Skip to content
  • 0 Votes
    4 Posts
    375 Views
    S

    @jsulm

    Here is Reproducible Example

    #include <QApplication> #include <QSslServer> #include <QDialog> #include <QSslKey> #include <QMessageBox> int main(int argc, char **argv) { // create an Application QApplication app(argc, argv); // set the ssl configuration auto config = QSslConfiguration(); // set certificate config.setLocalCertificate(QSslCertificate::fromData(QByteArray::fromStdString(R"( -----BEGIN CERTIFICATE----- MIIDITCCAgmgAwIBAgIVAMdt4c6oGd0rUSbR+/tBVfhny3K3MA0GCSqGSIb3DQEB BQUAMEoxGDAWBgNVBAMMD0xBUFRPUC1KQzJNMzcyQTEbMBkGA1UECgwSc3JpbGFr c2htaWthbnRoYW5wMREwDwYDVQQLDAhjbGlwYmlyZDAeFw0yMzA5MDgxMTQ4NDZa Fw0yNDA5MDcxMTQ4NDZaMEoxGDAWBgNVBAMMD0xBUFRPUC1KQzJNMzcyQTEbMBkG A1UECgwSc3JpbGFrc2htaWthbnRoYW5wMREwDwYDVQQLDAhjbGlwYmlyZDCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALkFDUKmzz+NE0x7o5JGgE8KZ/cB GEtTwN2cElMESQ/MZe3ohIE5GdFkld/7894wXZAJkXu38oZVEQ/AurntqqSHT4iP 7qMUJGYjo2v2g/1JwU3E/sG+IjatOjyl8b0b+E9TmDt7XOS4VWz3vjTkXwmQTzUv 3L5myfdcmBpA9AOXxH8yHq9lcBl97ZHGWA4zI9uWnwtyFWSl8DX4H/y14+itEYwH n6xLsEBxqjx40G7WR0AiAYRdE5Yvr6QOGtFAeODFqOv/2sAxdm/7P1wHjIvyOB++ eufvPyWZpzeBfEvrIeGkj91YGAV7FQsOfCuzetGgZcLiBDAZKjnKEQ2oajUCAwEA ATANBgkqhkiG9w0BAQUFAAOCAQEAD/SYccAb3K6GKyfc9Rbaj44IxpsNlHDQAr5b c8Nmz+LW905EqFe6tAhCgi3q9o3HUUeiNHe0rYad3Lgd1setSOVdWiSbxArmELgW Dg3NGd3GIIRShvmZfSHRkpvKaD9j06CVzMrM0nZsjQVcQrKlFBUJ9UEqVmmcz1nU a4yUEQ9Rb7t4Icw7aD07NqLRlhNGCii4d12NAY7kRZdLdtTw7T/j4tXxmcJsOiWK Lx/cqqTBgBHc3l3EeylQdO17pFClY5yMUGGla7LPcDm1sU4mmFEKmkjcRGu+mQM2 V3EDgh37GyTWvs6Zf86B14m/US0Ff4vQu26vco5Pjk3xKckA+Q== -----END CERTIFICATE----- )")).first()); // set private key config.setPrivateKey(QSslKey(QByteArray::fromStdString(R"( -----BEGIN RSA PRIVATE KEY----- MIIEpAIBAAKCAQEAuQUNQqbPP40TTHujkkaATwpn9wEYS1PA3ZwSUwRJD8xl7eiE gTkZ0WSV3/vz3jBdkAmRe7fyhlURD8C6ue2qpIdPiI/uoxQkZiOja/aD/UnBTcT+ wb4iNq06PKXxvRv4T1OYO3tc5LhVbPe+NORfCZBPNS/cvmbJ91yYGkD0A5fEfzIe r2VwGX3tkcZYDjMj25afC3IVZKXwNfgf/LXj6K0RjAefrEuwQHGqPHjQbtZHQCIB hF0Tli+vpA4a0UB44MWo6//awDF2b/s/XAeMi/I4H7565+8/JZmnN4F8S+sh4aSP 3VgYBXsVCw58K7N60aBlwuIEMBkqOcoRDahqNQIDAQABAoIBADf6I0zrEwDzOceG ELMMyX0gdNvyZNtFd7CUq6aaQVCaUqxsEMrX78u+VunxXJL4pxYRDwcTXDjwO708 XkIqedpVZea3RUfprCmK1sKvTrevPOC+nSUY1Vkdh+UZf83rTHETpZc5d51rd80E F3QBNA+8rXo2BN9GUgyY4xvuUuVS3drVZ6WA9A9yPtaBgeLATqmb0Ckh2aVn+XG9 eYIxiF0Sfnb3HET7IDO+Xtw8OIygq+dT9v5LMMYf/Aa8aakJMoTK6SLbjFWs5gUj mhBSBdxqdmLLTa2E+3hrZOfgQ0tk85336n7v3dFKkhTMr9KztOIh53Ruh36gR3UT QxbCyvECgYEA2uKcFmrkGa61WarqSbB58e/m111cmlcjOSoEELwb+O1pLe8qqDSZ UeLVMRW+omdyvt0N1RaDEOsBWtgup2RntutEx8sAi5O1d+CrCLZ7xZJPSrYH4tIs YFXoBgCNqn+275ZdeL5LgxuFKAstFW9YbWpsXCEPbrIMBk4Xm3m3Pt8CgYEA2GRo I+lLPvcslTwens+5sXT5+EPTcY9Ss2jSz3njEIt4asxa/P4H7Xx2EWqMQg5LGSVD MP8L9lxCSiyYvrQhYAQZq2VqvVCejFkrWY8hntDvyhJ26SfanSdMB1MVWOc16dns wjuuX3+5QIQoMogL1eng6/VOOJHVfiAh57yqPWsCgYEAkcI54wvHXfrjtRSF9BBb BGuXM29ujTDdueFq16IMlpWyZu5PX7e3Kbp98bPjQM7WsJcP8QiOuyNjwZUYbEwG bN767HkYodn5DB1GiATNI2Is/zl8wuTmvDg4zFZuAE4QCjf9grxmGKao42Od4BpH roUiJ6+0USirrT8vpU9GYc0CgYAYuIfJKnrFK7m1JtQcsoB1THbOLPl37La29k+3 EialmjlcghIW+vJu6BwY60Iwva9IpSAi9dApCesszCF7D9sMPAuur/xculwSjpFM PvTJTvdF74wUINBxya5+27gBmxBmsdXBbs4B7PZ971skQrSPcJOYgUK5ZbetHACj l8MfFwKBgQC3g39rKU/iahrr5VcbLecsdv9jhSo+PANQOXhreEZTOF1spsWh9bMN 11MB0uZu99p4Solvv0M11Md++CO3ocBRT0AsdsdLdytAb+YWM+c1ls5dhjVnaMpL dKKHiQ7sfiPM05f6HuTmMuinSLw7f1Ff7GVJUMugJCqiNn3XO3jWGQ== -----END RSA PRIVATE KEY----- )"), QSsl::KeyAlgorithm::Rsa)); // peer verify config.setPeerVerifyMode(QSslSocket::VerifyPeer); // if any of them is null if (config.isNull() || config.localCertificate().isNull() || config.privateKey().isNull()) { throw std::runtime_error("Can't Create QSslConfiguration"); } const auto processSslErrors = [=] (QSslSocket * sock, const QList<QSslError> & errors){ // create a dialog auto dialog = QMessageBox(QMessageBox::Critical, "SSL Error", "Accept ?", QMessageBox::Yes | QMessageBox::Cancel); // show the dialog dialog.exec(); // if user accepted if (dialog.result() == QMessageBox::Yes) { sock->ignoreSslErrors(); } }; // create the server auto server = new QSslServer(); // set the ssl errors handler QObject::connect(server, &QSslServer::sslErrors, processSslErrors); // set the ssl configuration server->setSslConfiguration(config); // listen to the port server->listen(QHostAddress::Any, 7000); // exec return app.exec(); }

    In Client Side:

    openssl s_client -connect 127.0.0.1:7000

    You can see the client disconnected while the dialog is in open

  • 0 Votes
    1 Posts
    391 Views
    No one has replied
  • 0 Votes
    3 Posts
    377 Views
    ThirdStrandT

    I have used QSslServer and passed the

    QSslCongifuration::defaultSslConfiguration()

    value to use it as the configuration data. Seems pretty easy in that respect.

    The default SSL configuration consists of: no local certificate and no private key protocol SecureProtocols the system's default CA certificate list the cipher list equal to the list of the SSL libraries' supported SSL ciphers that are 128 bits or more

    Another option is

    QSslConfiguration::defaultDtlsConfiguration()

    You have full control over certs, keys, etc. in the QSslConfiguration object. Just depends on how detailed you need to get with it. Usually in my case it's a "same host" sort of deal so I just use the default config.

  • 0 Votes
    2 Posts
    354 Views
    SGaistS

    Hi,

    Qt 5.15 use OpenSSL 1.1.

    If you are locked to 1.0, you will need to rebuild qtbase with it.

  • 0 Votes
    2 Posts
    3k Views
    O

    Fixed the problem:

    On Client-Side and on Server-Side i provide the following:

    Private key of the certificate Public key of the certificate Public key of the CA

    An connection is established. I am getting an SSLError: "The certificate is self-signed and untrusted", but i can either ignore it using ignoreSslErrors(); or the better method is by comparing the certificates to make sure it's all good.
    Also i have re-created my certificates and my CA with the correct information, because I haven't provided the CN for localhost since i was testing on my local machine with my old certificates.

    Anyways, the communication works with correct certificates.

  • 0 Votes
    2 Posts
    1k Views
    kshegunovK

    @Mark81 said:

    SIGILL

    That is an illegal instruction signal, which is pretty rare. Basically means the memory your program's residing in got corrupted somehow. So there's something very wrong. Check any callbacks, overwriting by mistake virtual tables and the such.

  • Linking with QSsl in iOS app

    Unsolved Mobile and Embedded
    4
    0 Votes
    4 Posts
    2k Views
    SGaistS

    What do you mean by "I have one ssl implementation" ?

  • 0 Votes
    3 Posts
    3k Views
    S

    Hi,

    since I am convinced that somebody else will also have similar problems I wrote a tutorial how to create a multithreaded server:

    https://five-s.de/en/how-to-create-a-multithreaded-server-in-qt

    Best regards

  • 0 Votes
    8 Posts
    3k Views
    SGaistS

    Just to be sure: it fails to build on Windows even if you use one of the official package ?