1// Copyright (C) 2014 Governikus GmbH & Co. KG.
2// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
3// Qt-Security score:significant reason:default
4
5#include "qsslpresharedkeyauthenticator.h"
6#include "qsslpresharedkeyauthenticator_p.h"
7
8#include <QSharedData>
9
10QT_BEGIN_NAMESPACE
11
12QT_IMPL_METATYPE_EXTERN(QSslPreSharedKeyAuthenticator)
13QT_IMPL_METATYPE_EXTERN_TAGGED(QSslPreSharedKeyAuthenticator*, QSslPreSharedKeyAuthenticator_ptr)
14
15/*!
16 \internal
17*/
18QSslPreSharedKeyAuthenticatorPrivate::QSslPreSharedKeyAuthenticatorPrivate()
19 : maximumIdentityLength(0),
20 maximumPreSharedKeyLength(0)
21{
22}
23
24/*!
25 \class QSslPreSharedKeyAuthenticator
26
27 \brief The QSslPreSharedKeyAuthenticator class provides authentication data for pre
28 shared keys (PSK) ciphersuites.
29
30 \inmodule QtNetwork
31
32 \reentrant
33
34 \ingroup network
35 \ingroup ssl
36 \ingroup shared
37
38 \since 5.5
39
40 The QSslPreSharedKeyAuthenticator class is used by an SSL socket to provide
41 the required authentication data in a pre shared key (PSK) ciphersuite.
42
43 In a PSK handshake, the client must derive a key, which must match the key
44 set on the server. The exact algorithm of deriving the key depends on the
45 application; however, for this purpose, the server may send an \e{identity
46 hint} to the client. This hint, combined with other information (for
47 instance a passphrase), is then used by the client to construct the shared
48 key.
49
50 The QSslPreSharedKeyAuthenticator provides means to client applications for
51 completing the PSK handshake. The client application needs to connect a
52 slot to the QSslSocket::preSharedKeyAuthenticationRequired() signal:
53
54 \snippet code/src_network_ssl_qsslpresharedkeyauthenticator.cpp 0
55
56 The signal carries a QSslPreSharedKeyAuthenticator object containing the
57 identity hint the server sent to the client, and which must be filled with the
58 corresponding client identity and the derived key:
59
60 \snippet code/src_network_ssl_qsslpresharedkeyauthenticator.cpp 1
61
62 \note PSK ciphersuites are supported only when using OpenSSL 1.0.1 (or
63 greater) as the SSL backend.
64
65 \note PSK is currently only supported in OpenSSL.
66
67 \sa QSslSocket
68*/
69
70/*!
71 Constructs a default QSslPreSharedKeyAuthenticator object.
72
73 The identity hint, the identity and the key will be initialized to empty
74 byte arrays; the maximum length for both the identity and the key will be
75 initialized to 0.
76*/
77QSslPreSharedKeyAuthenticator::QSslPreSharedKeyAuthenticator()
78 : d(new QSslPreSharedKeyAuthenticatorPrivate)
79{
80}
81
82/*!
83 Destroys the QSslPreSharedKeyAuthenticator object.
84*/
85QSslPreSharedKeyAuthenticator::~QSslPreSharedKeyAuthenticator()
86{
87}
88
89/*!
90 Constructs a QSslPreSharedKeyAuthenticator object as a copy of \a authenticator.
91
92 \sa operator=()
93*/
94QSslPreSharedKeyAuthenticator::QSslPreSharedKeyAuthenticator(const QSslPreSharedKeyAuthenticator &authenticator)
95 : d(authenticator.d)
96{
97}
98
99/*!
100 Assigns the QSslPreSharedKeyAuthenticator object \a authenticator to this object,
101 and returns a reference to the copy.
102*/
103QSslPreSharedKeyAuthenticator &QSslPreSharedKeyAuthenticator::operator=(const QSslPreSharedKeyAuthenticator &authenticator)
104{
105 d = authenticator.d;
106 return *this;
107}
108
109/*!
110 \fn QSslPreSharedKeyAuthenticator &QSslPreSharedKeyAuthenticator::operator=(QSslPreSharedKeyAuthenticator &&authenticator)
111
112 Move-assigns the QSslPreSharedKeyAuthenticator object \a authenticator to this
113 object, and returns a reference to the moved instance.
114*/
115
116/*!
117 \fn void QSslPreSharedKeyAuthenticator::swap(QSslPreSharedKeyAuthenticator &other)
118 \memberswap{authenticator}
119*/
120
121/*!
122 Returns the PSK identity hint as provided by the server. The interpretation
123 of this hint is left to the application.
124*/
125QByteArray QSslPreSharedKeyAuthenticator::identityHint() const
126{
127 return d->identityHint;
128}
129
130/*!
131 Sets the PSK client identity (to be advised to the server) to \a identity.
132
133 \note it is possible to set an identity whose length is greater than
134 maximumIdentityLength(); in this case, only the first maximumIdentityLength()
135 bytes will be actually sent to the server.
136
137 \sa identity(), maximumIdentityLength()
138*/
139void QSslPreSharedKeyAuthenticator::setIdentity(const QByteArray &identity)
140{
141 d->identity = identity;
142}
143
144/*!
145 Returns the PSK client identity.
146
147 \sa setIdentity()
148*/
149QByteArray QSslPreSharedKeyAuthenticator::identity() const
150{
151 return d->identity;
152}
153
154
155/*!
156 Returns the maximum length, in bytes, of the PSK client identity.
157
158 \note it is possible to set an identity whose length is greater than
159 maximumIdentityLength(); in this case, only the first maximumIdentityLength()
160 bytes will be actually sent to the server.
161
162 \sa setIdentity()
163*/
164int QSslPreSharedKeyAuthenticator::maximumIdentityLength() const
165{
166 return d->maximumIdentityLength;
167}
168
169
170/*!
171 Sets the pre shared key to \a preSharedKey.
172
173 \note it is possible to set a key whose length is greater than the
174 maximumPreSharedKeyLength(); in this case, only the first
175 maximumPreSharedKeyLength() bytes will be actually sent to the server.
176
177 \sa preSharedKey(), maximumPreSharedKeyLength(), QByteArray::fromHex()
178*/
179void QSslPreSharedKeyAuthenticator::setPreSharedKey(const QByteArray &preSharedKey)
180{
181 d->preSharedKey = preSharedKey;
182}
183
184/*!
185 Returns the pre shared key.
186
187 \sa setPreSharedKey()
188*/
189QByteArray QSslPreSharedKeyAuthenticator::preSharedKey() const
190{
191 return d->preSharedKey;
192}
193
194/*!
195 Returns the maximum length, in bytes, of the pre shared key.
196
197 \note it is possible to set a key whose length is greater than the
198 maximumPreSharedKeyLength(); in this case, only the first
199 maximumPreSharedKeyLength() bytes will be actually sent to the server.
200
201 \sa setPreSharedKey()
202*/
203int QSslPreSharedKeyAuthenticator::maximumPreSharedKeyLength() const
204{
205 return d->maximumPreSharedKeyLength;
206}
207
208/*!
209 \fn bool QSslPreSharedKeyAuthenticator::operator==(const QSslPreSharedKeyAuthenticator &lhs, const QSslPreSharedKeyAuthenticator &rhs)
210 \since 5.5
211
212 Returns \c true if the authenticator object \a lhs is equal to \a rhs;
213 \c false otherwise.
214
215 Two authenticator objects are equal if and only if they have the same
216 identity hint, identity, pre shared key, maximum length for the identity
217 and maximum length for the pre shared key.
218*/
219
220/*!
221 \fn bool QSslPreSharedKeyAuthenticator::operator!=(const QSslPreSharedKeyAuthenticator &lhs, const QSslPreSharedKeyAuthenticator &rhs)
222 \since 5.5
223
224 Returns \c true if the authenticator object \a lhs is not equal to \a rhs;
225 \c false otherwise.
226*/
227
228/*!
229 \internal
230*/
231bool QSslPreSharedKeyAuthenticator::isEqual(const QSslPreSharedKeyAuthenticator &other) const
232{
233 return ((d == other.d) ||
234 (d->identityHint == other.d->identityHint &&
235 d->identity == other.d->identity &&
236 d->maximumIdentityLength == other.d->maximumIdentityLength &&
237 d->preSharedKey == other.d->preSharedKey &&
238 d->maximumPreSharedKeyLength == other.d->maximumPreSharedKeyLength));
239}
240
241QT_END_NAMESPACE
242

source code of qtbase/src/network/ssl/qsslpresharedkeyauthenticator.cpp