/src/qtbase/src/network/ssl/qsslpresharedkeyauthenticator.cpp
Line | Count | Source |
1 | | // Copyright (C) 2014 Governikus GmbH & Co. KG. |
2 | | // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only |
3 | | // Qt-Security score:significant reason:default |
4 | | |
5 | | #include "qsslpresharedkeyauthenticator.h" |
6 | | #include "qsslpresharedkeyauthenticator_p.h" |
7 | | |
8 | | #include <QSharedData> |
9 | | |
10 | | QT_BEGIN_NAMESPACE |
11 | | |
12 | | QT_IMPL_METATYPE_EXTERN(QSslPreSharedKeyAuthenticator) |
13 | | QT_IMPL_METATYPE_EXTERN_TAGGED(QSslPreSharedKeyAuthenticator*, QSslPreSharedKeyAuthenticator_ptr) |
14 | | |
15 | | /*! |
16 | | \internal |
17 | | */ |
18 | | QSslPreSharedKeyAuthenticatorPrivate::QSslPreSharedKeyAuthenticatorPrivate() |
19 | 0 | : maximumIdentityLength(0), |
20 | 0 | maximumPreSharedKeyLength(0) |
21 | 0 | { |
22 | 0 | } |
23 | | |
24 | | /*! |
25 | | \class QSslPreSharedKeyAuthenticator |
26 | | |
27 | | \brief The QSslPreSharedKeyAuthenticator class provides authentication data for pre |
28 | | shared keys (PSK) ciphersuites. |
29 | | |
30 | | \inmodule QtNetwork |
31 | | |
32 | | \reentrant |
33 | | |
34 | | \ingroup network |
35 | | \ingroup ssl |
36 | | \ingroup shared |
37 | | |
38 | | \since 5.5 |
39 | | |
40 | | The QSslPreSharedKeyAuthenticator class is used by an SSL socket to provide |
41 | | the required authentication data in a pre shared key (PSK) ciphersuite. |
42 | | |
43 | | In a PSK handshake, the client must derive a key, which must match the key |
44 | | set on the server. The exact algorithm of deriving the key depends on the |
45 | | application; however, for this purpose, the server may send an \e{identity |
46 | | hint} to the client. This hint, combined with other information (for |
47 | | instance a passphrase), is then used by the client to construct the shared |
48 | | key. |
49 | | |
50 | | The QSslPreSharedKeyAuthenticator provides means to client applications for |
51 | | completing the PSK handshake. The client application needs to connect a |
52 | | slot to the QSslSocket::preSharedKeyAuthenticationRequired() signal: |
53 | | |
54 | | \snippet code/src_network_ssl_qsslpresharedkeyauthenticator.cpp 0 |
55 | | |
56 | | The signal carries a QSslPreSharedKeyAuthenticator object containing the |
57 | | identity hint the server sent to the client, and which must be filled with the |
58 | | corresponding client identity and the derived key: |
59 | | |
60 | | \snippet code/src_network_ssl_qsslpresharedkeyauthenticator.cpp 1 |
61 | | |
62 | | \note PSK ciphersuites are supported only when using OpenSSL 1.0.1 (or |
63 | | greater) as the SSL backend. |
64 | | |
65 | | \note PSK is currently only supported in OpenSSL. |
66 | | |
67 | | \sa QSslSocket |
68 | | */ |
69 | | |
70 | | /*! |
71 | | Constructs a default QSslPreSharedKeyAuthenticator object. |
72 | | |
73 | | The identity hint, the identity and the key will be initialized to empty |
74 | | byte arrays; the maximum length for both the identity and the key will be |
75 | | initialized to 0. |
76 | | */ |
77 | | QSslPreSharedKeyAuthenticator::QSslPreSharedKeyAuthenticator() |
78 | 0 | : d(new QSslPreSharedKeyAuthenticatorPrivate) |
79 | 0 | { |
80 | 0 | } |
81 | | |
82 | | /*! |
83 | | Destroys the QSslPreSharedKeyAuthenticator object. |
84 | | */ |
85 | | QSslPreSharedKeyAuthenticator::~QSslPreSharedKeyAuthenticator() |
86 | 0 | { |
87 | 0 | } |
88 | | |
89 | | /*! |
90 | | Constructs a QSslPreSharedKeyAuthenticator object as a copy of \a authenticator. |
91 | | |
92 | | \sa operator=() |
93 | | */ |
94 | | QSslPreSharedKeyAuthenticator::QSslPreSharedKeyAuthenticator(const QSslPreSharedKeyAuthenticator &authenticator) |
95 | 0 | : d(authenticator.d) |
96 | 0 | { |
97 | 0 | } |
98 | | |
99 | | /*! |
100 | | Assigns the QSslPreSharedKeyAuthenticator object \a authenticator to this object, |
101 | | and returns a reference to the copy. |
102 | | */ |
103 | | QSslPreSharedKeyAuthenticator &QSslPreSharedKeyAuthenticator::operator=(const QSslPreSharedKeyAuthenticator &authenticator) |
104 | 0 | { |
105 | 0 | d = authenticator.d; |
106 | 0 | return *this; |
107 | 0 | } |
108 | | |
109 | | /*! |
110 | | \fn QSslPreSharedKeyAuthenticator &QSslPreSharedKeyAuthenticator::operator=(QSslPreSharedKeyAuthenticator &&authenticator) |
111 | | |
112 | | Move-assigns the QSslPreSharedKeyAuthenticator object \a authenticator to this |
113 | | object, and returns a reference to the moved instance. |
114 | | */ |
115 | | |
116 | | /*! |
117 | | \fn void QSslPreSharedKeyAuthenticator::swap(QSslPreSharedKeyAuthenticator &other) |
118 | | \memberswap{authenticator} |
119 | | */ |
120 | | |
121 | | /*! |
122 | | Returns the PSK identity hint as provided by the server. The interpretation |
123 | | of this hint is left to the application. |
124 | | */ |
125 | | QByteArray QSslPreSharedKeyAuthenticator::identityHint() const |
126 | 0 | { |
127 | 0 | return d->identityHint; |
128 | 0 | } |
129 | | |
130 | | /*! |
131 | | Sets the PSK client identity (to be advised to the server) to \a identity. |
132 | | |
133 | | \note it is possible to set an identity whose length is greater than |
134 | | maximumIdentityLength(); in this case, only the first maximumIdentityLength() |
135 | | bytes will be actually sent to the server. |
136 | | |
137 | | \sa identity(), maximumIdentityLength() |
138 | | */ |
139 | | void QSslPreSharedKeyAuthenticator::setIdentity(const QByteArray &identity) |
140 | 0 | { |
141 | 0 | d->identity = identity; |
142 | 0 | } |
143 | | |
144 | | /*! |
145 | | Returns the PSK client identity. |
146 | | |
147 | | \sa setIdentity() |
148 | | */ |
149 | | QByteArray QSslPreSharedKeyAuthenticator::identity() const |
150 | 0 | { |
151 | 0 | return d->identity; |
152 | 0 | } |
153 | | |
154 | | |
155 | | /*! |
156 | | Returns the maximum length, in bytes, of the PSK client identity. |
157 | | |
158 | | \note it is possible to set an identity whose length is greater than |
159 | | maximumIdentityLength(); in this case, only the first maximumIdentityLength() |
160 | | bytes will be actually sent to the server. |
161 | | |
162 | | \sa setIdentity() |
163 | | */ |
164 | | int QSslPreSharedKeyAuthenticator::maximumIdentityLength() const |
165 | 0 | { |
166 | 0 | return d->maximumIdentityLength; |
167 | 0 | } |
168 | | |
169 | | |
170 | | /*! |
171 | | Sets the pre shared key to \a preSharedKey. |
172 | | |
173 | | \note it is possible to set a key whose length is greater than the |
174 | | maximumPreSharedKeyLength(); in this case, only the first |
175 | | maximumPreSharedKeyLength() bytes will be actually sent to the server. |
176 | | |
177 | | \sa preSharedKey(), maximumPreSharedKeyLength(), QByteArray::fromHex() |
178 | | */ |
179 | | void QSslPreSharedKeyAuthenticator::setPreSharedKey(const QByteArray &preSharedKey) |
180 | 0 | { |
181 | 0 | d->preSharedKey = preSharedKey; |
182 | 0 | } |
183 | | |
184 | | /*! |
185 | | Returns the pre shared key. |
186 | | |
187 | | \sa setPreSharedKey() |
188 | | */ |
189 | | QByteArray QSslPreSharedKeyAuthenticator::preSharedKey() const |
190 | 0 | { |
191 | 0 | return d->preSharedKey; |
192 | 0 | } |
193 | | |
194 | | /*! |
195 | | Returns the maximum length, in bytes, of the pre shared key. |
196 | | |
197 | | \note it is possible to set a key whose length is greater than the |
198 | | maximumPreSharedKeyLength(); in this case, only the first |
199 | | maximumPreSharedKeyLength() bytes will be actually sent to the server. |
200 | | |
201 | | \sa setPreSharedKey() |
202 | | */ |
203 | | int QSslPreSharedKeyAuthenticator::maximumPreSharedKeyLength() const |
204 | 0 | { |
205 | 0 | return d->maximumPreSharedKeyLength; |
206 | 0 | } |
207 | | |
208 | | /*! |
209 | | \fn bool QSslPreSharedKeyAuthenticator::operator==(const QSslPreSharedKeyAuthenticator &lhs, const QSslPreSharedKeyAuthenticator &rhs) |
210 | | \since 5.5 |
211 | | |
212 | | Returns \c true if the authenticator object \a lhs is equal to \a rhs; |
213 | | \c false otherwise. |
214 | | |
215 | | Two authenticator objects are equal if and only if they have the same |
216 | | identity hint, identity, pre shared key, maximum length for the identity |
217 | | and maximum length for the pre shared key. |
218 | | */ |
219 | | |
220 | | /*! |
221 | | \fn bool QSslPreSharedKeyAuthenticator::operator!=(const QSslPreSharedKeyAuthenticator &lhs, const QSslPreSharedKeyAuthenticator &rhs) |
222 | | \since 5.5 |
223 | | |
224 | | Returns \c true if the authenticator object \a lhs is not equal to \a rhs; |
225 | | \c false otherwise. |
226 | | */ |
227 | | |
228 | | /*! |
229 | | \internal |
230 | | */ |
231 | | bool QSslPreSharedKeyAuthenticator::isEqual(const QSslPreSharedKeyAuthenticator &other) const |
232 | 0 | { |
233 | 0 | return ((d == other.d) || |
234 | 0 | (d->identityHint == other.d->identityHint && |
235 | 0 | d->identity == other.d->identity && |
236 | 0 | d->maximumIdentityLength == other.d->maximumIdentityLength && |
237 | 0 | d->preSharedKey == other.d->preSharedKey && |
238 | 0 | d->maximumPreSharedKeyLength == other.d->maximumPreSharedKeyLength)); |
239 | 0 | } |
240 | | |
241 | | QT_END_NAMESPACE |