[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openssl-users
Subject:    Re: [openssl-users] Porting to OpenSSL 1.1
From:       Richard Moore <rich () kde ! org>
Date:       2016-10-11 8:33:59
Message-ID: CAMp7mVtPbZ035S5eiFbQNTkRMfX64MyP=3X584jUB37W4O7pRA () mail ! gmail ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


Hi Bero,

Just based on the questions it sounds like you might be trying to port Qt.
I've already done this, and the branch is here:
https://github.com/richmoore/qtbase/commits/openssl11

It'll be added as a new backend once the configure changes that are
underway are completed. See
https://wiki.qt.io/Qt_Network_Workshop_2016#OpenSSL for a road map (or ask!)

Regards

Rich.


On 10 October 2016 at 23:56, Bernhard Rosenkraenzer <bero@lindev.ch> wrote:

> Hi,
> I'm porting some code to OpenSSL 1.1 -- for the most part, it's going
> well, but there's some things I'm not sure about:
>
> - What replaces a direct access to "sha1_hash" in an X509? (found in Qt
> 5.7)
>
> So far, haven't come up with a proper alternative to this. Should the code
> be refactored to use X509_issuer_and_serial_hash (which isn't quite the
> same, but should still give a unique hash)?
> [this is from qHash -- so the purpose really is to get a unique hash of
> the contents]
>
> - What's the best way to copy an EVP_PKEY?
>
> Also from Qt 5.7:
> rsa = RSA_new();
> memcpy(rsa, EVP_PKEY_get1_RSA(pkey), sizeof(RSA));
> [breaks because sizeof(RSA) is no longer known]
> for EC, there's EC_KEY_dup -- for RSA and DSA, not so much.
>
> - What's the proper successor to NETSCAPE_X509? (from kdelibs4support)
> I presume this (the method KSSLCertificate::toNetscape()) can just be
> deleted because nothing should be using Netscape x509 anymore?
>
>
> Outside of those, all problems I've run into so far were fairly easy to
> solve.
>
> ttyl
> bero
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
>

[Attachment #5 (text/html)]

<div dir="ltr"><div class="gmail_default" style="font-family:verdana,sans-serif">Hi \
Bero,</div><div class="gmail_default" \
style="font-family:verdana,sans-serif"><br></div><div class="gmail_default" \
style="font-family:verdana,sans-serif">Just based on the questions it sounds like you \
might be trying to port Qt. I&#39;ve already done this, and the branch is here:  <a \
href="https://github.com/richmoore/qtbase/commits/openssl11">https://github.com/richmoore/qtbase/commits/openssl11</a></div><div \
class="gmail_default" style="font-family:verdana,sans-serif"><br></div><div \
class="gmail_default" style="font-family:verdana,sans-serif">It&#39;ll be added as a \
new backend once the configure changes that are underway are completed. See  <a \
href="https://wiki.qt.io/Qt_Network_Workshop_2016#OpenSSL">https://wiki.qt.io/Qt_Network_Workshop_2016#OpenSSL</a> \
for a road map (or ask!)</div><div class="gmail_default" \
style="font-family:verdana,sans-serif"><br></div><div class="gmail_default" \
style="font-family:verdana,sans-serif">Regards</div><div class="gmail_default" \
style="font-family:verdana,sans-serif"><br></div><div class="gmail_default" \
style="font-family:verdana,sans-serif">Rich.</div><div class="gmail_default" \
style="font-family:verdana,sans-serif"><br></div></div><div \
class="gmail_extra"><br><div class="gmail_quote">On 10 October 2016 at 23:56, \
Bernhard Rosenkraenzer <span dir="ltr">&lt;<a href="mailto:bero@lindev.ch" \
target="_blank">bero@lindev.ch</a>&gt;</span> wrote:<br><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex">Hi,<br>I&#39;m porting some code to OpenSSL 1.1 -- for the \
most part, it&#39;s going well, but there&#39;s some things I&#39;m not sure \
about:<br><br>- What replaces a direct access to &quot;sha1_hash&quot; in an X509? \
(found in Qt 5.7)<br><br>So far, haven&#39;t come up with a proper alternative to \
this. Should the code be refactored to use X509_issuer_and_serial_hash (which \
isn&#39;t quite the same, but should still give a unique hash)?<br>[this is from \
qHash -- so the purpose really is to get a unique hash of the contents]<br><br>- \
What&#39;s the best way to copy an EVP_PKEY?<br><br>Also from Qt 5.7:<br>rsa = \
RSA_new();<br>memcpy(rsa, EVP_PKEY_get1_RSA(pkey), sizeof(RSA));<br>[breaks because \
sizeof(RSA) is no longer known]<br>for EC, there&#39;s EC_KEY_dup -- for RSA and DSA, \
not so much.<br><br>- What&#39;s the proper successor to NETSCAPE_X509? (from \
kdelibs4support)<br>I presume this (the method KSSLCertificate::toNetscape()) can \
just be deleted because nothing should be using Netscape x509 \
anymore?<br><br><br>Outside of those, all problems I&#39;ve run into so far were \
fairly easy to solve.<br><br>ttyl<br>bero <br>--<br>
openssl-users mailing list<br>
To unsubscribe: <a href="https://mta.openssl.org/mailman/listinfo/openssl-users" \
rel="noreferrer" target="_blank">https://mta.openssl.org/<wbr>mailman/listinfo/openssl-users</a><br>
 <br></blockquote></div><br></div>



-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic