Qt Cryptographic Architecture

Justin Karneges justin-psi at affinix.com
Tue Jan 6 09:09:46 GMT 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

(Note: I'm not subscribed, please CC replies)

Hi,

I was reading on dot.kde.org about some recent changes to KDE CVS regarding an
SSLIODevice.  Are you guys doing some restructuring to kssl?  If so, I wonder
if you would be interested in working with QCA.

QCA stands for Qt Cryptographic Architecture.  It works much like Java's
similarly-named JCA, in which there is a crypto API abstracted from the
actual implementations.  QCA loads implementations as plugins, which I have
piggybacked on Qt's own plugin system (so they are found in
$QTDIR/plugins/crypto, for instance).  Plugins are loaded on demand during
runtime.

The API supports SSL(TLS) and SASL, both for clients _and_ servers, as well as
X509, RSA, symmetric ciphers, hashers...

For SSL, you would use QCA::TLS, which has very similar behavior to my older
QSSLFilter (and also Trolltech's recent QtSSLFilter, which they based on my
original concept).

I have written two provider plugins.  One is based on Cyrus SASL2 and supplies
SASL, the other is based on OpenSSL and supplies everything else.  The actual
QCA library itself has no dependency on these sub-libraries.  For instance,
one could easily write a TLS provider based on gnutls (I figure this aspect
might interest you the most).

QCA is currently at 1.0, LGPL, and you can download the source here:

  http://psi.affinix.com/beta/qca-1.0.tar.bz2
  http://psi.affinix.com/beta/qca-tls-1.0.tar.bz2
  http://psi.affinix.com/beta/qca-sasl-1.0.tar.bz2

Do you think this would be useful for KDE?  Let me know what you think.

- -Justin
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQE/+nta8+Nd5hn1dJ4RAix4AJwIZuV1eIPYySPoQDraIzp09Pj+6ACeKuvm
WX4PwYUP9YHF4oI8AB8ceW8=
=6TEN
-----END PGP SIGNATURE-----





More information about the kde-core-devel mailing list