On Windows gpg uses ANSI codepage to output homedir and keyrings
paths. No way to output in utf-8. Gpg returns utf-8 strings output
only when --with-colons option is used.
When no keys 'gpg --list-keys' doesn't return path to keyring file.
Path is needest for watching to know when keys added or removed.
Use default keyrings path based on GnuPG home directory. This
directory gets with output 'gpg --version'. Line which starts with
'Home: ' contains GnuPG home directory. I believe it is correct
for GnuPG always and won't be changed in the future.
LibreSSL >= 2.3.0 removed support for SHA-0, so there's no EVP_sha
anymore.
Wikipedia says about SHA-0: "160-bit hash function published in 1993
under the name SHA. It was withdrawn shortly after publication due to
an undisclosed "significant flaw" and replaced by the slightly revised
version SHA-1.'
REVIEW: 125387
This fixes building with LibreSSL >= 2.3.0 which has removed support
for SSLv3 completely. As far as I know OpenSSL can be configured to
build without it, so it might be helpful there as well.
REVIEW: 125386
libressl removed the SSL Compression functionality (which might
be considered insecure) and thus also compress_meth.
SSL_SESSION_get_compress_id is just a stub in libressl which always
returns 0 and in openssl it returns compress_meth.
REVIEW: 121107
1. SafeTimer now is common and public class. All plugins use this
implementation.
2. Added debug messages in SafeTimer. Uncomment SAFETIMER_DEBUG to
enable.
3. TimerFixer skips SafeTimer objects. No need extra fixes for
SafeTimer. But can be problems with children of SafeTimer I
believe no such.
Ignore KEYEXPIRED which will be thrown for any expired subkey regardless
of being related to the current operation. Instead, use EXPKEYSIG,
REVKEYSIG, EXPSIG and INV_RECP accordingly.
Add new errors QCA::SecureMessage::{ErrorSignerRevoked,
ErrorSignatureExpired,
ErrorEncryptRevoked}.
Due to GnuPG bug #1650 <https://bugs.g10code.com/gnupg/issue1650>
encrypting to an expired or revoked key will omit the reason for failing,
resulting in the error code QCA::SecureMessage::ErrorEncryptInvalid.
REVIEW: 118567
On Windows when compiling with Visual Studio will be produced special
.pdb files for debuggins purposes. It must be put next to target
runtime (.dll or .exe) file.
Do not try to guess the result size. It rely with particular
algo and some other factors and so can be any. Just use
Pipe::remaining() for this purpose.
Overloaded "makeKey" in QCA::KeyDerivationFunction + botan/gcrypt/ossl plugins
to allow deriving a master password depending on a time factor in addition to
only giving an arbitrary iteration count.
Deriving with a time delays exhaustive research on master passwords by
increasing the time needed to try each password (the derivation time)
Added corresponding unittests.
REVIEW: 114503
Added new cmake variable SHARED_LIBRARY. By default is on.
When it is off QCA library, plugins, tools, examples and unittests
will be built as static. Also if is used static Qt plugins will be
built as static. Tested with Qt4.
