Details
-
Suggestion
-
Resolution: Unresolved
-
P3: Somewhat important
-
None
-
None
-
None
Description
Today the code does the validation too late, when connecting (client side) or when receiving a connection (server side). Especially on the server side, you want to know upfront that your configuration is wrong, instead of waiting for the first client attempting to connect
I think the cleanest way would be to provide an accessor to the public key from the private key:
/* If the key is a private key, return the associated public key */
QSslCertificate QSslKey::privateKey() const
/* Existing API: return the public key of the certificate */
QSslKey QSslCertificate::publicKey() const
Sample interation would be through the == operator:
QSslKey private(…)
QSslCertificate cert(…)
if (private.publicKey() != cert.publicKey()) {
// wrong key pair…
}