AusweisApp2
TlsChecker.h
gehe zur Dokumentation dieser Datei
1 
7 #pragma once
8 
9 #include "LogHandler.h"
10 
11 #include <QCryptographicHash>
12 #include <QNetworkReply>
13 #include <QSet>
14 #include <QSslCertificate>
15 #include <QSslCipher>
16 #include <QSslConfiguration>
17 #include <QSslKey>
18 
19 namespace governikus
20 {
21 
23 {
24  private:
25  [[nodiscard]] static bool isValidKeyLength(int pKeyLength, QSsl::KeyAlgorithm pKeyAlgorithm, bool pIsEphemeral);
26 
27  TlsChecker() = delete;
28  ~TlsChecker() = delete;
29 
30  public:
31  static void logSslConfig(const QSslConfiguration& pCfg, const MessageLogger& pLogger);
32  [[nodiscard]] static QString toString(QSsl::SslProtocol pProtocol);
33  [[nodiscard]] static QString toString(QSsl::KeyAlgorithm pKeyAlgorithm);
34 
35  [[nodiscard]] static QStringList getFatalErrors(const QList<QSslError>& pErrors);
36  [[nodiscard]] static bool containsFatalError(const QSharedPointer<QNetworkReply>& pReply, const QList<QSslError>& pErrors);
37 
41  [[nodiscard]] static bool checkCertificate(const QSslCertificate& pCertificate,
42  QCryptographicHash::Algorithm pAlgorithm,
43  const QSet<QString>& pAcceptedCertificateHashes);
44 
48  [[nodiscard]] static bool hasValidCertificateKeyLength(const QSslCertificate& pCertificate);
49 
53  [[nodiscard]] static bool hasValidEphemeralKeyLength(const QSslKey& pEphemeralServerKey);
54 
58  [[nodiscard]] static QString getCertificateIssuerName(const QSslCertificate& pCertificate);
59 };
60 
61 } // namespace governikus
Definition: LogHandler.h:33
Definition: TlsChecker.h:23
static QString getCertificateIssuerName(const QSslCertificate &pCertificate)
This method is only needed until QSslCertificate provides its own method issuerDisplayName in Qt 5....
Definition: TlsChecker.cpp:66
static QStringList getFatalErrors(const QList< QSslError > &pErrors)
Definition: TlsChecker.cpp:197
static bool containsFatalError(const QSharedPointer< QNetworkReply > &pReply, const QList< QSslError > &pErrors)
Definition: TlsChecker.cpp:240
static void logSslConfig(const QSslConfiguration &pCfg, const MessageLogger &pLogger)
Definition: TlsChecker.cpp:260
static bool checkCertificate(const QSslCertificate &pCertificate, QCryptographicHash::Algorithm pAlgorithm, const QSet< QString > &pAcceptedCertificateHashes)
Checks, whether the certificate's hash is contained in a set of accepted certificate hashes.
Definition: TlsChecker.cpp:20
static QString toString(QSsl::SslProtocol pProtocol)
Definition: TlsChecker.cpp:102
static bool hasValidCertificateKeyLength(const QSslCertificate &pCertificate)
Checks, whether the key length of the SSL certificate is of sufficient length.
Definition: TlsChecker.cpp:36
static bool hasValidEphemeralKeyLength(const QSslKey &pEphemeralServerKey)
Checks, whether the length of the ephemeral key is of sufficient length.
Definition: TlsChecker.cpp:51
A simple template renderer.
Definition: ActivationContext.h:15