qssl: add support for QSsl::Opaque key

This allow to use directly EVP_PKEY * with QSslKey (for example comming from a PKCS#11 dongle). Change-Id: Icb1ba5081506a831ec3d8cfffe13ce70939608ea Merge-request: 48 Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com> Reviewed-on: http://codereview.qt.nokia.com/4010 Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
author: Corentin Chary <corentin.chary@gmail.com> 2011-08-31 19:35:35 +0200
committer: Qt by Nokia <qt-info@nokia.com> 2011-08-31 21:06:53 +0200
commit: a4878db8df3fbaf9d222ec1206813b16dcdd90c7 (patch)
tree: 83271767995af278a8fe57ad0ac2e9a316deb9a4 /src/network/ssl/qsslsocket_openssl.cpp
parent: a3e8f1ab0cc38c0d2e631d3e7f9e6379982204b7 (diff)
1 files changed, 16 insertions, 10 deletions
diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp
index 300a5c84d5..2fae2ccdce 100644
--- a/src/network/ssl/qsslsocket_openssl.cpp
+++ b/src/network/ssl/qsslsocket_openssl.cpp
@@ -364,20 +364,27 @@ init_context:
             return false;
         }
 
-        // Load private key
-        pkey = q_EVP_PKEY_new();
-        // before we were using EVP_PKEY_assign_R* functions and did not use EVP_PKEY_free.
-        // this lead to a memory leak. Now we use the *_set1_* functions which do not
-        // take ownership of the RSA/DSA key instance because the QSslKey already has ownership.
-        if (configuration.privateKey.algorithm() == QSsl::Rsa)
-            q_EVP_PKEY_set1_RSA(pkey, (RSA *)configuration.privateKey.handle());
-        else
-            q_EVP_PKEY_set1_DSA(pkey, (DSA *)configuration.privateKey.handle());
+        if (configuration.privateKey.algorithm() == QSsl::Opaque) {
+            pkey = reinterpret_cast<EVP_PKEY *>(configuration.privateKey.handle());
+        } else {
+            // Load private key
+            pkey = q_EVP_PKEY_new();
+            // before we were using EVP_PKEY_assign_R* functions and did not use EVP_PKEY_free.
+            // this lead to a memory leak. Now we use the *_set1_* functions which do not
+            // take ownership of the RSA/DSA key instance because the QSslKey already has ownership.
+            if (configuration.privateKey.algorithm() == QSsl::Rsa)
+                q_EVP_PKEY_set1_RSA(pkey, (RSA *)configuration.privateKey.handle());
+            else
+                q_EVP_PKEY_set1_DSA(pkey, (DSA *)configuration.privateKey.handle());
+        }
+
         if (!q_SSL_CTX_use_PrivateKey(ctx, pkey)) {
             q->setErrorString(QSslSocket::tr("Error loading private key, %1").arg(getErrorsFromOpenSsl()));
             emit q->error(QAbstractSocket::UnknownSocketError);
             return false;
         }
+        if (configuration.privateKey.algorithm() == QSsl::Opaque)
+            pkey = 0; // Don't free the private key, it belongs to QSslKey
 
         // Check if the certificate matches the private key.
         if (!q_SSL_CTX_check_private_key(ctx)) {
@@ -1383,7 +1390,6 @@ void QSslSocketBackendPrivate::disconnected()
         q_EVP_PKEY_free(pkey);
         pkey = 0;
     }
-
 }
 
 QSslCipher QSslSocketBackendPrivate::sessionCipher() const
author	Corentin Chary <corentin.chary@gmail.com>	2011-08-31 19:35:35 +0200
committer	Qt by Nokia <qt-info@nokia.com>	2011-08-31 21:06:53 +0200
commit	a4878db8df3fbaf9d222ec1206813b16dcdd90c7 (patch)
tree	83271767995af278a8fe57ad0ac2e9a316deb9a4 /src/network/ssl/qsslsocket_openssl.cpp
parent	a3e8f1ab0cc38c0d2e631d3e7f9e6379982204b7 (diff)