OpenSystemsDevelopment / qpdf

Commit 1360b530ecc96aac4c77ef6ae2db1a05e9b791f1

Authored by Jay Berkenbilt
1 parent 3d0de5b9

Update ChangeLog and manual for openssl crypto provider

Inline Side-by-side
Showing 2 changed files with 47 additions and 24 deletions
ChangeLog
  View file @1360b53
  1 +2020-04-06 Jay Berkenbilt <ejb@ql.org>
  2 +
  3 + * Add openssl crypto provider, contributed by Dean Scarff. This
  4 + provider is implemented using OpenSSL and also works with
  5 + BoringSSL.
  6 +
1 2020-04-04 Jay Berkenbilt <ejb@ql.org> 7 2020-04-04 Jay Berkenbilt <ejb@ql.org>
2 8
3 * Add a new provideStreamData method for StreamDataProvider that 9 * Add a new provideStreamData method for StreamDataProvider that
manual/qpdf-manual.xml
  View file @1360b53
@@ -138,7 +138,9 @@ @@ -138,7 +138,9 @@
138 <para> 138 <para>
139 <emphasis>Recommended but not required:</emphasis> gnutls: 139 <emphasis>Recommended but not required:</emphasis> gnutls:
140 <ulink url="https://www.gnutls.org/">https://www.gnutls.org/</ulink> 140 <ulink url="https://www.gnutls.org/">https://www.gnutls.org/</ulink>
141 - to be able to use the gnutls crypto provider 141 + to be able to use the gnutls crypto provider, and/or openssl:
  142 + <ulink url="https://openssl.org/">https://openssl.org/</ulink>
  143 + to be able to use the openssl crypto provider.
142 </para> 144 </para>
143 </listitem> 145 </listitem>
144 <listitem> 146 <listitem>
@@ -271,10 +273,11 @@ make @@ -271,10 +273,11 @@ make
271 </para> 273 </para>
272 <para> 274 <para>
273 Starting with qpdf version 9.1.0, the available implementations 275 Starting with qpdf version 9.1.0, the available implementations
274 - are <literal>native</literal> and <literal>gnutls</literal>.  
275 - Additional implementations may be added if needed. It is also  
276 - possible for a developer to provide their own implementation  
277 - without modifying the qpdf library. 276 + are <literal>native</literal> and <literal>gnutls</literal>. In
  277 + qpdf 10.0.0, <literal>openssl</literal> was added. Additional
  278 + implementations may be added if needed. It is also possible for a
  279 + developer to provide their own implementation without modifying
  280 + the qpdf library.
278 </para> 281 </para>
279 <sect2 id="ref.crypto.build"> 282 <sect2 id="ref.crypto.build">
280 <title>Build Support For Crypto Providers</title> 283 <title>Build Support For Crypto Providers</title>
@@ -344,9 +347,10 @@ make @@ -344,9 +347,10 @@ make
344 own external dependencies that can be omitted if the crypto 347 own external dependencies that can be omitted if the crypto
345 provider is not used. For example, if you are building qpdf 348 provider is not used. For example, if you are building qpdf
346 yourself and are using an environment that does not support 349 yourself and are using an environment that does not support
347 - gnutls, you can ensure that <literal>USE_CRYPTO_NATIVE</literal>  
348 - is defined, <literal>USE_CRYPTO_GNUTLS</literal> is not defined,  
349 - and <literal>DEFAULT_CRYPTO</literal> is defined to 350 + gnutls or openssl, you can ensure that
  351 + <literal>USE_CRYPTO_NATIVE</literal> is defined,
  352 + <literal>USE_CRYPTO_GNUTLS</literal> is not defined, and
  353 + <literal>DEFAULT_CRYPTO</literal> is defined to
350 <literal>"native"</literal>. Then you must include the source 354 <literal>"native"</literal>. Then you must include the source
351 files used in the native implementation, some of which were added 355 files used in the native implementation, some of which were added
352 or renamed from earlier versions, to your build, and you can 356 or renamed from earlier versions, to your build, and you can
@@ -4796,6 +4800,35 @@ print &quot;\n&quot;; @@ -4796,6 +4800,35 @@ print &quot;\n&quot;;
4796 </listitem> 4800 </listitem>
4797 <listitem> 4801 <listitem>
4798 <para> 4802 <para>
  4803 + Build/Packaging Changes
  4804 + </para>
  4805 + <itemizedlist>
  4806 + <listitem>
  4807 + <para>
  4808 + Add a <literal>openssl</literal> crypto provider, which is
  4809 + implemented with OpenSSL and also works with BoringSSL.
  4810 + Thanks to Dean Scarff for this contribution. If you maintain
  4811 + qpdf for a distribution, pay special attention to make sure
  4812 + that you are including support for the crypto providers you
  4813 + want. Package maintainers will have to weigh the advantages
  4814 + of allowing users to pick a crypto provider at runtime
  4815 + against the disadvantages of adding more dependencies to
  4816 + qpdf.
  4817 + </para>
  4818 + </listitem>
  4819 + <listitem>
  4820 + <para>
  4821 + Allow qpdf to built on stripped down systems whose C/C++
  4822 + libraries lack the <classname>wchar_t</classname> type.
  4823 + Search for <classname>wchar_t</classname> in qpdf's
  4824 + README.md for details. This should be very rare, but it is
  4825 + known to be helpful in some embedded environments.
  4826 + </para>
  4827 + </listitem>
  4828 + </itemizedlist>
  4829 + </listitem>
  4830 + <listitem>
  4831 + <para>
4799 CLI Enhancements 4832 CLI Enhancements
4800 </para> 4833 </para>
4801 <itemizedlist> 4834 <itemizedlist>
@@ -4944,22 +4977,6 @@ print &quot;\n&quot;; @@ -4944,22 +4977,6 @@ print &quot;\n&quot;;
4944 </listitem> 4977 </listitem>
4945 </itemizedlist> 4978 </itemizedlist>
4946 </listitem> 4979 </listitem>
4947 - <listitem>  
4948 - <para>  
4949 - Build Changes  
4950 - </para>  
4951 - <itemizedlist>  
4952 - <listitem>  
4953 - <para>  
4954 - Allow qpdf to built on stripped down systems whose C/C++  
4955 - libraries lack the <classname>wchar_t</classname> type.  
4956 - Search for <classname>wchar_t</classname> in qpdf's  
4957 - README.md for details. This should be very rare, but it is  
4958 - known to be helpful in some embedded environments.  
4959 - </para>  
4960 - </listitem>  
4961 - </itemizedlist>  
4962 - </listitem>  
4963 </itemizedlist> 4980 </itemizedlist>
4964 </listitem> 4981 </listitem>
4965 </varlistentry> 4982 </varlistentry>