QCA

tlssocket.cpp

The code below shows how to create a socket that can operate over an Transport Layer Security (TLS, also known as SSL) connection.

The code below shows how to create a socket that can operate over an Transport Layer Security (TLS, also known as SSL) connection.

/*
Copyright (C) 2007 Justin Karneges <justin@affinix.com>
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*/
#ifndef TLSSOCKET_H
#include <QTcpSocket>
#include <QtCrypto>
class TLSSocket : public QTcpSocket
{
Q_OBJECT
public:
TLSSocket(QObject *parent = nullptr);
~TLSSocket() override;
void connectToHostEncrypted(const QString &host, quint16 port);
QCA::TLS *tls();
bool waitForReadyRead(int msecs = -1) override;
protected:
// from qiodevice
qint64 readData(char *data, qint64 maxlen) override;
qint64 writeData(const char *data, qint64 len) override;
private:
class Private;
friend class Private;
Private *d;
};
#endif
QCA::TLS
Transport Layer Security / Secure Socket Layer.
Definition qca_securelayer.h:290
QObject::Q_OBJECT
Q_OBJECTQ_OBJECT
QObject::parent
QObject * parent() const const
/*
Copyright (C) 2007 Justin Karneges <justin@affinix.com>
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*/
#include "tlssocket.h"
#include <QCoreApplication>
int main(int argc, char **argv)
{
QCA::Initializer init;
QCoreApplication qapp(argc, argv);
TLSSocket socket;
socket.connectToHostEncrypted(QStringLiteral("www.paypal.com"), 443);
socket.write("GET / HTTP/1.0\r\n\r\n");
while (socket.waitForReadyRead())
printf("%s", socket.readAll().constData());
return 0;
}
QCA::Initializer
Convenience method for initialising and cleaning up QCA.
Definition qca_core.h:660
QByteArray::constData
const char * constData() const const
QIODevice::readAll
QByteArray readAll()
QIODevice::write
qint64 write(const QByteArray &data)
/*
Copyright (C) 2007 Justin Karneges <justin@affinix.com>
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*/
#include "tlssocket.h"
#ifdef QT_STATICPLUGIN
#include "import_plugins.h"
#endif
class TLSSocket::Private : public QObject
{
Q_OBJECT
public:
TLSSocket *q;
QTcpSocket *sock;
QCA::TLS *tls;
QString host;
bool encrypted;
bool error, done;
QByteArray readbuf, writebuf;
QCA::Synchronizer sync;
bool waiting;
Private(TLSSocket *_q)
: QObject(_q)
, q(_q)
, sync(_q)
{
sock = new QTcpSocket(this);
connect(sock, &QTcpSocket::connected, this, &TLSSocket::Private::sock_connected);
connect(sock, &QTcpSocket::readyRead, this, &TLSSocket::Private::sock_readyRead);
connect(sock, &QTcpSocket::bytesWritten, this, &TLSSocket::Private::sock_bytesWritten);
#if QT_VERSION >= QT_VERSION_CHECK(5, 15, 0)
connect(sock, &QTcpSocket::errorOccurred, this, &TLSSocket::Private::sock_error);
#else
connect(sock,
QOverload<QAbstractSocket::SocketError>::of(&QTcpSocket::error),
this,
&TLSSocket::Private::sock_error);
#endif
tls = new QCA::TLS(this);
connect(tls, &QCA::TLS::handshaken, this, &TLSSocket::Private::tls_handshaken);
connect(tls, &QCA::TLS::readyRead, this, &TLSSocket::Private::tls_readyRead);
connect(tls, &QCA::TLS::readyReadOutgoing, this, &TLSSocket::Private::tls_readyReadOutgoing);
connect(tls, &QCA::TLS::closed, this, &TLSSocket::Private::tls_closed);
connect(tls, &QCA::TLS::error, this, &TLSSocket::Private::tls_error);
tls->setTrustedCertificates(QCA::systemStore());
encrypted = false;
error = false;
waiting = false;
done = false;
}
bool waitForReadyRead(int msecs)
{
waiting = true;
bool ok = sync.waitForCondition(msecs);
// while(1)
// QCoreApplication::instance()->processEvents();
waiting = false;
if (error || done)
return false;
return ok;
}
private Q_SLOTS:
void sock_connected()
{
// printf("sock connected\n");
tls->startClient(host);
}
void sock_readyRead()
{
// printf("sock ready read\n");
QByteArray buf = sock->readAll();
// printf("%d bytes\n", buf.size());
tls->writeIncoming(buf);
}
void sock_bytesWritten(qint64 x)
{
Q_UNUSED(x);
// printf("sock bytes written: %d\n", (int)x);
}
void sock_error(QAbstractSocket::SocketError x)
{
// printf("sock error: %d\n", x);
Q_UNUSED(x);
done = true;
if (waiting)
sync.conditionMet();
}
void tls_handshaken()
{
// printf("tls handshaken\n");
if (tls->peerIdentityResult() != QCA::TLS::Valid) {
printf("not valid\n");
sock->abort();
tls->reset();
error = true;
} else {
// printf("valid\n");
encrypted = true;
// printf("%d bytes in writebuf\n", writebuf.size());
if (!writebuf.isEmpty()) {
// printf("[%s]\n", writebuf.data());
tls->write(writebuf);
writebuf.clear();
}
}
if (waiting)
sync.conditionMet();
}
void tls_readyRead()
{
// printf("tls ready read\n");
if (waiting)
sync.conditionMet();
}
void tls_readyReadOutgoing()
{
// printf("tls ready read outgoing\n");
QByteArray buf = tls->readOutgoing();
// printf("%d bytes\n", buf.size());
sock->write(buf);
}
void tls_closed()
{
// printf("tls closed\n");
}
void tls_error()
{
// printf("tls error\n");
}
};
TLSSocket::TLSSocket(QObject *parent)
: QTcpSocket(parent)
{
d = new Private(this);
}
TLSSocket::~TLSSocket()
{
delete d;
}
void TLSSocket::connectToHostEncrypted(const QString &host, quint16 port)
{
d->host = host;
setOpenMode(QIODevice::ReadWrite);
d->sock->connectToHost(host, port);
}
QCA::TLS *TLSSocket::tls()
{
return d->tls;
}
bool TLSSocket::waitForReadyRead(int msecs)
{
/*if(d->readbuf.isEmpty())
return false;
if(d->tls->bytesAvailable() == 0)
return false;*/
return d->waitForReadyRead(msecs);
}
qint64 TLSSocket::readData(char *data, qint64 maxlen)
{
if (!d->error)
d->readbuf += d->tls->read();
unsigned char *p = (unsigned char *)d->readbuf.data();
int size = d->readbuf.size();
int readsize = qMin(size, (int)maxlen);
int newsize = size - readsize;
memcpy(data, p, readsize);
memmove(p, p + readsize, newsize);
d->readbuf.resize(newsize);
return readsize;
}
qint64 TLSSocket::writeData(const char *data, qint64 len)
{
// printf("write %d bytes\n", (int)len);
QByteArray buf(data, len);
if (d->encrypted)
d->tls->write(buf);
else
d->writebuf += buf;
return len;
}
#include "tlssocket.moc"
QCA::SecureLayer::error
void error()
This signal is emitted when an error is detected.
QCA::SecureLayer::readyReadOutgoing
void readyReadOutgoing()
This signal is emitted when SecureLayer has encrypted (network side) data ready to be read.
QCA::SecureLayer::closed
void closed()
This signal is emitted when the SecureLayer connection is closed.
QCA::SecureLayer::readyRead
void readyRead()
This signal is emitted when SecureLayer has decrypted (application side) data ready to be read.
QCA::Synchronizer
Enable synchronization between two threads.
Definition qca_support.h:362
QCA::Synchronizer::waitForCondition
bool waitForCondition(int msecs=-1)
Call to pause execution in this thread.
QCA::Synchronizer::conditionMet
void conditionMet()
Call to continue execution in the paused thread.
QCA::TLS::write
void write(const QByteArray &a) override
This method writes unencrypted (plain) data to the SecureLayer implementation.
QCA::TLS::startClient
void startClient(const QString &host=QString())
Start the TLS/SSL connection as a client.
QCA::TLS::writeIncoming
void writeIncoming(const QByteArray &a) override
This method accepts encoded (typically encrypted) data for processing.
QCA::TLS::setTrustedCertificates
void setTrustedCertificates(const CertificateCollection &trusted)
Set up the set of trusted certificates that will be used to verify that the certificate provided is v...
QCA::TLS::reset
void reset()
Reset the connection.
QCA::TLS::peerIdentityResult
IdentityResult peerIdentityResult() const
After the SSL/TLS handshake is complete, this method allows you to determine if the other end of the ...
QCA::TLS::readOutgoing
QByteArray readOutgoing(int *plainBytes=nullptr) override
This method provides encoded (typically encrypted) data.
QCA::TLS::Valid
@ Valid
identity is verified
Definition qca_securelayer.h:331
QCA::TLS::read
QByteArray read() override
This method reads decrypted (plain) data from the SecureLayer implementation.
QCA::TLS::handshaken
void handshaken()
Emitted when the protocol handshake is complete.
QCA::systemStore
QCA_EXPORT CertificateCollection systemStore()
Get system-wide root Certificate Authority (CA) certificates.
QAbstractSocket::connectToHost
void connectToHost(const QHostAddress &address, quint16 port, OpenMode openMode)
QAbstractSocket::error
SocketError error() const const
QAbstractSocket::errorOccurred
void errorOccurred(QAbstractSocket::SocketError socketError)
QByteArray::clear
void clear()
QByteArray::data
char * data()
QByteArray::isEmpty
bool isEmpty() const const
QByteArray::resize
void resize(qsizetype newSize, char c)
QByteArray::size
qsizetype size() const const
QIODevice::bytesWritten
void bytesWritten(qint64 bytes)
QIODevice::readyRead
void readyRead()
QIODevice::setOpenMode
void setOpenMode(QIODeviceBase::OpenMode openMode)
QIODevice::size
virtual qint64 size() const const
QObject::QObject
QObject(QObject *parent)
QObject::Q_SLOTS
Q_SLOTSQ_SLOTS
QObject::connect
QMetaObject::Connection connect(const QObject *sender, PointerToMemberFunction signal, Functor functor)
QTcpSocket::QTcpSocket
QTcpSocket(QObject *parent)
This file is part of the KDE documentation.
Documentation copyright © 1996-2024 The KDE developers.
Generated on Tue Mar 26 2024 11:18:26 by doxygen 1.10.0 written by Dimitri van Heesch, © 1997-2006

KDE's Doxygen guidelines are available online.