1// Copyright (C) 2014 Governikus GmbH & Co. KG.
2// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
3
4#include "qsslpresharedkeyauthenticator.h"
5#include "qsslpresharedkeyauthenticator_p.h"
6
7#include <QSharedData>
8
9QT_BEGIN_NAMESPACE
10
11QT_IMPL_METATYPE_EXTERN(QSslPreSharedKeyAuthenticator)
12QT_IMPL_METATYPE_EXTERN_TAGGED(QSslPreSharedKeyAuthenticator*, QSslPreSharedKeyAuthenticator_ptr)
13
14/*!
15 \internal
16*/
17QSslPreSharedKeyAuthenticatorPrivate::QSslPreSharedKeyAuthenticatorPrivate()
18 : maximumIdentityLength(0),
19 maximumPreSharedKeyLength(0)
20{
21}
22
23/*!
24 \class QSslPreSharedKeyAuthenticator
25
26 \brief The QSslPreSharedKeyAuthenticator class provides authentication data for pre
27 shared keys (PSK) ciphersuites.
28
29 \inmodule QtNetwork
30
31 \reentrant
32
33 \ingroup network
34 \ingroup ssl
35 \ingroup shared
36
37 \since 5.5
38
39 The QSslPreSharedKeyAuthenticator class is used by an SSL socket to provide
40 the required authentication data in a pre shared key (PSK) ciphersuite.
41
42 In a PSK handshake, the client must derive a key, which must match the key
43 set on the server. The exact algorithm of deriving the key depends on the
44 application; however, for this purpose, the server may send an \e{identity
45 hint} to the client. This hint, combined with other information (for
46 instance a passphrase), is then used by the client to construct the shared
47 key.
48
49 The QSslPreSharedKeyAuthenticator provides means to client applications for
50 completing the PSK handshake. The client application needs to connect a
51 slot to the QSslSocket::preSharedKeyAuthenticationRequired() signal:
52
53 \snippet code/src_network_ssl_qsslpresharedkeyauthenticator.cpp 0
54
55 The signal carries a QSslPreSharedKeyAuthenticator object containing the
56 identity hint the server sent to the client, and which must be filled with the
57 corresponding client identity and the derived key:
58
59 \snippet code/src_network_ssl_qsslpresharedkeyauthenticator.cpp 1
60
61 \note PSK ciphersuites are supported only when using OpenSSL 1.0.1 (or
62 greater) as the SSL backend.
63
64 \note PSK is currently only supported in OpenSSL.
65
66 \sa QSslSocket
67*/
68
69/*!
70 Constructs a default QSslPreSharedKeyAuthenticator object.
71
72 The identity hint, the identity and the key will be initialized to empty
73 byte arrays; the maximum length for both the identity and the key will be
74 initialized to 0.
75*/
76QSslPreSharedKeyAuthenticator::QSslPreSharedKeyAuthenticator()
77 : d(new QSslPreSharedKeyAuthenticatorPrivate)
78{
79}
80
81/*!
82 Destroys the QSslPreSharedKeyAuthenticator object.
83*/
84QSslPreSharedKeyAuthenticator::~QSslPreSharedKeyAuthenticator()
85{
86}
87
88/*!
89 Constructs a QSslPreSharedKeyAuthenticator object as a copy of \a authenticator.
90
91 \sa operator=()
92*/
93QSslPreSharedKeyAuthenticator::QSslPreSharedKeyAuthenticator(const QSslPreSharedKeyAuthenticator &authenticator)
94 : d(authenticator.d)
95{
96}
97
98/*!
99 Assigns the QSslPreSharedKeyAuthenticator object \a authenticator to this object,
100 and returns a reference to the copy.
101*/
102QSslPreSharedKeyAuthenticator &QSslPreSharedKeyAuthenticator::operator=(const QSslPreSharedKeyAuthenticator &authenticator)
103{
104 d = authenticator.d;
105 return *this;
106}
107
108/*!
109 \fn QSslPreSharedKeyAuthenticator &QSslPreSharedKeyAuthenticator::operator=(QSslPreSharedKeyAuthenticator &&authenticator)
110
111 Move-assigns the QSslPreSharedKeyAuthenticator object \a authenticator to this
112 object, and returns a reference to the moved instance.
113*/
114
115/*!
116 \fn void QSslPreSharedKeyAuthenticator::swap(QSslPreSharedKeyAuthenticator &authenticator)
117
118 Swaps the QSslPreSharedKeyAuthenticator object \a authenticator with this object.
119 This operation is very fast and never fails.
120*/
121
122/*!
123 Returns the PSK identity hint as provided by the server. The interpretation
124 of this hint is left to the application.
125*/
126QByteArray QSslPreSharedKeyAuthenticator::identityHint() const
127{
128 return d->identityHint;
129}
130
131/*!
132 Sets the PSK client identity (to be advised to the server) to \a identity.
133
134 \note it is possible to set an identity whose length is greater than
135 maximumIdentityLength(); in this case, only the first maximumIdentityLength()
136 bytes will be actually sent to the server.
137
138 \sa identity(), maximumIdentityLength()
139*/
140void QSslPreSharedKeyAuthenticator::setIdentity(const QByteArray &identity)
141{
142 d->identity = identity;
143}
144
145/*!
146 Returns the PSK client identity.
147
148 \sa setIdentity()
149*/
150QByteArray QSslPreSharedKeyAuthenticator::identity() const
151{
152 return d->identity;
153}
154
155
156/*!
157 Returns the maximum length, in bytes, of the PSK client identity.
158
159 \note it is possible to set an identity whose length is greater than
160 maximumIdentityLength(); in this case, only the first maximumIdentityLength()
161 bytes will be actually sent to the server.
162
163 \sa setIdentity()
164*/
165int QSslPreSharedKeyAuthenticator::maximumIdentityLength() const
166{
167 return d->maximumIdentityLength;
168}
169
170
171/*!
172 Sets the pre shared key to \a preSharedKey.
173
174 \note it is possible to set a key whose length is greater than the
175 maximumPreSharedKeyLength(); in this case, only the first
176 maximumPreSharedKeyLength() bytes will be actually sent to the server.
177
178 \sa preSharedKey(), maximumPreSharedKeyLength(), QByteArray::fromHex()
179*/
180void QSslPreSharedKeyAuthenticator::setPreSharedKey(const QByteArray &preSharedKey)
181{
182 d->preSharedKey = preSharedKey;
183}
184
185/*!
186 Returns the pre shared key.
187
188 \sa setPreSharedKey()
189*/
190QByteArray QSslPreSharedKeyAuthenticator::preSharedKey() const
191{
192 return d->preSharedKey;
193}
194
195/*!
196 Returns the maximum length, in bytes, of the pre shared key.
197
198 \note it is possible to set a key whose length is greater than the
199 maximumPreSharedKeyLength(); in this case, only the first
200 maximumPreSharedKeyLength() bytes will be actually sent to the server.
201
202 \sa setPreSharedKey()
203*/
204int QSslPreSharedKeyAuthenticator::maximumPreSharedKeyLength() const
205{
206 return d->maximumPreSharedKeyLength;
207}
208
209/*!
210 \fn bool QSslPreSharedKeyAuthenticator::operator==(const QSslPreSharedKeyAuthenticator &lhs, const QSslPreSharedKeyAuthenticator &rhs)
211 \since 5.5
212
213 Returns \c true if the authenticator object \a lhs is equal to \a rhs;
214 \c false otherwise.
215
216 Two authenticator objects are equal if and only if they have the same
217 identity hint, identity, pre shared key, maximum length for the identity
218 and maximum length for the pre shared key.
219*/
220
221/*!
222 \fn bool QSslPreSharedKeyAuthenticator::operator!=(const QSslPreSharedKeyAuthenticator &lhs, const QSslPreSharedKeyAuthenticator &rhs)
223 \since 5.5
224
225 Returns \c true if the authenticator object \a lhs is not equal to \a rhs;
226 \c false otherwise.
227*/
228
229/*!
230 \internal
231*/
232bool QSslPreSharedKeyAuthenticator::isEqual(const QSslPreSharedKeyAuthenticator &other) const
233{
234 return ((d == other.d) ||
235 (d->identityHint == other.d->identityHint &&
236 d->identity == other.d->identity &&
237 d->maximumIdentityLength == other.d->maximumIdentityLength &&
238 d->preSharedKey == other.d->preSharedKey &&
239 d->maximumPreSharedKeyLength == other.d->maximumPreSharedKeyLength));
240}
241
242QT_END_NAMESPACE
243

source code of qtbase/src/network/ssl/qsslpresharedkeyauthenticator.cpp