Commit 1360b530ecc96aac4c77ef6ae2db1a05e9b791f1
1 parent
3d0de5b9
Update ChangeLog and manual for openssl crypto provider
Showing
2 changed files
with
47 additions
and
24 deletions
ChangeLog
| 1 | +2020-04-06 Jay Berkenbilt <ejb@ql.org> | |
| 2 | + | |
| 3 | + * Add openssl crypto provider, contributed by Dean Scarff. This | |
| 4 | + provider is implemented using OpenSSL and also works with | |
| 5 | + BoringSSL. | |
| 6 | + | |
| 1 | 7 | 2020-04-04 Jay Berkenbilt <ejb@ql.org> |
| 2 | 8 | |
| 3 | 9 | * Add a new provideStreamData method for StreamDataProvider that | ... | ... |
manual/qpdf-manual.xml
| ... | ... | @@ -138,7 +138,9 @@ |
| 138 | 138 | <para> |
| 139 | 139 | <emphasis>Recommended but not required:</emphasis> gnutls: |
| 140 | 140 | <ulink url="https://www.gnutls.org/">https://www.gnutls.org/</ulink> |
| 141 | - to be able to use the gnutls crypto provider | |
| 141 | + to be able to use the gnutls crypto provider, and/or openssl: | |
| 142 | + <ulink url="https://openssl.org/">https://openssl.org/</ulink> | |
| 143 | + to be able to use the openssl crypto provider. | |
| 142 | 144 | </para> |
| 143 | 145 | </listitem> |
| 144 | 146 | <listitem> |
| ... | ... | @@ -271,10 +273,11 @@ make |
| 271 | 273 | </para> |
| 272 | 274 | <para> |
| 273 | 275 | Starting with qpdf version 9.1.0, the available implementations |
| 274 | - are <literal>native</literal> and <literal>gnutls</literal>. | |
| 275 | - Additional implementations may be added if needed. It is also | |
| 276 | - possible for a developer to provide their own implementation | |
| 277 | - without modifying the qpdf library. | |
| 276 | + are <literal>native</literal> and <literal>gnutls</literal>. In | |
| 277 | + qpdf 10.0.0, <literal>openssl</literal> was added. Additional | |
| 278 | + implementations may be added if needed. It is also possible for a | |
| 279 | + developer to provide their own implementation without modifying | |
| 280 | + the qpdf library. | |
| 278 | 281 | </para> |
| 279 | 282 | <sect2 id="ref.crypto.build"> |
| 280 | 283 | <title>Build Support For Crypto Providers</title> |
| ... | ... | @@ -344,9 +347,10 @@ make |
| 344 | 347 | own external dependencies that can be omitted if the crypto |
| 345 | 348 | provider is not used. For example, if you are building qpdf |
| 346 | 349 | yourself and are using an environment that does not support |
| 347 | - gnutls, you can ensure that <literal>USE_CRYPTO_NATIVE</literal> | |
| 348 | - is defined, <literal>USE_CRYPTO_GNUTLS</literal> is not defined, | |
| 349 | - and <literal>DEFAULT_CRYPTO</literal> is defined to | |
| 350 | + gnutls or openssl, you can ensure that | |
| 351 | + <literal>USE_CRYPTO_NATIVE</literal> is defined, | |
| 352 | + <literal>USE_CRYPTO_GNUTLS</literal> is not defined, and | |
| 353 | + <literal>DEFAULT_CRYPTO</literal> is defined to | |
| 350 | 354 | <literal>"native"</literal>. Then you must include the source |
| 351 | 355 | files used in the native implementation, some of which were added |
| 352 | 356 | or renamed from earlier versions, to your build, and you can |
| ... | ... | @@ -4796,6 +4800,35 @@ print "\n"; |
| 4796 | 4800 | </listitem> |
| 4797 | 4801 | <listitem> |
| 4798 | 4802 | <para> |
| 4803 | + Build/Packaging Changes | |
| 4804 | + </para> | |
| 4805 | + <itemizedlist> | |
| 4806 | + <listitem> | |
| 4807 | + <para> | |
| 4808 | + Add a <literal>openssl</literal> crypto provider, which is | |
| 4809 | + implemented with OpenSSL and also works with BoringSSL. | |
| 4810 | + Thanks to Dean Scarff for this contribution. If you maintain | |
| 4811 | + qpdf for a distribution, pay special attention to make sure | |
| 4812 | + that you are including support for the crypto providers you | |
| 4813 | + want. Package maintainers will have to weigh the advantages | |
| 4814 | + of allowing users to pick a crypto provider at runtime | |
| 4815 | + against the disadvantages of adding more dependencies to | |
| 4816 | + qpdf. | |
| 4817 | + </para> | |
| 4818 | + </listitem> | |
| 4819 | + <listitem> | |
| 4820 | + <para> | |
| 4821 | + Allow qpdf to built on stripped down systems whose C/C++ | |
| 4822 | + libraries lack the <classname>wchar_t</classname> type. | |
| 4823 | + Search for <classname>wchar_t</classname> in qpdf's | |
| 4824 | + README.md for details. This should be very rare, but it is | |
| 4825 | + known to be helpful in some embedded environments. | |
| 4826 | + </para> | |
| 4827 | + </listitem> | |
| 4828 | + </itemizedlist> | |
| 4829 | + </listitem> | |
| 4830 | + <listitem> | |
| 4831 | + <para> | |
| 4799 | 4832 | CLI Enhancements |
| 4800 | 4833 | </para> |
| 4801 | 4834 | <itemizedlist> |
| ... | ... | @@ -4944,22 +4977,6 @@ print "\n"; |
| 4944 | 4977 | </listitem> |
| 4945 | 4978 | </itemizedlist> |
| 4946 | 4979 | </listitem> |
| 4947 | - <listitem> | |
| 4948 | - <para> | |
| 4949 | - Build Changes | |
| 4950 | - </para> | |
| 4951 | - <itemizedlist> | |
| 4952 | - <listitem> | |
| 4953 | - <para> | |
| 4954 | - Allow qpdf to built on stripped down systems whose C/C++ | |
| 4955 | - libraries lack the <classname>wchar_t</classname> type. | |
| 4956 | - Search for <classname>wchar_t</classname> in qpdf's | |
| 4957 | - README.md for details. This should be very rare, but it is | |
| 4958 | - known to be helpful in some embedded environments. | |
| 4959 | - </para> | |
| 4960 | - </listitem> | |
| 4961 | - </itemizedlist> | |
| 4962 | - </listitem> | |
| 4963 | 4980 | </itemizedlist> |
| 4964 | 4981 | </listitem> |
| 4965 | 4982 | </varlistentry> | ... | ... |