[prev in list] [next in list] [prev in thread] [next in thread]
List: openssl-users
Subject: Re: [openssl-users] Porting to OpenSSL 1.1
From: Richard Moore <rich () kde ! org>
Date: 2016-10-11 8:33:59
Message-ID: CAMp7mVtPbZ035S5eiFbQNTkRMfX64MyP=3X584jUB37W4O7pRA () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Hi Bero,
Just based on the questions it sounds like you might be trying to port Qt.
I've already done this, and the branch is here:
https://github.com/richmoore/qtbase/commits/openssl11
It'll be added as a new backend once the configure changes that are
underway are completed. See
https://wiki.qt.io/Qt_Network_Workshop_2016#OpenSSL for a road map (or ask!)
Regards
Rich.
On 10 October 2016 at 23:56, Bernhard Rosenkraenzer <bero@lindev.ch> wrote:
> Hi,
> I'm porting some code to OpenSSL 1.1 -- for the most part, it's going
> well, but there's some things I'm not sure about:
>
> - What replaces a direct access to "sha1_hash" in an X509? (found in Qt
> 5.7)
>
> So far, haven't come up with a proper alternative to this. Should the code
> be refactored to use X509_issuer_and_serial_hash (which isn't quite the
> same, but should still give a unique hash)?
> [this is from qHash -- so the purpose really is to get a unique hash of
> the contents]
>
> - What's the best way to copy an EVP_PKEY?
>
> Also from Qt 5.7:
> rsa = RSA_new();
> memcpy(rsa, EVP_PKEY_get1_RSA(pkey), sizeof(RSA));
> [breaks because sizeof(RSA) is no longer known]
> for EC, there's EC_KEY_dup -- for RSA and DSA, not so much.
>
> - What's the proper successor to NETSCAPE_X509? (from kdelibs4support)
> I presume this (the method KSSLCertificate::toNetscape()) can just be
> deleted because nothing should be using Netscape x509 anymore?
>
>
> Outside of those, all problems I've run into so far were fairly easy to
> solve.
>
> ttyl
> bero
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
>
[Attachment #5 (text/html)]
<div dir="ltr"><div class="gmail_default" style="font-family:verdana,sans-serif">Hi \
Bero,</div><div class="gmail_default" \
style="font-family:verdana,sans-serif"><br></div><div class="gmail_default" \
style="font-family:verdana,sans-serif">Just based on the questions it sounds like you \
might be trying to port Qt. I've already done this, and the branch is here: <a \
href="https://github.com/richmoore/qtbase/commits/openssl11">https://github.com/richmoore/qtbase/commits/openssl11</a></div><div \
class="gmail_default" style="font-family:verdana,sans-serif"><br></div><div \
class="gmail_default" style="font-family:verdana,sans-serif">It'll be added as a \
new backend once the configure changes that are underway are completed. See <a \
href="https://wiki.qt.io/Qt_Network_Workshop_2016#OpenSSL">https://wiki.qt.io/Qt_Network_Workshop_2016#OpenSSL</a> \
for a road map (or ask!)</div><div class="gmail_default" \
style="font-family:verdana,sans-serif"><br></div><div class="gmail_default" \
style="font-family:verdana,sans-serif">Regards</div><div class="gmail_default" \
style="font-family:verdana,sans-serif"><br></div><div class="gmail_default" \
style="font-family:verdana,sans-serif">Rich.</div><div class="gmail_default" \
style="font-family:verdana,sans-serif"><br></div></div><div \
class="gmail_extra"><br><div class="gmail_quote">On 10 October 2016 at 23:56, \
Bernhard Rosenkraenzer <span dir="ltr"><<a href="mailto:bero@lindev.ch" \
target="_blank">bero@lindev.ch</a>></span> wrote:<br><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex">Hi,<br>I'm porting some code to OpenSSL 1.1 -- for the \
most part, it's going well, but there's some things I'm not sure \
about:<br><br>- What replaces a direct access to "sha1_hash" in an X509? \
(found in Qt 5.7)<br><br>So far, haven't come up with a proper alternative to \
this. Should the code be refactored to use X509_issuer_and_serial_hash (which \
isn't quite the same, but should still give a unique hash)?<br>[this is from \
qHash -- so the purpose really is to get a unique hash of the contents]<br><br>- \
What's the best way to copy an EVP_PKEY?<br><br>Also from Qt 5.7:<br>rsa = \
RSA_new();<br>memcpy(rsa, EVP_PKEY_get1_RSA(pkey), sizeof(RSA));<br>[breaks because \
sizeof(RSA) is no longer known]<br>for EC, there's EC_KEY_dup -- for RSA and DSA, \
not so much.<br><br>- What's the proper successor to NETSCAPE_X509? (from \
kdelibs4support)<br>I presume this (the method KSSLCertificate::toNetscape()) can \
just be deleted because nothing should be using Netscape x509 \
anymore?<br><br><br>Outside of those, all problems I've run into so far were \
fairly easy to solve.<br><br>ttyl<br>bero <br>--<br>
openssl-users mailing list<br>
To unsubscribe: <a href="https://mta.openssl.org/mailman/listinfo/openssl-users" \
rel="noreferrer" target="_blank">https://mta.openssl.org/<wbr>mailman/listinfo/openssl-users</a><br>
<br></blockquote></div><br></div>
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic