Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Get Qt Extensions
  • Unsolved
Collapse
Brand Logo
  1. Home
  2. General talk
  3. Brainstorm
  4. Brainstorm: Qt SSL is based on OpenSSL (C). Why not change to Botan (C++) ?
Forum Updated to NodeBB v4.3 + New Features

Brainstorm: Qt SSL is based on OpenSSL (C). Why not change to Botan (C++) ?

Scheduled Pinned Locked Moved Unsolved Brainstorm
17 Posts 7 Posters 3.8k Views 4 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • S SeppyQT

    @sierdzio

    commercial products are usign OpenSSL too? Hasn't Microsoft a SSL Implementation in their API?

    sierdzioS Offline
    sierdzioS Offline
    sierdzio
    Moderators
    wrote on last edited by
    #4

    @SeppyQT said in Brainstorm: Qt SSL is based on OpenSSL (C). Why not change to Botan (C++) ?:

    @sierdzio

    commercial products are usign OpenSSL too?

    Yes.

    Hasn't Microsoft a SSL Implementation in their API?

    I don't know.

    (Z(:^

    S 1 Reply Last reply
    0
    • sierdzioS sierdzio

      @SeppyQT said in Brainstorm: Qt SSL is based on OpenSSL (C). Why not change to Botan (C++) ?:

      @sierdzio

      commercial products are usign OpenSSL too?

      Yes.

      Hasn't Microsoft a SSL Implementation in their API?

      I don't know.

      S Offline
      S Offline
      SeppyQT
      wrote on last edited by
      #5

      @sierdzio

      I know BoringSSL from Google is an OpenSSL fork.

      Is s2n from Amazon based on OpenSSL?

      So what SSL Implementations are there which are not based on OpenSSL?

      Botan
      GnuTLS
      MatrixSSL (Now InsideSecure SSL Toolkit)
      BouncyCastle
      JSSE (Oracle)
      mbedTLS
      SChannel
      NSS (Mozilla)
      the one from Apple

      1 Reply Last reply
      0
      • sierdzioS Offline
        sierdzioS Offline
        sierdzio
        Moderators
        wrote on last edited by
        #6

        I don't know, it's not really my area. I know I've used only OpenSSL, and when I had to use the library itself it was quite easy to find/make custom C++ wrappers for it (example: https://github.com/milosolutions/mcrypto).

        I don't quite get the purpose and current direction of this conversation anymore. Do you want to replace OpenSSL use in Qt with anything other than OpenSSL? Are you looking for a good crypto library for your own project?

        (Z(:^

        S 1 Reply Last reply
        0
        • sierdzioS sierdzio

          I don't know, it's not really my area. I know I've used only OpenSSL, and when I had to use the library itself it was quite easy to find/make custom C++ wrappers for it (example: https://github.com/milosolutions/mcrypto).

          I don't quite get the purpose and current direction of this conversation anymore. Do you want to replace OpenSSL use in Qt with anything other than OpenSSL? Are you looking for a good crypto library for your own project?

          S Offline
          S Offline
          SeppyQT
          wrote on last edited by
          #7

          @sierdzio

          I was wondering why OpenSSL is used in many projects even there are suitable Alternatives for it. Like Botan as C++ library for C++ Projects.

          K sierdzioS 2 Replies Last reply
          0
          • S SeppyQT

            @sierdzio

            I was wondering why OpenSSL is used in many projects even there are suitable Alternatives for it. Like Botan as C++ library for C++ Projects.

            K Offline
            K Offline
            Konstantin Tokarev
            wrote on last edited by
            #8

            Because OpenSSL is industry standard

            1 Reply Last reply
            3
            • S SeppyQT

              @sierdzio

              I was wondering why OpenSSL is used in many projects even there are suitable Alternatives for it. Like Botan as C++ library for C++ Projects.

              sierdzioS Offline
              sierdzioS Offline
              sierdzio
              Moderators
              wrote on last edited by
              #9

              @SeppyQT said in Brainstorm: Qt SSL is based on OpenSSL (C). Why not change to Botan (C++) ?:

              @sierdzio

              I was wondering why OpenSSL is used in many projects even there are suitable Alternatives for it. Like Botan as C++ library for C++ Projects.

              As Konstantin said. And it is an industry standard because:

              • history
              • it works
              • it's stable
              • it's been audited multiple times
              • people are trying to break it constantly
              • and yet it remains secure

              (Z(:^

              1 Reply Last reply
              2
              • S SeppyQT

                Hallo Community,

                as far as I know Qt SSL requires OpenSSL. OpenSSL is C.

                There is a C++ SSL Implementation called Botan. It looks nicer for me.

                Since Qt is C++ it would make sense to stick with C++ Libraries as well.

                Botan is Apache License 2.0.

                What's the most annoying thing on C Code is: I checked their (OpenSSL and GNUTLS) DTLS examples:
                All Variables are declared on the top of the function which forces you to remember their type (if you are not reading the code in the IDE which shows the type in a tooltip). Usage of Makros doesn't help since the types are not shown there. Especially they are polluting the global space with Enums and MAKROs.

                In my opinion C++ Libraries are making less headaches.

                JKSHJ Offline
                JKSHJ Offline
                JKSH
                Moderators
                wrote on last edited by
                #10

                @SeppyQT said in Brainstorm: Qt SSL is based on OpenSSL (C). Why not change to Botan (C++) ?:

                In my opinion C++ Libraries are making less headaches.

                What headaches did you encounter while trying to use SSL in Qt? How will switching from OpenSSL to Botan cure those headaches?

                Qt Doc Search for browsers: forum.qt.io/topic/35616/web-browser-extension-for-improved-doc-searches

                S 1 Reply Last reply
                0
                • T Offline
                  T Offline
                  T-ark
                  Banned
                  wrote on last edited by
                  #11
                  This post is deleted!
                  1 Reply Last reply
                  0
                  • JKSHJ JKSH

                    @SeppyQT said in Brainstorm: Qt SSL is based on OpenSSL (C). Why not change to Botan (C++) ?:

                    In my opinion C++ Libraries are making less headaches.

                    What headaches did you encounter while trying to use SSL in Qt? How will switching from OpenSSL to Botan cure those headaches?

                    S Offline
                    S Offline
                    SeppyQT
                    wrote on last edited by
                    #12

                    @JKSH

                    I am working on multiple projects (which are connected). One was DTLS GUI and DTLS console.

                    Now I am trying to build a GUI Cert Manager to partially automate my Certificate creation (for internal use).

                    Is it possible to create a CA root Certificate ?
                    And sign other certs with it?

                    Pablo J. RoginaP JKSHJ 2 Replies Last reply
                    0
                    • K Offline
                      K Offline
                      Konstantin Tokarev
                      wrote on last edited by
                      #13

                      This doesn't have anything to do with Qt. Just read openssl manuals, it allows to create CA and sign certificates with a few simple commands

                      1 Reply Last reply
                      1
                      • S SeppyQT

                        @JKSH

                        I am working on multiple projects (which are connected). One was DTLS GUI and DTLS console.

                        Now I am trying to build a GUI Cert Manager to partially automate my Certificate creation (for internal use).

                        Is it possible to create a CA root Certificate ?
                        And sign other certs with it?

                        Pablo J. RoginaP Offline
                        Pablo J. RoginaP Offline
                        Pablo J. Rogina
                        wrote on last edited by
                        #14

                        @SeppyQT said in Brainstorm: Qt SSL is based on OpenSSL (C). Why not change to Botan (C++) ?:

                        Is it possible to create a CA root Certificate ?
                        And sign other certs with it?

                        yes, you'll be creating self-signed certificates so be aware that such certificates are not meant to be used in a public environment as browsers or tools (i.e. curl) will refuse (at least initially) to create the secure connection

                        And with this question it looks like you're slightly moving away from the original topic. Would it be worth to create a new post for that?

                        Upvote the answer(s) that helped you solve the issue
                        Use "Topic Tools" button to mark your post as Solved
                        Add screenshots via postimage.org
                        Don't ask support requests via chat/PM. Please use the forum so others can benefit from the solution in the future

                        1 Reply Last reply
                        1
                        • S SeppyQT

                          @JKSH

                          I am working on multiple projects (which are connected). One was DTLS GUI and DTLS console.

                          Now I am trying to build a GUI Cert Manager to partially automate my Certificate creation (for internal use).

                          Is it possible to create a CA root Certificate ?
                          And sign other certs with it?

                          JKSHJ Offline
                          JKSHJ Offline
                          JKSH
                          Moderators
                          wrote on last edited by
                          #15

                          @SeppyQT said in Brainstorm: Qt SSL is based on OpenSSL (C). Why not change to Botan (C++) ?:

                          I am working on multiple projects (which are connected). One was DTLS GUI and DTLS console.

                          Now I am trying to build a GUI Cert Manager to partially automate my Certificate creation (for internal use).

                          Is it possible to create a CA root Certificate ?
                          And sign other certs with it?

                          I still don't see how switching to Botan will help anyone.

                          Qt Doc Search for browsers: forum.qt.io/topic/35616/web-browser-extension-for-improved-doc-searches

                          S 1 Reply Last reply
                          1
                          • JKSHJ JKSH

                            @SeppyQT said in Brainstorm: Qt SSL is based on OpenSSL (C). Why not change to Botan (C++) ?:

                            I am working on multiple projects (which are connected). One was DTLS GUI and DTLS console.

                            Now I am trying to build a GUI Cert Manager to partially automate my Certificate creation (for internal use).

                            Is it possible to create a CA root Certificate ?
                            And sign other certs with it?

                            I still don't see how switching to Botan will help anyone.

                            S Offline
                            S Offline
                            SlySven
                            wrote on last edited by
                            #16

                            One issue for GPLed projects is the licence terms for OpenSSL (at least for the 1.x versions) they include a couple of advertising clauses which means that it cannot be distributed with something that is licenced with the GPL (either 2.0 or 3.0)! This isn't a new issue https://bugreports.qt.io/browse/QTBUG-38400 dates from 2014 - yet strangely there is this blog from a KDE person about their experiments with making a Qt wrapper around GNUTLS in 2012 https://blogs.kde.org/2012/01/14/using-gnutls-qtcpsocket .

                            Pablo J. RoginaP 1 Reply Last reply
                            0
                            • S SlySven

                              One issue for GPLed projects is the licence terms for OpenSSL (at least for the 1.x versions) they include a couple of advertising clauses which means that it cannot be distributed with something that is licenced with the GPL (either 2.0 or 3.0)! This isn't a new issue https://bugreports.qt.io/browse/QTBUG-38400 dates from 2014 - yet strangely there is this blog from a KDE person about their experiments with making a Qt wrapper around GNUTLS in 2012 https://blogs.kde.org/2012/01/14/using-gnutls-qtcpsocket .

                              Pablo J. RoginaP Offline
                              Pablo J. RoginaP Offline
                              Pablo J. Rogina
                              wrote on last edited by
                              #17

                              @SlySven you may want to watch BUG-76499 as the Qt developers are seeking to upgrade the API for cryptography.

                              Upvote the answer(s) that helped you solve the issue
                              Use "Topic Tools" button to mark your post as Solved
                              Add screenshots via postimage.org
                              Don't ask support requests via chat/PM. Please use the forum so others can benefit from the solution in the future

                              1 Reply Last reply
                              2

                              • Login

                              • Login or register to search.
                              • First post
                                Last post
                              0
                              • Categories
                              • Recent
                              • Tags
                              • Popular
                              • Users
                              • Groups
                              • Search
                              • Get Qt Extensions
                              • Unsolved