[Development] Playground: Crypto module
Ruslan Nigmatullin
euroelessar at yandex.ru
Thu Jan 10 23:32:06 CET 2013
11.01.2013, 00:55, "Richard Moore" <rich at kde.org>:
> On 10 January 2013 20:48, Ruslan Nigmatullin <euroelessar at yandex.ru> wrote:
>
>> Qt misses some core features connected with TLS/hashing:
>> 1. it's impossible to create "unencrypted" connection to server and initialize TLS encyption sometime afterwards (common usecase: connection to jabber server).
>
> That's incorrect, you can do that (though personally I regard
> protocols that do this as broken).
My fault, it really works( So there is one less QCA dependence, that's nice.
>
>> 2. HMAC is unsupported, so it's usually impossible to use OAuth with hmac-authorization (like "hmac(sha256)")
>
> Adding support for HMAC to QCryptographicHash would be pretty trivial.
> I don't see any reason why such a change would not be accepted.
If it's fit logically into QCryptographicHash, there is no problem to implement it, I agree. Should I implement it as another one class, i.e. QMessageAuthenticationCode?
>> That's why Qt supports nothing from my needs.
>>
>> Another one issue - Qt is sometimes shipped to some platforms with statically-linked OpenSSL, which makes nearly-to-impossible to use external libraries with OpenSSL as dependancy.
>
> I'm not aware of any platforms where we ship with a statically linked
> openssl. We dlopen it in the normal case, and link to it as normal
> with -openssl-linked.
>
> Cheers
>
> Rich.
--
Ruslan Nigmatullin
More information about the Development
mailing list