Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-76499

API for cryptography and key/certificate management

    XMLWordPrintable

Details

    • User Story
    • Resolution: Unresolved
    • P4: Low
    • 6.x
    • None
    • Network: SSL
    • None
    • 30
    • Qt6_Foundation_ Sprint 13, Qt6_Foundation_ Sprint 14, Qt6_Foundation_Sprint 15

    Description

      Qt applications want to use crypto functionality to

      • manage keys and certificates
        • Key generation support
        • Certificate Signing Request generation support
        • optional: Certificate signing
        • optional: Certificate Revocation List generation support
      • encrypt/decrypt data
        • streaming support

      A separate set of classes that provide access this functionality and abstracts the underlying libraries (like OpenSSL, mbedTLS, WolfSSL, NSS, BoringSSL, gcrypt, Botan) and OS sevices (like SecureTransport, SecureChannel) could then be used by QtNetwork as well to implement SSL/TLS support.

      An architecture that defines an interface that allows the implementation of different might be possible, and gives users or 3rd parties the opportunity to develop their own backends.

      Possible alternative to extending QSsl (aka. X509) is to use an external dependecy library (https://userbase.kde.org/QCA), which already has a Qt API.
      The certificate management API is already worked on by QtOpcUa team because it requires CSR generation. (https://codereview.qt-project.org/c/qt/qtopcua/+/263819)

      Attachments

        Issue Links

          relates to

          Epic - Created by Jira Software - do not edit or delete. Issue type for a big user story that needs to be broken down. QTBUG-75638 Qt Network changes in Qt 6

          • P1: Critical - Urgent and Important, will STOP the release if matched with set FixVersion field. This includes regressions from the last version that are not edge cases; Data loss; Build issues; All but the most unlikely crashes/lockups/hanging; Serious usability issues and embarrassing bugs & Bugs critical to a deliverable. This is the highest possible priority for requirements.
          • Closed

          User Story - Created by Jira Software - do not edit or delete. Issue type for a user story. QTBUG-73793 Missing security API in Qt

          • P3: Somewhat important - Should be fixed, but doesn't affect the release in any way.
          • Withdrawn
          mentioned in

          Page Loading...

          Page Loading...

          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

              cnn Qt Core & Network
              vhilshei Volker Hilsheimer
              Vladimir Minenko Vladimir Minenko
              Alex Blasche Alex Blasche
              Votes:
              1 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

                Created:
                Updated:

                Time Tracking

                  Estimated:
                  Original Estimate - 4 weeks
                  4w
                  Remaining:
                  Remaining Estimate - 4 weeks
                  4w
                  Logged:
                  Time Spent - Not Specified
                  Not Specified

                  Gerrit Reviews

                    There are no open Gerrit changes