QSslPreSharedKeyAuthenticator Class
The QSslPreSharedKeyAuthenticator class provides authentication data for pre shared keys (PSK) ciphersuites. More...
| Header: | #include <QSslPreSharedKeyAuthenticator> |
| qmake: | QT += network |
| Since: | Qt 5.5 |
This class was introduced in Qt 5.5.
Note: All functions in this class are reentrant.
Detailed Description
The QSslPreSharedKeyAuthenticator class is used by an SSL socket to provide the required authentication data in a pre shared key (PSK) ciphersuite.
In a PSK handshake, the client must derive a key, which must match the key set on the server. The exact algorithm of deriving the key depends on the application; however, for this purpose, the server may send an identity hint to the client. This hint, combined with other information (for instance a passphrase), is then used by the client to construct the shared key.
The QSslPreSharedKeyAuthenticator provides means to client applications for completing the PSK handshake. The client application needs to connect a slot to the QSslSocket::preSharedKeyAuthenticationRequired() signal:
connect(socket, &QSslSocket::preSharedKeyAuthenticationRequired,
this, &AuthManager::handlePreSharedKeyAuthentication);
The signal carries a QSslPreSharedKeyAuthenticator object containing the identity hint the server sent to the client, and which must be filled with the corresponding client identity and the derived key:
void AuthManager::handlePreSharedKeyAuthentication(QSslPreSharedKeyAuthenticator *authenticator)
{
authenticator->setIdentity("My Qt App");
const QByteArray key = deriveKey(authenticator->identityHint(), passphrase);
authenticator->setPreSharedKey(key);
}
Note: PSK ciphersuites are supported only when using OpenSSL 1.0.1 (or greater) as the SSL backend.
Note: PSK is currently only supported in OpenSSL.
See also QSslSocket.