Qt
Internal/Contributor docs for the Qt SDK. <b>Note:</b> These are NOT official API docs; those are found <a href='https://doc.qt.io/'>here</a>.
Loading...
Searching...
No Matches
Public Types | Public Member Functions | List of all members
QTlsPrivate::TlsKey Class Referenceabstract

TlsKey is an abstract class, that allows a TLS plugin to provide an underlying implementation for the class QSslKey. More...

#include <qtlsbackend_p.h>

+ Inheritance diagram for QTlsPrivate::TlsKey:
+ Collaboration diagram for QTlsPrivate::TlsKey:

Public Types

using KeyType = QSsl::KeyType
 
using KeyAlgorithm = QSsl::KeyAlgorithm
 

Public Member Functions

virtual ~TlsKey ()
 
virtual void decodeDer (KeyType type, KeyAlgorithm algorithm, const QByteArray &der, const QByteArray &passPhrase, bool deepClear)=0
 
virtual void decodePem (KeyType type, KeyAlgorithm algorithm, const QByteArray &pem, const QByteArray &passPhrase, bool deepClear)=0
 
virtual QByteArray toPem (const QByteArray &passPhrase) const =0
 
virtual QByteArray derFromPem (const QByteArray &pem, QMap< QByteArray, QByteArray > *headers) const =0
 
virtual QByteArray pemFromDer (const QByteArray &der, const QMap< QByteArray, QByteArray > &headers) const =0
 
virtual void fromHandle (Qt::HANDLE handle, KeyType type)=0
 
virtual Qt::HANDLE handle () const =0
 
virtual bool isNull () const =0
 
virtual KeyType type () const =0
 
virtual KeyAlgorithm algorithm () const =0
 
virtual int length () const =0
 
virtual void clear (bool deepClear)=0
 
virtual bool isPkcs8 () const =0
 
virtual QByteArray decrypt (Cipher cipher, const QByteArray &data, const QByteArray &passPhrase, const QByteArray &iv) const =0
 
virtual QByteArray encrypt (Cipher cipher, const QByteArray &data, const QByteArray &key, const QByteArray &iv) const =0
 
QByteArray pemHeader () const
 
QByteArray pemFooter () const
 

Detailed Description

TlsKey is an abstract class, that allows a TLS plugin to provide an underlying implementation for the class QSslKey.

(Network-private)

Most functions in the class TlsKey are pure virtual and thus have to be reimplemented by a TLS backend that supports QSslKey. In many cases an empty implementation as an overrider is sufficient, albeit with some of QSslKey's functionality missing.

See also
QTlsBackend::createKey(), QTlsBackend::implementedClasses(), QSslKey

Definition at line 60 of file qtlsbackend_p.h.

Member Typedef Documentation

◆ KeyAlgorithm

using QTlsPrivate::TlsKey::KeyAlgorithm = QSsl::KeyAlgorithm

Definition at line 65 of file qtlsbackend_p.h.

◆ KeyType

using QTlsPrivate::TlsKey::KeyType = QSsl::KeyType

Definition at line 64 of file qtlsbackend_p.h.

Constructor & Destructor Documentation

◆ ~TlsKey()

QTlsPrivate::TlsKey::~TlsKey ( )
virtualdefault

Destroys this key.

Member Function Documentation

◆ algorithm()

QSsl::KeyAlgorithm QTlsPrivate::TlsKey::algorithm ( ) const
pure virtual

Return this key's algorithm.

Implemented in QTlsPrivate::TlsKeyBase.

Referenced by pemFooter(), and pemHeader().

+ Here is the caller graph for this function:

◆ clear()

void QTlsPrivate::TlsKey::clear ( bool deep)
pure virtual

Clears the contents of this key, making it a null key. The meaning of deep is implementation-specific (e.g. if some internal objects representing a key can be shared using reference counting, deep equal to true would imply decrementing a reference count).

See also
isNull()

Implemented in QTlsPrivate::TlsKeyOpenSSL, and QTlsPrivate::TlsKeyGeneric.

◆ decodeDer()

void QTlsPrivate::TlsKey::decodeDer ( KeyType type,
KeyAlgorithm algorithm,
const QByteArray & der,
const QByteArray & passPhrase,
bool deepClear )
pure virtual

If a support of public and private keys in DER format is required, this function must be overridden and should initialize this key using the type, algorithm, der and passPhrase. If this key was initialized previously, deepClear has an implementation-specific meaning (e.g., if an implementation is using reference-counting and can share internally some data structures, a value true may trigger decrementing a reference counter on some implementation-specific object).

Note
An empty overrider is sufficient, but then reading keys in QSsl::Der format will not be supported.
See also
isNull(), QSsl::KeyType, QSsl::EncodingFormat, QSsl::KeyAlgorithm

Implemented in QTlsPrivate::TlsKeyOpenSSL, and QTlsPrivate::TlsKeyGeneric.

◆ decodePem()

void QTlsPrivate::TlsKey::decodePem ( KeyType type,
KeyAlgorithm algorithm,
const QByteArray & pem,
const QByteArray & passPhrase,
bool deepClear )
pure virtual

If a support of public and private keys in PEM format is required, this function must be overridden and should initialize this key using the type, algorithm, pem and passPhrase. If this key was initialized previously, deepClear has an implementation-specific meaning (e.g., in an implementation using reference-counting, a value true may trigger decrementing a reference counter on some implementation-specific object).

Note
An empty overrider is sufficient, but then reading keys in QSsl::Pem format will not be supported.
See also
isNull(), QSsl::KeyType, QSsl::EncodingFormat, QSsl::KeyAlgorithm

Implemented in QTlsPrivate::TlsKeyOpenSSL, and QTlsPrivate::TlsKeyGeneric.

◆ decrypt()

QByteArray QTlsPrivate::TlsKey::decrypt ( Cipher cipher,
const QByteArray & data,
const QByteArray & passPhrase,
const QByteArray & iv ) const
pure virtual

This function allows to decrypt data (for example, a private key read from a file), using passPhrase, initialization vector iv. cipher is describing a block cipher and its mode (for example, AES256 + CBC). decrypt() is needed to implement QSslKey's constructor.

Note
A TLS backend may provide an empty implementation, but as a result QSslKey will not be able to work with private encrypted keys.
See also
QSslKey

Implemented in QTlsPrivate::TlsKeyOpenSSL, QTlsPrivate::TlsKeySchannel, and QTlsPrivate::TlsKeySecureTransport.

Referenced by QTlsPrivate::TlsKeyGeneric::decodePem().

+ Here is the caller graph for this function:

◆ derFromPem()

QByteArray QTlsPrivate::TlsKey::derFromPem ( const QByteArray & pem,
QMap< QByteArray, QByteArray > * headers ) const
pure virtual

Converts pem to DER format, using this key's type and algorithm. The parameter headers must be a valid, non-null pointer. When parsing pem, the headers found there will be saved into headers.

Note
An overrider returning an empty QByteArray is sufficient, if QSslKey::toDer() is not needed.
This function is very implementation-specific. A backend, that already has this key's non-empty DER data, may simply return this data.
See also
QSslKey::toDer()

Implemented in QTlsPrivate::TlsKeyOpenSSL, and QTlsPrivate::TlsKeyGeneric.

◆ encrypt()

QByteArray QTlsPrivate::TlsKey::encrypt ( Cipher cipher,
const QByteArray & data,
const QByteArray & passPhrase,
const QByteArray & iv ) const
pure virtual

This function is needed to implement QSslKey::toPem() with encryption (for a private key). cipher names a block cipher to use to encrypt data, using passPhrase and initialization vector iv.

Note
An empty implementation is sufficient, but QSslKey::toPem() will fail for a private key and non-empty passphrase.
See also
QSslKey

Implemented in QTlsPrivate::TlsKeyOpenSSL, QTlsPrivate::TlsKeySchannel, and QTlsPrivate::TlsKeySecureTransport.

Referenced by QTlsPrivate::TlsKeyGeneric::toPem().

+ Here is the caller graph for this function:

◆ fromHandle()

void QTlsPrivate::TlsKey::fromHandle ( Qt::HANDLE handle,
KeyType type )
pure virtual

Initializes this key using the handle and type, taking the ownership of the handle.

Note
The meaning of the handle is implementation-specific.
If a TLS backend does not support such keys, it must provide an empty implementation.
See also
handle(), QSslKey::QSslKey(), QSslKet::handle()

Implemented in QTlsPrivate::TlsKeyOpenSSL, and QTlsPrivate::TlsKeyGeneric.

◆ handle()

QTlsPrivate::TlsKey::handle ( ) const
pure virtual

If a TLS backend supports opaque keys, returns a native handle that this key was initialized with.

See also
fromHandle(), QSslKey::handle()

Implemented in QTlsPrivate::TlsKeyOpenSSL, and QTlsPrivate::TlsKeyGeneric.

◆ isNull()

bool QTlsPrivate::TlsKey::isNull ( ) const
pure virtual

Returns true if this is a null key, false otherwise.

Note
A null key corresponds to the default-constructed QSslKey or the one, that was cleared via QSslKey::clear().
See also
QSslKey::isNull()

Implemented in QTlsPrivate::TlsKeyBase.

◆ isPkcs8()

bool QTlsPrivate::TlsKey::isPkcs8 ( ) const
pure virtual

This function is internally used only by Qt's own TLS plugins and affects the way PEM file is generated by TlsKey. It's sufficient to override it and return false in case a new TLS backend is not using Qt's plugin as a base.

Implemented in QTlsPrivate::TlsKeyBase, and QTlsPrivate::TlsKeyGeneric.

◆ length()

int QTlsPrivate::TlsKey::length ( ) const
pure virtual

Returns the length of the key in bits, or -1 if the key is null.

Implemented in QTlsPrivate::TlsKeyOpenSSL, and QTlsPrivate::TlsKeyGeneric.

◆ pemFooter()

QByteArray QTlsPrivate::TlsKey::pemFooter ( ) const

A convenience function that returns a string, corresponding to the key type or algorithm, which can be used as a footer in a PEM file.

Definition at line 1401 of file qtlsbackend.cpp.

References algorithm(), QSsl::Dh, QSsl::Dsa, QSsl::Ec, QSsl::PublicKey, QByteArrayLiteral, QSsl::Rsa, and type().

Referenced by QTlsPrivate::TlsKeyOpenSSL::derFromPem(), QTlsPrivate::TlsKeyGeneric::derFromPem(), and QTlsPrivate::TlsKeyBase::pemFromDer().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ pemFromDer()

QByteArray QTlsPrivate::TlsKey::pemFromDer ( const QByteArray & der,
const QMap< QByteArray, QByteArray > & headers ) const
pure virtual

If overridden, this function is expected to convert der, using headers, to PEM format.

Note
This function is very implementation-specific. As of now (Qt 6.1), it is only required by Qt's own non-OpenSSL backends, that internally use DER and implement QSslKey::toPem() via pemFromDer().

Implemented in QTlsPrivate::TlsKeyBase.

◆ pemHeader()

QByteArray QTlsPrivate::TlsKey::pemHeader ( ) const

A convenience function that returns a string, corresponding to the key type or algorithm, which can be used as a header in a PEM file.

Definition at line 1380 of file qtlsbackend.cpp.

References algorithm(), QSsl::Dh, QSsl::Dsa, QSsl::Ec, QSsl::PublicKey, QByteArrayLiteral, QSsl::Rsa, and type().

Referenced by QTlsPrivate::TlsKeyOpenSSL::derFromPem(), QTlsPrivate::TlsKeyGeneric::derFromPem(), and QTlsPrivate::TlsKeyBase::pemFromDer().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ toPem()

QByteArray QTlsPrivate::TlsKey::toPem ( const QByteArray & passPhrase) const
pure virtual

This function must be overridden, if converting a key to PEM format, potentially with encryption, is needed (e.g. to save a QSslKey into a file). If this key is private and passPhrase is not empty, the key's data is expected to be encrypted using some conventional encryption algorithm (e.g. DES or AES - the one that different tools or even the class QSslKey can understand later).

Note
If this particular functionality is not needed, an overrider returning an empty QByteArray is sufficient.
See also
QSslKey::toPem()

Implemented in QTlsPrivate::TlsKeyOpenSSL, and QTlsPrivate::TlsKeyGeneric.

◆ type()

QSsl::KeyType QTlsPrivate::TlsKey::type ( ) const
pure virtual

Returns the type of this key (public or private).

Implemented in QTlsPrivate::TlsKeyBase.

Referenced by pemFooter(), and pemHeader().

+ Here is the caller graph for this function:
The documentation for this class was generated from the following files: