2Cbc << QByteArray("01234")
<< Cipher::Rc2Cbc << QByteArray("01234")
<< QByteArray(8, 'a')
<< QByteArray::fromHex("75768E64C5749072A5D168F3AFEB0005")
<< iv;
QTest::newRow("RC2-64-CBC, length 0")
<< QSsl::Cipher::Rc2Cbc << QByteArray("01234567")
<< Cipher::Rc2Cbc << QByteArray("01234567")
<< QByteArray()
<< QByteArray::fromHex("ADAE6BF70F420130")
<< iv;
QTest::newRow("RC2-64-CBC, length 8")
<< QSsl::Cipher::Rc2Cbc << QByteArray("01234567")
<< Cipher::Rc2Cbc << QByteArray("01234567")
<< QByteArray(8, 'a')
<< QByteArray::fromHex("C7BF5C80AFBE9FBEFBBB9FD935F6D0DF")
<< iv;
QTest::newRow("RC2-128-CBC, length 0")
<< QSsl::Cipher::Rc2Cbc << QByteArray("012345679abcdefg")
<< Cipher::Rc2Cbc << QByteArray("012345679abcdefg")
<< QByteArray()
<< QByteArray::fromHex("1E965D483A13C8FB")
<< iv;
QTest::newRow("RC2-128-CBC, length 8")
<< QSsl::Cipher::Rc2Cbc << QByteArray("012345679abcdefg")
<< Cipher::Rc2Cbc << QByteArray("012345679abcdefg")
<< QByteArray(8, 'a')
<< QByteArray::fromHex("5AEC1A5B295660B02613454232F7DECE")
<< iv;
@ -715,34 +717,34 @@ void tst_QSslKey::encrypt_data()
// AES needs a longer IV
iv = QByteArray("abcdefghijklmnop");
QTest::newRow("AES-128-CBC, length 0")
<< QSsl::Cipher::Aes128Cbc << QByteArray("012345679abcdefg")
<< Cipher::Aes128Cbc << QByteArray("012345679abcdefg")
<< QByteArray()
<< QByteArray::fromHex("28DE1A9AA26601C30DD2527407121D1A")
<< iv;
QTest::newRow("AES-128-CBC, length 8")
<< QSsl::Cipher::Aes128Cbc << QByteArray("012345679abcdefg")
<< Cipher::Aes128Cbc << QByteArray("012345679abcdefg")
<< QByteArray(8, 'a')
<< QByteArray::fromHex("08E880B1BA916F061C1E801D7F44D0EC")
<< iv;
QTest::newRow("AES-192-CBC, length 0")
<< QSsl::Cipher::Aes192Cbc << QByteArray("0123456789abcdefghijklmn")
<< Cipher::Aes192Cbc << QByteArray("0123456789abcdefghijklmn")
<< QByteArray()
<< QByteArray::fromHex("E169E0E205CDC2BA895B7CF6097673B1")
<< iv;
QTest::newRow("AES-192-CBC, length 8")
<< QSsl::Cipher::Aes192Cbc << QByteArray("0123456789abcdefghijklmn")
<< Cipher::Aes192Cbc << QByteArray("0123456789abcdefghijklmn")
<< QByteArray(8, 'a')
<< QByteArray::fromHex("3A227D6A3A13237316D30AA17FF9B0A7")
<< iv;
QTest::newRow("AES-256-CBC, length 0")
<< QSsl::Cipher::Aes256Cbc << QByteArray("0123456789abcdefghijklmnopqrstuv")
<< Cipher::Aes256Cbc << QByteArray("0123456789abcdefghijklmnopqrstuv")
<< QByteArray()
<< QByteArray::fromHex("4BAACAA0D22199C97DE206C465B7B14A")
<< iv;
QTest::newRow("AES-256-CBC, length 8")
<< QSsl::Cipher::Aes256Cbc << QByteArray("0123456789abcdefghijklmnopqrstuv")
<< Cipher::Aes256Cbc << QByteArray("0123456789abcdefghijklmnopqrstuv")
<< QByteArray(8, 'a')
<< QByteArray::fromHex("879C8C25EC135CDF0B14490A0A7C2F67")
<< iv;