From 734ab493f7c05e06f4c8bc99884d8a99612c79c0 Mon Sep 17 00:00:00 2001 From: Timur Pocheptsov Date: Thu, 4 Mar 2021 10:52:44 +0100 Subject: Fix a BIC introduced by extending the namespace QSsl in _p.h files MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Renamed the private part of the namespace to QTlsPrivate. Fixes: QTBUG-91531 Change-Id: Id2d9c458d8d958b35e437eee42889177dad0a7a7 Reviewed-by: Mårten Nordheim (cherry picked from commit e4efa00c72c7011f4e5c27722c2a522b30274610) Reviewed-by: Qt Cherry-pick Bot --- src/network/ssl/qdtls_base_p.h | 2 +- src/network/ssl/qdtls_openssl.cpp | 8 +++--- src/network/ssl/qdtls_openssl_p.h | 6 ++--- src/network/ssl/qdtls_p.h | 4 +-- src/network/ssl/qssl_p.h | 4 +-- src/network/ssl/qsslcertificate.cpp | 10 -------- src/network/ssl/qsslcertificate.h | 7 ----- src/network/ssl/qsslcertificate_p.h | 2 +- src/network/ssl/qsslkey.h | 6 ----- src/network/ssl/qsslkey_p.cpp | 44 +++++++++++++------------------- src/network/ssl/qsslkey_p.h | 6 ++--- src/network/ssl/qsslsocket_openssl.cpp | 22 ++++++++-------- src/network/ssl/qsslsocket_qt.cpp | 2 +- src/network/ssl/qsslsocket_schannel.cpp | 20 +++++++-------- src/network/ssl/qtlsbackend.cpp | 26 +++++++++---------- src/network/ssl/qtlsbackend_cert.cpp | 12 ++++----- src/network/ssl/qtlsbackend_cert_p.h | 9 ++++--- src/network/ssl/qtlsbackend_openssl.cpp | 28 ++++++++++---------- src/network/ssl/qtlsbackend_openssl_p.h | 16 ++++++------ src/network/ssl/qtlsbackend_p.h | 35 ++++++++++++------------- src/network/ssl/qtlsbackend_schannel_p.h | 8 +++--- src/network/ssl/qtlsbackend_st.cpp | 16 ++++++------ src/network/ssl/qtlsbackend_st_p.h | 8 +++--- src/network/ssl/qtlskey_base.cpp | 4 +-- src/network/ssl/qtlskey_base_p.h | 14 +++++----- src/network/ssl/qtlskey_generic.cpp | 34 ++++++++++++------------ src/network/ssl/qtlskey_generic_p.h | 4 +-- src/network/ssl/qtlskey_openssl.cpp | 18 ++++++------- src/network/ssl/qtlskey_openssl_p.h | 4 +-- src/network/ssl/qtlskey_schannel.cpp | 16 ++++++------ src/network/ssl/qtlskey_schannel_p.h | 4 +-- src/network/ssl/qtlskey_st.cpp | 4 +-- src/network/ssl/qtlskey_st_p.h | 4 +-- src/network/ssl/qx509_base.cpp | 4 +-- src/network/ssl/qx509_base_p.h | 4 +-- src/network/ssl/qx509_generic.cpp | 5 ++-- src/network/ssl/qx509_generic_p.h | 4 +-- src/network/ssl/qx509_openssl.cpp | 5 ++-- src/network/ssl/qx509_openssl_p.h | 4 +-- src/network/ssl/qx509_schannel.cpp | 9 ++++--- src/network/ssl/qx509_schannel_p.h | 4 +-- src/network/ssl/qx509_st.cpp | 8 +++--- src/network/ssl/qx509_st_p.h | 4 +-- 43 files changed, 215 insertions(+), 243 deletions(-) (limited to 'src/network/ssl') diff --git a/src/network/ssl/qdtls_base_p.h b/src/network/ssl/qdtls_base_p.h index 260719b5f0..bbca4ab57d 100644 --- a/src/network/ssl/qdtls_base_p.h +++ b/src/network/ssl/qdtls_base_p.h @@ -73,7 +73,7 @@ QT_BEGIN_NAMESPACE // This class exists to re-implement the shared error/cookie handling // for both QDtls and QDtlsClientVerifier classes. Use it if/when // you need it. Backend neutral. -class QDtlsBasePrivate : virtual public QSsl::DtlsBase +class QDtlsBasePrivate : virtual public QTlsPrivate::DtlsBase { public: QDtlsBasePrivate(QSslSocket::SslMode m, const QByteArray &s) : mode(m), secret(s) {} diff --git a/src/network/ssl/qdtls_openssl.cpp b/src/network/ssl/qdtls_openssl.cpp index f1c7898a14..a60a6cb53c 100644 --- a/src/network/ssl/qdtls_openssl.cpp +++ b/src/network/ssl/qdtls_openssl.cpp @@ -259,7 +259,7 @@ extern "C" int q_X509DtlsCallback(int ok, X509_STORE_CTX *ctx) } auto dtls = static_cast(generic); - dtls->x509Errors.append(QSsl::X509CertificateOpenSSL::errorEntryFromStoreContext(ctx)); + dtls->x509Errors.append(QTlsPrivate::X509CertificateOpenSSL::errorEntryFromStoreContext(ctx)); } // Always return 1 (OK) to allow verification to continue. We handle the @@ -1372,7 +1372,7 @@ bool QDtlsPrivateOpenSSL::verifyPeer() } // Translate errors from the error list into QSslErrors - using CertClass = QSsl::X509CertificateOpenSSL; + using CertClass = QTlsPrivate::X509CertificateOpenSSL; errors.reserve(errors.size() + opensslErrors.size()); for (const auto &error : qAsConst(opensslErrors)) { const auto value = dtlsConfiguration.peerCertificateChain.value(error.depth); @@ -1391,11 +1391,11 @@ void QDtlsPrivateOpenSSL::storePeerCertificates() // peer certificate and the chain may be empty if the peer didn't present // any certificate. X509 *x509 = q_SSL_get_peer_certificate(dtls.tlsConnection.data()); - dtlsConfiguration.peerCertificate = QSsl::X509CertificateOpenSSL::certificateFromX509(x509); + dtlsConfiguration.peerCertificate = QTlsPrivate::X509CertificateOpenSSL::certificateFromX509(x509); q_X509_free(x509); if (dtlsConfiguration.peerCertificateChain.isEmpty()) { auto stack = q_SSL_get_peer_cert_chain(dtls.tlsConnection.data()); - dtlsConfiguration.peerCertificateChain = QSsl::X509CertificateOpenSSL::stackOfX509ToQSslCertificates(stack); + dtlsConfiguration.peerCertificateChain = QTlsPrivate::X509CertificateOpenSSL::stackOfX509ToQSslCertificates(stack); if (!dtlsConfiguration.peerCertificate.isNull() && mode == QSslSocket::SslServerMode) dtlsConfiguration.peerCertificateChain.prepend(dtlsConfiguration.peerCertificate); } diff --git a/src/network/ssl/qdtls_openssl_p.h b/src/network/ssl/qdtls_openssl_p.h index 1e31ef50ac..4f10a49b93 100644 --- a/src/network/ssl/qdtls_openssl_p.h +++ b/src/network/ssl/qdtls_openssl_p.h @@ -133,7 +133,7 @@ private: } // namespace dtlsopenssl -class QDtlsClientVerifierOpenSSL : public QSsl::DtlsCookieVerifier, public QDtlsBasePrivate +class QDtlsClientVerifierOpenSSL : public QTlsPrivate::DtlsCookieVerifier, public QDtlsBasePrivate { public: QDtlsClientVerifierOpenSSL(); @@ -147,7 +147,7 @@ private: QByteArray verifiedClientHello; }; -class QDtlsPrivateOpenSSL : public QSsl::DtlsCryptograph, public QDtlsBasePrivate +class QDtlsPrivateOpenSSL : public QTlsPrivate::DtlsCryptograph, public QDtlsBasePrivate { public: @@ -236,8 +236,6 @@ private: QByteArray identityHint; }; - - QT_END_NAMESPACE #endif // QDTLS_OPENSSL_P_H diff --git a/src/network/ssl/qdtls_p.h b/src/network/ssl/qdtls_p.h index 70b411b6d5..669c6d2426 100644 --- a/src/network/ssl/qdtls_p.h +++ b/src/network/ssl/qdtls_p.h @@ -67,7 +67,7 @@ class QDtlsClientVerifierPrivate : public QObjectPrivate public: QDtlsClientVerifierPrivate(); ~QDtlsClientVerifierPrivate(); - std::unique_ptr backend; + std::unique_ptr backend; }; class QDtlsPrivate : public QObjectPrivate @@ -75,7 +75,7 @@ class QDtlsPrivate : public QObjectPrivate public: QDtlsPrivate(); ~QDtlsPrivate(); - std::unique_ptr backend; + std::unique_ptr backend; }; QT_END_NAMESPACE diff --git a/src/network/ssl/qssl_p.h b/src/network/ssl/qssl_p.h index fa292837cb..1510695647 100644 --- a/src/network/ssl/qssl_p.h +++ b/src/network/ssl/qssl_p.h @@ -60,7 +60,7 @@ QT_BEGIN_NAMESPACE Q_DECLARE_LOGGING_CATEGORY(lcSsl) -namespace QSsl { +namespace QTlsPrivate { enum class Cipher { DesCbc, @@ -71,7 +71,7 @@ enum class Cipher { Aes256Cbc }; -} // namespace QSsl +} // namespace QTlsPrivate QT_END_NAMESPACE diff --git a/src/network/ssl/qsslcertificate.cpp b/src/network/ssl/qsslcertificate.cpp index 530a9b61ca..53514523dc 100644 --- a/src/network/ssl/qsslcertificate.cpp +++ b/src/network/ssl/qsslcertificate.cpp @@ -987,16 +987,6 @@ QString QSslCertificate::subjectDisplayName() const return QString(); } -/*! - \internal - - Returns X509 backend this QSslCertificate is using. -*/ -QSsl::X509Certificate *QSslCertificate::backendImplementation() const -{ - return d->backend.get(); -} - /*! \fn size_t qHash(const QSslCertificate &key, size_t seed) diff --git a/src/network/ssl/qsslcertificate.h b/src/network/ssl/qsslcertificate.h index ea9c99adda..371bf6264a 100644 --- a/src/network/ssl/qsslcertificate.h +++ b/src/network/ssl/qsslcertificate.h @@ -66,12 +66,6 @@ class QSslCertificate; // qHash is a friend, but we can't use default arguments for friends (§8.3.6.4) Q_NETWORK_EXPORT size_t qHash(const QSslCertificate &key, size_t seed = 0) noexcept; -namespace QSsl { - -class X509Certificate; - -} // namespace QSsl. - class QSslCertificatePrivate; class Q_NETWORK_EXPORT QSslCertificate { @@ -158,7 +152,6 @@ public: Qt::HANDLE handle() const; private: - QSsl::X509Certificate *backendImplementation() const; QExplicitlySharedDataPointer d; friend class QSslCertificatePrivate; friend class QSslSocketBackendPrivate; diff --git a/src/network/ssl/qsslcertificate_p.h b/src/network/ssl/qsslcertificate_p.h index 33db88d8fa..e7f5efe4ed 100644 --- a/src/network/ssl/qsslcertificate_p.h +++ b/src/network/ssl/qsslcertificate_p.h @@ -77,7 +77,7 @@ public: friend class QSslSocketBackendPrivate; QAtomicInt ref; - std::unique_ptr backend; + std::unique_ptr backend; }; QT_END_NAMESPACE diff --git a/src/network/ssl/qsslkey.h b/src/network/ssl/qsslkey.h index 94ce2246c9..a6e930bad0 100644 --- a/src/network/ssl/qsslkey.h +++ b/src/network/ssl/qsslkey.h @@ -52,10 +52,6 @@ QT_BEGIN_NAMESPACE #ifndef QT_NO_SSL -namespace QSsl { -class TlsKey; -} - class QIODevice; class QSslKeyPrivate; @@ -97,8 +93,6 @@ public: inline bool operator!=(const QSslKey &key) const { return !operator==(key); } private: - QSsl::TlsKey *backendImplementation() const; - QExplicitlySharedDataPointer d; friend class QSslCertificate; friend class QSslSocketBackendPrivate; diff --git a/src/network/ssl/qsslkey_p.cpp b/src/network/ssl/qsslkey_p.cpp index e0f8651982..010f45fca9 100644 --- a/src/network/ssl/qsslkey_p.cpp +++ b/src/network/ssl/qsslkey_p.cpp @@ -98,9 +98,9 @@ QSslKeyPrivate::QSslKeyPrivate() const auto *tlsBackend = QSslSocketPrivate::tlsBackendInUse(); if (!tlsBackend) return; - keyBackend.reset(tlsBackend->createKey()); - if (keyBackend.get()) - keyBackend->clear(false /*not deep clear*/); + backend.reset(tlsBackend->createKey()); + if (backend.get()) + backend->clear(false /*not deep clear*/); else qCWarning(lcSsl, "Active TLS backend does not support key creation"); } @@ -110,14 +110,14 @@ QSslKeyPrivate::QSslKeyPrivate() */ QSslKeyPrivate::~QSslKeyPrivate() { - if (keyBackend.get()) - keyBackend->clear(true /*deep clear*/); + if (backend.get()) + backend->clear(true /*deep clear*/); } QByteArray QSslKeyPrivate::decrypt(Cipher cipher, const QByteArray &data, const QByteArray &key, const QByteArray &iv) { if (const auto *tlsBackend = QSslSocketPrivate::tlsBackendInUse()) { - const std::unique_ptr cryptor(tlsBackend->createKey()); + const std::unique_ptr cryptor(tlsBackend->createKey()); return cryptor->decrypt(cipher, data, key, iv); } @@ -127,7 +127,7 @@ QByteArray QSslKeyPrivate::decrypt(Cipher cipher, const QByteArray &data, const QByteArray QSslKeyPrivate::encrypt(Cipher cipher, const QByteArray &data, const QByteArray &key, const QByteArray &iv) { if (const auto *tlsBackend = QSslSocketPrivate::tlsBackendInUse()) { - const std::unique_ptr cryptor(tlsBackend->createKey()); + const std::unique_ptr cryptor(tlsBackend->createKey()); return cryptor->encrypt(cipher, data, key, iv); } @@ -158,7 +158,7 @@ QSslKey::QSslKey(const QByteArray &encoded, QSsl::KeyAlgorithm algorithm, QSsl::EncodingFormat encoding, QSsl::KeyType type, const QByteArray &passPhrase) : d(new QSslKeyPrivate) { - if (auto *tlsKey = d->keyBackend.get()) { + if (auto *tlsKey = d->backend.get()) { if (encoding == QSsl::Der) tlsKey->decodeDer(type, algorithm, encoded, passPhrase, true /*deep clear*/); else @@ -184,7 +184,7 @@ QSslKey::QSslKey(QIODevice *device, QSsl::KeyAlgorithm algorithm, QSsl::Encoding if (device) encoded = device->readAll(); - if (auto *tlsKey = d->keyBackend.get()) { + if (auto *tlsKey = d->backend.get()) { if (encoding == QSsl::Der) tlsKey->decodeDer(type, algorithm, encoded, passPhrase, true /*deep clear*/); else @@ -203,7 +203,7 @@ QSslKey::QSslKey(QIODevice *device, QSsl::KeyAlgorithm algorithm, QSsl::Encoding QSslKey::QSslKey(Qt::HANDLE handle, QSsl::KeyType type) : d(new QSslKeyPrivate) { - if (auto *tlsKey = d->keyBackend.get()) + if (auto *tlsKey = d->backend.get()) tlsKey->fromHandle(handle, type); } @@ -266,7 +266,7 @@ QSslKey &QSslKey::operator=(const QSslKey &other) */ bool QSslKey::isNull() const { - if (const auto *tlsKey = d->keyBackend.get()) + if (const auto *tlsKey = d->backend.get()) return tlsKey->isNull(); return true; @@ -287,7 +287,7 @@ void QSslKey::clear() */ int QSslKey::length() const { - if (const auto *tlsKey = d->keyBackend.get()) + if (const auto *tlsKey = d->backend.get()) return tlsKey->length(); return -1; @@ -298,7 +298,7 @@ int QSslKey::length() const */ QSsl::KeyType QSslKey::type() const { - if (const auto *tlsKey = d->keyBackend.get()) + if (const auto *tlsKey = d->backend.get()) return tlsKey->type(); return QSsl::PublicKey; @@ -309,7 +309,7 @@ QSsl::KeyType QSslKey::type() const */ QSsl::KeyAlgorithm QSslKey::algorithm() const { - if (const auto *tlsKey = d->keyBackend.get()) + if (const auto *tlsKey = d->backend.get()) return tlsKey->algorithm(); return QSsl::Opaque; @@ -331,7 +331,7 @@ QByteArray QSslKey::toDer(const QByteArray &passPhrase) const return {}; QMap headers; - if (const auto *tlsKey = d->keyBackend.get()) + if (const auto *tlsKey = d->backend.get()) return tlsKey->derFromPem(toPem(passPhrase), &headers); return {}; @@ -344,7 +344,7 @@ QByteArray QSslKey::toDer(const QByteArray &passPhrase) const */ QByteArray QSslKey::toPem(const QByteArray &passPhrase) const { - if (const auto *tlsKey = d->keyBackend.get()) + if (const auto *tlsKey = d->backend.get()) return tlsKey->toPem(passPhrase); return {}; @@ -363,8 +363,8 @@ QByteArray QSslKey::toPem(const QByteArray &passPhrase) const */ Qt::HANDLE QSslKey::handle() const { - if (d->keyBackend.get()) - return d->keyBackend->handle(); + if (d->backend.get()) + return d->backend->handle(); return nullptr; } @@ -389,14 +389,6 @@ bool QSslKey::operator==(const QSslKey &other) const return toDer() == other.toDer(); } -/*! - \since 6.1 - Returns TLS backend-specific implementation this QSslKey is using. -*/ -QSsl::TlsKey *QSslKey::backendImplementation() const -{ - return d->keyBackend.get(); -} /*! \fn bool QSslKey::operator!=(const QSslKey &other) const Returns \c true if this key is not equal to key \a other; otherwise diff --git a/src/network/ssl/qsslkey_p.h b/src/network/ssl/qsslkey_p.h index 8afb50b421..f5895561b4 100644 --- a/src/network/ssl/qsslkey_p.h +++ b/src/network/ssl/qsslkey_p.h @@ -61,7 +61,7 @@ QT_BEGIN_NAMESPACE -namespace QSsl { +namespace QTlsPrivate { class TlsKey; } @@ -71,12 +71,12 @@ public: QSslKeyPrivate(); ~QSslKeyPrivate(); - using Cipher = QSsl::Cipher; + using Cipher = QTlsPrivate::Cipher; Q_AUTOTEST_EXPORT static QByteArray decrypt(Cipher cipher, const QByteArray &data, const QByteArray &key, const QByteArray &iv); Q_AUTOTEST_EXPORT static QByteArray encrypt(Cipher cipher, const QByteArray &data, const QByteArray &key, const QByteArray &iv); - std::unique_ptr keyBackend; + std::unique_ptr backend; QAtomicInt ref; private: diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp index b9a8160e99..160d8cc1d9 100644 --- a/src/network/ssl/qsslsocket_openssl.cpp +++ b/src/network/ssl/qsslsocket_openssl.cpp @@ -605,7 +605,7 @@ int q_X509Callback(int ok, X509_STORE_CTX *ctx) return 0; } - errors->append(QSsl::X509CertificateOpenSSL::errorEntryFromStoreContext(ctx)); + errors->append(QTlsPrivate::X509CertificateOpenSSL::errorEntryFromStoreContext(ctx)); } // Always return OK to allow verification to continue. We handle the // errors gracefully after collecting all errors, after verification has @@ -1366,7 +1366,7 @@ bool QSslSocketBackendPrivate::startHandshake() if (!errorsReportedFromCallback) { for (const auto ¤tError : qAsConst(lastErrors)) { - emit q->peerVerifyError(QSsl::X509CertificateOpenSSL::openSSLErrorToQSslError(currentError.code, + emit q->peerVerifyError(QTlsPrivate::X509CertificateOpenSSL::openSSLErrorToQSslError(currentError.code, configuration.peerCertificateChain.value(currentError.depth))); if (q->state() != QAbstractSocket::ConnectedState) break; @@ -1482,7 +1482,7 @@ bool QSslSocketBackendPrivate::startHandshake() // Translate errors from the error list into QSslErrors. errors.reserve(errors.size() + errorList.size()); for (const auto &error : qAsConst(errorList)) - errors << QSsl::X509CertificateOpenSSL::openSSLErrorToQSslError(error.code, configuration.peerCertificateChain.value(error.depth)); + errors << QTlsPrivate::X509CertificateOpenSSL::openSSLErrorToQSslError(error.code, configuration.peerCertificateChain.value(error.depth)); if (!errors.isEmpty()) { sslErrors = errors; @@ -1533,10 +1533,10 @@ void QSslSocketBackendPrivate::storePeerCertificates() // peer certificate and the chain may be empty if the peer didn't present // any certificate. X509 *x509 = q_SSL_get_peer_certificate(ssl); - configuration.peerCertificate = QSsl::X509CertificateOpenSSL::certificateFromX509(x509); + configuration.peerCertificate = QTlsPrivate::X509CertificateOpenSSL::certificateFromX509(x509); q_X509_free(x509); if (configuration.peerCertificateChain.isEmpty()) { - configuration.peerCertificateChain = QSsl::X509CertificateOpenSSL::stackOfX509ToQSslCertificates(q_SSL_get_peer_cert_chain(ssl)); + configuration.peerCertificateChain = QTlsPrivate::X509CertificateOpenSSL::stackOfX509ToQSslCertificates(q_SSL_get_peer_cert_chain(ssl)); if (!configuration.peerCertificate.isNull() && mode == QSslSocket::SslServerMode) configuration.peerCertificateChain.prepend(configuration.peerCertificate); } @@ -1876,7 +1876,7 @@ bool QSslSocketBackendPrivate::checkOcspStatus() matchFound = qt_OCSP_certificate_match(singleResponse, peerX509, issuer); if (matchFound) { if (q_X509_check_issued(issuer, peerX509) == X509_V_OK) { - dResponse->signerCert = QSsl::X509CertificateOpenSSL::certificateFromX509(issuer); + dResponse->signerCert = QTlsPrivate::X509CertificateOpenSSL::certificateFromX509(issuer); break; } matchFound = false; @@ -1978,9 +1978,9 @@ int QSslSocketBackendPrivate::emitErrorFromCallback(X509_STORE_CTX *ctx) return 0; } - const QSslCertificate certificate = QSsl::X509CertificateOpenSSL::certificateFromX509(x509); - const auto errorAndDepth = QSsl::X509CertificateOpenSSL::errorEntryFromStoreContext(ctx); - const QSslError tlsError = QSsl::X509CertificateOpenSSL::openSSLErrorToQSslError(errorAndDepth.code, certificate); + const QSslCertificate certificate = QTlsPrivate::X509CertificateOpenSSL::certificateFromX509(x509); + const auto errorAndDepth = QTlsPrivate::X509CertificateOpenSSL::errorEntryFromStoreContext(ctx); + const QSslError tlsError = QTlsPrivate::X509CertificateOpenSSL::openSSLErrorToQSslError(errorAndDepth.code, certificate); errorsReportedFromCallback = true; handshakeInterrupted = true; @@ -2257,14 +2257,14 @@ void QSslSocketPrivate::ensureCiphersAndCertsLoaded() QList QSslSocketBackendPrivate::verify(const QList &certificateChain, const QString &hostName) { - return QSsl::X509CertificateOpenSSL::verify(certificateChain, hostName); + return QTlsPrivate::X509CertificateOpenSSL::verify(certificateChain, hostName); } QList QSslSocketBackendPrivate::verify(const QList &caCertificates, const QList &certificateChain, const QString &hostName) { - return QSsl::X509CertificateOpenSSL::verify(caCertificates, certificateChain, hostName); + return QTlsPrivate::X509CertificateOpenSSL::verify(caCertificates, certificateChain, hostName); } void QSslSocketPrivate::registerAdHocFactory() diff --git a/src/network/ssl/qsslsocket_qt.cpp b/src/network/ssl/qsslsocket_qt.cpp index 0a387ff599..13bbb76367 100644 --- a/src/network/ssl/qsslsocket_qt.cpp +++ b/src/network/ssl/qsslsocket_qt.cpp @@ -200,7 +200,7 @@ static QByteArray _q_PKCS12_shroudedKeyBag(const QSslKey &key, const QString &pa QByteArray plain; QDataStream plainStream(&plain, QIODevice::WriteOnly); _q_PKCS12_key(key).write(plainStream); - QByteArray crypted = QSslKeyPrivate::encrypt(QSsl::Cipher::DesEde3Cbc, + QByteArray crypted = QSslKeyPrivate::encrypt(QTlsPrivate::Cipher::DesEde3Cbc, plain, cKey, cIv); QList items; diff --git a/src/network/ssl/qsslsocket_schannel.cpp b/src/network/ssl/qsslsocket_schannel.cpp index 982db74e11..debcc42084 100644 --- a/src/network/ssl/qsslsocket_schannel.cpp +++ b/src/network/ssl/qsslsocket_schannel.cpp @@ -212,24 +212,24 @@ QList QSchannelBackend::implementedClasses() const return classes; } -QSsl::TlsKey *QSchannelBackend::createKey() const +QTlsPrivate::TlsKey *QSchannelBackend::createKey() const { - return new QSsl::TlsKeySchannel; + return new QTlsPrivate::TlsKeySchannel; } -QSsl::X509Certificate *QSchannelBackend::createCertificate() const +QTlsPrivate::X509Certificate *QSchannelBackend::createCertificate() const { - return new QSsl::X509CertificateSchannel; + return new QTlsPrivate::X509CertificateSchannel; } -QSsl::X509PemReaderPtr QSchannelBackend::X509PemReader() const +QTlsPrivate::X509PemReaderPtr QSchannelBackend::X509PemReader() const { - return QSsl::X509CertificateGeneric::certificatesFromPem; + return QTlsPrivate::X509CertificateGeneric::certificatesFromPem; } -QSsl::X509DerReaderPtr QSchannelBackend::X509DerReader() const +QTlsPrivate::X509DerReaderPtr QSchannelBackend::X509DerReader() const { - return QSsl::X509CertificateGeneric::certificatesFromDer; + return QTlsPrivate::X509CertificateGeneric::certificatesFromDer; } Q_GLOBAL_STATIC(QSchannelBackend, backend) @@ -630,7 +630,7 @@ QList QSslSocketPrivate::systemCaCertificates() PCCERT_CONTEXT pc = nullptr; while ((pc = CertFindCertificateInStore(hSystemStore.get(), X509_ASN_ENCODING, 0, CERT_FIND_ANY, nullptr, pc))) { - systemCerts.append(QSsl::X509CertificateSchannel::QSslCertificate_from_CERT_CONTEXT(pc)); + systemCerts.append(QTlsPrivate::X509CertificateSchannel::QSslCertificate_from_CERT_CONTEXT(pc)); } } return systemCerts; @@ -1991,7 +1991,7 @@ bool QSslSocketBackendPrivate::verifyCertContext(CERT_CONTEXT *certContext) return QSslCertificate(); const CERT_CONTEXT *certContext = element->pCertContext; - return QSsl::X509CertificateSchannel::QSslCertificate_from_CERT_CONTEXT(certContext); + return QTlsPrivate::X509CertificateSchannel::QSslCertificate_from_CERT_CONTEXT(certContext); }; // Pick a chain to use as the certificate chain, if multiple are available: diff --git a/src/network/ssl/qtlsbackend.cpp b/src/network/ssl/qtlsbackend.cpp index 9e1f387e11..cdf4f6b55f 100644 --- a/src/network/ssl/qtlsbackend.cpp +++ b/src/network/ssl/qtlsbackend.cpp @@ -153,7 +153,7 @@ private: Q_GLOBAL_STATIC(BackendCollection, backends); -namespace QSsl { +namespace QTlsPrivate { TlsKey::~TlsKey() = default; @@ -203,7 +203,7 @@ TlsKey *X509Certificate::publicKey() const DtlsBase::~DtlsBase() = default; #endif // QT_CONFIG(dtls) -} // namespace QSsl +} // namespace QTlsPrivate const QString QTlsBackend::builtinBackendNames[] = { QStringLiteral("schannel"), @@ -236,25 +236,25 @@ QString QTlsBackend::backendName() const #define REPORT_MISSING_SUPPORT(message) \ qCWarning(lcSsl) << "The backend" << backendName() << message -QSsl::TlsKey *QTlsBackend::createKey() const +QTlsPrivate::TlsKey *QTlsBackend::createKey() const { REPORT_MISSING_SUPPORT("does not support QSslKey"); return nullptr; } -QSsl::X509Certificate *QTlsBackend::createCertificate() const +QTlsPrivate::X509Certificate *QTlsBackend::createCertificate() const { REPORT_MISSING_SUPPORT("does not support QSslCertificate"); return nullptr; } -QSsl::TlsCryptograph *QTlsBackend::createTlsCryptograph() const +QTlsPrivate::TlsCryptograph *QTlsBackend::createTlsCryptograph() const { REPORT_MISSING_SUPPORT("does not support QSslSocket"); return nullptr; } -QSsl::DtlsCryptograph *QTlsBackend::createDtlsCryptograph(QDtls *qObject, int mode) const +QTlsPrivate::DtlsCryptograph *QTlsBackend::createDtlsCryptograph(QDtls *qObject, int mode) const { Q_UNUSED(qObject); Q_UNUSED(mode); @@ -262,31 +262,31 @@ QSsl::DtlsCryptograph *QTlsBackend::createDtlsCryptograph(QDtls *qObject, int mo return nullptr; } -QSsl::DtlsCookieVerifier *QTlsBackend::createDtlsCookieVerifier() const +QTlsPrivate::DtlsCookieVerifier *QTlsBackend::createDtlsCookieVerifier() const { REPORT_MISSING_SUPPORT("does not support DTLS cookies"); return nullptr; } -QSsl::X509ChainVerifyPtr QTlsBackend::X509Verifier() const +QTlsPrivate::X509ChainVerifyPtr QTlsBackend::X509Verifier() const { REPORT_MISSING_SUPPORT("does not support (manual) certificate verification"); return nullptr; } -QSsl::X509PemReaderPtr QTlsBackend::X509PemReader() const +QTlsPrivate::X509PemReaderPtr QTlsBackend::X509PemReader() const { REPORT_MISSING_SUPPORT("cannot read PEM format"); return nullptr; } -QSsl::X509DerReaderPtr QTlsBackend::X509DerReader() const +QTlsPrivate::X509DerReaderPtr QTlsBackend::X509DerReader() const { REPORT_MISSING_SUPPORT("cannot read DER format"); return nullptr; } -QSsl::X509Pkcs12ReaderPtr QTlsBackend::X509Pkcs12Reader() const +QTlsPrivate::X509Pkcs12ReaderPtr QTlsBackend::X509Pkcs12Reader() const { REPORT_MISSING_SUPPORT("cannot read PKCS12 format"); return nullptr; @@ -431,10 +431,10 @@ QList QTlsBackend::implementedClasses(const QString &bac return {}; } -void QTlsBackend::resetBackend(QSslKey &key, QSsl::TlsKey *keyBackend) +void QTlsBackend::resetBackend(QSslKey &key, QTlsPrivate::TlsKey *keyBackend) { #if QT_CONFIG(ssl) - key.d->keyBackend.reset(keyBackend); + key.d->backend.reset(keyBackend); #else Q_UNUSED(key); Q_UNUSED(keyBackend); diff --git a/src/network/ssl/qtlsbackend_cert.cpp b/src/network/ssl/qtlsbackend_cert.cpp index 03451b2ad1..f541381ecb 100644 --- a/src/network/ssl/qtlsbackend_cert.cpp +++ b/src/network/ssl/qtlsbackend_cert.cpp @@ -75,19 +75,19 @@ QList QTlsBackendCertOnly::implementedClasses() const return classes; } -QSsl::X509Certificate *QTlsBackendCertOnly::createCertificate() const +QTlsPrivate::X509Certificate *QTlsBackendCertOnly::createCertificate() const { - return new QSsl::X509CertificateGeneric; + return new QTlsPrivate::X509CertificateGeneric; } -QSsl::X509PemReaderPtr QTlsBackendCertOnly::X509PemReader() const +QTlsPrivate::X509PemReaderPtr QTlsBackendCertOnly::X509PemReader() const { - return QSsl::X509CertificateGeneric::certificatesFromPem; + return QTlsPrivate::X509CertificateGeneric::certificatesFromPem; } -QSsl::X509DerReaderPtr QTlsBackendCertOnly::X509DerReader() const +QTlsPrivate::X509DerReaderPtr QTlsBackendCertOnly::X509DerReader() const { - return QSsl::X509CertificateGeneric::certificatesFromDer; + return QTlsPrivate::X509CertificateGeneric::certificatesFromDer; } QT_END_NAMESPACE diff --git a/src/network/ssl/qtlsbackend_cert_p.h b/src/network/ssl/qtlsbackend_cert_p.h index 86c93dc310..4a010dbf79 100644 --- a/src/network/ssl/qtlsbackend_cert_p.h +++ b/src/network/ssl/qtlsbackend_cert_p.h @@ -57,6 +57,7 @@ #include +#ifdef QT_NO_SSL QT_BEGIN_NAMESPACE @@ -70,11 +71,13 @@ private: QList supportedFeatures() const override; QList implementedClasses() const override; - QSsl::X509Certificate *createCertificate() const override; - QSsl::X509PemReaderPtr X509PemReader() const override; - QSsl::X509DerReaderPtr X509DerReader() const override; + QTlsPrivate::X509Certificate *createCertificate() const override; + QTlsPrivate::X509PemReaderPtr X509PemReader() const override; + QTlsPrivate::X509DerReaderPtr X509DerReader() const override; }; QT_END_NAMESPACE +#endif // QT_NO_SSL + #endif // QTLSBACKEND_CERT_P_H diff --git a/src/network/ssl/qtlsbackend_openssl.cpp b/src/network/ssl/qtlsbackend_openssl.cpp index 5bff90dd37..69e3c15198 100644 --- a/src/network/ssl/qtlsbackend_openssl.cpp +++ b/src/network/ssl/qtlsbackend_openssl.cpp @@ -157,17 +157,17 @@ QList QTlsBackendOpenSSL::implementedClasses() const return classes; } -QSsl::TlsKey *QTlsBackendOpenSSL::createKey() const +QTlsPrivate::TlsKey *QTlsBackendOpenSSL::createKey() const { - return new QSsl::TlsKeyOpenSSL; + return new QTlsPrivate::TlsKeyOpenSSL; } -QSsl::X509Certificate *QTlsBackendOpenSSL::createCertificate() const +QTlsPrivate::X509Certificate *QTlsBackendOpenSSL::createCertificate() const { - return new QSsl::X509CertificateOpenSSL; + return new QTlsPrivate::X509CertificateOpenSSL; } -QSsl::DtlsCookieVerifier *QTlsBackendOpenSSL::createDtlsCookieVerifier() const +QTlsPrivate::DtlsCookieVerifier *QTlsBackendOpenSSL::createDtlsCookieVerifier() const { #if QT_CONFIG(dtls) return new QDtlsClientVerifierOpenSSL; @@ -177,7 +177,7 @@ QSsl::DtlsCookieVerifier *QTlsBackendOpenSSL::createDtlsCookieVerifier() const #endif // QT_CONFIG(dtls) } -QSsl::DtlsCryptograph *QTlsBackendOpenSSL::createDtlsCryptograph(QDtls *q, int mode) const +QTlsPrivate::DtlsCryptograph *QTlsBackendOpenSSL::createDtlsCryptograph(QDtls *q, int mode) const { #if QT_CONFIG(dtls) return new QDtlsPrivateOpenSSL(q, QSslSocket::SslMode(mode)); @@ -189,24 +189,24 @@ QSsl::DtlsCryptograph *QTlsBackendOpenSSL::createDtlsCryptograph(QDtls *q, int m #endif // QT_CONFIG(dtls) } -QSsl::X509ChainVerifyPtr QTlsBackendOpenSSL::X509Verifier() const +QTlsPrivate::X509ChainVerifyPtr QTlsBackendOpenSSL::X509Verifier() const { - return QSsl::X509CertificateOpenSSL::verify; + return QTlsPrivate::X509CertificateOpenSSL::verify; } -QSsl::X509PemReaderPtr QTlsBackendOpenSSL::X509PemReader() const +QTlsPrivate::X509PemReaderPtr QTlsBackendOpenSSL::X509PemReader() const { - return QSsl::X509CertificateOpenSSL::certificatesFromPem; + return QTlsPrivate::X509CertificateOpenSSL::certificatesFromPem; } -QSsl::X509DerReaderPtr QTlsBackendOpenSSL::X509DerReader() const +QTlsPrivate::X509DerReaderPtr QTlsBackendOpenSSL::X509DerReader() const { - return QSsl::X509CertificateOpenSSL::certificatesFromDer; + return QTlsPrivate::X509CertificateOpenSSL::certificatesFromDer; } -QSsl::X509Pkcs12ReaderPtr QTlsBackendOpenSSL::X509Pkcs12Reader() const +QTlsPrivate::X509Pkcs12ReaderPtr QTlsBackendOpenSSL::X509Pkcs12Reader() const { - return QSsl::X509CertificateOpenSSL::importPkcs12; + return QTlsPrivate::X509CertificateOpenSSL::importPkcs12; } QList QTlsBackendOpenSSL::ellipticCurvesIds() const diff --git a/src/network/ssl/qtlsbackend_openssl_p.h b/src/network/ssl/qtlsbackend_openssl_p.h index 8e2b8bdbde..9f9a65f292 100644 --- a/src/network/ssl/qtlsbackend_openssl_p.h +++ b/src/network/ssl/qtlsbackend_openssl_p.h @@ -76,18 +76,18 @@ private: QList implementedClasses() const override; // QSslKey: - QSsl::TlsKey *createKey() const override; + QTlsPrivate::TlsKey *createKey() const override; // QSslCertificate: - QSsl::X509Certificate *createCertificate() const override; + QTlsPrivate::X509Certificate *createCertificate() const override; - QSsl::DtlsCookieVerifier *createDtlsCookieVerifier() const override; - QSsl::DtlsCryptograph *createDtlsCryptograph(QDtls *q, int mode) const override; + QTlsPrivate::DtlsCookieVerifier *createDtlsCookieVerifier() const override; + QTlsPrivate::DtlsCryptograph *createDtlsCryptograph(QDtls *q, int mode) const override; - QSsl::X509ChainVerifyPtr X509Verifier() const override; - QSsl::X509PemReaderPtr X509PemReader() const override; - QSsl::X509DerReaderPtr X509DerReader() const override; - QSsl::X509Pkcs12ReaderPtr X509Pkcs12Reader() const override; + QTlsPrivate::X509ChainVerifyPtr X509Verifier() const override; + QTlsPrivate::X509PemReaderPtr X509PemReader() const override; + QTlsPrivate::X509DerReaderPtr X509DerReader() const override; + QTlsPrivate::X509Pkcs12ReaderPtr X509Pkcs12Reader() const override; // Elliptic curves: QList ellipticCurvesIds() const override; diff --git a/src/network/ssl/qtlsbackend_p.h b/src/network/ssl/qtlsbackend_p.h index 5928dee2c7..300d12c259 100644 --- a/src/network/ssl/qtlsbackend_p.h +++ b/src/network/ssl/qtlsbackend_p.h @@ -85,7 +85,7 @@ class QUdpSocket; class QIODevice; class QSslKey; -namespace QSsl { +namespace QTlsPrivate { // The class TlsKey encapsulates key's data (DER) or backend-specific // data-structure, like RSA/DSA/DH structs in OpenSSL. @@ -99,6 +99,9 @@ class TlsKey { public: virtual ~TlsKey(); + using KeyType = QSsl::KeyType; + using KeyAlgorithm = QSsl::KeyAlgorithm; + virtual void decodeDer(KeyType type, KeyAlgorithm algorithm, const QByteArray &der, const QByteArray &passPhrase, bool deepClear) = 0; virtual void decodePem(KeyType type, KeyAlgorithm algorithm, const QByteArray &pem, @@ -121,7 +124,6 @@ public: // Needed by QSslKeyPrivate::pemFromDer() for non-OpenSSL backends. virtual bool isPkcs8() const = 0; - using Cipher = QSsl::Cipher; virtual QByteArray decrypt(Cipher cipher, const QByteArray &data, const QByteArray &key, const QByteArray &iv) const = 0; virtual QByteArray encrypt(Cipher cipher, const QByteArray &data, @@ -265,10 +267,7 @@ class DtlsCryptograph; #endif // QT_CONFIG(dtls) - - - -} // namespace QSsl +} // namespace QTlsPrivate // Factory, creating back-end specific implementations of // different entities QSslSocket is using. @@ -287,20 +286,20 @@ public: virtual QList implementedClasses() const = 0; // X509 and keys: - virtual QSsl::TlsKey *createKey() const; - virtual QSsl::X509Certificate *createCertificate() const; + virtual QTlsPrivate::TlsKey *createKey() const; + virtual QTlsPrivate::X509Certificate *createCertificate() const; // TLS and DTLS: - virtual QSsl::TlsCryptograph *createTlsCryptograph() const; - virtual QSsl::DtlsCryptograph *createDtlsCryptograph(class QDtls *qObject, int mode) const; - virtual QSsl::DtlsCookieVerifier *createDtlsCookieVerifier() const; + virtual QTlsPrivate::TlsCryptograph *createTlsCryptograph() const; + virtual QTlsPrivate::DtlsCryptograph *createDtlsCryptograph(class QDtls *qObject, int mode) const; + virtual QTlsPrivate::DtlsCookieVerifier *createDtlsCookieVerifier() const; // TLSTODO - get rid of these function pointers, make them virtuals in // the backend itself. X509 machinery: - virtual QSsl::X509ChainVerifyPtr X509Verifier() const; - virtual QSsl::X509PemReaderPtr X509PemReader() const; - virtual QSsl::X509DerReaderPtr X509DerReader() const; - virtual QSsl::X509Pkcs12ReaderPtr X509Pkcs12Reader() const; + virtual QTlsPrivate::X509ChainVerifyPtr X509Verifier() const; + virtual QTlsPrivate::X509PemReaderPtr X509PemReader() const; + virtual QTlsPrivate::X509DerReaderPtr X509DerReader() const; + virtual QTlsPrivate::X509Pkcs12ReaderPtr X509Pkcs12Reader() const; // Elliptic curves: virtual QList ellipticCurvesIds() const; @@ -331,13 +330,13 @@ public: static const QString builtinBackendNames[]; - template + template static DynamicType *backend(const TLSObject &o) { - return static_cast(o.backendImplementation()); + return static_cast(o.d->backend.get()); } - static void resetBackend(QSslKey &key, QSsl::TlsKey *keyBackend); + static void resetBackend(QSslKey &key, QTlsPrivate::TlsKey *keyBackend); Q_DISABLE_COPY_MOVE(QTlsBackend) }; diff --git a/src/network/ssl/qtlsbackend_schannel_p.h b/src/network/ssl/qtlsbackend_schannel_p.h index 6cc2f58c54..951c73256e 100644 --- a/src/network/ssl/qtlsbackend_schannel_p.h +++ b/src/network/ssl/qtlsbackend_schannel_p.h @@ -68,11 +68,11 @@ private: QList supportedFeatures() const override; QList implementedClasses() const override; - QSsl::TlsKey *createKey() const override; - QSsl::X509Certificate *createCertificate() const override; + QTlsPrivate::TlsKey *createKey() const override; + QTlsPrivate::X509Certificate *createCertificate() const override; - QSsl::X509PemReaderPtr X509PemReader() const override; - QSsl::X509DerReaderPtr X509DerReader() const override; + QTlsPrivate::X509PemReaderPtr X509PemReader() const override; + QTlsPrivate::X509DerReaderPtr X509DerReader() const override; }; QT_END_NAMESPACE diff --git a/src/network/ssl/qtlsbackend_st.cpp b/src/network/ssl/qtlsbackend_st.cpp index b9746e9a9a..3bf95ec79e 100644 --- a/src/network/ssl/qtlsbackend_st.cpp +++ b/src/network/ssl/qtlsbackend_st.cpp @@ -50,14 +50,14 @@ QString QSecureTransportBackend::backendName() const return builtinBackendNames[nameIndexSecureTransport]; } -QSsl::TlsKey *QSecureTransportBackend::createKey() const +QTlsPrivate::TlsKey *QSecureTransportBackend::createKey() const { - return new QSsl::TlsKeySecureTransport; + return new QTlsPrivate::TlsKeySecureTransport; } -QSsl::X509Certificate *QSecureTransportBackend::createCertificate() const +QTlsPrivate::X509Certificate *QSecureTransportBackend::createCertificate() const { - return new QSsl::X509CertificateSecureTransport; + return new QTlsPrivate::X509CertificateSecureTransport; } QList QSecureTransportBackend::supportedProtocols() const @@ -94,14 +94,14 @@ QList QSecureTransportBackend::implementedClasses() cons return classes; } -QSsl::X509PemReaderPtr QSecureTransportBackend::X509PemReader() const +QTlsPrivate::X509PemReaderPtr QSecureTransportBackend::X509PemReader() const { - return QSsl::X509CertificateGeneric::certificatesFromPem; + return QTlsPrivate::X509CertificateGeneric::certificatesFromPem; } -QSsl::X509DerReaderPtr QSecureTransportBackend::X509DerReader() const +QTlsPrivate::X509DerReaderPtr QSecureTransportBackend::X509DerReader() const { - return QSsl::X509CertificateGeneric::certificatesFromDer; + return QTlsPrivate::X509CertificateGeneric::certificatesFromDer; } QT_END_NAMESPACE diff --git a/src/network/ssl/qtlsbackend_st_p.h b/src/network/ssl/qtlsbackend_st_p.h index 5f8a0a4b02..9dea26c8d7 100644 --- a/src/network/ssl/qtlsbackend_st_p.h +++ b/src/network/ssl/qtlsbackend_st_p.h @@ -69,11 +69,11 @@ private: QList supportedFeatures() const override; QList implementedClasses() const override; - QSsl::TlsKey *createKey() const override; - QSsl::X509Certificate *createCertificate() const override; + QTlsPrivate::TlsKey *createKey() const override; + QTlsPrivate::X509Certificate *createCertificate() const override; - QSsl::X509PemReaderPtr X509PemReader() const override; - QSsl::X509DerReaderPtr X509DerReader() const override; + QTlsPrivate::X509PemReaderPtr X509PemReader() const override; + QTlsPrivate::X509DerReaderPtr X509DerReader() const override; }; QT_END_NAMESPACE diff --git a/src/network/ssl/qtlskey_base.cpp b/src/network/ssl/qtlskey_base.cpp index 99bc0258bb..13ce063f30 100644 --- a/src/network/ssl/qtlskey_base.cpp +++ b/src/network/ssl/qtlskey_base.cpp @@ -42,7 +42,7 @@ QT_BEGIN_NAMESPACE -namespace QSsl { +namespace QTlsPrivate { QByteArray TlsKeyBase::pemFromDer(const QByteArray &der, const QMap &headers) const { @@ -126,7 +126,7 @@ bool TlsKeyBase::isEncryptedPkcs8(const QByteArray &der) || encryptionScheme.startsWith(PKCS12_OID); } -} // namespace QSsl +} // namespace QTlsPrivate QT_END_NAMESPACE diff --git a/src/network/ssl/qtlskey_base_p.h b/src/network/ssl/qtlskey_base_p.h index f08f30f14e..6befed876c 100644 --- a/src/network/ssl/qtlskey_base_p.h +++ b/src/network/ssl/qtlskey_base_p.h @@ -61,14 +61,14 @@ QT_BEGIN_NAMESPACE -namespace QSsl { +namespace QTlsPrivate { // TLSTODO: Note, 'base' is supposed to move to plugins together with // 'generic' and 'backendXXX'. class TlsKeyBase : public TlsKey { public: - TlsKeyBase(KeyType type = PublicKey, KeyAlgorithm algorithm = Opaque) + TlsKeyBase(KeyType type = QSsl::PublicKey, KeyAlgorithm algorithm = QSsl::Opaque) : keyType(type), keyAlgorithm(algorithm) { @@ -78,11 +78,11 @@ public: { return keyIsNull; } - QSsl::KeyType type() const override + KeyType type() const override { return keyType; } - QSsl::KeyAlgorithm algorithm() const override + KeyAlgorithm algorithm() const override { return keyAlgorithm; } @@ -101,11 +101,11 @@ public: // TLSTODO: this public is quick fix needed by old _openssl classes // will become non-public as soon as those classes fixed. bool keyIsNull = true; - KeyType keyType = PublicKey; - KeyAlgorithm keyAlgorithm = Opaque; + KeyType keyType = QSsl::PublicKey; + KeyAlgorithm keyAlgorithm = QSsl::Opaque; }; -} // namespace QSsl +} // namespace QTlsPrivate QT_END_NAMESPACE diff --git a/src/network/ssl/qtlskey_generic.cpp b/src/network/ssl/qtlskey_generic.cpp index 52d7da1b0d..b0ab0bfa96 100644 --- a/src/network/ssl/qtlskey_generic.cpp +++ b/src/network/ssl/qtlskey_generic.cpp @@ -60,7 +60,7 @@ QT_BEGIN_NAMESPACE // The code here is essentially what we had in qsslkey_qt.cpp before, with // minimal changes/restructure. -namespace QSsl { +namespace QTlsPrivate { // OIDs of named curves allowed in TLS as per RFCs 4492 and 7027, // see also https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 @@ -414,7 +414,7 @@ QByteArray deriveAesKey(QSslKeyPrivate::Cipher cipher, const QByteArray &passPhr hash.addData(data); - if (cipher == QSsl::Cipher::Aes128Cbc) + if (cipher == Cipher::Aes128Cbc) return hash.result(); QByteArray key(hash.result()); @@ -422,7 +422,7 @@ QByteArray deriveAesKey(QSslKeyPrivate::Cipher cipher, const QByteArray &passPhr hash.addData(key); hash.addData(data); - if (cipher == QSsl::Cipher::Aes192Cbc) + if (cipher == Cipher::Aes192Cbc) return key.append(hash.result().constData(), 8); return key.append(hash.result()); @@ -436,10 +436,10 @@ QByteArray deriveKey(QSslKeyPrivate::Cipher cipher, const QByteArray &passPhrase hash.addData(passPhrase); hash.addData(iv); switch (cipher) { - case QSsl::Cipher::DesCbc: + case Cipher::DesCbc: key = hash.result().left(8); break; - case QSsl::Cipher::DesEde3Cbc: + case Cipher::DesEde3Cbc: key = hash.result(); hash.reset(); hash.addData(key); @@ -447,12 +447,12 @@ QByteArray deriveKey(QSslKeyPrivate::Cipher cipher, const QByteArray &passPhrase hash.addData(iv); key += hash.result().left(8); break; - case QSsl::Cipher::Rc2Cbc: + case Cipher::Rc2Cbc: key = hash.result(); break; - case QSsl::Cipher::Aes128Cbc: - case QSsl::Cipher::Aes192Cbc: - case QSsl::Cipher::Aes256Cbc: + case Cipher::Aes128Cbc: + case Cipher::Aes192Cbc: + case Cipher::Aes256Cbc: return deriveAesKey(cipher, passPhrase, iv); } return key; @@ -688,17 +688,17 @@ void TlsKeyGeneric::decodePem(QSsl::KeyType type, QSsl::KeyAlgorithm algorithm, QSslKeyPrivate::Cipher cipher; if (dekInfo.first() == "DES-CBC") { - cipher = QSsl::Cipher::DesCbc; + cipher = Cipher::DesCbc; } else if (dekInfo.first() == "DES-EDE3-CBC") { - cipher = QSsl::Cipher::DesEde3Cbc; + cipher = Cipher::DesEde3Cbc; } else if (dekInfo.first() == "RC2-CBC") { - cipher = QSsl::Cipher::Rc2Cbc; + cipher = Cipher::Rc2Cbc; } else if (dekInfo.first() == "AES-128-CBC") { - cipher = QSsl::Cipher::Aes128Cbc; + cipher = Cipher::Aes128Cbc; } else if (dekInfo.first() == "AES-192-CBC") { - cipher = QSsl::Cipher::Aes192Cbc; + cipher = Cipher::Aes192Cbc; } else if (dekInfo.first() == "AES-256-CBC") { - cipher = QSsl::Cipher::Aes256Cbc; + cipher = Cipher::Aes256Cbc; } else { clear(deepClear); return; @@ -722,7 +722,7 @@ QByteArray TlsKeyGeneric::toPem(const QByteArray &passPhrase) const quint64 random = QRandomGenerator::system()->generate64(); QByteArray iv = QByteArray::fromRawData(reinterpret_cast(&random), sizeof(random)); - auto cipher = QSsl::Cipher::DesEde3Cbc; + auto cipher = Cipher::DesEde3Cbc; const QByteArray key = deriveKey(cipher, passPhrase, iv); data = encrypt(cipher, derData, key, iv); @@ -879,6 +879,6 @@ QByteArray TlsKeyGeneric::decryptPkcs8(const QByteArray &encrypted, const QByteA return decryptedKeyElement.value(); } -} // namespace QSsl +} // namespace QTlsPrivate QT_END_NAMESPACE diff --git a/src/network/ssl/qtlskey_generic_p.h b/src/network/ssl/qtlskey_generic_p.h index 6c2666bcf0..4c409f5f51 100644 --- a/src/network/ssl/qtlskey_generic_p.h +++ b/src/network/ssl/qtlskey_generic_p.h @@ -61,7 +61,7 @@ QT_BEGIN_NAMESPACE -namespace QSsl { +namespace QTlsPrivate { // This class is what previously was known as qsslkey_qt: // it implements most of functionality needed by QSslKey @@ -110,7 +110,7 @@ private: int keyLength = -1; }; -} // namespace QSsl +} // namespace QTlsPrivate QT_END_NAMESPACE diff --git a/src/network/ssl/qtlskey_openssl.cpp b/src/network/ssl/qtlskey_openssl.cpp index c649d57f19..6d75dfd5b4 100644 --- a/src/network/ssl/qtlskey_openssl.cpp +++ b/src/network/ssl/qtlskey_openssl.cpp @@ -46,7 +46,7 @@ QT_BEGIN_NAMESPACE -namespace QSsl { +namespace QTlsPrivate { void TlsKeyOpenSSL::decodeDer(QSsl::KeyType type, QSsl::KeyAlgorithm algorithm, const QByteArray &der, const QByteArray &passPhrase, bool deepClear) @@ -401,28 +401,28 @@ QByteArray doCrypt(QSslKeyPrivate::Cipher cipher, const QByteArray &data, int i = 0, len = 0; switch (cipher) { - case QSsl::Cipher::DesCbc: + case Cipher::DesCbc: #ifndef OPENSSL_NO_DES type = q_EVP_des_cbc(); #endif break; - case QSsl::Cipher::DesEde3Cbc: + case Cipher::DesEde3Cbc: #ifndef OPENSSL_NO_DES type = q_EVP_des_ede3_cbc(); #endif break; - case QSsl::Cipher::Rc2Cbc: + case Cipher::Rc2Cbc: #ifndef OPENSSL_NO_RC2 type = q_EVP_rc2_cbc(); #endif break; - case QSsl::Cipher::Aes128Cbc: + case Cipher::Aes128Cbc: type = q_EVP_aes_128_cbc(); break; - case QSsl::Cipher::Aes192Cbc: + case Cipher::Aes192Cbc: type = q_EVP_aes_192_cbc(); break; - case QSsl::Cipher::Aes256Cbc: + case Cipher::Aes256Cbc: type = q_EVP_aes_256_cbc(); break; } @@ -437,7 +437,7 @@ QByteArray doCrypt(QSslKeyPrivate::Cipher cipher, const QByteArray &data, q_EVP_CIPHER_CTX_reset(ctx); q_EVP_CipherInit(ctx, type, nullptr, nullptr, enc); q_EVP_CIPHER_CTX_set_key_length(ctx, key.size()); - if (cipher == QSsl::Cipher::Rc2Cbc) + if (cipher == Cipher::Rc2Cbc) q_EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_RC2_KEY_BITS, 8 * key.size(), nullptr); q_EVP_CipherInit_ex(ctx, nullptr, nullptr, @@ -504,6 +504,6 @@ TlsKeyOpenSSL *TlsKeyOpenSSL::publicKeyFromX509(X509 *x) return keyRaii.release(); } -} // namespace QSsl +} // namespace QTlsPrivate QT_END_NAMESPACE diff --git a/src/network/ssl/qtlskey_openssl_p.h b/src/network/ssl/qtlskey_openssl_p.h index 4e8377c3b3..5ef51dfd56 100644 --- a/src/network/ssl/qtlskey_openssl_p.h +++ b/src/network/ssl/qtlskey_openssl_p.h @@ -70,7 +70,7 @@ QT_BEGIN_NAMESPACE QT_REQUIRE_CONFIG(ssl); -namespace QSsl { +namespace QTlsPrivate { class TlsKeyOpenSSL final : public TlsKeyBase { @@ -119,7 +119,7 @@ public: bool fromEVP_PKEY(EVP_PKEY *pkey); }; -} // namespace QCrypto +} // namespace QTlsPrivate QT_END_NAMESPACE diff --git a/src/network/ssl/qtlskey_schannel.cpp b/src/network/ssl/qtlskey_schannel.cpp index 39ffa94837..e788eac03a 100644 --- a/src/network/ssl/qtlskey_schannel.cpp +++ b/src/network/ssl/qtlskey_schannel.cpp @@ -55,15 +55,15 @@ namespace { const wchar_t *getName(QSslKeyPrivate::Cipher cipher) { switch (cipher) { - case QSsl::Cipher::DesCbc: + case QTlsPrivate::Cipher::DesCbc: return BCRYPT_DES_ALGORITHM; - case QSsl::Cipher::DesEde3Cbc: + case QTlsPrivate::Cipher::DesEde3Cbc: return BCRYPT_3DES_ALGORITHM; - case QSsl::Cipher::Rc2Cbc: + case QTlsPrivate::Cipher::Rc2Cbc: return BCRYPT_RC2_ALGORITHM; - case QSsl::Cipher::Aes128Cbc: - case QSsl::Cipher::Aes192Cbc: - case QSsl::Cipher::Aes256Cbc: + case QTlsPrivate::Cipher::Aes128Cbc: + case QTlsPrivate::Cipher::Aes192Cbc: + case QTlsPrivate::Cipher::Aes256Cbc: return BCRYPT_AES_ALGORITHM; } Q_UNREACHABLE(); @@ -167,7 +167,7 @@ QByteArray doCrypt(QSslKeyPrivate::Cipher cipher, const QByteArray &data, const } } // anonymous namespace -namespace QSsl { +namespace QTlsPrivate { QByteArray TlsKeySchannel::decrypt(Cipher cipher, const QByteArray &data, const QByteArray &key, const QByteArray &iv) const @@ -181,7 +181,7 @@ QByteArray TlsKeySchannel::encrypt(Cipher cipher, const QByteArray &data, const return doCrypt(cipher, data, key, iv, true); } -} // namespace QSsl +} // namespace QTlsPrivate QT_END_NAMESPACE diff --git a/src/network/ssl/qtlskey_schannel_p.h b/src/network/ssl/qtlskey_schannel_p.h index 0359176b14..72747e7fa6 100644 --- a/src/network/ssl/qtlskey_schannel_p.h +++ b/src/network/ssl/qtlskey_schannel_p.h @@ -61,7 +61,7 @@ QT_REQUIRE_CONFIG(ssl); QT_BEGIN_NAMESPACE -namespace QSsl { +namespace QTlsPrivate { class TlsKeySchannel final : public TlsKeyGeneric { @@ -74,7 +74,7 @@ public: const QByteArray &iv) const override; }; -} // namespace QSsl +} // namespace QTlsPrivate QT_END_NAMESPACE diff --git a/src/network/ssl/qtlskey_st.cpp b/src/network/ssl/qtlskey_st.cpp index 71ef33ff20..c551729c24 100644 --- a/src/network/ssl/qtlskey_st.cpp +++ b/src/network/ssl/qtlskey_st.cpp @@ -49,7 +49,7 @@ QT_BEGIN_NAMESPACE -namespace QSsl { +namespace QTlsPrivate { namespace { // Before this code was located in qsslkey_mac.cpp. @@ -105,6 +105,6 @@ QByteArray TlsKeySecureTransport::encrypt(Cipher cipher, const QByteArray &data, return wrapCCCrypt(kCCEncrypt, cipher, data, key, iv); } -} // namespace QSsl. +} // namespace QTlsPrivate QT_END_NAMESPACE diff --git a/src/network/ssl/qtlskey_st_p.h b/src/network/ssl/qtlskey_st_p.h index df690f9f53..7088daf39a 100644 --- a/src/network/ssl/qtlskey_st_p.h +++ b/src/network/ssl/qtlskey_st_p.h @@ -61,7 +61,7 @@ QT_REQUIRE_CONFIG(ssl); QT_BEGIN_NAMESPACE -namespace QSsl { +namespace QTlsPrivate { class TlsKeySecureTransport final : public TlsKeyGeneric { @@ -76,7 +76,7 @@ public: Q_DISABLE_COPY_MOVE(TlsKeySecureTransport) }; -} // namespace QSsl +} // namespace QTlsPrivate QT_END_NAMESPACE diff --git a/src/network/ssl/qx509_base.cpp b/src/network/ssl/qx509_base.cpp index 9f8f8c3ba1..d7b7b81606 100644 --- a/src/network/ssl/qx509_base.cpp +++ b/src/network/ssl/qx509_base.cpp @@ -41,7 +41,7 @@ QT_BEGIN_NAMESPACE -namespace QSsl { +namespace QTlsPrivate { QByteArray X509CertificateBase::subjectInfoToString(QSslCertificate::SubjectInfo info) { @@ -173,6 +173,6 @@ bool X509CertificateBase::isExtensionSupported(qsizetype index) const return extensions[index].supported; } -} // namespace QSsl +} // namespace QTlsPrivate QT_END_NAMESPACE diff --git a/src/network/ssl/qx509_base_p.h b/src/network/ssl/qx509_base_p.h index 27060dd5a8..6905848e46 100644 --- a/src/network/ssl/qx509_base_p.h +++ b/src/network/ssl/qx509_base_p.h @@ -64,7 +64,7 @@ QT_BEGIN_NAMESPACE -namespace QSsl { +namespace QTlsPrivate { class X509CertificateBase : public X509Certificate { @@ -118,7 +118,7 @@ protected: QList extensions; }; -} // namespace QSsl +} // namespace QTlsPrivate QT_END_NAMESPACE diff --git a/src/network/ssl/qx509_generic.cpp b/src/network/ssl/qx509_generic.cpp index 535fbe5fd2..40178f5e7c 100644 --- a/src/network/ssl/qx509_generic.cpp +++ b/src/network/ssl/qx509_generic.cpp @@ -37,6 +37,7 @@ ** ****************************************************************************/ +#include "qsslcertificate_p.h" #include "qx509_generic_p.h" #include "qasn1element_p.h" @@ -50,7 +51,7 @@ QT_BEGIN_NAMESPACE -namespace QSsl { +namespace QTlsPrivate { namespace { @@ -461,6 +462,6 @@ bool X509CertificateGeneric::parseExtension(const QByteArray &data, X509Certific return true; } -} // namespace QSsl +} // namespace QTlsPrivate QT_END_NAMESPACE diff --git a/src/network/ssl/qx509_generic_p.h b/src/network/ssl/qx509_generic_p.h index 82bd4e84af..b0dd3ec4b5 100644 --- a/src/network/ssl/qx509_generic_p.h +++ b/src/network/ssl/qx509_generic_p.h @@ -60,7 +60,7 @@ QT_BEGIN_NAMESPACE -namespace QSsl { +namespace QTlsPrivate { // TLSTODO: This class is what previously was known as qsslcertificate_qt. // A part of SecureTransport and Schannel plugin. @@ -94,7 +94,7 @@ protected: bool parseExtension(const QByteArray &data, X509CertificateExtension &extension); }; -} // namespace QSsl +} // namespace QTlsPrivate QT_END_NAMESPACE diff --git a/src/network/ssl/qx509_openssl.cpp b/src/network/ssl/qx509_openssl.cpp index ad9c55463b..51dc25bd16 100644 --- a/src/network/ssl/qx509_openssl.cpp +++ b/src/network/ssl/qx509_openssl.cpp @@ -38,6 +38,7 @@ ****************************************************************************/ #include "qtlsbackend_openssl_p.h" +#include "qsslcertificate_p.h" #include "qtlskey_openssl_p.h" #include "qx509_openssl_p.h" @@ -56,7 +57,7 @@ QT_BEGIN_NAMESPACE -namespace QSsl { +namespace QTlsPrivate { namespace { @@ -922,6 +923,6 @@ X509CertificateBase::X509CertificateExtension X509CertificateOpenSSL::convertExt return result; } -} // namespace QSsl +} // namespace QTlsPrivate QT_END_NAMESPACE diff --git a/src/network/ssl/qx509_openssl_p.h b/src/network/ssl/qx509_openssl_p.h index 92752e5f48..ad5786d5e3 100644 --- a/src/network/ssl/qx509_openssl_p.h +++ b/src/network/ssl/qx509_openssl_p.h @@ -69,7 +69,7 @@ QT_BEGIN_NAMESPACE -namespace QSsl { +namespace QTlsPrivate { // TLSTODO: This class is essentially what qsslcertificate_openssl.cpp // contains - OpenSSL-based version of QSslCertificatePrivate. Remove @@ -127,7 +127,7 @@ private: extern "C" int qt_X509Callback(int ok, X509_STORE_CTX *ctx); -} // namespace QSsl. +} // namespace QTlsPrivate QT_END_NAMESPACE diff --git a/src/network/ssl/qx509_schannel.cpp b/src/network/ssl/qx509_schannel.cpp index 6019fccb23..a7371e0d97 100644 --- a/src/network/ssl/qx509_schannel.cpp +++ b/src/network/ssl/qx509_schannel.cpp @@ -38,13 +38,14 @@ ****************************************************************************/ #include "qtlskey_schannel_p.h" +#include "qsslcertificate_p.h" #include "qx509_schannel_p.h" #include QT_BEGIN_NAMESPACE -namespace QSsl { +namespace QTlsPrivate { X509CertificateSchannel::X509CertificateSchannel() = default; @@ -56,9 +57,9 @@ X509CertificateSchannel::~X509CertificateSchannel() TlsKey *X509CertificateSchannel::publicKey() const { - auto key = std::make_unique(PublicKey); + auto key = std::make_unique(QSsl::PublicKey); if (publicKeyAlgorithm != QSsl::Opaque) - key->decodeDer(PublicKey, publicKeyAlgorithm, publicKeyDerData, {}, false); + key->decodeDer(QSsl::PublicKey, publicKeyAlgorithm, publicKeyDerData, {}, false); return key.release(); } @@ -80,7 +81,7 @@ QSslCertificate X509CertificateSchannel::QSslCertificate_from_CERT_CONTEXT(const return certificate; } -} // namespace QSsl. +} // namespace QTlsPrivate QT_END_NAMESPACE diff --git a/src/network/ssl/qx509_schannel_p.h b/src/network/ssl/qx509_schannel_p.h index 40fb292acf..3b5d567c7b 100644 --- a/src/network/ssl/qx509_schannel_p.h +++ b/src/network/ssl/qx509_schannel_p.h @@ -62,7 +62,7 @@ QT_BEGIN_NAMESPACE -namespace QSsl { +namespace QTlsPrivate { class X509CertificateSchannel final : public X509CertificateGeneric { @@ -80,7 +80,7 @@ private: Q_DISABLE_COPY_MOVE(X509CertificateSchannel); }; -} // namespace QSsl. +} // namespace QTlsPrivate QT_END_NAMESPACE diff --git a/src/network/ssl/qx509_st.cpp b/src/network/ssl/qx509_st.cpp index 7183ca2768..737b15cef8 100644 --- a/src/network/ssl/qx509_st.cpp +++ b/src/network/ssl/qx509_st.cpp @@ -44,18 +44,18 @@ QT_BEGIN_NAMESPACE -namespace QSsl { +namespace QTlsPrivate { TlsKey *X509CertificateSecureTransport::publicKey() const { - auto key = std::make_unique(PublicKey); + auto key = std::make_unique(QSsl::PublicKey); if (publicKeyAlgorithm != QSsl::Opaque) - key->decodeDer(PublicKey, publicKeyAlgorithm, publicKeyDerData, {}, false); + key->decodeDer(QSsl::PublicKey, publicKeyAlgorithm, publicKeyDerData, {}, false); return key.release(); } -} // namespace QSsl. +} // namespace QTlsPrivate QT_END_NAMESPACE diff --git a/src/network/ssl/qx509_st_p.h b/src/network/ssl/qx509_st_p.h index 4f1220d104..8c3969442c 100644 --- a/src/network/ssl/qx509_st_p.h +++ b/src/network/ssl/qx509_st_p.h @@ -59,7 +59,7 @@ QT_BEGIN_NAMESPACE -namespace QSsl { +namespace QTlsPrivate { class X509CertificateSecureTransport final : public X509CertificateGeneric { @@ -67,7 +67,7 @@ public: TlsKey *publicKey() const override; }; -} // namespace QSsl. +} // namespace QTlsPrivate QT_END_NAMESPACE -- cgit v1.2.3