AusweisApp
Lade ...
Suche ...
Keine Treffer
TlsChecker.h
gehe zur Dokumentation dieser Datei
1
4
5#pragma once
6
7#include "FailureCode.h"
8#include "LogHandler.h"
9
10#include <QCryptographicHash>
11#include <QNetworkReply>
12#include <QSet>
13#include <QSslCertificate>
14#include <QSslCipher>
15#include <QSslConfiguration>
16#include <QSslKey>
17
18namespace governikus
19{
20
21class TlsChecker
22{
23 private:
24 static const std::function<int(QSsl::KeyAlgorithm)> cDefaultFuncMinKeySize;
25
26 [[nodiscard]] static bool isValidKeyLength(int pKeyLength, QSsl::KeyAlgorithm pKeyAlgorithm, int pMinKeySize);
27
28 TlsChecker() = delete;
29 ~TlsChecker() = delete;
30
31 public:
32 static void logSslConfig(const QSslConfiguration& pCfg, const MessageLogger& pLogger);
33
34#if (QT_VERSION < QT_VERSION_CHECK(6, 7, 0))
35 [[nodiscard]] static QString toString(QSsl::SslProtocol pProtocol);
36 [[nodiscard]] static QString toString(QSsl::KeyAlgorithm pKeyAlgorithm);
37#endif
38
39 [[nodiscard]] static QStringList getFatalErrors(const QList<QSslError>& pErrors);
40 [[nodiscard]] static bool containsFatalError(const QSharedPointer<QNetworkReply>& pReply, const QList<QSslError>& pErrors);
41 [[nodiscard]] static QString sslErrorsToString(const QList<QSslError>& pErrors);
42
46 [[nodiscard]] static bool checkCertificate(const QSslCertificate& pCertificate,
47 QCryptographicHash::Algorithm pAlgorithm,
48 const QSet<QString>& pAcceptedCertificateHashes);
49
53 [[nodiscard]] static bool hasValidCertificateKeyLength(const QSslCertificate& pCertificate,
54 const std::function<int(QSsl::KeyAlgorithm)>& pFuncMinKeySize = cDefaultFuncMinKeySize);
55
59 [[nodiscard]] static bool hasValidEphemeralKeyLength(const QSslKey& pEphemeralServerKey,
60 const std::function<int(QSsl::KeyAlgorithm)>& pFuncMinKeySize = cDefaultFuncMinKeySize);
61 [[nodiscard]] static FailureCode::FailureInfoMap getEphemeralKeyInfoMap(const QSslKey& pEphemeralServerKey);
62
63 [[nodiscard]] static QSslCertificate getRootCertificate(const QList<QSslCertificate>& pCertificates);
64};
65
66} // namespace governikus
QMap< Info, QString > FailureInfoMap
Definition FailureCode.h:183
Definition LogHandler.h:34
static QSslCertificate getRootCertificate(const QList< QSslCertificate > &pCertificates)
Definition TlsChecker.cpp:92
static QStringList getFatalErrors(const QList< QSslError > &pErrors)
Definition TlsChecker.cpp:218
static bool containsFatalError(const QSharedPointer< QNetworkReply > &pReply, const QList< QSslError > &pErrors)
Definition TlsChecker.cpp:261
static void logSslConfig(const QSslConfiguration &pCfg, const MessageLogger &pLogger)
Definition TlsChecker.cpp:292
static QString sslErrorsToString(const QList< QSslError > &pErrors)
Definition TlsChecker.cpp:281
static FailureCode::FailureInfoMap getEphemeralKeyInfoMap(const QSslKey &pEphemeralServerKey)
Definition TlsChecker.cpp:79
static bool checkCertificate(const QSslCertificate &pCertificate, QCryptographicHash::Algorithm pAlgorithm, const QSet< QString > &pAcceptedCertificateHashes)
Checks, whether the certificate's hash is contained in a set of accepted certificate hashes.
Definition TlsChecker.cpp:25
static bool hasValidCertificateKeyLength(const QSslCertificate &pCertificate, const std::function< int(QSsl::KeyAlgorithm)> &pFuncMinKeySize=cDefaultFuncMinKeySize)
Checks, whether the key length of the SSL certificate is of sufficient length.
Definition TlsChecker.cpp:41
static bool hasValidEphemeralKeyLength(const QSslKey &pEphemeralServerKey, const std::function< int(QSsl::KeyAlgorithm)> &pFuncMinKeySize=cDefaultFuncMinKeySize)
Checks, whether the length of the ephemeral key is of sufficient length.
Definition TlsChecker.cpp:60
Defines the AccessRight and AccessRole enum.
Definition CommandApdu.h:17
char * toString(const CommandApdu &pCommandApdu)