Hi Rich, Sorry for the clash of work -- I had this sketch done on Saturday, and thought I would have more time during the weekend to hack on it. However that turned out not to be the case, so I threw this out here. I'll strive to be more communicative in the future. :-)
WRT tests and docs: I'm aware that they're lacking, this was mainly a sketch of the API. I will upload it as-is to Gerrit and get back to you, so I can get people's comments early. Thanks, Mikkel On Tue, May 26, 2015 at 11:34 AM, Richard Moore <[email protected]> wrote: > Hi Mikkel, > > Please could you upload your change to gerrit so I can review it properly? I > was actually implementing this yesterday, but since you've got it done I'll > abandon my change. If you add me as the reviewer then I'll add the other > relevant people. The change seems mainly okay, but there are a few minor > things need fixing (some incorrect \since statements, missing autotest > etc.). > > Cheers > > Rich. > > On 25 May 2015 at 23:16, Mikkel Krautz <[email protected]> wrote: >> >> Hi, >> >> I've been working on adding the ability to set custom DH parameters >> for QSslSocket and I want to start discussing an API for the feature, >> rather than jumping directly to a code review. >> >> I have a preliminary patch that adds a sketch of the API I'm envisioning: >> https://gist.github.com/mkrautz/699f3c7fb22f48b7059c >> (It's untested, but it builds...) >> >> Basically, what I'm envisioning is >> >> - An opaque (for the user) QSslDiffieHellmanParameters class. >> - It loads DH parameters either as PEM or DER via a constructor that >> takes a QByteArray or a QIODevice (like QSslKey). >> - After loading, isNull() can be used to check if the DH parameters >> were loaded, and were valid (OpenSSL backend uses DH_check -- not sure >> what should be done on SecureTransport, if anything?). >> - Internally, the QSslDiffieHellmanParameters object stores a >> DER-encoded version of the parameters. (This makes it easily loadable >> in both OpenSSL and SecureTransport) >> - A public QSslConfiguration::setDiffieHellmanParameters() to set the >> DH parameters. >> - A public (but not in the public headers) >> QSslConfiguration::diffieHellmanParameters() for internal use by the >> backends. >> - QSslDiffieHellmanParametersPrivate will befriend QSslContext (for >> OpenSSL) and an equivalent for SecureTransport to allow the >> implementations to access the DER encoded data of the >> QSslDiffieHellmanParameters. >> >> I did a cursory web search for the ability to set DH parameters for >> WinRT listeners, but I don't think that's possible -- so I haven't >> considered that, for now... >> >> Let me know what you think. >> >> Thanks, >> Mikkel >> _______________________________________________ >> Development mailing list >> [email protected] >> http://lists.qt-project.org/mailman/listinfo/development > > _______________________________________________ Development mailing list [email protected] http://lists.qt-project.org/mailman/listinfo/development
