d1/de5/src__network__ssl__qdtls_8cpp_source.html

// Copyright (C) 2018 The Qt Company Ltd.

// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR BSD-3-Clause


using namespace Qt::StringLiterals;

// A client initiates a handshake:

QUdpSocket clientSocket;

QDtls clientDtls;

clientDtls.setPeer(address, port, peerName);

clientDtls.doHandshake(&clientSocket);


// A server accepting an incoming connection; address, port, clientHello are

// read by QUdpSocket::readDatagram():

QByteArray clientHello(serverSocket.pendingDatagramSize(), Qt::Uninitialized);

QHostAddress address;

quin16 port = {};

serverSocket.readDatagram(clientHello.data(), clientHello.size(), &address, &port);


QDtls serverDtls;

serverDtls.setPeer(address, port);

serverDtls.doHandshake(&serverSocket, clientHello);


// Handshake completion, both for server and client:

void DtlsConnection::continueHandshake(const QByteArray &datagram)

{

    if (dtls.doHandshake(&udpSocket, datagram)) {

        // Check handshake status:

        if (dtls.handshakeStatus() == QDlts::HandshakeComplete) {

            // Secure DTLS connection is now established.

        }

    } else {

        // Error handling.

    }

}


DtlsClient::DtlsClient()

{

    // Some initialization code here ...

    connect(&clientDtls, &QDtls::handshakeTimeout, this, &DtlsClient::handleTimeout);

}


void DtlsClient::handleTimeout()

{

    clientDtls.handleTimeout(&clientSocket);

}


// Sending an encrypted datagram:

dtlsConnection.writeDatagramEncrypted(&clientSocket, "Hello DTLS server!");


// Decryption:

QByteArray encryptedMessage(dgramSize);

socket.readDatagram(encryptedMessage.data(), dgramSize);

const QByteArray plainText = dtlsConnection.decryptDatagram(&socket, encryptedMessage);


DtlsClient::~DtlsClient()

{

    clientDtls.shutdown(&clientSocket);

}


auto config = QSslConfiguration::defaultDtlsConfiguration();

config.setDtlsCookieVerificationEnabled(false);

// Some other customization ...

dtlsConnection.setDtlsConfiguration(config);


if (!dtls.doHandshake(&socket, dgram)) {

    if (dtls.dtlsError() == QDtlsError::PeerVerificationError)

        dtls.abortAfterError(&socket);

}


QList<QSslCertificate> cert = QSslCertificate::fromPath("server-certificate.pem"_L1);

QSslError error(QSslError::SelfSignedCertificate, cert.at(0));

QList<QSslError> expectedSslErrors;

expectedSslErrors.append(error);


QDtls dtls;

dtls.ignoreVerificationErrors(expectedSslErrors);

dtls.doHandshake(udpSocket);


QByteArray
\inmodule QtCore
Definition qbytearray.h:57

QByteArray::data
char * data()
\macro QT_NO_CAST_FROM_BYTEARRAY
Definition qbytearray.h:611

QByteArray::size
qsizetype size() const noexcept
Returns the number of bytes in this byte array.
Definition qbytearray.h:494

QDtls
This class provides encryption for UDP sockets.
Definition qdtls.h:83

QDtls::setPeer
bool setPeer(const QHostAddress &address, quint16 port, const QString &verificationName={})
Sets the peer's address, port, and host name and returns true if successful.
Definition qdtls.cpp:542

QDtls::handshakeTimeout
void handshakeTimeout()
Packet loss can result in timeouts during the handshake phase.

QDtls::handleTimeout
bool handleTimeout(QUdpSocket *socket)
If a timeout occurs during the handshake, the handshakeTimeout() signal is emitted.
Definition qdtls.cpp:873

QDtls::doHandshake
bool doHandshake(QUdpSocket *socket, const QByteArray &dgram={})
Starts or continues a DTLS handshake.
Definition qdtls.cpp:810

QDtls::shutdown
bool shutdown(QUdpSocket *socket)
Sends an encrypted shutdown alert message and closes the DTLS connection.
Definition qdtls.cpp:981

QDtls::ignoreVerificationErrors
void ignoreVerificationErrors(const QList< QSslError > &errorsToIgnore)
This method tells QDtls to ignore only the errors given in errorsToIgnore.
Definition qdtls.cpp:1190

QDtls::dtlsError
QDtlsError dtlsError() const
Returns the last error encountered by the connection or QDtlsError::NoError.
Definition qdtls.cpp:1129

QHostAddress
The QHostAddress class provides an IP address.
Definition qhostaddress.h:38

QList::at
const_reference at(qsizetype i) const noexcept
Definition qlist.h:446

QList::append
void append(parameter_type t)
Definition qlist.h:458

QSslCertificate::fromPath
static QList< QSslCertificate > fromPath(const QString &path, QSsl::EncodingFormat format=QSsl::Pem, PatternSyntax syntax=PatternSyntax::FixedString)
Definition qsslcertificate.cpp:617

QSslError
The QSslError class provides an SSL error.
Definition qsslerror.h:21

QSslError::SelfSignedCertificate
@ SelfSignedCertificate
Definition qsslerror.h:34

QUdpSocket
\reentrant
Definition qudpsocket.h:21

Qt::StringLiterals
Definition qbytearray.h:803

Qt::Uninitialized
constexpr Initialization Uninitialized
Definition qnamespace.h:1597

error
DBusConnection const char DBusError * error
Definition qdbus_symbols_p.h:165

QDtlsError::PeerVerificationError
@ PeerVerificationError

config
EGLConfig config
Definition qeglstreamconvenience_p.h:79

port
EGLOutputPortEXT port
Definition qeglstreamconvenience_p.h:49

address
GLuint GLuint64EXT address
Definition qopenglext.h:11428

connect
connect(quitButton, &QPushButton::clicked, &app, &QCoreApplication::quit, Qt::QueuedConnection)

socket
QTcpSocket * socket
[1]
Definition src_corelib_kernel_qobject.cpp:392

expectedSslErrors
QList< QSslError > expectedSslErrors
Definition src_network_access_qnetworkreply.cpp:9

cert
QList< QSslCertificate > cert
[0]
Definition src_network_access_qnetworkreply.cpp:7

address
QHostAddress address
Definition src_network_ssl_qdtls.cpp:15

serverDtls
QDtls serverDtls
Definition src_network_ssl_qdtls.cpp:19

dtls
QDtls dtls
Definition src_network_ssl_qdtls.cpp:88

plainText
const QByteArray plainText
Definition src_network_ssl_qdtls.cpp:58

clientDtls
QDtls clientDtls
Definition src_network_ssl_qdtls.cpp:8

encryptedMessage
QByteArray encryptedMessage(dgramSize)

clientHello
QByteArray clientHello(serverSocket.pendingDatagramSize(), Qt::Uninitialized)

clientSocket
QUdpSocket clientSocket
[0]
Definition src_network_ssl_qdtls.cpp:7

serverSocket
serverDtls doHandshake & serverSocket
Definition src_network_ssl_qdtls.cpp:21