diff -Nru qca2-plugin-ossl-0.1~20070904/configure qca2-plugin-ossl-2.0.0~beta3/configure --- qca2-plugin-ossl-0.1~20070904/configure 2007-09-04 23:44:11.000000000 +0000 +++ qca2-plugin-ossl-2.0.0~beta3/configure 2007-12-11 17:46:22.000000000 +0000 @@ -26,10 +26,11 @@ file (default for non-mac). --universal Build with Mac universal binary support. --mac-sdk=[path] Path to Mac universal SDK (PPC host only). + --plugins-path=[path] Path to install to. Default: qtdir/plugins Dependency options: - --in-tree-build Build with uninstalled QCA, only useful for SVN - users. + --with-qca=[path] Specify path to QCA tree, mainly for building + against an uninstalled QCA. --with-openssl-inc=[path] Path to OpenSSL include files --with-openssl-lib=[path] Path to OpenSSL library files @@ -173,8 +174,13 @@ shift ;; - --in-tree-build) - QC_IN_TREE_BUILD="Y" + --plugins-path=*) + QC_PLUGINS_PATH=$optarg + shift + ;; + + --with-qca=*) + QC_WITH_QCA=$optarg shift ;; @@ -211,7 +217,8 @@ echo QC_SEPARATE_DEBUG_INFO=$QC_SEPARATE_DEBUG_INFO echo QC_UNIVERSAL=$QC_UNIVERSAL echo QC_MAC_SDK=$QC_MAC_SDK -echo QC_IN_TREE_BUILD=$QC_IN_TREE_BUILD +echo QC_PLUGINS_PATH=$QC_PLUGINS_PATH +echo QC_WITH_QCA=$QC_WITH_QCA echo QC_WITH_OPENSSL_INC=$QC_WITH_OPENSSL_INC echo QC_WITH_OPENSSL_LIB=$QC_WITH_OPENSSL_LIB echo @@ -536,11 +543,29 @@ #line 1 "qca.qcm" /* -----BEGIN QCMOD----- -name: QCA 2.0 -arg: in-tree-build,Build with uninstalled QCA, only useful for SVN users. +name: QCA >= 2.0 +arg: with-qca=[path],Specify path to QCA tree, mainly for building against an uninstalled QCA. -----END QCMOD----- */ +// based on crypto.prf. any changes made to that file need to be tracked here. +static QString internal_crypto_prf(const QString &incdir, const QString &libdir) +{ + QString out = QString( + "CONFIG *= qt\n" + "INCLUDEPATH += %1/QtCrypto\n" + "LIBS += -L%2\n" + "\n" + "LINKAGE = -lqca\n" + "CONFIG(debug, debug|release) {\n" + " windows:LINKAGE = -lqcad\n" + " mac:LINKAGE = -lqca_debug\n" + "}\n" + "LIBS += \$\$LINKAGE\n" + ).arg(incdir, libdir); + return out; +} + //---------------------------------------------------------------------------- // qc_qca //---------------------------------------------------------------------------- @@ -548,7 +573,7 @@ { public: qc_qca(Conf *c) : ConfObj(c) {} - QString name() const { return "QCA 2.0"; } + QString name() const { return "QCA >= 2.0"; } QString shortname() const { return "qca"; } bool exec() { @@ -563,28 +588,31 @@ #endif // test for "crypto" feature and check qca version number - QString arg; - arg = conf->getenv("QC_IN_TREE_BUILD"); + QString qca_prefix, qca_incdir, qca_libdir, qca_crypto_prf; + qca_prefix = conf->getenv("QC_WITH_QCA"); QString proextra; - if (!arg.isEmpty()) { + if(!qca_prefix.isEmpty()) { + qca_incdir = qca_prefix + "/include"; + qca_libdir = qca_prefix + "/lib"; + qca_crypto_prf = internal_crypto_prf(qca_incdir, qca_libdir); proextra = - "CONFIG += qt \n" - "QT -= gui\n" - "INCLUDEPATH += ../../../../include/QtCrypto \n" - "LIBS += -L../../../../lib -lqca \n"; + "CONFIG += qt\n" + "QT -= gui\n"; + proextra += qca_crypto_prf; } else { proextra = "CONFIG += qt crypto\n" "QT -= gui\n"; } + QString str = "#include \n" "\n" "int main()\n" "{\n" " unsigned long x = QCA_VERSION;\n" - " if(x >= 0x016363) return 0; else return 1;\n" + " if(x >= 0x020000 && x < 0x030000) return 0; else return 1;\n" "}\n"; if(release) @@ -605,10 +633,11 @@ return false; } - if (!arg.isEmpty()) { - conf->addIncludePath("../../include/QtCrypto"); - conf->addLib("-L../../lib -lqca"); - } + if(!qca_prefix.isEmpty()) + conf->addExtra(qca_crypto_prf); + else + conf->addExtra("CONFIG += crypto\n"); + return true; } }; @@ -699,6 +728,8 @@ /* -----BEGIN QCMOD----- name: qcapluginpath +section: project +arg: plugins-path=[path],Path to install to. Default: qtdir/plugins -----END QCMOD----- */ @@ -714,12 +745,18 @@ bool exec() { + QString plugins_path = conf->getenv("QC_PLUGINS_PATH"); + + // default to qtdir + if(plugins_path.isEmpty()) + plugins_path = QLibraryInfo::location(QLibraryInfo::PluginsPath); + // install into plugins path QString str; str += QString( "target.path=%1/crypto\n" "INSTALLS += target\n" - ).arg(QLibraryInfo::location(QLibraryInfo::PluginsPath)); + ).arg(plugins_path); conf->addExtra(str); return true; } @@ -1692,7 +1729,8 @@ export QC_SEPARATE_DEBUG_INFO export QC_UNIVERSAL export QC_MAC_SDK -export QC_IN_TREE_BUILD +export QC_PLUGINS_PATH +export QC_WITH_QCA export QC_WITH_OPENSSL_INC export QC_WITH_OPENSSL_LIB export QC_VERBOSE diff -Nru qca2-plugin-ossl-0.1~20070904/configwin.bat qca2-plugin-ossl-2.0.0~beta3/configwin.bat --- qca2-plugin-ossl-0.1~20070904/configwin.bat 1970-01-01 00:00:00.000000000 +0000 +++ qca2-plugin-ossl-2.0.0~beta3/configwin.bat 2007-10-11 20:39:02.000000000 +0000 @@ -0,0 +1,56 @@ +@echo off +REM write conf_win.pri + +if "%1"=="rd" goto debug_and_release +if "%1"=="r" goto release +if "%1"=="d" goto debug +if "%1"=="rds" goto debug_and_release_static +if "%1"=="rs" goto release_static +if "%1"=="ds" goto debug_static +goto usage + +:usage +echo usage: configwin [mode] +echo modes: +echo rd release and debug, dynamic +echo r release, dynamic +echo d debug, dynamic +echo rds release and debug, static +echo rs release static +echo ds debug static +goto end + +:debug_and_release +echo Configuring for release and debug, dynamic +echo CONFIG += debug_and_release build_all > conf_win.pri +goto done + +:release +echo Configuring for release, dynamic +echo CONFIG += release > conf_win.pri +goto done + +:debug +echo Configuring for debug, dynamic +echo CONFIG += debug > conf_win.pri +goto done + +:debug_and_release_static +echo Configuring for release and debug, static +echo CONFIG += debug_and_release build_all staticlib > conf_win.pri +goto done + +:release_static +echo Configuring for release, static +echo CONFIG += release staticlib > conf_win.pri +goto done + +:debug_static +echo Configuring for debug, static +echo CONFIG += debug staticlib > conf_win.pri +goto done + +:done +echo Wrote conf_win.pri + +:end diff -Nru qca2-plugin-ossl-0.1~20070904/debian/changelog qca2-plugin-ossl-2.0.0~beta3/debian/changelog --- qca2-plugin-ossl-0.1~20070904/debian/changelog 2011-05-31 12:25:22.000000000 +0000 +++ qca2-plugin-ossl-2.0.0~beta3/debian/changelog 2011-05-30 08:41:09.000000000 +0000 @@ -1,9 +1,31 @@ -qca2-plugin-ossl (0.1~20070904-4build1) lucid; urgency=low +qca2-plugin-ossl (2.0.0~beta3-1) unstable; urgency=low - * rebuild rest of main for armel armv7/thumb2 optimization; - UbuntuSpec:mobile-lucid-arm-gcc-v7-thumb2 + * New upstream release. + - Supports the pbkdf2(sha1) algorithm. (Closes: #514880; LP: #382691) - -- Alexander Sack Sun, 07 Mar 2010 01:02:36 +0100 + [ Matthew Rosewarne ] + * Tweak package description. + * Add Homepage: to control. + * Add watch file. + + [ Felix Geyer ] + * Switch to source format 3.0 (quilt). + - Turn changes from the last revision into a proper patch: + remove_whirlpool_algo.diff + * Switch debian/rules engine to dhmk. + * Enable support for MD2 only when available in OpenSSL. (Closes: #622017) + - Add detect_md2_available.diff + * Enable support for SSL2 only when available in OpenSSL. + - Add detect_ssl2_available.diff + * Don't install the TODO file. + * Drop libqca2-plugin-ossl.install as we only build a single binary package. + * Switch to debhelper compat level 7. + * Bump Standards-Version to 3.9.2, no changes needed. + * Add myself to uploaders. + * Fix lintian warning copyright-with-old-dh-make-debian-copyright. + * Add Vcs-* fields. + + -- Debian Qt/KDE Maintainers Mon, 30 May 2011 11:41:07 +0300 qca2-plugin-ossl (0.1~20070904-4) unstable; urgency=low diff -Nru qca2-plugin-ossl-0.1~20070904/debian/compat qca2-plugin-ossl-2.0.0~beta3/debian/compat --- qca2-plugin-ossl-0.1~20070904/debian/compat 2011-05-31 12:25:22.000000000 +0000 +++ qca2-plugin-ossl-2.0.0~beta3/debian/compat 2011-05-30 08:22:40.000000000 +0000 @@ -1 +1 @@ -5 +7 diff -Nru qca2-plugin-ossl-0.1~20070904/debian/control qca2-plugin-ossl-2.0.0~beta3/debian/control --- qca2-plugin-ossl-0.1~20070904/debian/control 2011-05-31 12:25:22.000000000 +0000 +++ qca2-plugin-ossl-2.0.0~beta3/debian/control 2011-05-30 08:40:17.000000000 +0000 @@ -2,20 +2,20 @@ Section: libs Priority: optional Maintainer: Debian Qt/KDE Maintainers -Uploaders: Jan Niehusmann -Build-Depends: cdbs, debhelper (>= 5), autotools-dev, libqca2-dev (>=2.0.0), libssl-dev -Standards-Version: 3.7.2 +Uploaders: Jan Niehusmann , Felix Geyer +Build-Depends: debhelper (>= 7.3.16), pkg-kde-tools (>= 0.12), + libqca2-dev (>= 2.0.0), libssl-dev +Standards-Version: 3.9.2 +Homepage: http://delta.affinix.com/qca/ +Vcs-Git: git://anonscm.debian.org/pkg-kde/kde-std/qca2-plugin-ossl.git +Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-kde/kde-std/qca2-plugin-ossl.git Package: libqca2-plugin-ossl Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends} -Description: QCA OSSL plugin for libqca2 - This plugin provides features based on OpenSSL. It implements: - * Hashing - SHA1, SHA0, RIPEMD160, MD2, MD4, MD5 - * Hashing - SHA224, SHA256, SHA384 and SHA512 (for openssl 0.9.8) - * Block Ciphers - * Keyed Hash Message Authentication Code (HMAC), using SHA1, MD5, RIPEMD160 - * Public keys - RSA, DSA, Diffie-Hellman - * PKCS#12 - * SSL/TLS - * CMS (for S/MIME) +Description: SSL/TLS support for the Qt Cryptographic Architecture + The Qt Cryptographic Architecture (QCA) provides a straightforward and cross- + platform API for a range of cryptographic features, including SSL/TLS, + X.509 certificates, SASL, OpenPGP, S/MIME CMS, and smart cards. + . + This plugin provides support for SSL and TLS using the OpenSSL library. diff -Nru qca2-plugin-ossl-0.1~20070904/debian/copyright qca2-plugin-ossl-2.0.0~beta3/debian/copyright --- qca2-plugin-ossl-0.1~20070904/debian/copyright 2011-05-31 12:25:22.000000000 +0000 +++ qca2-plugin-ossl-2.0.0~beta3/debian/copyright 2011-05-30 08:22:40.000000000 +0000 @@ -1,17 +1,17 @@ This package was debianized by Jan Niehusmann on Tue, 24 Jul 2007 18:30:02 +0200. -It was downloaded from +It was downloaded from -Upstream Authors: +Upstream Authors: Justin Karneges Brad Hards Copyright: - Copyright (C) 2004-2007 Justin Karneges - Copyright (C) 2004-2006 Brad Hards + Copyright (C) 2004-2007, Justin Karneges + Copyright (C) 2004-2006, Brad Hards License: @@ -31,9 +31,7 @@ On Debian systems, the complete text of the GNU Lesser General -Public License can be found in `/usr/share/common-licenses/LGPL'. +Public License can be found in `/usr/share/common-licenses/LGPL-2.1'. -The Debian packaging is (C) 2007, Jan Niehusmann and +The Debian packaging is Copyright (C) 2007, Jan Niehusmann and is licensed under the LGPL, see above. - - diff -Nru qca2-plugin-ossl-0.1~20070904/debian/docs qca2-plugin-ossl-2.0.0~beta3/debian/docs --- qca2-plugin-ossl-0.1~20070904/debian/docs 2011-05-31 12:25:22.000000000 +0000 +++ qca2-plugin-ossl-2.0.0~beta3/debian/docs 2011-05-30 08:22:40.000000000 +0000 @@ -1,2 +1 @@ README -TODO diff -Nru qca2-plugin-ossl-0.1~20070904/debian/libqca2-plugin-ossl.install qca2-plugin-ossl-2.0.0~beta3/debian/libqca2-plugin-ossl.install --- qca2-plugin-ossl-0.1~20070904/debian/libqca2-plugin-ossl.install 2011-05-31 12:25:22.000000000 +0000 +++ qca2-plugin-ossl-2.0.0~beta3/debian/libqca2-plugin-ossl.install 1970-01-01 00:00:00.000000000 +0000 @@ -1 +0,0 @@ -usr/lib/qt4/plugins/crypto/libqca-ossl.so diff -Nru qca2-plugin-ossl-0.1~20070904/debian/patches/detect_md2_available.diff qca2-plugin-ossl-2.0.0~beta3/debian/patches/detect_md2_available.diff --- qca2-plugin-ossl-0.1~20070904/debian/patches/detect_md2_available.diff 1970-01-01 00:00:00.000000000 +0000 +++ qca2-plugin-ossl-2.0.0~beta3/debian/patches/detect_md2_available.diff 2011-05-30 08:22:40.000000000 +0000 @@ -0,0 +1,106 @@ +Description: Detect whether MD2 is avalable for OpenSSL plugin. +Origin: upstream, http://websvn.kde.org/?view=revision&revision=1111902 and + http://websvn.kde.org/?view=revision&revision=1115936 + +--- qca-ossl/qca-ossl.cpp ++++ qca-ossl/qca-ossl.cpp +@@ -1771,8 +1771,10 @@ + md = EVP_sha1(); + else if(alg == EMSA3_MD5) + md = EVP_md5(); ++#ifdef HAVE_OPENSSL_MD2 + else if(alg == EMSA3_MD2) + md = EVP_md2(); ++#endif + else if(alg == EMSA3_RIPEMD160) + md = EVP_ripemd160(); + else if(alg == EMSA3_Raw) +@@ -1789,8 +1791,10 @@ + md = EVP_sha1(); + else if(alg == EMSA3_MD5) + md = EVP_md5(); ++#ifdef HAVE_OPENSSL_MD2 + else if(alg == EMSA3_MD2) + md = EVP_md2(); ++#endif + else if(alg == EMSA3_RIPEMD160) + md = EVP_ripemd160(); + else if(alg == EMSA3_Raw) +@@ -3412,9 +3416,11 @@ + case NID_md5WithRSAEncryption: + p.sigalgo = QCA::EMSA3_MD5; + break; ++#ifdef HAVE_OPENSSL_MD2 + case NID_md2WithRSAEncryption: + p.sigalgo = QCA::EMSA3_MD2; + break; ++#endif + case NID_ripemd160WithRSA: + p.sigalgo = QCA::EMSA3_RIPEMD160; + break; +@@ -3910,9 +3916,11 @@ + case NID_md5WithRSAEncryption: + p.sigalgo = QCA::EMSA3_MD5; + break; ++#ifdef HAVE_OPENSSL_MD2 + case NID_md2WithRSAEncryption: + p.sigalgo = QCA::EMSA3_MD2; + break; ++#endif + case NID_ripemd160WithRSA: + p.sigalgo = QCA::EMSA3_RIPEMD160; + break; +@@ -4100,9 +4108,11 @@ + case NID_md5WithRSAEncryption: + p.sigalgo = QCA::EMSA3_MD5; + break; ++#ifdef HAVE_OPENSSL_MD2 + case NID_md2WithRSAEncryption: + p.sigalgo = QCA::EMSA3_MD2; + break; ++#endif + case NID_ripemd160WithRSA: + p.sigalgo = QCA::EMSA3_RIPEMD160; + break; +@@ -6640,7 +6650,9 @@ + list += "sha1"; + list += "sha0"; + list += "ripemd160"; ++#ifdef HAVE_OPENSSL_MD2 + list += "md2"; ++#endif + list += "md4"; + list += "md5"; + #ifdef SHA224_DIGEST_LENGTH +@@ -6849,7 +6861,9 @@ + list += all_hash_types(); + list += all_mac_types(); + list += all_cipher_types(); ++#ifdef HAVE_OPENSSL_MD2 + list += "pbkdf1(md2)"; ++#endif + list += "pbkdf1(sha1)"; + list += "pbkdf2(sha1)"; + list += "pkey"; +@@ -6882,8 +6896,10 @@ + return new opensslHashContext( EVP_sha(), this, type); + else if ( type == "ripemd160" ) + return new opensslHashContext( EVP_ripemd160(), this, type); ++#ifdef HAVE_OPENSSL_MD2 + else if ( type == "md2" ) + return new opensslHashContext( EVP_md2(), this, type); ++#endif + else if ( type == "md4" ) + return new opensslHashContext( EVP_md4(), this, type); + else if ( type == "md5" ) +@@ -6912,8 +6928,10 @@ + */ + else if ( type == "pbkdf1(sha1)" ) + return new opensslPbkdf1Context( EVP_sha1(), this, type ); ++#ifdef HAVE_OPENSSL_MD2 + else if ( type == "pbkdf1(md2)" ) + return new opensslPbkdf1Context( EVP_md2(), this, type ); ++#endif + else if ( type == "pbkdf2(sha1)" ) + return new opensslPbkdf2Context( this, type ); + else if ( type == "hmac(md5)" ) diff -Nru qca2-plugin-ossl-0.1~20070904/debian/patches/detect_ssl2_available.diff qca2-plugin-ossl-2.0.0~beta3/debian/patches/detect_ssl2_available.diff --- qca2-plugin-ossl-0.1~20070904/debian/patches/detect_ssl2_available.diff 1970-01-01 00:00:00.000000000 +0000 +++ qca2-plugin-ossl-2.0.0~beta3/debian/patches/detect_ssl2_available.diff 2011-05-30 08:22:40.000000000 +0000 @@ -0,0 +1,17 @@ +Description: fix compile when openssl doesn't support ssl2 +Origin: upstream, http://websvn.kde.org/?view=revision&revision=1230301 + +--- qca-ossl/qca-ossl.cpp ++++ qca-ossl/qca-ossl.cpp +@@ -5235,9 +5235,11 @@ + OpenSSL_add_ssl_algorithms(); + SSL_CTX *ctx = 0; + switch (version) { ++#ifndef OPENSSL_NO_SSL2 + case TLS::SSL_v2: + ctx = SSL_CTX_new(SSLv2_client_method()); + break; ++#endif + case TLS::SSL_v3: + ctx = SSL_CTX_new(SSLv3_client_method()); + break; diff -Nru qca2-plugin-ossl-0.1~20070904/debian/patches/remove_whirlpool_algo.diff qca2-plugin-ossl-2.0.0~beta3/debian/patches/remove_whirlpool_algo.diff --- qca2-plugin-ossl-0.1~20070904/debian/patches/remove_whirlpool_algo.diff 1970-01-01 00:00:00.000000000 +0000 +++ qca2-plugin-ossl-2.0.0~beta3/debian/patches/remove_whirlpool_algo.diff 2011-05-30 08:22:40.000000000 +0000 @@ -0,0 +1,31 @@ +Description: remove whirlpool usage. the algorithm is missing on at least + 0.9.8g and 0.9.8i, even though there's an OBJ_whirlpool definition in 0.9.8i. +Origin: upstream, http://websvn.kde.org/?view=revision&revision=864423 + +--- qca-ossl/qca-ossl.cpp ++++ qca-ossl/qca-ossl.cpp +@@ -6616,9 +6616,11 @@ + #ifdef SHA512_DIGEST_LENGTH + list += "sha512"; + #endif ++/* + #ifdef OBJ_whirlpool + list += "whirlpool"; + #endif ++*/ + return list; + } + +@@ -6863,10 +6865,12 @@ + else if ( type == "sha512" ) + return new opensslHashContext( EVP_sha512(), this, type); + #endif ++/* + #ifdef OBJ_whirlpool + else if ( type == "whirlpool" ) + return new opensslHashContext( EVP_whirlpool(), this, type); + #endif ++*/ + else if ( type == "pbkdf1(sha1)" ) + return new opensslPbkdf1Context( EVP_sha1(), this, type ); + else if ( type == "pbkdf1(md2)" ) diff -Nru qca2-plugin-ossl-0.1~20070904/debian/patches/series qca2-plugin-ossl-2.0.0~beta3/debian/patches/series --- qca2-plugin-ossl-0.1~20070904/debian/patches/series 1970-01-01 00:00:00.000000000 +0000 +++ qca2-plugin-ossl-2.0.0~beta3/debian/patches/series 2011-05-30 08:22:40.000000000 +0000 @@ -0,0 +1,3 @@ +remove_whirlpool_algo.diff +detect_md2_available.diff +detect_ssl2_available.diff diff -Nru qca2-plugin-ossl-0.1~20070904/debian/rules qca2-plugin-ossl-2.0.0~beta3/debian/rules --- qca2-plugin-ossl-0.1~20070904/debian/rules 2011-05-31 12:25:22.000000000 +0000 +++ qca2-plugin-ossl-2.0.0~beta3/debian/rules 2011-05-30 08:22:40.000000000 +0000 @@ -1,25 +1,20 @@ #!/usr/bin/make -f - -include /usr/share/cdbs/1/rules/debhelper.mk -include /usr/share/cdbs/1/class/qmake.mk - -DEB_MAKE_CLEAN_TARGET = clean -DEB_MAKE_BUILD_TARGET = all -DEB_MAKE_INSTALL_TARGET = install INSTALL_ROOT=$(CURDIR)/debian/tmp/ -DEB_DH_INSTALL_SOURCEDIR = debian/tmp -# no check for this software -# DEB_MAKE_CHECK_TARGET = - -common-configure-arch common-configure-indep:: common-configure-impl - -common-configure-impl:: $(DEB_BUILDDIR)/Makefile - -$(DEB_BUILDDIR)/Makefile: - cd $(DEB_BUILDDIR) && ./configure - -clean:: - rm -f $(DEB_BUILDDIR)/Makefile $(DEB_BUILDDIR)/.qmake.internal.cache - rm -f $(DEB_BUILDDIR)/lib/libqca-ossl.so* - rm -f $(DEB_BUILDDIR)/conf.log - rm -f $(DEB_BUILDDIR)/conf.pri +CFLAGS := $(shell dpkg-buildflags --get CFLAGS) +CXXFLAGS := $(shell dpkg-buildflags --get CXXFLAGS) +LDFLAGS := $(shell dpkg-buildflags --get LDFLAGS) + +include /usr/share/pkg-kde-tools/qt-kde-team/2/debian-qt-kde.mk + +dh += --buildsystem=qmake + +override_dh_auto_configure: + ./configure --verbose --qtdir=/usr/share/qt4 --debug --no-separate-debug-info + echo QMAKE_CFLAGS_DEBUG="$(CFLAGS)" >> conf.pri + echo QMAKE_CXXFLAGS_DEBUG="$(CXXFLAGS)" >> conf.pri + echo QMAKE_LDFLAGS_DEBUG="$(LDFLAGS)" >> conf.pri + qmake-qt4 + +override_dh_clean: + $(overridden_command) + rm -rf conf.log conf.pri conf.pri.tmp lib/ diff -Nru qca2-plugin-ossl-0.1~20070904/debian/source/format qca2-plugin-ossl-2.0.0~beta3/debian/source/format --- qca2-plugin-ossl-0.1~20070904/debian/source/format 1970-01-01 00:00:00.000000000 +0000 +++ qca2-plugin-ossl-2.0.0~beta3/debian/source/format 2011-05-31 12:25:23.000000000 +0000 @@ -0,0 +1 @@ +3.0 (quilt) diff -Nru qca2-plugin-ossl-0.1~20070904/debian/watch qca2-plugin-ossl-2.0.0~beta3/debian/watch --- qca2-plugin-ossl-0.1~20070904/debian/watch 1970-01-01 00:00:00.000000000 +0000 +++ qca2-plugin-ossl-2.0.0~beta3/debian/watch 2011-05-30 08:22:40.000000000 +0000 @@ -0,0 +1,4 @@ +version=3 + +opts=uversionmangle=s/-/~/ \ +http://delta.affinix.com/download/qca/2.0/plugins/qca-ossl-(.*).tar\.bz2 diff -Nru qca2-plugin-ossl-0.1~20070904/qca-ossl.cpp qca2-plugin-ossl-2.0.0~beta3/qca-ossl.cpp --- qca2-plugin-ossl-0.1~20070904/qca-ossl.cpp 2011-05-31 12:25:22.000000000 +0000 +++ qca2-plugin-ossl-2.0.0~beta3/qca-ossl.cpp 2007-12-11 06:34:57.000000000 +0000 @@ -19,9 +19,9 @@ */ #include - +#include #include -#include +#include #include #include @@ -1089,6 +1089,31 @@ EVP_MD_CTX m_context; }; +class opensslPbkdf2Context : public KDFContext +{ +public: + opensslPbkdf2Context(Provider *p, const QString &type) : KDFContext(p, type) + { + } + + Provider::Context *clone() const + { + return new opensslPbkdf2Context( *this ); + } + + SymmetricKey makeKey(const SecureArray &secret, const InitializationVector &salt, + unsigned int keyLength, unsigned int iterationCount) + { + SecureArray out(keyLength); + PKCS5_PBKDF2_HMAC_SHA1( (char*)secret.data(), secret.size(), + (unsigned char*)salt.data(), salt.size(), + iterationCount, keyLength, (unsigned char*)out.data() ); + return out; + } + +protected: +}; + class opensslHMACContext : public MACContext { public: @@ -2840,16 +2865,10 @@ X509Item(const X509Item &from) { - cert = from.cert; - req = from.req; - crl = from.crl; - - if(cert) - CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509); - if(req) - CRYPTO_add(&req->references, 1, CRYPTO_LOCK_X509_REQ); - if(crl) - CRYPTO_add(&crl->references, 1, CRYPTO_LOCK_X509_CRL); + cert = 0; + req = 0; + crl = 0; + *this = from; } ~X509Item() @@ -2857,6 +2876,26 @@ reset(); } + X509Item & operator=(const X509Item &from) + { + if(this != &from) + { + reset(); + cert = from.cert; + req = from.req; + crl = from.crl; + + if(cert) + CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509); + if(req) + CRYPTO_add(&req->references, 1, CRYPTO_LOCK_X509_REQ); + if(crl) + CRYPTO_add(&crl->references, 1, CRYPTO_LOCK_X509_CRL); + } + + return *this; + } + void reset() { if(cert) @@ -3405,6 +3444,175 @@ } //---------------------------------------------------------------------------- +// MyCAContext +//---------------------------------------------------------------------------- +// Thanks to Pascal Patry +class MyCAContext : public CAContext +{ +public: + X509Item caCert; + MyPKeyContext *privateKey; + + MyCAContext(Provider *p) : CAContext(p) + { + privateKey = 0; + } + + MyCAContext(const MyCAContext &from) : CAContext(from), caCert(from.caCert) + { + privateKey = static_cast(from.privateKey -> clone()); + } + + ~MyCAContext() + { + delete privateKey; + } + + virtual CertContext *certificate() const + { + MyCertContext *cert = new MyCertContext(provider()); + + cert->fromX509(caCert.cert); + return cert; + } + + virtual CertContext *createCertificate(const PKeyContext &pub, const CertificateOptions &opts) const + { + // TODO: implement + Q_UNUSED(pub) + Q_UNUSED(opts) + return 0; + } + + virtual CRLContext *createCRL(const QDateTime &nextUpdate) const + { + // TODO: implement + Q_UNUSED(nextUpdate) + return 0; + } + + virtual void setup(const CertContext &cert, const PKeyContext &priv) + { + caCert = static_cast(cert).item; + delete privateKey; + privateKey = 0; + privateKey = static_cast(priv.clone()); + } + + virtual CertContext *signRequest(const CSRContext &req, const QDateTime ¬ValidAfter) const + { + MyCertContext *cert = 0; + const EVP_MD *md = 0; + X509 *x = 0; + const CertContextProps &props = *req.props(); + CertificateOptions subjectOpts; + X509_NAME *subjectName = 0; + X509_EXTENSION *ex = 0; + + if(privateKey -> key()->type() == PKey::RSA) + md = EVP_sha1(); + else if(privateKey -> key()->type() == PKey::DSA) + md = EVP_dss1(); + else + return 0; + + cert = new MyCertContext(provider()); + + subjectOpts.setInfoOrdered(props.subject); + subjectName = new_cert_name(subjectOpts.info()); + + // create + x = X509_new(); + X509_set_version(x, 2); + + // serial + BIGNUM *bn = bi2bn(props.serial); + BN_to_ASN1_INTEGER(bn, X509_get_serialNumber(x)); + BN_free(bn); + + // validity period + ASN1_TIME_set(X509_get_notBefore(x), QDateTime::currentDateTime().toUTC().toTime_t()); + ASN1_TIME_set(X509_get_notAfter(x), notValidAfter.toTime_t()); + + X509_set_pubkey(x, static_cast(req.subjectPublicKey()) -> get_pkey()); + X509_set_subject_name(x, subjectName); + X509_set_issuer_name(x, X509_get_subject_name(caCert.cert)); + + // subject key id + ex = new_subject_key_id(x); + { + X509_add_ext(x, ex, -1); + X509_EXTENSION_free(ex); + } + + // CA mode + ex = new_basic_constraints(props.isCA, props.pathLimit); + if(ex) + { + X509_add_ext(x, ex, -1); + X509_EXTENSION_free(ex); + } + + // subject alt name + ex = new_cert_subject_alt_name(subjectOpts.info()); + if(ex) + { + X509_add_ext(x, ex, -1); + X509_EXTENSION_free(ex); + } + + // key usage + ex = new_cert_key_usage(props.constraints); + if(ex) + { + X509_add_ext(x, ex, -1); + X509_EXTENSION_free(ex); + } + + // extended key usage + ex = new_cert_ext_key_usage(props.constraints); + if(ex) + { + X509_add_ext(x, ex, -1); + X509_EXTENSION_free(ex); + } + + // policies + ex = new_cert_policies(props.policies); + if(ex) + { + X509_add_ext(x, ex, -1); + X509_EXTENSION_free(ex); + } + + if(!X509_sign(x, privateKey->get_pkey(), md)) + { + X509_free(x); + delete cert; + return 0; + } + + cert->fromX509(x); + X509_free(x); + return cert; + } + + virtual CRLContext *updateCRL(const CRLContext &crl, const QList &entries, const QDateTime &nextUpdate) const + { + // TODO: implement + Q_UNUSED(crl) + Q_UNUSED(entries) + Q_UNUSED(nextUpdate) + return 0; + } + + virtual Provider::Context *clone() const + { + return new MyCAContext(*this); + } +}; + +//---------------------------------------------------------------------------- // MyCSRContext //---------------------------------------------------------------------------- class MyCSRContext : public CSRContext @@ -6389,11 +6597,9 @@ #ifdef SHA512_DIGEST_LENGTH list += "sha512"; #endif -/* #ifdef OBJ_whirlpool list += "whirlpool"; #endif -*/ return list; } @@ -6553,6 +6759,7 @@ list += all_cipher_types(); list += "pbkdf1(md2)"; list += "pbkdf1(sha1)"; + list += "pbkdf2(sha1)"; list += "pkey"; list += "dlgroup"; list += "rsa"; @@ -6565,6 +6772,7 @@ list += "pkcs12"; list += "tls"; list += "cms"; + list += "ca"; return list; } @@ -6602,16 +6810,16 @@ else if ( type == "sha512" ) return new opensslHashContext( EVP_sha512(), this, type); #endif -/* #ifdef OBJ_whirlpool else if ( type == "whirlpool" ) return new opensslHashContext( EVP_whirlpool(), this, type); #endif -*/ else if ( type == "pbkdf1(sha1)" ) return new opensslPbkdf1Context( EVP_sha1(), this, type ); else if ( type == "pbkdf1(md2)" ) return new opensslPbkdf1Context( EVP_md2(), this, type ); + else if ( type == "pbkdf2(sha1)" ) + return new opensslPbkdf2Context( this, type ); else if ( type == "hmac(md5)" ) return new opensslHMACContext( EVP_md5(), this, type ); else if ( type == "hmac(sha1)" ) @@ -6724,6 +6932,8 @@ return new MyTLSContext( this ); else if ( type == "cms" ) return new CMSContext( this ); + else if ( type == "ca" ) + return new MyCAContext( this ); return 0; } }; diff -Nru qca2-plugin-ossl-0.1~20070904/qca-ossl.pro qca2-plugin-ossl-2.0.0~beta3/qca-ossl.pro --- qca2-plugin-ossl-0.1~20070904/qca-ossl.pro 2007-06-29 19:51:37.000000000 +0000 +++ qca2-plugin-ossl-2.0.0~beta3/qca-ossl.pro 2007-11-02 23:06:12.000000000 +0000 @@ -1,22 +1,24 @@ TEMPLATE = lib CONFIG += plugin QT -= gui -CONFIG += crypto DESTDIR = lib -VERSION = 1.0.0 +VERSION = 2.0.0 -include(conf.pri) +unix:include(conf.pri) +windows:CONFIG += crypto +windows:include(conf_win.pri) CONFIG += create_prl -# default windows config for now -windows:CONFIG += debug_and_release build_all - SOURCES = qca-ossl.cpp windows:{ load(winlocal.prf) + isEmpty(WINLOCAL_PREFIX) { + error("WINLOCAL_PREFIX not found. See http://delta.affinix.com/platform/#winlocal") + } + OPENSSL_PREFIX = $$WINLOCAL_PREFIX DEFINES += OSSL_097 @@ -26,7 +28,9 @@ LIBS += -lgdi32 -lwsock32 } -CONFIG(debug, debug|release) { - unix:TARGET = $$join(TARGET,,,_debug) - else:TARGET = $$join(TARGET,,,d) +!debug_and_release|build_pass { + CONFIG(debug, debug|release) { + mac:TARGET = $$member(TARGET, 0)_debug + windows:TARGET = $$member(TARGET, 0)d + } } diff -Nru qca2-plugin-ossl-0.1~20070904/README qca2-plugin-ossl-2.0.0~beta3/README --- qca2-plugin-ossl-0.1~20070904/README 2007-08-28 20:24:43.000000000 +0000 +++ qca2-plugin-ossl-2.0.0~beta3/README 2007-10-12 00:51:03.000000000 +0000 @@ -1,7 +1,12 @@ -QCA OSSL plugin ------------------- -Authors: Justin Karneges - Brad Hards +QCA OSSL plugin version 2.0.0 +----------------------------- +Date: October 11th, 2007 +Website: http://delta.affinix.com/qca/ +Mailing List: Delta Project + +Authors: + Justin Karneges + Brad Hards This plugin provides features based on OpenSSL. It implements: * Hashing - SHA1, SHA0, RIPEMD160, MD2, MD4, MD5 @@ -27,9 +32,8 @@ For Windows: - edit qca-ossl.pro - qmake qca-ossl.pro + configwin rd + qmake nmake (or make) - - copy [debug|release]\qca-ossl.dll qtdir\plugins\crypto + copy lib\*.dll qtdir\plugins\crypto