diff options
Diffstat (limited to 'examples/sslservtest/sslservtest.cpp')
-rw-r--r-- | examples/sslservtest/sslservtest.cpp | 294 |
1 files changed, 294 insertions, 0 deletions
diff --git a/examples/sslservtest/sslservtest.cpp b/examples/sslservtest/sslservtest.cpp new file mode 100644 index 0000000..384558f --- /dev/null +++ b/examples/sslservtest/sslservtest.cpp @@ -0,0 +1,294 @@ +#include<tqapplication.h> +#include<tqfile.h> +#include<tqsocket.h> +#include<tqserversocket.h> +#include<tqvaluelist.h> +#include<tqtimer.h> +#include"qca.h" + +char pemdata_cert[] = + "-----BEGIN CERTIFICATE-----\n" + "MIIDbjCCAtegAwIBAgIBADANBgkqhkiG9w0BAQQFADCBhzELMAkGA1UEBhMCVVMx\n" + "EzARBgNVBAgTCkNhbGlmb3JuaWExDzANBgNVBAcTBklydmluZTEYMBYGA1UEChMP\n" + "RXhhbXBsZSBDb21wYW55MRQwEgYDVQQDEwtleGFtcGxlLmNvbTEiMCAGCSqGSIb3\n" + "DQEJARYTZXhhbXBsZUBleGFtcGxlLmNvbTAeFw0wMzA3MjQwNzMwMDBaFw0wMzA4\n" + "MjMwNzMwMDBaMIGHMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEP\n" + "MA0GA1UEBxMGSXJ2aW5lMRgwFgYDVQQKEw9FeGFtcGxlIENvbXBhbnkxFDASBgNV\n" + "BAMTC2V4YW1wbGUuY29tMSIwIAYJKoZIhvcNAQkBFhNleGFtcGxlQGV4YW1wbGUu\n" + "Y29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCobzCF268K2sRp473gvBTT\n" + "4AgSL1kjeF8N57vxS1P8zWrWMXNs4LuH0NRZmKTajeboy0br8xw+smIy3AbaKAwW\n" + "WZToesxebu3m9VeA8dqWyOaUMjoxAcgVYesgVaMpjRe7fcWdJnX1wJoVVPuIcO8m\n" + "a+AAPByfTORbzpSTmXAQAwIDAQABo4HnMIHkMB0GA1UdDgQWBBTvFierzLmmYMq0\n" + "cB/+5rK1bNR56zCBtAYDVR0jBIGsMIGpgBTvFierzLmmYMq0cB/+5rK1bNR566GB\n" + "jaSBijCBhzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExDzANBgNV\n" + "BAcTBklydmluZTEYMBYGA1UEChMPRXhhbXBsZSBDb21wYW55MRQwEgYDVQQDEwtl\n" + "eGFtcGxlLmNvbTEiMCAGCSqGSIb3DQEJARYTZXhhbXBsZUBleGFtcGxlLmNvbYIB\n" + "ADAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBAUAA4GBAGqGhXf7xNOnYNtFO7gz\n" + "K6RdZGHFI5q1DAEz4hhNBC9uElh32XGX4wN7giz3zLC8v9icL/W4ff/K5NDfv3Gf\n" + "gQe/+Wo9Be3H3ul6uwPPFnx4+PIOF2a5TW99H9smyxWdNjnFtcUte4al3RszcMWG\n" + "x3iqsWosGtj6F+ridmKoqKLu\n" + "-----END CERTIFICATE-----\n"; + +char pemdata_privkey[] = + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIICXAIBAAKBgQCobzCF268K2sRp473gvBTT4AgSL1kjeF8N57vxS1P8zWrWMXNs\n" + "4LuH0NRZmKTajeboy0br8xw+smIy3AbaKAwWWZToesxebu3m9VeA8dqWyOaUMjox\n" + "AcgVYesgVaMpjRe7fcWdJnX1wJoVVPuIcO8ma+AAPByfTORbzpSTmXAQAwIDAQAB\n" + "AoGAP83u+aYghuIcaWhmM03MLf69z/WztKYSi/fu0BcS977w67bL3MC9CVPoPRB/\n" + "0nLSt/jZIuRzHKUCYfXLerSU7v0oXDTy6GPzWMh/oXIrpF0tYNbwWF7LSq2O2gGZ\n" + "XtA9MSmUNNJaKzQQeXjqdVFOY8A0Pho+k2KByBiCi+ChkcECQQDRUuyX0+PKJtA2\n" + "M36BOTFpy61BAv+JRlXUnHuevOfQWl6NR6YGygqCyH1sWtP1sa9S4wWys3DFH+5A\n" + "DkuAqk7zAkEAzf4eUH2hp5CIMsXH+WpIzKj09oY1it2CAKjVq4rUELf8iXvmGoFl\n" + "000spua4MjHNUYm7LR0QaKesKrMyGZUesQJAL8aLdYPJI+SD9Tr/jqLtIkZ4frQe\n" + "eshw4pvsoyheiHF3zyshO791crAr4EVCx3sMlxB1xnmqLXPCPyCEHxO//QJBAIBY\n" + "IYkjDZJ6ofGIe1UyXJNvfdkPu9J+ut4wU5jjEcgs6mK62J6RGuFxhy2iOQfFMdjo\n" + "yL+OCUg7mDCun7uCxrECQAtSvnLOFMjO5qExRjFtwi+b1rcSekd3Osk/izyRFSzg\n" + "Or+AL56/EKfiogNnFipgaXIbb/xj785Cob6v96XoW1I=\n" + "-----END RSA PRIVATE KEY-----\n"; + +class LayerTracker +{ +public: + struct Item + { + int plain; + int encoded; + }; + + LayerTracker() + { + p = 0; + } + + void reset() + { + p = 0; + list.clear(); + } + + void addPlain(int plain) + { + p += plain; + } + + void specifyEncoded(int encoded, int plain) + { + // can't specify more bytes than we have + if(plain > p) + plain = p; + p -= plain; + Item i; + i.plain = plain; + i.encoded = encoded; + list += i; + } + + int finished(int encoded) + { + int plain = 0; + for(TQValueList<Item>::Iterator it = list.begin(); it != list.end();) { + Item &i = *it; + + // not enough? + if(encoded < i.encoded) { + i.encoded -= encoded; + break; + } + + encoded -= i.encoded; + plain += i.plain; + it = list.remove(it); + } + return plain; + } + + int p; + TQValueList<Item> list; +}; + +class SecureServerTest : public QServerSocket +{ + Q_OBJECT +public: + enum { Idle, Handshaking, Active, Closing }; + + SecureServerTest(int _port) : QServerSocket(_port), port(_port) + { + sock = new TQSocket; + connect(sock, SIGNAL(readyRead()), SLOT(sock_readyRead())); + connect(sock, SIGNAL(connectionClosed()), SLOT(sock_connectionClosed())); + connect(sock, SIGNAL(error(int)), SLOT(sock_error(int))); + connect(sock, SIGNAL(bytesWritten(int)), SLOT(sock_bytesWritten(int))); + + ssl = new QCA::TLS; + connect(ssl, SIGNAL(handshaken()), SLOT(ssl_handshaken())); + connect(ssl, SIGNAL(readyRead()), SLOT(ssl_readyRead())); + connect(ssl, SIGNAL(readyReadOutgoing(int)), SLOT(ssl_readyReadOutgoing(int))); + connect(ssl, SIGNAL(closed()), SLOT(ssl_closed())); + connect(ssl, SIGNAL(error(int)), SLOT(ssl_error(int))); + + cert.fromPEM(pemdata_cert); + privkey.fromPEM(pemdata_privkey); + + mode = Idle; + } + + ~SecureServerTest() + { + delete ssl; + delete sock; + } + + void start() + { + if(cert.isNull() || privkey.isNull()) { + printf("Error loading cert and/or private key!\n"); + TTQTimer::singleShot(0, this, SIGNAL(quit())); + return; + } + if(!ok()) { + printf("Error binding to port %d!\n", port); + TTQTimer::singleShot(0, this, SIGNAL(quit())); + return; + } + printf("Listening on port %d ...\n", port); + } + + void newConnection(int s) + { + // Note: only 1 connection supported at a time in this example! + if(sock->isOpen()) { + TQSocket tmp; + tmp.setSocket(s); + printf("throwing away extra connection\n"); + return; + } + mode = Handshaking; + sock->setSocket(s); + printf("Connection received! Starting TLS handshake...\n"); + ssl->setCertificate(cert, privkey); + ssl->startServer(); + } + +signals: + void quit(); + +private slots: + void sock_readyRead() + { + TQByteArray buf(sock->bytesAvailable()); + int num = sock->readBlock(buf.data(), buf.size()); + if(num < (int)buf.size()) + buf.resize(num); + ssl->writeIncoming(buf); + } + + void sock_connectionClosed() + { + printf("Connection closed.\n"); + } + + void sock_bytesWritten(int x) + { + if(mode == Active && sent) { + int bytes = layer.finished(x); + bytesLeft -= bytes; + + if(bytesLeft == 0) { + mode = Closing; + printf("SSL shutdown\n"); + ssl->close(); + } + } + } + + void sock_error(int) + { + printf("Socket error.\n"); + } + + void ssl_handshaken() + { + printf("Successful SSL handshake. Waiting for newline.\n"); + layer.reset(); + bytesLeft = 0; + sent = false; + mode = Active; + } + + void ssl_readyRead() + { + TQByteArray a = ssl->read(); + TQString str = + "<html>\n" + "<head><title>Test</title></head>\n" + "<body>this is only a test</body>\n" + "</html>\n"; + TQCString cs = str.latin1(); + TQByteArray b(cs.length()); + memcpy(b.data(), cs.data(), b.size()); + + printf("Sending test response...\n"); + sent = true; + layer.addPlain(b.size()); + ssl->write(b); + } + + void ssl_readyReadOutgoing(int plainBytes) + { + TQByteArray a = ssl->readOutgoing(); + layer.specifyEncoded(a.size(), plainBytes); + sock->writeBlock(a.data(), a.size()); + } + + void ssl_closed() + { + printf("Closing.\n"); + sock->close(); + } + + void ssl_error(int x) + { + if(x == QCA::TLS::ErrHandshake) { + printf("SSL Handshake Error! Closing.\n"); + sock->close(); + } + else { + printf("SSL Error! Closing.\n"); + sock->close(); + } + } + +private: + int port; + TQSocket *sock; + QCA::TLS *ssl; + QCA::Cert cert; + QCA::RSAKey privkey; + + bool sent; + int mode; + int bytesLeft; + LayerTracker layer; +}; + +#include"sslservtest.moc" + +int main(int argc, char **argv) +{ + TQApplication app(argc, argv, false); + int port = argc > 1 ? TQString(argv[1]).toInt() : 8000; + + if(!QCA::isSupported(QCA::CAP_TLS)) { + printf("TLS not supported!\n"); + return 1; + } + + SecureServerTest *s = new SecureServerTest(port); + TQObject::connect(s, SIGNAL(quit()), &app, SLOT(quit())); + s->start(); + app.exec(); + delete s; + + return 0; +} |