|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcom.trolltech.qt.internal.QSignalEmitterInternal
com.trolltech.qt.QSignalEmitter
com.trolltech.qt.QtJambiObject
com.trolltech.qt.network.QSslConfiguration
public class QSslConfiguration
The QSslConfiguration class holds the configuration and state of an SSL connection QSslConfiguration is used by Qt networking classes to relay information about an open SSL connection and to allow the application to control certain features of that connection.
The settings that QSslConfiguration currently supports are:
The state that QSslConfiguration supports are:
State in QSslConfiguration objects cannot be changed.
QSslConfiguration can be used with QSslSocket
and the Network Access API.
Note that changing settings in QSslConfiguration is not enough to change the settings in the related SSL connection. You must call setSslConfiguration on a modified QSslConfiguration object to achieve that. The following example illustrates how to change the protocol to TLSv1 in a QSslSocket
object:
QSslConfiguration config = sslSocket.sslConfiguration(); config.setProtocol(QSsl.TlsV1); sslSocket.setSslConfiguration(config);
QSslSocket
, QNetworkAccessManager
, QSslSocket::sslConfiguration()
, QSslSocket::setSslConfiguration()
QSsl::SslProtocol
, QSslCertificate
, QSslCipher
, and QSslKey
.
Nested Class Summary |
---|
Nested classes/interfaces inherited from class com.trolltech.qt.internal.QSignalEmitterInternal |
---|
com.trolltech.qt.internal.QSignalEmitterInternal.AbstractSignalInternal |
Field Summary |
---|
Fields inherited from class com.trolltech.qt.internal.QSignalEmitterInternal |
---|
currentSender |
Constructor Summary | |
---|---|
QSslConfiguration()
Constructs an empty SSL configuration. |
|
QSslConfiguration(QSslConfiguration other)
Copies the configuration and state of other. |
Method Summary | |
---|---|
java.util.List |
caCertificates()
Returns this connection's CA certificate database. |
java.util.List |
ciphers()
Returns this connection's current cryptographic cipher suite. |
QSslConfiguration |
clone()
This method is reimplemented for internal reasons |
static QSslConfiguration |
defaultConfiguration()
Returns the default SSL configuration to be used in new SSL connections. |
boolean |
isNull()
Returns true if this is a null QSslConfiguration object. |
QSslCertificate |
localCertificate()
Returns the certificate to be presented to the peer during the SSL handshake process. |
QSslCertificate |
peerCertificate()
Returns the peer's digital certificate (i. |
java.util.List |
peerCertificateChain()
Returns the peer's chain of digital certificates, starting with the peer's immediate certificate and ending with the CA's certificate. |
int |
peerVerifyDepth()
Returns the maximum number of certificates in the peer's certificate chain to be checked during the SSL handshake phase, or 0 (the default) if no maximum depth has been set, indicating that the whole certificate chain should be checked. |
QSslSocket.PeerVerifyMode |
peerVerifyMode()
Returns the verify mode. |
QSslKey |
privateKey()
Returns the SSL key assigned to this connection or a null key if none has been assigned yet. |
QSsl.SslProtocol |
protocol()
Returns the protocol setting for this SSL configuration. |
QSslCipher |
sessionCipher()
Returns the socket's cryptographic cipher , or a null cipher if the connection isn't encrypted. |
void |
setCaCertificates(java.util.List certificates)
Sets this socket's CA certificate database to be certificates. |
void |
setCiphers(java.util.List ciphers)
Sets the cryptographic cipher suite for this socket to ciphers, which must contain a subset of the ciphers in the list returned by supportedCiphers(). |
static void |
setDefaultConfiguration(QSslConfiguration configuration)
Sets the default SSL configuration to be used in new SSL connections to be configuration. |
void |
setLocalCertificate(QSslCertificate certificate)
Sets the certificate to be presented to the peer during SSL handshake to be certificate. |
void |
setPeerVerifyDepth(int depth)
Sets the maximum number of certificates in the peer's certificate chain to be checked during the SSL handshake phase, to depth. |
void |
setPeerVerifyMode(QSslSocket.PeerVerifyMode mode)
Sets the verify mode to mode. |
void |
setPrivateKey(QSslKey key)
Sets the connection's private key to key. |
void |
setProtocol(QSsl.SslProtocol protocol)
Sets the protocol setting for this configuration to be protocol. |
Methods inherited from class com.trolltech.qt.QtJambiObject |
---|
dispose, disposed, equals, finalize, reassignNativeResources, tr, tr, tr |
Methods inherited from class com.trolltech.qt.QSignalEmitter |
---|
blockSignals, disconnect, disconnect, signalsBlocked, signalSender, thread |
Methods inherited from class com.trolltech.qt.internal.QSignalEmitterInternal |
---|
__qt_signalInitialization |
Methods inherited from class java.lang.Object |
---|
getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Methods inherited from interface com.trolltech.qt.QtJambiInterface |
---|
disableGarbageCollection, nativeId, nativePointer, reenableGarbageCollection, setJavaOwnership |
Constructor Detail |
---|
public QSslConfiguration()
isNull()
will return true after this constructor is called. Once any setter methods are called, isNull()
will return false.
public QSslConfiguration(QSslConfiguration other)
Method Detail |
---|
public final java.util.List caCertificates()
setCaCertificates()
. setCaCertificates()
.
public final java.util.List ciphers()
By default, the handshake phase can choose any of the ciphers supported by this system's SSL libraries, which may vary from system to system. The list of ciphers supported by this system's SSL libraries is returned by QSslSocket::supportedCiphers()
. You can restrict the list of ciphers used for choosing the session cipher for this socket by calling setCiphers()
with a subset of the supported ciphers. You can revert to using the entire set by calling setCiphers()
with the list returned by QSslSocket::supportedCiphers()
.
setCiphers()
, and QSslSocket::supportedCiphers()
.
public final boolean isNull()
A QSslConfiguration object is null if it has been default-constructed and no setter methods have been called.
setProtocol()
, setLocalCertificate()
, setPrivateKey()
, setCiphers()
, and setCaCertificates()
.
public final QSslCertificate localCertificate()
setLocalCertificate()
.
public final QSslCertificate peerCertificate()
The peer certificate is checked automatically during the handshake phase, so this function is normally used to fetch the certificate for display or for connection diagnostic purposes. It contains information about the peer, including its host name, the certificate issuer, and the peer's public key.
Because the peer certificate is set during the handshake phase, it is safe to access the peer certificate from a slot connected to the QSslSocket::sslErrors()
signal, QNetworkReply::sslErrors()
signal, or the QSslSocket::encrypted()
signal.
If a null certificate is returned, it can mean the SSL handshake failed, or it can mean the host you are connected to doesn't have a certificate, or it can mean there is no connection.
If you want to check the peer's complete chain of certificates, use peerCertificateChain()
to get them all at once.
peerCertificateChain()
, QSslSocket::sslErrors()
, QSslSocket::ignoreSslErrors()
, QNetworkReply::sslErrors()
, and QNetworkReply::ignoreSslErrors()
.
public final java.util.List peerCertificateChain()
Peer certificates are checked automatically during the handshake phase. This function is normally used to fetch certificates for display, or for performing connection diagnostics. Certificates contain information about the peer and the certificate issuers, including host name, issuer names, and issuer public keys.
Because the peer certificate is set during the handshake phase, it is safe to access the peer certificate from a slot connected to the QSslSocket::sslErrors()
signal, QNetworkReply::sslErrors()
signal, or the QSslSocket::encrypted()
signal.
If an empty list is returned, it can mean the SSL handshake failed, or it can mean the host you are connected to doesn't have a certificate, or it can mean there is no connection.
If you want to get only the peer's immediate certificate, use peerCertificate()
.
peerCertificate()
, QSslSocket::sslErrors()
, QSslSocket::ignoreSslErrors()
, QNetworkReply::sslErrors()
, and QNetworkReply::ignoreSslErrors()
.
public final int peerVerifyDepth()
The certificates are checked in issuing order, starting with the peer's own certificate, then its issuer's certificate, and so on.
setPeerVerifyDepth()
, and peerVerifyMode()
.
public final QSslSocket.PeerVerifyMode peerVerifyMode()
QSslSocket
should request a certificate from the peer (i.e., the client requests a certificate from the server, or a server requesting a certificate from the client), and whether it should require that this certificate is valid. The default mode is AutoVerifyPeer, which tells QSslSocket
to use VerifyPeer for clients, QueryPeer for clients.
setPeerVerifyMode()
.
public final QSslKey privateKey()
SSL key
assigned to this connection or a null key if none has been assigned yet. setPrivateKey()
, and localCertificate()
.
public final QSsl.SslProtocol protocol()
setProtocol()
.
public final QSslCipher sessionCipher()
cipher
, or a null cipher if the connection isn't encrypted. The socket's cipher for the session is set during the handshake phase. The cipher is used to encrypt and decrypt data transmitted through the socket. The SSL infrastructure also provides functions for setting the ordered list of ciphers from which the handshake phase will eventually select the session cipher. This ordered list must be in place before the handshake phase begins.
ciphers()
, setCiphers()
, and QSslSocket::supportedCiphers()
.
public final void setCaCertificates(java.util.List certificates)
caCertificates()
.
public final void setCiphers(java.util.List ciphers)
Restricting the cipher suite must be done before the handshake phase, where the session cipher is chosen.
ciphers()
, and QSslSocket::supportedCiphers()
.
public final void setLocalCertificate(QSslCertificate certificate)
Setting the certificate once the connection has been established has no effect.
A certificate is the means of identification used in the SSL process. The local certificate is used by the remote end to verify the local user's identity against its list of Certification Authorities. In most cases, such as in HTTP web browsing, only servers identify to the clients, so the client does not send a certificate.
localCertificate()
.
public final void setPeerVerifyDepth(int depth)
The certificates are checked in issuing order, starting with the peer's own certificate, then its issuer's certificate, and so on.
peerVerifyDepth()
, and setPeerVerifyMode()
.
public final void setPeerVerifyMode(QSslSocket.PeerVerifyMode mode)
QSslSocket
should request a certificate from the peer (i.e., the client requests a certificate from the server, or a server requesting a certificate from the client), and whether it should require that this certificate is valid. The default mode is AutoVerifyPeer, which tells QSslSocket
to use VerifyPeer for clients, QueryPeer for clients.
peerVerifyMode()
.
public final void setPrivateKey(QSslKey key)
key
to key. The private key and the local certificate
are used by clients and servers that must prove their identity to SSL peers. Both the key and the local certificate are required if you are creating an SSL server socket. If you are creating an SSL client socket, the key and local certificate are required if your client must identify itself to an SSL server.
privateKey()
, and setLocalCertificate()
.
public final void setProtocol(QSsl.SslProtocol protocol)
Setting the protocol once the connection has already been established has no effect.
protocol()
.
public static QSslConfiguration defaultConfiguration()
The default SSL configuration consists of:
QSslSocket::supportedCiphers()
, and setDefaultConfiguration()
.
public static void setDefaultConfiguration(QSslConfiguration configuration)
QSslSocket::supportedCiphers()
, and defaultConfiguration()
.
public QSslConfiguration clone()
clone
in class java.lang.Object
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |