Qt5.7 实现Https 认证全过程解析(亲自动手版)

时间:2022-08-03 17:06:07

#### NetworkRequestManager.h

#include <QSsl>
#include <QSslKey>
#include <QSslSocket>
#include <QSslConfiguration>
#include <QSslCertificate>
#include <QSslError>
#include <QUrl>
#include <QNetworkAccessManager>
#include <QNetworkReply>
#include <QNetworkRequest>
#include <QtNetwork>

class NetworkRequestManager : public QObject
{
Q_OBJECT
public:
explicit NetworkRequestManager(QObject *parent = 0);
void sendMsg(const QString& ,const QString&, const QString&);
void sendMsgWithoutToken(const QString&, const QString&);

private:
QSslConfiguration m_sslconf;
QNetworkRequest m_request;
QNetworkAccessManager *m_manager;

signals:
void PostRequestFinished(const QJsonObject&);

private slots:
void RequestFinished(QNetworkReply*);
void sslErrorsH(QNetworkReply*, QList<QSslError>);
};

#endif // NETWORKREQUESTMANAGER_H

** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** **

** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** **

1. pc-client.crt 

2. pc-client.key

3. pc-server.pem

 这3个秘钥文件都是用服务器生成的,在本机用p12文件生成,不知什么原因无法认证成功,也许是因为不会用 openssl ,求大神全解。。

 关于Https的认证过程,自行百度吧。。 QNetwork 类还是封装的不错的,都是以异步处理的,而且可以配合Json字符串的解析。。

** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** **

** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** **

#### NetworkRequestManager.cpp

NetworkRequestManager::NetworkRequestManager(QObject *parent) : QObject(parent)
{
// Https ca certificate ..
// 创建客户端证书
QFile t_file(":/https/license/pc-client.crt");
t_file.open(QIODevice::ReadOnly);
const QSslCertificate certificate(&t_file, QSsl::Pem);
t_file.close();

// 创建客户端私钥
t_file.setFileName(":/https/license/pc-client.key");
t_file.open(QIODevice::ReadOnly);
const QSslKey prvateKey(&t_file, QSsl::Rsa);
t_file.close();

// SSL验证模式;TLS协议版本
m_sslconf.setPeerVerifyMode(QSslSocket::VerifyPeer);
m_sslconf.setProtocol(QSsl::TlsV1_2OrLater);
m_sslconf.setLocalCertificate(certificate);
m_sslconf.setPrivateKey(prvateKey);

// 创建服务器端证书
QList<QSslCertificate> caCerList;
t_file.setFileName(":/https/license/pc-server.pem");
t_file.open(QIODevice::ReadOnly);
const QSslCertificate cACertificate(&t_file, QSsl::Pem);
// 将服务证书加入到CA列表中
caCerList.append(cACertificate);
m_sslconf.setCaCertificates(caCerList);
t_file.close();

this->m_manager = new QNetworkAccessManager;
m_request.setSslConfiguration(m_sslconf);
QObject::connect(m_manager, SIGNAL(finished(QNetworkReply*)), this, SLOT(RequestFinished(QNetworkReply*)));
QObject::connect(m_manager, SIGNAL(sslErrors(QNetworkReply*,QList<QSslError>)), this, SLOT(sslErrorsH(QNetworkReply*,QList<QSslError>)));
}

void NetworkRequestManager::sslErrorsH(QNetworkReply *reply, QList<QSslError> error)
{
qDebug() <<"** sslErrorsH .." <<error;
}

void NetworkRequestManager::RequestFinished(QNetworkReply *reply)
{
int statusCode = reply->attribute(QNetworkRequest::HttpStatusCodeAttribute).toInt();
QVariant statusCodeV =
reply->attribute(QNetworkRequest::HttpStatusCodeAttribute);

QJsonDocument jdoc = QJsonDocument::fromJson(reply->readAll().constData());
QJsonObject obj = jdoc.object();

qDebug() <<"** RequestFinished" <<reply->isFinished() <<statusCode;

if(!obj.isEmpty()) emit this->PostRequestFinished(obj);
reply->deleteLater();
}