2005-05-04 12:02:50 +00:00
|
|
|
* update the README
|
2006-01-16 20:12:20 +00:00
|
|
|
* special thanks to Jack Lloyd
|
2006-02-28 09:10:48 +00:00
|
|
|
* mac universal binary support?
|
|
|
|
|
* be sure to turn ALL .pro files (examples, everything) on release mode
|
2006-04-08 03:18:44 +00:00
|
|
|
* option to build qca with simultaneous debug and release, similar to qt?
|
2004-12-31 09:19:59 +00:00
|
|
|
|
2004-09-27 21:41:50 +00:00
|
|
|
* API documentation
|
2005-02-25 10:35:17 +00:00
|
|
|
think about documenting the various providers (qcaprovider.h)
|
2005-07-31 05:13:15 +00:00
|
|
|
Change Doxyfile config to capture whole API, and to generate Latex manual.
|
2004-12-31 09:19:59 +00:00
|
|
|
|
2006-11-13 07:33:28 +00:00
|
|
|
* beta4
|
|
|
|
|
api:
|
2007-04-01 18:18:10 +00:00
|
|
|
some functions report availability of "sub"features without having context
|
|
|
|
|
with a specific provider (that is, the functions are not members of an
|
|
|
|
|
instance owned by a provider, nor is a provider necessarily specified
|
|
|
|
|
as an argument to the function). in these cases, if a feature is
|
|
|
|
|
reported as being available, it is not clear how the app can actually
|
|
|
|
|
use the feature. For example, if the static method TLS::canCompress()
|
|
|
|
|
returns true, it is entirely possible that when the application creates
|
|
|
|
|
a "new TLS;" instance, it won't be served by a provider that supports
|
|
|
|
|
compression. possibly offending functions:
|
|
|
|
|
qca_publickey.h:
|
|
|
|
|
supportedGroupSets
|
|
|
|
|
supportedTypes
|
|
|
|
|
supportedIOTypes
|
|
|
|
|
supportedPBEAlgorithms
|
|
|
|
|
qca_cert.h:
|
|
|
|
|
canUseFormat
|
|
|
|
|
canUsePKCS7
|
|
|
|
|
qca_securelayer.h
|
|
|
|
|
supportedCipherSuites
|
|
|
|
|
canCompress
|
2006-04-03 07:34:44 +00:00
|
|
|
cert extensions
|
2007-04-04 23:57:09 +00:00
|
|
|
fixup subjectInfoOrdered to handle all DN parts (oids) ?
|
2007-04-01 18:18:10 +00:00
|
|
|
crl URIs
|
|
|
|
|
policy info beyond OID
|
2006-04-10 06:16:05 +00:00
|
|
|
OCSP ?
|
2007-01-05 05:49:42 +00:00
|
|
|
random: either find a way to always provide good random numbers,
|
|
|
|
|
or add an indicator as to whether the numbers can be
|
|
|
|
|
trusted.
|
2006-04-11 09:28:08 +00:00
|
|
|
tls extensions: hostname and ocsp stapling
|
2007-04-07 21:54:46 +00:00
|
|
|
tls: SSL_get_client_CA_list
|
2007-04-01 01:40:27 +00:00
|
|
|
QSecureArray/QBigInteger -> QCA::SecureArray/QCA::BigInteger ?
|
2007-04-04 23:57:09 +00:00
|
|
|
alon: convertToPublic should return a publickey rather than clone?
|
|
|
|
|
ability to create PKCS#1 without using direct low level crypto.
|
2007-04-05 22:02:01 +00:00
|
|
|
reporting diagnostic text at the provider level?
|
2007-04-07 21:54:46 +00:00
|
|
|
EmailAlt, don't merge with Email when using CertificateInfoOrdered
|
|
|
|
|
friendly entry name generator for certs
|
|
|
|
|
ability to convert infoOrdered to DN-string
|
|
|
|
|
document which functions might cause a synchronous asker?
|
2006-02-28 09:10:48 +00:00
|
|
|
code:
|
2007-04-08 02:33:05 +00:00
|
|
|
keystore async mode
|
|
|
|
|
keystore watcher
|
2007-04-04 23:57:09 +00:00
|
|
|
fix the locking stuff in qca_core
|
|
|
|
|
allow logger to be used from anywhere
|
2007-04-01 04:07:22 +00:00
|
|
|
global random thread-safety?
|
2007-03-30 00:33:30 +00:00
|
|
|
tls/sasl
|
2006-02-28 09:10:48 +00:00
|
|
|
dirwatch: thread safety
|
|
|
|
|
dirwatch: test on all platforms
|
2006-04-03 07:34:44 +00:00
|
|
|
qca-openssl: ca signing
|
|
|
|
|
synchronizer should lazy-start the thread
|
|
|
|
|
proper parenting of all objects
|
2006-02-28 09:10:48 +00:00
|
|
|
qca-gnupg: ignore newlines from passphrase, to avoid advancing command-fd
|
2007-02-19 04:40:46 +00:00
|
|
|
qca-cyrussasl: make this plugin (use misha's patch to qca-sasl)
|
|
|
|
|
sasl example
|
2007-03-29 03:25:35 +00:00
|
|
|
qcatool TODOs
|
2007-03-30 00:33:30 +00:00
|
|
|
constraints stuff seems messed up. why are constraints auto-added by
|
|
|
|
|
qca-openssl?
|
2007-04-07 21:54:46 +00:00
|
|
|
qca-cyrus-sasl:
|
|
|
|
|
there's a problem where we can create the provider, and not create
|
|
|
|
|
a saslContext, and then the destructor depends on uninitialised values
|
|
|
|
|
(to see this, valgrind staticunittest).
|
2006-02-28 09:10:48 +00:00
|
|
|
other:
|
2007-04-01 18:18:10 +00:00
|
|
|
krazy warnings
|
2006-02-28 09:10:48 +00:00
|
|
|
Update to latest Botan, and remake the botantools patch as appropriate
|
2006-04-29 06:45:36 +00:00
|
|
|
- remove u32bit miller_rabin_test_iterations(u32bit bits, bool verify)
|
2006-02-28 09:10:48 +00:00
|
|
|
ability to compile plugins in statically (check 'plugins' subdir)
|
|
|
|
|
|
2007-04-07 21:54:46 +00:00
|
|
|
* test1
|
|
|
|
|
code:
|
|
|
|
|
core: properties
|
|
|
|
|
cert: rfc 2818 hostname validation
|
|
|
|
|
publickey/cert cleanup
|
|
|
|
|
securemessage
|
|
|
|
|
tls
|
|
|
|
|
sasl
|
|
|
|
|
keystore: cleanup
|
|
|
|
|
don't allow smart card providers to be used by default
|
|
|
|
|
|
2006-02-28 09:10:48 +00:00
|
|
|
* Considerations
|
|
|
|
|
api:
|
2005-07-28 12:17:09 +00:00
|
|
|
Q_DISABLE_COPY on some objects
|
|
|
|
|
give all classes non-default ctors/dtors/copy/op=, and dpointers?
|
|
|
|
|
add more "getters" to the library?
|
|
|
|
|
don't forget to QCA_EXPORT everything
|
|
|
|
|
it's possible we use QSecureArray in some unnecessary places
|
|
|
|
|
other:
|
2007-04-07 21:54:46 +00:00
|
|
|
add more asserts
|
2005-07-28 12:17:09 +00:00
|
|
|
standardize on count() vs size() when iterating?
|
|
|
|
|
printf + latin1()/toLatin1() -> qPrintable() ? (in code/examples/docs/etc)
|
2004-11-17 00:28:34 +00:00
|
|
|
|
2004-12-31 09:19:59 +00:00
|
|
|
* examples
|
|
|
|
|
create example for BigInteger
|
2006-03-26 05:53:59 +00:00
|
|
|
create example for OpenPGP
|
|
|
|
|
create example for CMS
|
2005-04-10 01:49:49 +00:00
|
|
|
fix SASL examples (client and server)
|
2004-12-31 09:19:59 +00:00
|
|
|
|
2006-03-26 05:53:59 +00:00
|
|
|
* Additional unit tests (using QTestLib):
|
|
|
|
|
- OpenPGP
|
|
|
|
|
- CMS
|
|
|
|
|
- TLS ?
|
|
|
|
|
- SASL ?
|
|
|
|
|
- QPipe
|
|
|
|
|
- FileWatch / DirWatch
|
|
|
|
|
- Complete the pkits tests
|
|
|
|
|
|
2004-11-17 00:28:34 +00:00
|
|
|
* write plugin support
|
2004-12-30 10:24:21 +00:00
|
|
|
qca-botan: implement
|
2004-12-31 09:19:59 +00:00
|
|
|
qca-egads (or qca-egd): implement for Random support
|
2004-11-17 00:28:34 +00:00
|
|
|
|
2005-01-17 12:17:33 +00:00
|
|
|
* possibilities for the future:
|
2007-04-07 21:54:46 +00:00
|
|
|
internally managed intermediate object storage
|
2006-02-28 09:10:48 +00:00
|
|
|
securemessage: algorithm selection for cms/pgp (and use SecurityLevel?)
|
|
|
|
|
tls: renegotiation
|
2005-01-17 20:11:53 +00:00
|
|
|
Key wrapping - RFC3217 and RFC3394
|
2005-02-25 10:35:17 +00:00
|
|
|
quoted-printable TextFilter
|
2005-07-31 05:13:15 +00:00
|
|
|
keygen on smart cards
|
|
|
|
|
keystore: symmetric keys, arbitrary app data
|
2006-01-16 20:12:20 +00:00
|
|
|
cms: fine-grained control over smime attribs
|
2005-06-05 08:50:43 +00:00
|
|
|
providers for:
|
|
|
|
|
Mozilla NSS
|
|
|
|
|
Windows CryptoAPI
|
|
|
|
|
Linux kernel crypto support, if the userspace API ever gets sorted out
|
|
|
|
|
Intel Performance Primatives library
|
2005-01-17 12:17:33 +00:00
|
|
|
|
