SSL Client/Server Handshake



  • So I found the following example online for Client and Server using SSL. Client sends a handshake to the server saying hello world and when the server receives it, it displays it.On the GUI I created, I would like for the client to send a handshake to the server with the message such as "Hello Steve" and when the server receives it will check whether Steve (an object I create) is there. If it's not there then server will reply back "no he is not here" and if he is there it will reply back "yes he is here". The client side will then do something depending on the answer. From the example below, is it possible for the server to reply back to the client?

    client

    #include "ClientExample.h"
    
    #include <QCoreApplication>
    #include <QString>
    #include <QSslSocket>
    #include <QThread>
    
    ClientExample::ClientExample(QObject *parent) : QObject(parent)
    {
    }
    
    
    void ClientExample::run()
    {
        QString hostName = "127.0.0.1";    // DO NOT CHANGE THIS AS IT MUST MATCH THE FQDN OF THE CERTIFICATE (you MUST create your own certificate in order to change this)
        quint16 port = 22333;
    
        QSslSocket sslSocket;
        sslSocket.addCaCertificates("~/Downloads/Qt-SslServer-master/example/Client/Debug/debug/sslserver.pem");
        sslSocket.connectToHostEncrypted(hostName, port);
    
        if (sslSocket.waitForEncrypted(-1))    // Wait until encrypted connection is established, -1 means no timeout
        {
            qDebug() << "Connected";
            sslSocket.write("Hello, Steve!");    // Send message to the server
    
            if (sslSocket.waitForBytesWritten(-1))    // Wait until message is sent (also makes QSslSocket flush the buffer)
                qDebug() << "Message sent";
            else
                qDebug().nospace() << "ERROR: could not send message (" << qPrintable(sslSocket.errorString()) << ")";
    
            while (!sslSocket.waitForDisconnected())    // Wait until disconnected
                QThread::msleep(10);
    
            qDebug() << "Disconnected";
        }
    
        else
        {
            qDebug().nospace() << "ERROR: could not establish encrypted connection (" << qPrintable(sslSocket.errorString()) << ")";
        }
    
        this->deleteLater();
        QThread::currentThread()->quit();
        qApp->exit();
    }
    

    server

    #include "ServerExample.h"
    
    #include "SslServer.h"
    
    #include <QCoreApplication>
    #include <QHostAddress>
    #include <QSslSocket>
    #include <QThread>
    
    ServerExample::ServerExample(QObject *parent) : QObject(parent)
    {
    }
    
    
    void ServerExample::run()
    {
        QHostAddress address = QHostAddress::Any;
        quint16 port = 22333;
    
        SslServer sslServer;
        sslServer.setSslLocalCertificate("~/Downloads/Qt-SslServer-master/example/Server/Debug/debug/sslserver.pem");
        sslServer.setSslPrivateKey("~/Downloads/Qt-SslServer-master/example/Server/Debug/debug/sslserver.key");
        sslServer.setSslProtocol(QSsl::TlsV1_2);
    
        if (sslServer.listen(address, port))
            qDebug().nospace() << "Now listening on " << qPrintable(/*address.toString()*/ "127.0.0.1") << ":" << port;
        else
            qDebug().nospace() << "ERROR: could not bind to " << qPrintable(address.toString()) << ":" << port;
    
        if (sslServer.waitForNewConnection(-1))    // Wait until a new connection is received, -1 means no timeout
        {
            qDebug() << "New connection";
            QSslSocket *sslSocket = dynamic_cast<QSslSocket*>(sslServer.nextPendingConnection());
    
            if (sslSocket->waitForReadyRead(5000))    // Wait until some data is received, 5000 ms timeout (-1 doesn't work here)
            {
                QByteArray message = sslSocket->readAll();    // Read message
                qDebug() << "Message:" << QString(message);
    
    //this is the area where the program will check if Steve is there and reply back to the client
                
                sslSocket->disconnectFromHost();    // Disconnect
                sslSocket->waitForDisconnected();    // Wait until disconnected
                qDebug() << "Disconnected";
            }
    
            else
            {
                qDebug().nospace() << "ERROR: could not receive message (" << qPrintable(sslSocket->errorString()) << ")";
            }
        }
    
        else
        {
            qDebug().nospace() << "ERROR: could not establish encrypted connection (" << qPrintable(sslServer.errorString()) << ")";
        }
    
        this->deleteLater();
        QThread::currentThread()->quit();
        qApp->exit();
    }
    
    


  • This is not an SSL Handshake problem.

    Just do not disconnect the sockets, keep them connected and you can send data across them via secure TCP.

    check the fortune examples in Qt, those are bad examples but it's a starting point http://doc.qt.io/qt-5/qtnetwork-fortuneclient-example.html



  • Is it possible for you to explain to me how this is not SSL handshake? I thought it was. Thank you so much.



  • The handshake is the process that establishes the secure connection, in Qt QSslSocket::connectToHostEncrypted and QSslSocket::startServerEncryption take care of the handshake. The "Hello Word" sent across is just normal TCP communication that could be done even without encryption (i.e. using QTcpSocket)



Looks like your connection to Qt Forum was lost, please wait while we try to reconnect.