【发布时间】:2017-03-14 21:33:46
【问题描述】:
Windows 在 Chrome 中查看证书详细信息时显示的给定证书的公钥与 Qt 在连接到加密信号的插槽中返回的公钥不同。
auto onEncrypt = [](QNetworkReply* rpl) {
auto cert = rpl->sslConfiguration().peerCertificate();
auto publicKey = cert.publicKey();
QString winHexKey = "3082010a0282010100d8..."; // as displayed in cert info of Chrome on Windows for the Public Key
auto windowsKey = QByteArray::fromHex(winHexKey.toUtf8());
if (windowsKey == publicKey.toPem())
std::cout << "PEM key matched\n";
else if (windowsKey == publicKey.toDer())
std::cout << "DER key matched\n";
else if (winHexKey == publicKey.toPem().toHex())
std::cout << "Hex PEM key matched\n";
else if (winHexKey == publicKey.toDer().toHex())
std::cout << "Hex DER key matched\n";
else
std::cout << "No match!\n";
std::cout << publicKey.toPem().toHex().toStdString() << '\n'; // 902 characters worth starting with 2d2d2d2d2d
};
QNetworkAccessManager mgr;
QObject::connect(&mgr, &QNetworkAccessManager::encrypted, onEncrypt);
QNetworkRequest r(QUrl::fromUserInput("https://www.qt.io"));
mgr.get(r);
总是导致不匹配。有趣的是,公钥的十六进制输出比 Windows 显示的要大得多。
如何获取服务器提供的证书的公钥,并根据证书中的内容进行验证?
【问题讨论】: