On 10 January 2013 20:48, Ruslan Nigmatullin <euroeles...@yandex.ru> wrote: > Qt misses some core features connected with TLS/hashing: > 1. it's impossible to create "unencrypted" connection to server and > initialize TLS encyption sometime afterwards (common usecase: connection to > jabber server).
That's incorrect, you can do that (though personally I regard protocols that do this as broken). > 2. HMAC is unsupported, so it's usually impossible to use OAuth with > hmac-authorization (like "hmac(sha256)") Adding support for HMAC to QCryptographicHash would be pretty trivial. I don't see any reason why such a change would not be accepted. > > That's why Qt supports nothing from my needs. > > Another one issue - Qt is sometimes shipped to some platforms with > statically-linked OpenSSL, which makes nearly-to-impossible to use external > libraries with OpenSSL as dependancy. I'm not aware of any platforms where we ship with a statically linked openssl. We dlopen it in the normal case, and link to it as normal with -openssl-linked. Cheers Rich. > > 11.01.2013, 00:35, "Richard Moore" <r...@kde.org>: >> On 10 January 2013 17:03, Ruslan Nigmatullin <euroeles...@yandex.ru> wrote: >> >>> Hi all, >>> >>> With Qt5 there are no Qt-based cryptographic interfaces now. There was an >>> QCA for Qt3/Qt4, but it had over-engineered interface and a lot of bugs. So >>> I would like to start Crypto module for Qt5 with convience crypto-methods >>> (Qt-based wrappers for TLS/SSL encryption, SASL, AES/etc encryption, >>> SHA/HMAC hashing, etc) and nice Qt-style API. It's proposed to use >>> appropriate libraries like OpenSSL/cyrus-sasl/gnugp/etc. >> >> Qt already has support for TLS/SSL in qtnetwork, and I've already >> written https://gitorious.org/qt-certificate-addon/ to cover key and >> certificate generation (supports qt 4.x and qt5). SHA etc. are covered >> by QCryptographicHash >> (http://qt-project.org/doc/qt-5.0/qtcore/qcryptographichash.html) out >> of your list that really just leaves SASL and actual crypto algorithms >> like AES. >> >> I don't see any reason why those couldn't be supported by another two >> Qt addons, one for AES and one for SASL, though I'm unsure how much >> demand there is. >> >> Cheers >> >> Rich. > > -- > Ruslan Nigmatullin _______________________________________________ Development mailing list Development@qt-project.org http://lists.qt-project.org/mailman/listinfo/development
