[Development] Playground: Crypto module

Ruslan Nigmatullin euroelessar at yandex.ru
Thu Jan 10 23:32:06 CET 2013



11.01.2013, 00:55, "Richard Moore" <rich at kde.org>:
> On 10 January 2013 20:48, Ruslan Nigmatullin <euroelessar at yandex.ru> wrote:
>
>>  Qt misses some core features connected with TLS/hashing:
>>  1. it's impossible to create "unencrypted" connection to server and initialize TLS encyption sometime afterwards (common usecase: connection to jabber server).
>
> That's incorrect, you can do that (though personally I regard
> protocols that do this as broken).

My fault, it really works( So there is one less QCA dependence, that's nice.

>
>>  2. HMAC is unsupported, so it's usually impossible to use OAuth with hmac-authorization (like "hmac(sha256)")
>
> Adding support for HMAC to QCryptographicHash would be pretty trivial.
> I don't see any reason why such a change would not be accepted.

If it's fit logically into QCryptographicHash, there is no problem to implement it, I agree. Should I implement it as another one class, i.e. QMessageAuthenticationCode?

>>  That's why Qt supports nothing from my needs.
>>
>>  Another one issue - Qt is sometimes shipped to some platforms with statically-linked OpenSSL, which makes nearly-to-impossible to use external libraries with OpenSSL as dependancy.
>
> I'm not aware of any platforms where we ship with a statically linked
> openssl. We dlopen it in the normal case, and link to it as normal
> with -openssl-linked.
>
> Cheers
>
> Rich.

--
Ruslan Nigmatullin



More information about the Development mailing list