1 /****************************************************************************
2 **
3 ** Copyright (C) 2018 The Qt Company Ltd.
4 ** Contact: https://www.qt.io/licensing/
5 **
6 ** This file is part of the documentation of the Qt Toolkit.
7 **
8 ** $QT_BEGIN_LICENSE:BSD$
9 ** Commercial License Usage
10 ** Licensees holding valid commercial Qt licenses may use this file in
11 ** accordance with the commercial license agreement provided with the
12 ** Software or, alternatively, in accordance with the terms contained in
13 ** a written agreement between you and The Qt Company. For licensing terms
14 ** and conditions see https://www.qt.io/terms-conditions. For further
15 ** information use the contact form at https://www.qt.io/contact-us.
16 **
17 ** BSD License Usage
18 ** Alternatively, you may use this file under the terms of the BSD license
19 ** as follows:
20 **
21 ** "Redistribution and use in source and binary forms, with or without
22 ** modification, are permitted provided that the following conditions are
23 ** met:
24 **   * Redistributions of source code must retain the above copyright
25 **     notice, this list of conditions and the following disclaimer.
26 **   * Redistributions in binary form must reproduce the above copyright
27 **     notice, this list of conditions and the following disclaimer in
28 **     the documentation and/or other materials provided with the
29 **     distribution.
30 **   * Neither the name of The Qt Company Ltd nor the names of its
31 **     contributors may be used to endorse or promote products derived
32 **     from this software without specific prior written permission.
33 **
34 **
35 ** THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
36 ** "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
37 ** LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
38 ** A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
39 ** OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 ** SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
41 ** LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
42 ** DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
43 ** THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
44 ** (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
45 ** OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE."
46 **
47 ** $QT_END_LICENSE$
48 **
49 ****************************************************************************/
50 
51 //! [0]
52 // A client initiates a handshake:
53 QUdpSocket clientSocket;
54 QDtls clientDtls;
55 clientDtls.setPeer(address, port, peerName);
56 clientDtls.doHandshake(&clientSocket);
57 
58 // A server accepting an incoming connection; address, port, clientHello are
59 // read by QUdpSocket::readDatagram():
60 QByteArray clientHello(serverSocket.pendingDatagramSize(), Qt::Uninitialized);
61 QHostAddress address;
62 quin16 port = {};
63 serverSocket.readDatagram(clientHello.data(), clientHello.size(), &address, &port);
64 
65 QDtls serverDtls;
66 serverDtls.setPeer(address, port);
67 serverDtls.doHandshake(&serverSocket, clientHello);
68 
69 // Handshake completion, both for server and client:
continueHandshake(const QByteArray & datagram)70 void DtlsConnection::continueHandshake(const QByteArray &datagram)
71 {
72     if (dtls.doHandshake(&udpSocket, datagram)) {
73         // Check handshake status:
74         if (dtls.handshakeStatus() == QDlts::HandshakeComplete) {
75             // Secure DTLS connection is now established.
76         }
77     } else {
78         // Error handling.
79     }
80 }
81 
82 //! [0]
83 
84 //! [1]
DtlsClient()85 DtlsClient::DtlsClient()
86 {
87     // Some initialization code here ...
88     connect(&clientDtls, &QDtls::handshakeTimeout, this, &DtlsClient::handleTimeout);
89 }
90 
handleTimeout()91 void DtlsClient::handleTimeout()
92 {
93     clientDtls.handleTimeout(&clientSocket);
94 }
95 //! [1]
96 
97 //! [2]
98 // Sending an encrypted datagram:
99 dtlsConnection.writeDatagramEncrypted(&clientSocket, "Hello DTLS server!");
100 
101 // Decryption:
102 QByteArray encryptedMessage(dgramSize);
103 socket.readDatagram(encryptedMessage.data(), dgramSize);
104 const QByteArray plainText = dtlsConnection.decryptDatagram(&socket, encryptedMessage);
105 //! [2]
106 
107 //! [3]
~DtlsClient()108 DtlsClient::~DtlsClient()
109 {
110     clientDtls.shutdown(&clientSocket);
111 }
112 //! [3]
113 
114 //! [4]
115 auto config = QSslConfiguration::defaultDtlsConfiguration();
116 config.setDtlsCookieVerificationEnabled(false);
117 // Some other customization ...
118 dtlsConnection.setDtlsConfiguration(config);
119 //! [4]
120 
121 //! [5]
122 if (!dtls.doHandshake(&socket, dgram)) {
123     if (dtls.dtlsError() == QDtlsError::PeerVerificationError)
124         dtls.abortAfterError(&socket);
125 }
126 //! [5]
127 
128 //! [6]
129 QList<QSslCertificate> cert = QSslCertificate::fromPath(QLatin1String("server-certificate.pem"));
130 QSslError error(QSslError::SelfSignedCertificate, cert.at(0));
131 QList<QSslError> expectedSslErrors;
132 expectedSslErrors.append(error);
133 
134 QDtls dtls;
135 dtls.ignoreVerificationErrors(expectedSslErrors);
136 dtls.doHandshake(udpSocket);
137 //! [6]
138 
139