diff options
Diffstat (limited to 'src/network/ssl')
-rw-r--r-- | src/network/ssl/qssl.cpp | 10 | ||||
-rw-r--r-- | src/network/ssl/qsslcertificate.cpp | 3 | ||||
-rw-r--r-- | src/network/ssl/qsslcertificate_p.h | 11 | ||||
-rw-r--r-- | src/network/ssl/qsslcertificate_qt.cpp | 2 | ||||
-rw-r--r-- | src/network/ssl/qsslcertificate_winrt.cpp | 113 | ||||
-rw-r--r-- | src/network/ssl/qsslkey_qt.cpp | 5 | ||||
-rw-r--r-- | src/network/ssl/qsslkey_winrt.cpp | 169 | ||||
-rw-r--r-- | src/network/ssl/qsslsocket.cpp | 3 | ||||
-rw-r--r-- | src/network/ssl/qsslsocket.h | 2 | ||||
-rw-r--r-- | src/network/ssl/qsslsocket_p.h | 4 | ||||
-rw-r--r-- | src/network/ssl/qsslsocket_winrt.cpp | 682 | ||||
-rw-r--r-- | src/network/ssl/qsslsocket_winrt_p.h | 110 | ||||
-rw-r--r-- | src/network/ssl/ssl.pri | 10 |
13 files changed, 8 insertions, 1116 deletions
diff --git a/src/network/ssl/qssl.cpp b/src/network/ssl/qssl.cpp index 87b9a1b038..4482e8862b 100644 --- a/src/network/ssl/qssl.cpp +++ b/src/network/ssl/qssl.cpp @@ -111,11 +111,11 @@ Q_LOGGING_CATEGORY(lcSsl, "qt.network.ssl"); Describes the protocol of the cipher. \value TlsV1_0 TLSv1.0 - \value TlsV1_0OrLater TLSv1.0 and later versions. This option is not available when using the WinRT backend due to platform limitations. - \value TlsV1_1 TLSv1.1. When using the WinRT backend this option will also enable TLSv1.0. - \value TlsV1_1OrLater TLSv1.1 and later versions. This option is not available when using the WinRT backend due to platform limitations. - \value TlsV1_2 TLSv1.2. When using the WinRT backend this option will also enable TLSv1.0 and TLSv1.1. - \value TlsV1_2OrLater TLSv1.2 and later versions. This option is not available when using the WinRT backend due to platform limitations. + \value TlsV1_0OrLater TLSv1.0 and later versions. + \value TlsV1_1 TLSv1.1. + \value TlsV1_1OrLater TLSv1.1 and later versions. + \value TlsV1_2 TLSv1.2. + \value TlsV1_2OrLater TLSv1.2 and later versions. \value DtlsV1_0 DTLSv1.0 \value DtlsV1_0OrLater DTLSv1.0 and later versions. \value DtlsV1_2 DTLSv1.2 diff --git a/src/network/ssl/qsslcertificate.cpp b/src/network/ssl/qsslcertificate.cpp index 7539c26ecb..6daf5c362e 100644 --- a/src/network/ssl/qsslcertificate.cpp +++ b/src/network/ssl/qsslcertificate.cpp @@ -115,9 +115,6 @@ #ifndef QT_NO_OPENSSL #include "qsslsocket_openssl_symbols_p.h" #endif -#ifdef Q_OS_WINRT -#include "qsslsocket_winrt_p.h" -#endif #ifdef QT_SECURETRANSPORT #include "qsslsocket_mac_p.h" #endif diff --git a/src/network/ssl/qsslcertificate_p.h b/src/network/ssl/qsslcertificate_p.h index 234cd45ceb..4588aa7d6f 100644 --- a/src/network/ssl/qsslcertificate_p.h +++ b/src/network/ssl/qsslcertificate_p.h @@ -70,11 +70,6 @@ struct X509_EXTENSION; struct ASN1_OBJECT; #endif -#ifdef Q_OS_WINRT -#include <wrl.h> -#include <windows.security.cryptography.certificates.h> -#endif - #if QT_CONFIG(schannel) #include <wincrypt.h> #endif @@ -146,12 +141,6 @@ public: QAtomicInt ref; -#ifdef Q_OS_WINRT - Microsoft::WRL::ComPtr<ABI::Windows::Security::Cryptography::Certificates::ICertificate> certificate; - - static QSslCertificate QSslCertificate_from_Certificate(ABI::Windows::Security::Cryptography::Certificates::ICertificate *iCertificate); -#endif - #if QT_CONFIG(schannel) const CERT_CONTEXT *certificateContext = nullptr; diff --git a/src/network/ssl/qsslcertificate_qt.cpp b/src/network/ssl/qsslcertificate_qt.cpp index 7cf96a4a88..d75e620ff7 100644 --- a/src/network/ssl/qsslcertificate_qt.cpp +++ b/src/network/ssl/qsslcertificate_qt.cpp @@ -141,7 +141,7 @@ QDateTime QSslCertificate::expiryDate() const return d->notValidAfter; } -#if !defined(Q_OS_WINRT) && !QT_CONFIG(schannel) // implemented in qsslcertificate_{winrt,schannel}.cpp +#if !QT_CONFIG(schannel) // implemented in qsslcertificate_schannel.cpp Qt::HANDLE QSslCertificate::handle() const { Q_UNIMPLEMENTED(); diff --git a/src/network/ssl/qsslcertificate_winrt.cpp b/src/network/ssl/qsslcertificate_winrt.cpp deleted file mode 100644 index e601307c17..0000000000 --- a/src/network/ssl/qsslcertificate_winrt.cpp +++ /dev/null @@ -1,113 +0,0 @@ -/**************************************************************************** -** -** Copyright (C) 2016 The Qt Company Ltd. -** Contact: https://www.qt.io/licensing/ -** -** This file is part of the QtNetwork module of the Qt Toolkit. -** -** $QT_BEGIN_LICENSE:LGPL$ -** Commercial License Usage -** Licensees holding valid commercial Qt licenses may use this file in -** accordance with the commercial license agreement provided with the -** Software or, alternatively, in accordance with the terms contained in -** a written agreement between you and The Qt Company. For licensing terms -** and conditions see https://www.qt.io/terms-conditions. For further -** information use the contact form at https://www.qt.io/contact-us. -** -** GNU Lesser General Public License Usage -** Alternatively, this file may be used under the terms of the GNU Lesser -** General Public License version 3 as published by the Free Software -** Foundation and appearing in the file LICENSE.LGPL3 included in the -** packaging of this file. Please review the following information to -** ensure the GNU Lesser General Public License version 3 requirements -** will be met: https://www.gnu.org/licenses/lgpl-3.0.html. -** -** GNU General Public License Usage -** Alternatively, this file may be used under the terms of the GNU -** General Public License version 2.0 or (at your option) the GNU General -** Public license version 3 or any later version approved by the KDE Free -** Qt Foundation. The licenses are as published by the Free Software -** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3 -** included in the packaging of this file. Please review the following -** information to ensure the GNU General Public License requirements will -** be met: https://www.gnu.org/licenses/gpl-2.0.html and -** https://www.gnu.org/licenses/gpl-3.0.html. -** -** $QT_END_LICENSE$ -** -****************************************************************************/ - -#include "qsslcertificate_p.h" - -#include <QtCore/qfunctions_winrt.h> - -#include <wrl.h> -#include <windows.storage.streams.h> -#include <windows.security.cryptography.h> -#include <robuffer.h> - -using namespace Microsoft::WRL; -using namespace Microsoft::WRL::Wrappers; -using namespace ABI::Windows::Foundation; -using namespace ABI::Windows::Security::Cryptography; -using namespace ABI::Windows::Security::Cryptography::Certificates; -using namespace ABI::Windows::Storage::Streams; - -QT_USE_NAMESPACE - -struct SslCertificateGlobal -{ - SslCertificateGlobal() { - HRESULT hr; - hr = GetActivationFactory(HString::MakeReference(RuntimeClass_Windows_Security_Cryptography_Certificates_Certificate).Get(), - &certificateFactory); - Q_ASSERT_SUCCEEDED(hr); - hr = GetActivationFactory(HString::MakeReference(RuntimeClass_Windows_Security_Cryptography_CryptographicBuffer).Get(), - &bufferFactory); - Q_ASSERT_SUCCEEDED(hr); - } - - ComPtr<ICertificateFactory> certificateFactory; - ComPtr<ICryptographicBufferStatics> bufferFactory; -}; -Q_GLOBAL_STATIC(SslCertificateGlobal, g) - -QSslCertificate QSslCertificatePrivate::QSslCertificate_from_Certificate(ICertificate *iCertificate) -{ - Q_ASSERT(iCertificate); - ComPtr<IBuffer> buffer; - HRESULT hr = iCertificate->GetCertificateBlob(&buffer); - RETURN_IF_FAILED("Could not obtain certification blob", return QSslCertificate()); - ComPtr<Windows::Storage::Streams::IBufferByteAccess> byteAccess; - hr = buffer.As(&byteAccess); - RETURN_IF_FAILED("Could not obtain byte access to buffer", return QSslCertificate()); - char *data; - hr = byteAccess->Buffer(reinterpret_cast<byte **>(&data)); - RETURN_IF_FAILED("Could not obtain buffer data", return QSslCertificate()); - UINT32 size; - hr = buffer->get_Length(&size); - RETURN_IF_FAILED("Could not obtain buffer length ", return QSslCertificate()); - QByteArray der(data, size); - - QSslCertificate certificate; - certificate.d->null = false; - certificate.d->certificate = iCertificate; - - return certificatesFromDer(der, 1).at(0); -} - -Qt::HANDLE QSslCertificate::handle() const -{ - if (!d->certificate) { - HRESULT hr; - ComPtr<IBuffer> buffer; - hr = g->bufferFactory->CreateFromByteArray(d->derData.length(), (BYTE *)d->derData.data(), &buffer); - RETURN_IF_FAILED("Failed to create the certificate data buffer", return nullptr); - - hr = g->certificateFactory->CreateCertificate(buffer.Get(), &d->certificate); - RETURN_IF_FAILED("Failed to create the certificate handle from the data buffer", - return nullptr); - } - - return d->certificate.Get(); -} diff --git a/src/network/ssl/qsslkey_qt.cpp b/src/network/ssl/qsslkey_qt.cpp index 43969c3d28..f3bd75dfa6 100644 --- a/src/network/ssl/qsslkey_qt.cpp +++ b/src/network/ssl/qsslkey_qt.cpp @@ -715,11 +715,6 @@ static EncryptionData readPbes1(const QVector<QAsn1Element> &element, const QByt key.truncate(8); // first 8 bytes are used for the key QSslKeyPrivate::Cipher cipher = oidCipherMap[encryptionScheme]; -#ifdef Q_OS_WINRT - // @todo: document this instead? find some other solution? - if (cipher == QSslKeyPrivate::Cipher::Rc2Cbc) - qWarning("PBES1 with RC2_CBC doesn't work properly on WinRT."); -#endif // Steps 4-6 are done after returning return {cipher, key, iv}; } diff --git a/src/network/ssl/qsslkey_winrt.cpp b/src/network/ssl/qsslkey_winrt.cpp deleted file mode 100644 index 69eaaa387f..0000000000 --- a/src/network/ssl/qsslkey_winrt.cpp +++ /dev/null @@ -1,169 +0,0 @@ -/**************************************************************************** -** -** Copyright (C) 2016 The Qt Company Ltd. -** Contact: https://www.qt.io/licensing/ -** -** This file is part of the QtNetwork module of the Qt Toolkit. -** -** $QT_BEGIN_LICENSE:LGPL$ -** Commercial License Usage -** Licensees holding valid commercial Qt licenses may use this file in -** accordance with the commercial license agreement provided with the -** Software or, alternatively, in accordance with the terms contained in -** a written agreement between you and The Qt Company. For licensing terms -** and conditions see https://www.qt.io/terms-conditions. For further -** information use the contact form at https://www.qt.io/contact-us. -** -** GNU Lesser General Public License Usage -** Alternatively, this file may be used under the terms of the GNU Lesser -** General Public License version 3 as published by the Free Software -** Foundation and appearing in the file LICENSE.LGPL3 included in the -** packaging of this file. Please review the following information to -** ensure the GNU Lesser General Public License version 3 requirements -** will be met: https://www.gnu.org/licenses/lgpl-3.0.html. -** -** GNU General Public License Usage -** Alternatively, this file may be used under the terms of the GNU -** General Public License version 2.0 or (at your option) the GNU General -** Public license version 3 or any later version approved by the KDE Free -** Qt Foundation. The licenses are as published by the Free Software -** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3 -** included in the packaging of this file. Please review the following -** information to ensure the GNU General Public License requirements will -** be met: https://www.gnu.org/licenses/gpl-2.0.html and -** https://www.gnu.org/licenses/gpl-3.0.html. -** -** $QT_END_LICENSE$ -** -****************************************************************************/ - -#include "qssl_p.h" -#include "qsslkey.h" -#include "qsslkey_p.h" -#include "qsslcertificate_p.h" - -#include <QtCore/qfunctions_winrt.h> - -#include <wrl.h> -#include <windows.security.cryptography.h> -#include <windows.security.cryptography.core.h> -#include <windows.security.cryptography.certificates.h> -#include <windows.storage.streams.h> -#include <robuffer.h> - -using namespace Microsoft::WRL; -using namespace Microsoft::WRL::Wrappers; -using namespace ABI::Windows::Foundation; -using namespace ABI::Windows::Security::Cryptography; -using namespace ABI::Windows::Security::Cryptography::Certificates; -using namespace ABI::Windows::Security::Cryptography::Core; -using namespace ABI::Windows::Storage::Streams; - -QT_USE_NAMESPACE - -struct SslKeyGlobal -{ - SslKeyGlobal() - { - HRESULT hr; - hr = GetActivationFactory(HString::MakeReference(RuntimeClass_Windows_Security_Cryptography_Core_CryptographicEngine).Get(), - &engine); - Q_ASSERT_SUCCEEDED(hr); - - ComPtr<ISymmetricKeyAlgorithmProviderStatics> keyProviderFactory; - hr = GetActivationFactory(HString::MakeReference(RuntimeClass_Windows_Security_Cryptography_Core_SymmetricKeyAlgorithmProvider).Get(), - &keyProviderFactory); - Q_ASSERT_SUCCEEDED(hr); - hr = keyProviderFactory->OpenAlgorithm(HString::MakeReference(L"DES_CBC").Get(), - &keyProviders[QSslKeyPrivate::DesCbc]); - Q_ASSERT_SUCCEEDED(hr); - hr = keyProviderFactory->OpenAlgorithm(HString::MakeReference(L"3DES_CBC").Get(), - &keyProviders[QSslKeyPrivate::DesEde3Cbc]); - Q_ASSERT_SUCCEEDED(hr); - hr = keyProviderFactory->OpenAlgorithm(HString::MakeReference(L"RC2_CBC").Get(), - &keyProviders[QSslKeyPrivate::Rc2Cbc]); - Q_ASSERT_SUCCEEDED(hr); - hr = keyProviderFactory->OpenAlgorithm(HString::MakeReference(L"AES_CBC").Get(), - &keyProviders[QSslKeyPrivate::Aes128Cbc]); - Q_ASSERT_SUCCEEDED(hr); - hr = keyProviderFactory->OpenAlgorithm(HString::MakeReference(L"AES_CBC").Get(), - &keyProviders[QSslKeyPrivate::Aes192Cbc]); - Q_ASSERT_SUCCEEDED(hr); - hr = keyProviderFactory->OpenAlgorithm(HString::MakeReference(L"AES_CBC").Get(), - &keyProviders[QSslKeyPrivate::Aes256Cbc]); - Q_ASSERT_SUCCEEDED(hr); - - hr = GetActivationFactory(HString::MakeReference(RuntimeClass_Windows_Security_Cryptography_CryptographicBuffer).Get(), - &bufferFactory); - Q_ASSERT_SUCCEEDED(hr); - } - - ComPtr<ICryptographicEngineStatics> engine; - QHash<QSslKeyPrivate::Cipher, ComPtr<ISymmetricKeyAlgorithmProvider>> keyProviders; - ComPtr<ICryptographicBufferStatics> bufferFactory; -}; -Q_GLOBAL_STATIC(SslKeyGlobal, g) - -static QByteArray doCrypt(QSslKeyPrivate::Cipher cipher, QByteArray data, const QByteArray &key, const QByteArray &iv, bool encrypt) -{ - HRESULT hr; - - ISymmetricKeyAlgorithmProvider *keyProvider = g->keyProviders[cipher].Get(); - Q_ASSERT(keyProvider); - - ComPtr<IBuffer> keyBuffer; - hr = g->bufferFactory->CreateFromByteArray(key.length(), (BYTE *)key.data(), &keyBuffer); - Q_ASSERT_SUCCEEDED(hr); - ComPtr<ICryptographicKey> cryptographicKey; - hr = keyProvider->CreateSymmetricKey(keyBuffer.Get(), &cryptographicKey); - Q_ASSERT_SUCCEEDED(hr); - - UINT32 blockLength; - hr = keyProvider->get_BlockLength(&blockLength); - Q_ASSERT_SUCCEEDED(hr); - if (encrypt) { // Add padding - const char padding = blockLength - data.length() % blockLength; - data += QByteArray(padding, padding); - } - - ComPtr<IBuffer> dataBuffer; - hr = g->bufferFactory->CreateFromByteArray(data.length(), (BYTE *)data.data(), &dataBuffer); - Q_ASSERT_SUCCEEDED(hr); - ComPtr<IBuffer> ivBuffer; - hr = g->bufferFactory->CreateFromByteArray(iv.length(), (BYTE *)iv.data(), &ivBuffer); - Q_ASSERT_SUCCEEDED(hr); - ComPtr<IBuffer> resultBuffer; - hr = encrypt ? g->engine->Encrypt(cryptographicKey.Get(), dataBuffer.Get(), ivBuffer.Get(), &resultBuffer) - : g->engine->Decrypt(cryptographicKey.Get(), dataBuffer.Get(), ivBuffer.Get(), &resultBuffer); - Q_ASSERT_SUCCEEDED(hr); - - UINT32 resultLength; - hr = resultBuffer->get_Length(&resultLength); - Q_ASSERT_SUCCEEDED(hr); - ComPtr<Windows::Storage::Streams::IBufferByteAccess> bufferAccess; - hr = resultBuffer.As(&bufferAccess); - Q_ASSERT_SUCCEEDED(hr); - byte *resultData; - hr = bufferAccess->Buffer(&resultData); - Q_ASSERT_SUCCEEDED(hr); - - if (!encrypt) { // Remove padding - const uchar padding = resultData[resultLength - 1]; - if (padding > 0 && padding <= blockLength) - resultLength -= padding; - else - qCWarning(lcSsl, "Invalid padding length of %u; decryption likely failed.", padding); - } - - return QByteArray(reinterpret_cast<const char *>(resultData), resultLength); -} - -QByteArray QSslKeyPrivate::decrypt(Cipher cipher, const QByteArray &data, const QByteArray &key, const QByteArray &iv) -{ - return doCrypt(cipher, data, key, iv, false); -} - -QByteArray QSslKeyPrivate::encrypt(Cipher cipher, const QByteArray &data, const QByteArray &key, const QByteArray &iv) -{ - return doCrypt(cipher, data, key, iv, true); -} diff --git a/src/network/ssl/qsslsocket.cpp b/src/network/ssl/qsslsocket.cpp index 47dc7a9f71..64e556ac3c 100644 --- a/src/network/ssl/qsslsocket.cpp +++ b/src/network/ssl/qsslsocket.cpp @@ -456,9 +456,6 @@ #ifndef QT_NO_OPENSSL #include "qsslsocket_openssl_p.h" #endif -#ifdef Q_OS_WINRT -#include "qsslsocket_winrt_p.h" -#endif #ifdef QT_SECURETRANSPORT #include "qsslsocket_mac_p.h" #endif diff --git a/src/network/ssl/qsslsocket.h b/src/network/ssl/qsslsocket.h index d21e8900d8..e7e24ef246 100644 --- a/src/network/ssl/qsslsocket.h +++ b/src/network/ssl/qsslsocket.h @@ -279,7 +279,7 @@ private: Q_PRIVATE_SLOT(d_func(), void _q_flushWriteBuffer()) Q_PRIVATE_SLOT(d_func(), void _q_flushReadBuffer()) Q_PRIVATE_SLOT(d_func(), void _q_resumeImplementation()) -#if defined(Q_OS_WIN) && !defined(Q_OS_WINRT) && !QT_CONFIG(schannel) +#if defined(Q_OS_WIN) && !QT_CONFIG(schannel) Q_PRIVATE_SLOT(d_func(), void _q_caRootLoaded(QSslCertificate,QSslCertificate)) #endif friend class QSslSocketBackendPrivate; diff --git a/src/network/ssl/qsslsocket_p.h b/src/network/ssl/qsslsocket_p.h index 971650a71c..c5e604cf5e 100644 --- a/src/network/ssl/qsslsocket_p.h +++ b/src/network/ssl/qsslsocket_p.h @@ -75,9 +75,7 @@ class QSslContext; #elif defined(Q_OS_WIN) #include <QtCore/qt_windows.h> #include <memory> -#ifndef Q_OS_WINRT #include <wincrypt.h> -#endif // !Q_OS_WINRT #ifndef HCRYPTPROV_LEGACY #define HCRYPTPROV_LEGACY HCRYPTPROV #endif // !HCRYPTPROV_LEGACY @@ -184,7 +182,7 @@ public: void _q_flushWriteBuffer(); void _q_flushReadBuffer(); void _q_resumeImplementation(); -#if defined(Q_OS_WIN) && !defined(Q_OS_WINRT) && !QT_CONFIG(schannel) +#if defined(Q_OS_WIN) && !QT_CONFIG(schannel) virtual void _q_caRootLoaded(QSslCertificate,QSslCertificate) = 0; #endif diff --git a/src/network/ssl/qsslsocket_winrt.cpp b/src/network/ssl/qsslsocket_winrt.cpp deleted file mode 100644 index 5f5201fc82..0000000000 --- a/src/network/ssl/qsslsocket_winrt.cpp +++ /dev/null @@ -1,682 +0,0 @@ -/**************************************************************************** -** -** Copyright (C) 2016 The Qt Company Ltd. -** Contact: https://www.qt.io/licensing/ -** -** This file is part of the QtNetwork module of the Qt Toolkit. -** -** $QT_BEGIN_LICENSE:LGPL$ -** Commercial License Usage -** Licensees holding valid commercial Qt licenses may use this file in -** accordance with the commercial license agreement provided with the -** Software or, alternatively, in accordance with the terms contained in -** a written agreement between you and The Qt Company. For licensing terms -** and conditions see https://www.qt.io/terms-conditions. For further -** information use the contact form at https://www.qt.io/contact-us. -** -** GNU Lesser General Public License Usage -** Alternatively, this file may be used under the terms of the GNU Lesser -** General Public License version 3 as published by the Free Software -** Foundation and appearing in the file LICENSE.LGPL3 included in the -** packaging of this file. Please review the following information to -** ensure the GNU Lesser General Public License version 3 requirements -** will be met: https://www.gnu.org/licenses/lgpl-3.0.html. -** -** GNU General Public License Usage -** Alternatively, this file may be used under the terms of the GNU -** General Public License version 2.0 or (at your option) the GNU General -** Public license version 3 or any later version approved by the KDE Free -** Qt Foundation. The licenses are as published by the Free Software -** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3 -** included in the packaging of this file. Please review the following -** information to ensure the GNU General Public License requirements will -** be met: https://www.gnu.org/licenses/gpl-2.0.html and -** https://www.gnu.org/licenses/gpl-3.0.html. -** -** $QT_END_LICENSE$ -** -****************************************************************************/ - -#include "qssl_p.h" -#include "qsslsocket_winrt_p.h" -#include "qsslsocket.h" -#include "qsslcertificate_p.h" -#include "qsslcipher_p.h" - -#include <QtCore/QCoreApplication> -#include <QtCore/QSysInfo> -#include <QtCore/qfunctions_winrt.h> -#include <private/qnativesocketengine_winrt_p.h> -#include <private/qeventdispatcher_winrt_p.h> - -#include <windows.networking.h> -#include <windows.networking.sockets.h> -#include <windows.security.cryptography.certificates.h> -#include <robuffer.h> - -using namespace Microsoft::WRL; -using namespace Microsoft::WRL::Wrappers; -using namespace ABI::Windows::Foundation; -using namespace ABI::Windows::Foundation::Collections; -using namespace ABI::Windows::Networking; -using namespace ABI::Windows::Networking::Sockets; -using namespace ABI::Windows::Security::Cryptography::Certificates; -using namespace ABI::Windows::Storage::Streams; - -QT_BEGIN_NAMESPACE - -bool QSslSocketPrivate::s_libraryLoaded = true; -bool QSslSocketPrivate::s_loadRootCertsOnDemand = true; -bool QSslSocketPrivate::s_loadedCiphersAndCerts = false; - -struct SslSocketGlobal -{ - SslSocketGlobal() - { - HRESULT hr; - hr = GetActivationFactory(HString::MakeReference(RuntimeClass_Windows_Networking_HostName).Get(), - &hostNameFactory); - Q_ASSERT_SUCCEEDED(hr); - - ComPtr<ICertificateStoresStatics> certificateStores; - hr = GetActivationFactory(HString::MakeReference(RuntimeClass_Windows_Security_Cryptography_Certificates_CertificateStores).Get(), - &certificateStores); - Q_ASSERT_SUCCEEDED(hr); - - hr = certificateStores->get_TrustedRootCertificationAuthorities(&rootStore); - Q_ASSERT_SUCCEEDED(hr); - - ComPtr<IAsyncOperation<IVectorView<Certificate *> *>> op; - hr = certificateStores->FindAllAsync(&op); - Q_ASSERT_SUCCEEDED(hr); - ComPtr<IVectorView<Certificate *>> certificates; - hr = QWinRTFunctions::await(op, certificates.GetAddressOf()); - Q_ASSERT_SUCCEEDED(hr); - quint32 size; - hr = certificates->get_Size(&size); - Q_ASSERT_SUCCEEDED(hr); - for (quint32 i = 0; i < size; ++i) { - ComPtr<ICertificate> certificate; - hr = certificates->GetAt(i, &certificate); - Q_ASSERT_SUCCEEDED(hr); - systemCaCertificates.append(QSslCertificatePrivate::QSslCertificate_from_Certificate(certificate.Get())); - } - } - - void syncCaCertificates(const QSet<QSslCertificate> &add, const QSet<QSslCertificate> &remove) - { - QMutexLocker locker(&certificateMutex); - for (const QSslCertificate &certificate : add) { - QHash<QSslCertificate, QAtomicInt>::iterator it = additionalCertificates.find(certificate); - if (it != additionalCertificates.end()) { - it.value().ref(); // Add a reference - } else { - // install certificate - HRESULT hr; - hr = rootStore->Add(static_cast<ICertificate *>(certificate.handle())); - Q_ASSERT_SUCCEEDED(hr); - additionalCertificates.insert(certificate, 1); - } - } - for (const QSslCertificate &certificate : remove) { - QHash<QSslCertificate, QAtomicInt>::iterator it = additionalCertificates.find(certificate); - if (it != additionalCertificates.end() && !it.value().deref()) { - // no more references, remove certificate - HRESULT hr; - hr = rootStore->Delete(static_cast<ICertificate *>(certificate.handle())); - Q_ASSERT_SUCCEEDED(hr); - additionalCertificates.erase(it); - } - } - } - - ComPtr<IHostNameFactory> hostNameFactory; - QList<QSslCertificate> systemCaCertificates; - -private: - QMutex certificateMutex; - ComPtr<ICertificateStore> rootStore; - QHash<QSslCertificate, QAtomicInt> additionalCertificates; -}; -Q_GLOBAL_STATIC(SslSocketGlobal, g) - -// Called on the socket's thread to avoid cross-thread deletion -void QSslSocketConnectionHelper::disconnectSocketFromHost() -{ - if (d->plainSocket) - d->plainSocket->disconnectFromHost(); -} - -QSslSocketBackendPrivate::QSslSocketBackendPrivate() - : connectionHelper(new QSslSocketConnectionHelper(this)) -{ -} - -QSslSocketBackendPrivate::~QSslSocketBackendPrivate() -{ - g->syncCaCertificates(QSet<QSslCertificate>(), previousCaCertificates); -} - -bool QSslSocketPrivate::supportsSsl() -{ - return true; -} - -void QSslSocketPrivate::ensureInitialized() -{ - if (s_loadedCiphersAndCerts) - return; - s_loadedCiphersAndCerts = true; - resetDefaultCiphers(); -} - -long QSslSocketPrivate::sslLibraryVersionNumber() -{ - // ### Qt 6: Find a proper replacement for the deprecated method below. - return QSysInfo::windowsVersion(); -} - -QString QSslSocketPrivate::sslLibraryVersionString() -{ - return QStringLiteral("Windows Runtime, ") + QSysInfo::prettyProductName(); -} - -long QSslSocketPrivate::sslLibraryBuildVersionNumber() -{ - Q_UNIMPLEMENTED(); - return 0; -} - -QString QSslSocketPrivate::sslLibraryBuildVersionString() -{ - Q_UNIMPLEMENTED(); - return QString::number(sslLibraryBuildVersionNumber()); -} - -void QSslSocketPrivate::resetDefaultCiphers() -{ - setDefaultSupportedCiphers(QSslSocketBackendPrivate::defaultCiphers()); - setDefaultCiphers(QSslSocketBackendPrivate::defaultCiphers()); -} - - -QList<QSslCipher> QSslSocketBackendPrivate::defaultCiphers() -{ - QList<QSslCipher> ciphers; - const QString protocolStrings[] = { QStringLiteral("TLSv1"), - QStringLiteral("TLSv1.1"), QStringLiteral("TLSv1.2") }; - const QSsl::SslProtocol protocols[] = { QSsl::TlsV1_0, QSsl::TlsV1_1, QSsl::TlsV1_2 }; - const int size = static_cast<int>(ARRAYSIZE(protocols)); - ciphers.reserve(size); - for (int i = 0; i < size; ++i) { - QSslCipher cipher; - cipher.d->isNull = false; - cipher.d->name = QStringLiteral("WINRT"); - cipher.d->protocol = protocols[i]; - cipher.d->protocolString = protocolStrings[i]; - ciphers.append(cipher); - } - return ciphers; -} - -QList<QSslCertificate> QSslSocketPrivate::systemCaCertificates() -{ - return g->systemCaCertificates; -} - -void QSslSocketBackendPrivate::startClientEncryption() -{ - Q_Q(QSslSocket); - - QSsl::SslProtocol protocol = q->protocol(); - switch (q->protocol()) { - case QSsl::AnyProtocol: - protectionLevel = SocketProtectionLevel_Tls10; - break; - case QSsl::TlsV1_0: - protectionLevel = SocketProtectionLevel_Tls10; - break; - case QSsl::TlsV1_1: - protectionLevel = SocketProtectionLevel_Tls11; - break; - case QSsl::TlsV1_2: - protectionLevel = SocketProtectionLevel_Tls12; - break; - case QSsl::TlsV1_0OrLater: - case QSsl::TlsV1_1OrLater: - case QSsl::TlsV1_2OrLater: - case QSsl::TlsV1_3: - case QSsl::TlsV1_3OrLater: - // TlsV1_0OrLater, TlsV1_1OrLater and TlsV1_2OrLater are disabled on WinRT - // because there is no good way to map them to the native API. - setErrorAndEmit(QAbstractSocket::SslInvalidUserDataError, - QStringLiteral("unsupported protocol")); - return; - case QSsl::SecureProtocols: - // SocketProtectionLevel_Tls12 actually means "use TLS1.0, 1.1 or 1.2" - // https://docs.microsoft.com/en-us/uwp/api/windows.networking.sockets.socketprotectionlevel - protectionLevel = SocketProtectionLevel_Tls12; - break; - default: - protectionLevel = SocketProtectionLevel_Tls12; // default to highest - protocol = QSsl::TlsV1_2; - break; - } - - // Sync custom certificates - const QSet<QSslCertificate> caCertificates(configuration.caCertificates.constBegin(), configuration.caCertificates.constEnd()); - const QSet<QSslCertificate> newCertificates = caCertificates - previousCaCertificates; - const QSet<QSslCertificate> oldCertificates = previousCaCertificates - caCertificates; - g->syncCaCertificates(newCertificates, oldCertificates); - previousCaCertificates = caCertificates; - - continueHandshake(); -} - -void QSslSocketBackendPrivate::startServerEncryption() -{ - Q_UNIMPLEMENTED(); -} - -void QSslSocketBackendPrivate::transmit() -{ - Q_Q(QSslSocket); - - if (connectionEncrypted && !writeBuffer.isEmpty()) { - qint64 totalBytesWritten = 0; - int nextDataBlockSize; - while ((nextDataBlockSize = writeBuffer.nextDataBlockSize()) > 0) { - int writtenBytes = plainSocket->write(writeBuffer.readPointer(), nextDataBlockSize); - writtenBytes = nextDataBlockSize; - - writeBuffer.free(writtenBytes); - totalBytesWritten += writtenBytes; - - if (writtenBytes < nextDataBlockSize) - break; - } - - if (totalBytesWritten > 0) { - // Don't emit bytesWritten() recursively. - if (!emittedBytesWritten) { - emittedBytesWritten = true; - emit q->bytesWritten(totalBytesWritten); - emittedBytesWritten = false; - } - emit q->channelBytesWritten(0, totalBytesWritten); - } - } - - // Check if we've got any data to be read from the socket. - int pendingBytes; - bool bytesRead = false; - while ((pendingBytes = plainSocket->bytesAvailable()) > 0) { - char *ptr = buffer.reserve(pendingBytes); - int readBytes = plainSocket->read(ptr, pendingBytes); - buffer.chop(pendingBytes - readBytes); - bytesRead = true; - } - - if (bytesRead) { - if (readyReadEmittedPointer) - *readyReadEmittedPointer = true; - emit q->readyRead(); - emit q->channelReadyRead(0); - } - - if (pendingClose) { - pendingClose = false; - q->disconnectFromHost(); - } -} - -void QSslSocketBackendPrivate::disconnectFromHost() -{ - QMetaObject::invokeMethod(connectionHelper.data(), "disconnectSocketFromHost", Qt::QueuedConnection); -} - -void QSslSocketBackendPrivate::disconnected() -{ -} - -QSslCipher QSslSocketBackendPrivate::sessionCipher() const -{ - return configuration.sessionCipher; -} - -QSsl::SslProtocol QSslSocketBackendPrivate::sessionProtocol() const -{ - return configuration.sessionCipher.protocol(); -} - -void QSslSocketBackendPrivate::continueHandshake() -{ - IStreamSocket *socket = reinterpret_cast<IStreamSocket *>(plainSocket->socketDescriptor()); - if (qintptr(socket) == -1) { - setErrorAndEmit(QAbstractSocket::SslInternalError, - QStringLiteral("At attempt was made to continue the handshake on an invalid socket.")); - return; - } - - HRESULT hr; - ComPtr<IHostName> hostName; - const QString host = verificationPeerName.isEmpty() ? plainSocket->peerName() - : verificationPeerName; - if (host.isEmpty()) { - ComPtr<IStreamSocketInformation> info; - hr = socket->get_Information(&info); - Q_ASSERT_SUCCEEDED(hr); - hr = info->get_RemoteAddress(&hostName); - } else { - HStringReference hostRef(reinterpret_cast<LPCWSTR>(host.utf16()), host.length()); - hr = g->hostNameFactory->CreateHostName(hostRef.Get(), &hostName); - Q_ASSERT_SUCCEEDED(hr); - } - if (FAILED(hr)) { - setErrorAndEmit(QAbstractSocket::SslInvalidUserDataError, qt_error_string(hr)); - return; - } - - ComPtr<IStreamSocketControl> control; - hr = socket->get_Control(&control); - Q_ASSERT_SUCCEEDED(hr); - - ComPtr<IStreamSocketControl2> control2; - hr = control.As(&control2); - ComPtr<IVector<ChainValidationResult>> ignoreList; - hr = control2->get_IgnorableServerCertificateErrors(&ignoreList); - Q_ASSERT_SUCCEEDED(hr); - - QSet<QSslError> ignoreErrors(ignoreErrorsList.constBegin(), ignoreErrorsList.constEnd()); - for (int i = ChainValidationResult_Untrusted; i < ChainValidationResult_OtherErrors + 1; ++i) { - // Populate the native ignore list - break to add, continue to skip - switch (i) { - case ChainValidationResult_Revoked: - case ChainValidationResult_InvalidSignature: - case ChainValidationResult_BasicConstraintsError: - case ChainValidationResult_InvalidCertificateAuthorityPolicy: - case ChainValidationResult_UnknownCriticalExtension: - case ChainValidationResult_OtherErrors: - continue; // The above errors can't be ignored in the handshake - case ChainValidationResult_Untrusted: - if (ignoreAllSslErrors || ignoreErrors.contains(QSslError::CertificateUntrusted)) - break; - continue; - case ChainValidationResult_Expired: - if (ignoreAllSslErrors || ignoreErrors.contains(QSslError::CertificateExpired)) - break; - continue; - case ChainValidationResult_IncompleteChain: - if (ignoreAllSslErrors - || ignoreErrors.contains(QSslError::InvalidCaCertificate) - || ignoreErrors.contains(QSslError::UnableToVerifyFirstCertificate) - || ignoreErrors.contains(QSslError::UnableToGetIssuerCertificate)) { - break; - } - continue; - case ChainValidationResult_WrongUsage: - if (ignoreAllSslErrors || ignoreErrors.contains(QSslError::InvalidPurpose)) - break; - continue; - case ChainValidationResult_InvalidName: - if (ignoreAllSslErrors - || ignoreErrors.contains(QSslError::HostNameMismatch) - || ignoreErrors.contains(QSslError::SubjectIssuerMismatch)) { - break; - } - continue; - case ChainValidationResult_RevocationInformationMissing: - case ChainValidationResult_RevocationFailure: - default: - if (ignoreAllSslErrors) - break; - continue; - } - hr = ignoreList->Append(static_cast<ChainValidationResult>(i)); - Q_ASSERT_SUCCEEDED(hr); - } - - ComPtr<IAsyncAction> op; - hr = socket->UpgradeToSslAsync(protectionLevel, hostName.Get(), &op); - if (FAILED(hr)) { - setErrorAndEmit(QAbstractSocket::SslInternalError, - QSslSocket::tr("Error creating SSL session: %1").arg(qt_error_string(hr))); - return; - } - - hr = QEventDispatcherWinRT::runOnXamlThread([this, op]() { - HRESULT hr = op->put_Completed(Callback<IAsyncActionCompletedHandler>( - this, &QSslSocketBackendPrivate::onSslUpgrade).Get()); - return hr; - }); - Q_ASSERT_SUCCEEDED(hr); -} - -HRESULT QSslSocketBackendPrivate::onSslUpgrade(IAsyncAction *action, AsyncStatus) -{ - Q_Q(QSslSocket); - - if (wasDeleted) { - qCWarning(lcSsl, - "SSL upgrade callback received after the delegate was deleted. " - "This may be indicative of an internal bug in the WinRT SSL implementation."); - return S_OK; - } - - HRESULT hr = action->GetResults(); - QSet<QSslError> errors; - switch (hr) { - case SEC_E_INVALID_TOKEN: // Occurs when the server doesn't support the requested protocol - setErrorAndEmit(QAbstractSocket::SslHandshakeFailedError, qt_error_string(hr)); - q->disconnectFromHost(); - return S_OK; - default: - if (FAILED(hr)) - qErrnoWarning(hr, "error"); // Unhandled error; let sslErrors take care of it - break; - } - - IStreamSocket *socket = reinterpret_cast<IStreamSocket *>(plainSocket->socketDescriptor()); - if (qintptr(socket) == -1) { - qCWarning(lcSsl, - "The underlying TCP socket used by the SSL socket is invalid. " - "This may be indicative of an internal bug in the WinRT SSL implementation."); - return S_OK; - } - - ComPtr<IStreamSocketInformation> info; - hr = socket->get_Information(&info); - Q_ASSERT_SUCCEEDED(hr); - ComPtr<IStreamSocketInformation2> info2; - hr = info.As(&info2); - Q_ASSERT_SUCCEEDED(hr); - - // Cipher - QSsl::SslProtocol protocol; - SocketProtectionLevel protectionLevel; - hr = info->get_ProtectionLevel(&protectionLevel); - switch (protectionLevel) { - default: - protocol = QSsl::UnknownProtocol; - break; - case SocketProtectionLevel_Ssl: - protocol = QSsl::SslV3; - break; - case SocketProtectionLevel_Tls10: - protocol = QSsl::TlsV1_0; - break; - case SocketProtectionLevel_Tls11: - protocol = QSsl::TlsV1_1; - break; - case SocketProtectionLevel_Tls12: - protocol = QSsl::TlsV1_2; - break; - } - configuration.sessionCipher = QSslCipher(QStringLiteral("WINRT"), protocol); // The actual cipher name is not accessible - - // Certificate & chain - ComPtr<ICertificate> certificate; - hr = info2->get_ServerCertificate(&certificate); - Q_ASSERT_SUCCEEDED(hr); - - QList<QSslCertificate> peerCertificateChain; - if (certificate) { - ComPtr<IAsyncOperation<CertificateChain *>> op; - hr = certificate->BuildChainAsync(nullptr, &op); - Q_ASSERT_SUCCEEDED(hr); - ComPtr<ICertificateChain> certificateChain; - hr = QWinRTFunctions::await(op, certificateChain.GetAddressOf()); - Q_ASSERT_SUCCEEDED(hr); - - ComPtr<IVectorView<Certificate *>> certificates; - hr = certificateChain->GetCertificates(true, &certificates); - Q_ASSERT_SUCCEEDED(hr); - quint32 certificatesLength; - hr = certificates->get_Size(&certificatesLength); - Q_ASSERT_SUCCEEDED(hr); - for (quint32 i = 0; i < certificatesLength; ++i) { - ComPtr<ICertificate> chainCertificate; - hr = certificates->GetAt(i, &chainCertificate); - Q_ASSERT_SUCCEEDED(hr); - peerCertificateChain.append(QSslCertificatePrivate::QSslCertificate_from_Certificate(chainCertificate.Get())); - } - } - - configuration.peerCertificate = certificate ? QSslCertificatePrivate::QSslCertificate_from_Certificate(certificate.Get()) - : QSslCertificate(); - configuration.peerCertificateChain = peerCertificateChain; - - // Errors - ComPtr<IVectorView<ChainValidationResult>> chainValidationResults; - hr = info2->get_ServerCertificateErrors(&chainValidationResults); - Q_ASSERT_SUCCEEDED(hr); - quint32 size; - hr = chainValidationResults->get_Size(&size); - Q_ASSERT_SUCCEEDED(hr); - for (quint32 i = 0; i < size; ++i) { - ChainValidationResult result; - hr = chainValidationResults->GetAt(i, &result); - Q_ASSERT_SUCCEEDED(hr); - switch (result) { - case ChainValidationResult_Success: - break; - case ChainValidationResult_Untrusted: - errors.insert(QSslError::CertificateUntrusted); - break; - case ChainValidationResult_Revoked: - errors.insert(QSslError::CertificateRevoked); - break; - case ChainValidationResult_Expired: - errors.insert(QSslError::CertificateExpired); - break; - case ChainValidationResult_IncompleteChain: - errors.insert(QSslError::UnableToGetIssuerCertificate); - break; - case ChainValidationResult_InvalidSignature: - errors.insert(QSslError::CertificateSignatureFailed); - break; - case ChainValidationResult_WrongUsage: - errors.insert(QSslError::InvalidPurpose); - break; - case ChainValidationResult_InvalidName: - errors.insert(QSslError::HostNameMismatch); - break; - case ChainValidationResult_InvalidCertificateAuthorityPolicy: - errors.insert(QSslError::InvalidCaCertificate); - break; - default: - errors.insert(QSslError::UnspecifiedError); - break; - } - } - - sslErrors = QList<QSslError>(errors.constBegin(), errors.constEnd()); - - // Peer validation - if (!configuration.peerCertificate.isNull()) { - const QString peerName = verificationPeerName.isEmpty() ? q->peerName() : verificationPeerName; - if (!isMatchingHostname(configuration.peerCertificate, peerName)) { - // No matches in common names or alternate names. - const QSslError error(QSslError::HostNameMismatch, configuration.peerCertificate); - const int index = sslErrors.indexOf(QSslError::HostNameMismatch); - if (index >= 0) // Replace the existing error - sslErrors[index] = error; - else - sslErrors.append(error); - emit q->peerVerifyError(error); - } - - // Peer validation required, but no certificate is present - } else if (configuration.peerVerifyMode == QSslSocket::VerifyPeer - || configuration.peerVerifyMode == QSslSocket::AutoVerifyPeer) { - QSslError error(QSslError::NoPeerCertificate); - sslErrors.append(error); - emit q->peerVerifyError(error); - } - - // Peer chain validation - for (const QSslCertificate &certificate : qAsConst(peerCertificateChain)) { - if (!QSslCertificatePrivate::isBlacklisted(certificate)) - continue; - - QSslError error(QSslError::CertificateBlacklisted, certificate); - sslErrors.append(error); - emit q->peerVerifyError(error); - } - - if (!sslErrors.isEmpty()) { - emit q->sslErrors(sslErrors); - setErrorAndEmit(QAbstractSocket::SslHandshakeFailedError, sslErrors.constFirst().errorString()); - - // Disconnect if there are any non-ignorable errors - for (const QSslError &error : qAsConst(sslErrors)) { - if (ignoreErrorsList.contains(error)) - continue; - q->disconnectFromHost(); - return S_OK; - } - } - - if (readBufferMaxSize) - plainSocket->setReadBufferSize(readBufferMaxSize); - - connectionEncrypted = true; - emit q->encrypted(); - - // The write buffer may already have data written to it, so we need to call transmit. - // This has to be done in 'q's thread, and not in the current thread (the XAML thread). - QMetaObject::invokeMethod(q, [this](){ transmit(); }); - - if (pendingClose) { - pendingClose = false; - q->disconnectFromHost(); - } - - return S_OK; -} - -QList<QSslError> QSslSocketBackendPrivate::verify(const QList<QSslCertificate> &certificateChain, const QString &hostName) -{ - Q_UNIMPLEMENTED(); - Q_UNUSED(certificateChain) - Q_UNUSED(hostName) - QList<QSslError> errors; - - return errors; -} - -bool QSslSocketBackendPrivate::importPkcs12(QIODevice *device, - QSslKey *key, QSslCertificate *cert, - QList<QSslCertificate> *caCertificates, - const QByteArray &passPhrase) -{ - Q_UNIMPLEMENTED(); - Q_UNUSED(device) - Q_UNUSED(key) - Q_UNUSED(cert) - Q_UNUSED(caCertificates) - Q_UNUSED(passPhrase) - return false; -} - -QT_END_NAMESPACE diff --git a/src/network/ssl/qsslsocket_winrt_p.h b/src/network/ssl/qsslsocket_winrt_p.h deleted file mode 100644 index 030db6d4fa..0000000000 --- a/src/network/ssl/qsslsocket_winrt_p.h +++ /dev/null @@ -1,110 +0,0 @@ -/**************************************************************************** -** -** Copyright (C) 2016 The Qt Company Ltd. -** Contact: https://www.qt.io/licensing/ -** -** This file is part of the QtNetwork module of the Qt Toolkit. -** -** $QT_BEGIN_LICENSE:LGPL$ -** Commercial License Usage -** Licensees holding valid commercial Qt licenses may use this file in -** accordance with the commercial license agreement provided with the -** Software or, alternatively, in accordance with the terms contained in -** a written agreement between you and The Qt Company. For licensing terms -** and conditions see https://www.qt.io/terms-conditions. For further -** information use the contact form at https://www.qt.io/contact-us. -** -** GNU Lesser General Public License Usage -** Alternatively, this file may be used under the terms of the GNU Lesser -** General Public License version 3 as published by the Free Software -** Foundation and appearing in the file LICENSE.LGPL3 included in the -** packaging of this file. Please review the following information to -** ensure the GNU Lesser General Public License version 3 requirements -** will be met: https://www.gnu.org/licenses/lgpl-3.0.html. -** -** GNU General Public License Usage -** Alternatively, this file may be used under the terms of the GNU -** General Public License version 2.0 or (at your option) the GNU General -** Public license version 3 or any later version approved by the KDE Free -** Qt Foundation. The licenses are as published by the Free Software -** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3 -** included in the packaging of this file. Please review the following -** information to ensure the GNU General Public License requirements will -** be met: https://www.gnu.org/licenses/gpl-2.0.html and -** https://www.gnu.org/licenses/gpl-3.0.html. -** -** $QT_END_LICENSE$ -** -****************************************************************************/ - -#ifndef QSSLSOCKET_WINRT_P_H -#define QSSLSOCKET_WINRT_P_H - -// -// W A R N I N G -// ------------- -// -// This file is not part of the Qt API. It exists for the convenience -// of the QtNetwork library. This header file may change from -// version to version without notice, or even be removed. -// -// We mean it. -// - -#include <QtNetwork/private/qtnetworkglobal_p.h> -#include "qsslsocket_p.h" - -#include <wrl.h> -#include <windows.networking.sockets.h> - -QT_BEGIN_NAMESPACE - -class QSslSocketConnectionHelper : public QObject -{ - Q_OBJECT -public: - QSslSocketConnectionHelper(QSslSocketBackendPrivate *d) - : d(d) { } - - Q_INVOKABLE void disconnectSocketFromHost(); - -private: - QSslSocketBackendPrivate *d; -}; - -class QSslSocketBackendPrivate : public QSslSocketPrivate -{ - Q_DECLARE_PUBLIC(QSslSocket) -public: - QSslSocketBackendPrivate(); - ~QSslSocketBackendPrivate(); - - // Platform specific functions - void startClientEncryption() override; - void startServerEncryption() override; - void transmit() override; - void disconnectFromHost() override; - void disconnected() override; - QSslCipher sessionCipher() const override; - QSsl::SslProtocol sessionProtocol() const override; - void continueHandshake() override; - - static QList<QSslCipher> defaultCiphers(); - static QList<QSslError> verify(const QList<QSslCertificate> &certificateChain, const QString &hostName); - static bool importPkcs12(QIODevice *device, - QSslKey *key, QSslCertificate *cert, - QList<QSslCertificate> *caCertificates, - const QByteArray &passPhrase); - -private: - HRESULT onSslUpgrade(ABI::Windows::Foundation::IAsyncAction *, - ABI::Windows::Foundation::AsyncStatus); - - QScopedPointer<QSslSocketConnectionHelper> connectionHelper; - ABI::Windows::Networking::Sockets::SocketProtectionLevel protectionLevel; - QSet<QSslCertificate> previousCaCertificates; -}; - -QT_END_NAMESPACE - -#endif // QSSLSOCKET_WINRT_P_H diff --git a/src/network/ssl/ssl.pri b/src/network/ssl/ssl.pri index dfbf539303..1310435eb9 100644 --- a/src/network/ssl/ssl.pri +++ b/src/network/ssl/ssl.pri @@ -42,16 +42,6 @@ qtConfig(ssl) { ssl/qsslpresharedkeyauthenticator.cpp \ ssl/qocspresponse.cpp - winrt { - HEADERS += ssl/qsslsocket_winrt_p.h - SOURCES += ssl/qsslcertificate_winrt.cpp \ - ssl/qssldiffiehellmanparameters_dummy.cpp \ - ssl/qsslkey_qt.cpp \ - ssl/qsslkey_winrt.cpp \ - ssl/qsslsocket_winrt.cpp \ - ssl/qsslellipticcurve_dummy.cpp - } - qtConfig(schannel) { HEADERS += ssl/qsslsocket_schannel_p.h SOURCES += ssl/qsslsocket_schannel.cpp \ |