QSslPreSharedKeyAuthenticator Class

The QSslPreSharedKeyAuthenticator class provides authentication data for pre shared keys (PSK) ciphersuites. More...

Header: #include <QSslPreSharedKeyAuthenticator>
qmake: QT += network
Since: Qt 5.5

Note: All functions in this class are reentrant.

Public Functions

QSslPreSharedKeyAuthenticator()
QSslPreSharedKeyAuthenticator(const QSslPreSharedKeyAuthenticator &authenticator)
~QSslPreSharedKeyAuthenticator()
QByteArray identity() const
QByteArray identityHint() const
int maximumIdentityLength() const
int maximumPreSharedKeyLength() const
QByteArray preSharedKey() const
void setIdentity(const QByteArray &identity)
void setPreSharedKey(const QByteArray &preSharedKey)
void swap(QSslPreSharedKeyAuthenticator &authenticator)
QSslPreSharedKeyAuthenticator &operator=(const QSslPreSharedKeyAuthenticator &authenticator)
QSslPreSharedKeyAuthenticator &operator=(QSslPreSharedKeyAuthenticator &&authenticator)
bool operator!=(const QSslPreSharedKeyAuthenticator &lhs, const QSslPreSharedKeyAuthenticator &rhs)

Detailed Description

The QSslPreSharedKeyAuthenticator class provides authentication data for pre shared keys (PSK) ciphersuites.

The QSslPreSharedKeyAuthenticator class is used by an SSL socket to provide the required authentication data in a pre shared key (PSK) ciphersuite.

In a PSK handshake, the client must derive a key, which must match the key set on the server. The exact algorithm of deriving the key depends on the application; however, for this purpose, the server may send an identity hint to the client. This hint, combined with other information (for instance a passphrase), is then used by the client to construct the shared key.

The QSslPreSharedKeyAuthenticator provides means to client applications for completing the PSK handshake. The client application needs to connect a slot to the QSslSocket::preSharedKeyAuthenticationRequired() signal:


  connect(socket, &QSslSocket::preSharedKeyAuthenticationRequired,
          this, &AuthManager::handlePreSharedKeyAuthentication);

The signal carries a QSslPreSharedKeyAuthenticator object containing the identity hint the server sent to the client, and which must be filled with the corresponding client identity and the derived key:


  void AuthManager::handlePreSharedKeyAuthentication(QSslPreSharedKeyAuthenticator *authenticator)
  {
      authenticator->setIdentity("My Qt App");

      const QByteArray key = deriveKey(authenticator->identityHint(), passphrase);
      authenticator->setPreSharedKey(key);
  }

Note: PSK ciphersuites are supported only when using OpenSSL 1.0.1 (or greater) as the SSL backend.

See also QSslSocket.

Member Function Documentation

QSslPreSharedKeyAuthenticator::QSslPreSharedKeyAuthenticator()

Constructs a default QSslPreSharedKeyAuthenticator object.

The identity hint, the identity and the key will be initialized to empty byte arrays; the maximum length for both the identity and the key will be initialized to 0.

QSslPreSharedKeyAuthenticator::QSslPreSharedKeyAuthenticator(const QSslPreSharedKeyAuthenticator &authenticator)

Constructs a QSslPreSharedKeyAuthenticator object as a copy of authenticator.

See also operator=().

QSslPreSharedKeyAuthenticator::~QSslPreSharedKeyAuthenticator()

Destroys the QSslPreSharedKeyAuthenticator object.

QByteArray QSslPreSharedKeyAuthenticator::identity() const

Returns the PSK client identity.

See also setIdentity().

QByteArray QSslPreSharedKeyAuthenticator::identityHint() const

Returns the PSK identity hint as provided by the server. The interpretation of this hint is left to the application.

int QSslPreSharedKeyAuthenticator::maximumIdentityLength() const

Returns the maximum length, in bytes, of the PSK client identity.

Note: it is possible to set an identity whose length is greater than maximumIdentityLength(); in this case, only the first maximumIdentityLength() bytes will be actually sent to the server.

See also setIdentity().

int QSslPreSharedKeyAuthenticator::maximumPreSharedKeyLength() const

Returns the maximum length, in bytes, of the pre shared key.

Note: it is possible to set a key whose length is greater than the maximumPreSharedKeyLength(); in this case, only the first maximumPreSharedKeyLength() bytes will be actually sent to the server.

See also setPreSharedKey().

QByteArray QSslPreSharedKeyAuthenticator::preSharedKey() const

Returns the pre shared key.

See also setPreSharedKey().

void QSslPreSharedKeyAuthenticator::setIdentity(const QByteArray &identity)

Sets the PSK client identity (to be advised to the server) to identity.

Note: it is possible to set an identity whose length is greater than maximumIdentityLength(); in this case, only the first maximumIdentityLength() bytes will be actually sent to the server.

See also identity() and maximumIdentityLength().

void QSslPreSharedKeyAuthenticator::setPreSharedKey(const QByteArray &preSharedKey)

Sets the pre shared key to preSharedKey.

Note: it is possible to set a key whose length is greater than the maximumPreSharedKeyLength(); in this case, only the first maximumPreSharedKeyLength() bytes will be actually sent to the server.

See also preSharedKey(), maximumPreSharedKeyLength(), and QByteArray::fromHex().

void QSslPreSharedKeyAuthenticator::swap(QSslPreSharedKeyAuthenticator &authenticator)

Swaps the QSslPreSharedKeyAuthenticator object authenticator with this object. This operation is very fast and never fails.

QSslPreSharedKeyAuthenticator &QSslPreSharedKeyAuthenticator::operator=(const QSslPreSharedKeyAuthenticator &authenticator)

Assigns the QSslPreSharedKeyAuthenticator object authenticator to this object, and returns a reference to the copy.

QSslPreSharedKeyAuthenticator &QSslPreSharedKeyAuthenticator::operator=(QSslPreSharedKeyAuthenticator &&authenticator)

Move-assigns the the QSslPreSharedKeyAuthenticator object authenticator to this object, and returns a reference to the moved instance.

Related Non-Members

bool operator!=(const QSslPreSharedKeyAuthenticator &lhs, const QSslPreSharedKeyAuthenticator &rhs)

Returns true if the authenticator object lhs is different than rhs; false otherwise.

This function was introduced in Qt 5.5.