diff options
author | Corentin Chary <corentin.chary@gmail.com> | 2011-08-31 19:35:35 +0200 |
---|---|---|
committer | Qt by Nokia <qt-info@nokia.com> | 2011-08-31 21:06:53 +0200 |
commit | a4878db8df3fbaf9d222ec1206813b16dcdd90c7 (patch) | |
tree | 83271767995af278a8fe57ad0ac2e9a316deb9a4 /src/network/ssl/qsslsocket_openssl.cpp | |
parent | a3e8f1ab0cc38c0d2e631d3e7f9e6379982204b7 (diff) |
qssl: add support for QSsl::Opaque key
This allow to use directly EVP_PKEY * with QSslKey (for
example comming from a PKCS#11 dongle).
Change-Id: Icb1ba5081506a831ec3d8cfffe13ce70939608ea
Merge-request: 48
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-on: http://codereview.qt.nokia.com/4010
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Diffstat (limited to 'src/network/ssl/qsslsocket_openssl.cpp')
-rw-r--r-- | src/network/ssl/qsslsocket_openssl.cpp | 26 |
1 files changed, 16 insertions, 10 deletions
diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp index 300a5c84d5..2fae2ccdce 100644 --- a/src/network/ssl/qsslsocket_openssl.cpp +++ b/src/network/ssl/qsslsocket_openssl.cpp @@ -364,20 +364,27 @@ init_context: return false; } - // Load private key - pkey = q_EVP_PKEY_new(); - // before we were using EVP_PKEY_assign_R* functions and did not use EVP_PKEY_free. - // this lead to a memory leak. Now we use the *_set1_* functions which do not - // take ownership of the RSA/DSA key instance because the QSslKey already has ownership. - if (configuration.privateKey.algorithm() == QSsl::Rsa) - q_EVP_PKEY_set1_RSA(pkey, (RSA *)configuration.privateKey.handle()); - else - q_EVP_PKEY_set1_DSA(pkey, (DSA *)configuration.privateKey.handle()); + if (configuration.privateKey.algorithm() == QSsl::Opaque) { + pkey = reinterpret_cast<EVP_PKEY *>(configuration.privateKey.handle()); + } else { + // Load private key + pkey = q_EVP_PKEY_new(); + // before we were using EVP_PKEY_assign_R* functions and did not use EVP_PKEY_free. + // this lead to a memory leak. Now we use the *_set1_* functions which do not + // take ownership of the RSA/DSA key instance because the QSslKey already has ownership. + if (configuration.privateKey.algorithm() == QSsl::Rsa) + q_EVP_PKEY_set1_RSA(pkey, (RSA *)configuration.privateKey.handle()); + else + q_EVP_PKEY_set1_DSA(pkey, (DSA *)configuration.privateKey.handle()); + } + if (!q_SSL_CTX_use_PrivateKey(ctx, pkey)) { q->setErrorString(QSslSocket::tr("Error loading private key, %1").arg(getErrorsFromOpenSsl())); emit q->error(QAbstractSocket::UnknownSocketError); return false; } + if (configuration.privateKey.algorithm() == QSsl::Opaque) + pkey = 0; // Don't free the private key, it belongs to QSslKey // Check if the certificate matches the private key. if (!q_SSL_CTX_check_private_key(ctx)) { @@ -1383,7 +1390,6 @@ void QSslSocketBackendPrivate::disconnected() q_EVP_PKEY_free(pkey); pkey = 0; } - } QSslCipher QSslSocketBackendPrivate::sessionCipher() const |