PDA

View Full Version : QSslSocket, certificate and error



ithanoss
26th May 2011, 13:48
I have to secure my data sharing program (i use QTcpServer i QTcpSocket). I decided to use QSslSocket and began from the simple examples from the internet. At the beginning I encountered the problem that I can not solve. I downloaded Win32OpenSSL_Light-1_0_0d (http://www.slproweb.com/download/Win32OpenSSL_Light-1_0_0d.exe) and generated a key and certificate in accordance with Guide to SSL certificates and certificate authorities (http://doc.qt.nokia.com/solutions/4/qtsslsocket/sslguide.html)

Next I created a server and client. When trying to connect my server throws an error. Similarly, when trying to connect to server via the client securesocketclient example from the documentation.

Error during SSL handshake: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher
Certificates are in server directory, paths is correct.

Please help in resolve the problem.



class SslServer : public QTcpServer
{
Q_OBJECT
QSslSocket *serverSocket;

public:
SslServer(QObject *parent = 0);

void start(quint16 port);
void incomingConnection(int socketDescr);

public slots:
void readyToRead();
void sslErrors(QAbstractSocket::SocketError error);

};

SslServer::SslServer(QObject *parent) :
QTcpServer(parent)
{
}

void SslServer::start(quint16 port)
{
listen(QHostAddress::Any, port);
}

void SslServer::readyToRead()
{
//qDebug() << this->serverSocket->readAll();
}

void SslServer::sslErrors(QAbstractSocket::SocketError error)
{
qDebug() << serverSocket->errorString();
}

void SslServer::incomingConnection(int socketDescr)
{
serverSocket = new QSslSocket;
if(serverSocket->setSocketDescriptor(socketDescr))
{
connect(serverSocket, SIGNAL(readyRead()), this, SLOT(readyToRead()));
connect(serverSocket, SIGNAL(error(QAbstractSocket::SocketError)), this, SLOT(sslErrors(QAbstractSocket::SocketError)));
serverSocket->setProtocol(QSsl::SslV3);
serverSocket->setPrivateKey("ca.key");
serverSocket->setLocalCertificate("ca.cer");
serverSocket->startServerEncryption();
}
else
{
delete serverSocket;
}
}

wysota
26th May 2011, 14:01
Make sure the socket is able to load the files you mention. See what QFile::exists() returns for "ca.key" and "ca.cer".

ithanoss
26th May 2011, 18:20
I don't know what it was but QFile:: exist () returned true.
I tried to load the files manually and server began to work correctly.
Thanks wysota for directing :)
Modified function incommingConnection


void SslServer::incomingConnection(int socketDescr)
{
serverSocket = new QSslSocket;
if(serverSocket->setSocketDescriptor(socketDescr))
{
connect(serverSocket, SIGNAL(readyRead()), this, SLOT(readyToRead()));
connect(serverSocket, SIGNAL(error(QAbstractSocket::SocketError)), this, SLOT(sslErrors(QAbstractSocket::SocketError)));
serverSocket->setProtocol(QSsl::SslV3);

QByteArray key;
QByteArray cert;

QFile fileKey("ca.key");
if(fileKey.open(QIODevice::ReadOnly))
{
key = fileKey.readAll();
fileKey.close();
}
else
{
qDebug() << fileKey.errorString();
}

QFile fileCert("ca.crt");
if(fileCert.open(QIODevice::ReadOnly))
{
cert = fileCert.readAll();
fileCert.close();
}
else
{
qDebug() << fileCert.errorString();
}

qDebug() << key + "\n" + cert;

QSslKey sslKey(key, QSsl::Rsa);
QSslCertificate sslCert(cert);

serverSocket->setPrivateKey(sslKey);
serverSocket->setLocalCertificate(sslCert);
serverSocket->startServerEncryption();
}
else
{
delete serverSocket;
}
}