diff --git a/.gitignore b/.gitignore index 4378dbb..40511aa 100644 --- a/.gitignore +++ b/.gitignore @@ -23,3 +23,15 @@ /AusweisApp-2.2.2.tar.gz /AusweisApp-2.2.2.tar.gz.asc /AusweisApp-2.2.2.tar.gz.sha256 +/AusweisApp-2.3.0.tar.gz +/AusweisApp-2.3.0.tar.gz.asc +/AusweisApp-2.3.0.tar.gz.sha256 +/AusweisApp-2.3.1.tar.gz +/AusweisApp-2.3.1.tar.gz.asc +/AusweisApp-2.3.1.tar.gz.sha256 +/AusweisApp-2.3.2.tar.gz +/AusweisApp-2.3.2.tar.gz.asc +/AusweisApp-2.3.2.tar.gz.sha256 +/AusweisApp-2.4.0.tar.gz +/AusweisApp-2.4.0.tar.gz.asc +/AusweisApp-2.4.0.tar.gz.sha256 diff --git a/AusweisApp2-2.0.1-use-legacy-openssl-api.patch b/0001-Use-legacy-OpenSSL-API.patch similarity index 65% rename from AusweisApp2-2.0.1-use-legacy-openssl-api.patch rename to 0001-Use-legacy-OpenSSL-API.patch index aa752ff..c05c9b5 100644 --- a/AusweisApp2-2.0.1-use-legacy-openssl-api.patch +++ b/0001-Use-legacy-OpenSSL-API.patch @@ -1,24 +1,23 @@ -From 360d75e9ac2977a99b3e45e0e472a0abb02655cf Mon Sep 17 00:00:00 2001 +From f5d48a49ea7055b7d4edf5f1398557b475419fb9 Mon Sep 17 00:00:00 2001 From: rpm-build -Date: Thu, 4 Jul 2024 20:10:17 +0200 -Subject: [PATCH] AusweisApp2-2.0.1-use-legacy-openssl-api.patch +Date: Thu, 30 Oct 2025 13:51:15 +0100 +Subject: [PATCH] Use legacy OpenSSL API --- - src/card/base/asn1/EcdsaPublicKey.cpp | 39 ------ + src/card/base/asn1/EcdsaPublicKey.cpp | 39 ----- src/card/base/asn1/EcdsaPublicKey.h | 6 +- - src/card/base/pace/ec/EcdhGenericMapping.cpp | 15 --- - src/card/base/pace/ec/EcdhGenericMapping.h | 4 - - src/card/base/pace/ec/EcdhKeyAgreement.cpp | 7 - - src/card/base/pace/ec/EcUtil.cpp | 134 ------------------- + src/card/base/pace/ec/EcUtil.cpp | 145 ------------------- src/card/base/pace/ec/EcUtil.h | 12 -- - src/card/simulator/SimulatorCard.cpp | 45 +------ + src/card/base/pace/ec/EcdhGenericMapping.cpp | 5 - + src/card/base/pace/ec/EcdhGenericMapping.h | 4 - + src/card/simulator/SimulatorCard.cpp | 37 ----- src/card/simulator/SimulatorCard.h | 4 - src/card/simulator/SimulatorFileSystem.cpp | 9 -- src/card/simulator/SimulatorFileSystem.h | 4 - - 11 files changed, 2 insertions(+), 277 deletions(-) + 10 files changed, 1 insertion(+), 264 deletions(-) diff --git a/src/card/base/asn1/EcdsaPublicKey.cpp b/src/card/base/asn1/EcdsaPublicKey.cpp -index ea07eda..0f19c11 100644 +index 7f54045..dc7e26b 100644 --- a/src/card/base/asn1/EcdsaPublicKey.cpp +++ b/src/card/base/asn1/EcdsaPublicKey.cpp @@ -182,7 +182,6 @@ QByteArray EcdsaPublicKey::getUncompressedPublicPoint() const @@ -52,15 +51,15 @@ index ea07eda..0f19c11 100644 -#else - const auto& params = EcUtil::create([&curveData, pPublicPoint, pPublicPointLength, this](OSSL_PARAM_BLD* pBuilder){ -- return OSSL_PARAM_BLD_push_BN(pBuilder, "p", curveData.p.data()) -- && OSSL_PARAM_BLD_push_BN(pBuilder, "a", curveData.a.data()) -- && OSSL_PARAM_BLD_push_BN(pBuilder, "b", curveData.b.data()) -- && OSSL_PARAM_BLD_push_BN(pBuilder, "order", curveData.order.data()) -- && OSSL_PARAM_BLD_push_BN(pBuilder, "cofactor", curveData.cofactor.data()) -- && OSSL_PARAM_BLD_push_octet_string(pBuilder, "pub", pPublicPoint, static_cast(pPublicPointLength)) -- && OSSL_PARAM_BLD_push_octet_string(pBuilder, "generator", mBasePoint->data, static_cast(mBasePoint->length)) -- && OSSL_PARAM_BLD_push_utf8_string(pBuilder, "field-type", "prime-field", 12); -- }); +- return OSSL_PARAM_BLD_push_BN(pBuilder, "p", curveData.p.data()) +- && OSSL_PARAM_BLD_push_BN(pBuilder, "a", curveData.a.data()) +- && OSSL_PARAM_BLD_push_BN(pBuilder, "b", curveData.b.data()) +- && OSSL_PARAM_BLD_push_BN(pBuilder, "order", curveData.order.data()) +- && OSSL_PARAM_BLD_push_BN(pBuilder, "cofactor", curveData.cofactor.data()) +- && OSSL_PARAM_BLD_push_octet_string(pBuilder, "pub", pPublicPoint, static_cast(pPublicPointLength)) +- && OSSL_PARAM_BLD_push_octet_string(pBuilder, "generator", mBasePoint->data, static_cast(mBasePoint->length)) +- && OSSL_PARAM_BLD_push_utf8_string(pBuilder, "field-type", "prime-field", 12); +- }); - - if (params == nullptr) - { @@ -87,7 +86,7 @@ index ea07eda..0f19c11 100644 -#endif } diff --git a/src/card/base/asn1/EcdsaPublicKey.h b/src/card/base/asn1/EcdsaPublicKey.h -index 36f768e..45f78ec 100644 +index 860bc74..c85e48b 100644 --- a/src/card/base/asn1/EcdsaPublicKey.h +++ b/src/card/base/asn1/EcdsaPublicKey.h @@ -13,9 +13,7 @@ @@ -111,96 +110,16 @@ index 36f768e..45f78ec 100644 public: static int decodeCallback(int pOperation, ASN1_VALUE** pVal, const ASN1_ITEM* pIt, void* pExarg); -diff --git a/src/card/base/pace/ec/EcdhGenericMapping.cpp b/src/card/base/pace/ec/EcdhGenericMapping.cpp -index 3e2d1d4..1a8e6a2 100644 ---- a/src/card/base/pace/ec/EcdhGenericMapping.cpp -+++ b/src/card/base/pace/ec/EcdhGenericMapping.cpp -@@ -37,13 +37,8 @@ QByteArray EcdhGenericMapping::generateLocalMappingData() - - mLocalKey = EcUtil::generateKey(mCurve); - --#if OPENSSL_VERSION_NUMBER >= 0x30000000L -- return EcUtil::getEncodedPublicKey(mLocalKey); -- --#else - return EcUtil::point2oct(mCurve, EC_KEY_get0_public_key(mLocalKey.data())); - --#endif - } - - -@@ -56,12 +51,7 @@ bool EcdhGenericMapping::generateEphemeralDomainParameters(const QByteArray& pRe - return false; - } - --#if OPENSSL_VERSION_NUMBER >= 0x30000000L -- const QSharedPointer localPubKeyPtr = EcUtil::oct2point(mCurve, EcUtil::getEncodedPublicKey(mLocalKey)); -- const EC_POINT* localPubKey = localPubKeyPtr.data(); --#else - const EC_POINT* localPubKey = EC_KEY_get0_public_key(mLocalKey.data()); --#endif - if (!EC_POINT_cmp(mCurve.data(), localPubKey, remotePubKey.data(), nullptr)) - { - qCCritical(card) << "The exchanged public keys are equal."; -@@ -81,12 +71,7 @@ bool EcdhGenericMapping::generateEphemeralDomainParameters(const QByteArray& pRe - - QSharedPointer EcdhGenericMapping::createNewGenerator(const QSharedPointer& pRemotePubKey, const QSharedPointer& pS) - { --#if OPENSSL_VERSION_NUMBER >= 0x30000000L -- const auto& privKeyPtr = EcUtil::getPrivateKey(mLocalKey); -- const BIGNUM* privKey = privKeyPtr.data(); --#else - const BIGNUM* privKey = EC_KEY_get0_private_key(mLocalKey.data()); --#endif - - if (!privKey) - { -diff --git a/src/card/base/pace/ec/EcdhGenericMapping.h b/src/card/base/pace/ec/EcdhGenericMapping.h -index bdfa5a8..dea4bf0 100644 ---- a/src/card/base/pace/ec/EcdhGenericMapping.h -+++ b/src/card/base/pace/ec/EcdhGenericMapping.h -@@ -22,11 +22,7 @@ class EcdhGenericMapping - - private: - const QSharedPointer mCurve; --#if OPENSSL_VERSION_NUMBER >= 0x30000000L -- QSharedPointer mLocalKey; --#else - QSharedPointer mLocalKey; --#endif - - QSharedPointer createNewGenerator(const QSharedPointer& pRemotePubKey, const QSharedPointer& pS); - -diff --git a/src/card/base/pace/ec/EcdhKeyAgreement.cpp b/src/card/base/pace/ec/EcdhKeyAgreement.cpp -index 0f0ae09..45c8a76 100644 ---- a/src/card/base/pace/ec/EcdhKeyAgreement.cpp -+++ b/src/card/base/pace/ec/EcdhKeyAgreement.cpp -@@ -96,15 +96,8 @@ KeyAgreement::CardResult EcdhKeyAgreement::performKeyExchange() - return {CardReturnCode::PROTOCOL_ERROR}; - } - --#if OPENSSL_VERSION_NUMBER >= 0x30000000L -- const QByteArray terminalEphemeralPublicKeyBytes = EcUtil::getEncodedPublicKey(terminalEphemeralKey); -- -- const auto& privKeyPtr = EcUtil::getPrivateKey(terminalEphemeralKey); -- const BIGNUM* terminalEphemeralPrivateKey = privKeyPtr.data(); --#else - const QByteArray terminalEphemeralPublicKeyBytes = EcUtil::point2oct(curve, EC_KEY_get0_public_key(terminalEphemeralKey.data())); - const BIGNUM* const terminalEphemeralPrivateKey = EC_KEY_get0_private_key(terminalEphemeralKey.data()); --#endif - - // Make a copy of the terminal public key for later mutual authentication. - mTerminalPublicKey = EcUtil::oct2point(curve, terminalEphemeralPublicKeyBytes); diff --git a/src/card/base/pace/ec/EcUtil.cpp b/src/card/base/pace/ec/EcUtil.cpp -index 10db88f..5c0ff53 100644 +index 069ad81..546438f 100644 --- a/src/card/base/pace/ec/EcUtil.cpp +++ b/src/card/base/pace/ec/EcUtil.cpp -@@ -103,137 +103,6 @@ QSharedPointer EcUtil::oct2point(const QSharedPointer& +@@ -103,148 +103,6 @@ QSharedPointer EcUtil::oct2point(const QSharedPointer& } -#if OPENSSL_VERSION_NUMBER >= 0x30000000L --QByteArray EcUtil::getEncodedPublicKey(const QSharedPointer& pKey) +-QByteArray EcUtil::getEncodedPublicKey(const QSharedPointer& pKey, bool pCompressed) -{ - if (pKey.isNull()) - { @@ -211,10 +130,16 @@ index 10db88f..5c0ff53 100644 - uchar* key = nullptr; - const size_t length = EVP_PKEY_get1_encoded_public_key(pKey.data(), &key); - const auto guard = qScopeGuard([key] { -- OPENSSL_free(key); -- }); +- OPENSSL_free(key); +- }); - -- return length > 0 ? QByteArray(reinterpret_cast(key), static_cast(length)) : QByteArray(); +- if (length == 0) +- { +- return QByteArray(); +- } +- +- const QByteArray uncompressed(reinterpret_cast(key), static_cast(length)); +- return pCompressed ? EcUtil::compressPoint(uncompressed) : uncompressed; -} - - @@ -230,8 +155,8 @@ index 10db88f..5c0ff53 100644 -{ - OSSL_PARAM_BLD* bld = OSSL_PARAM_BLD_new(); - const auto guard = qScopeGuard([bld] { -- OSSL_PARAM_BLD_free(bld); -- }); +- OSSL_PARAM_BLD_free(bld); +- }); - - if (bld == nullptr) - { @@ -239,8 +164,13 @@ index 10db88f..5c0ff53 100644 - return nullptr; - } - -- if (OSSL_PARAM* params = nullptr; -- pFunc(bld) && (params = OSSL_PARAM_BLD_to_param(bld)) != nullptr) +- if (!pFunc(bld)) +- { +- qCCritical(card) << "Cannot initialize parameter builder"; +- return nullptr; +- } +- +- if (OSSL_PARAM* params = OSSL_PARAM_BLD_to_param(bld); params != nullptr) - { - static auto deleter = [](OSSL_PARAM* pParam) - { @@ -289,14 +219,14 @@ index 10db88f..5c0ff53 100644 - } - - const auto& params = EcUtil::create([&p, &a, &b, &order, &cofactor, &generator](OSSL_PARAM_BLD* pBuilder){ -- return OSSL_PARAM_BLD_push_BN(pBuilder, "p", p.data()) -- && OSSL_PARAM_BLD_push_BN(pBuilder, "a", a.data()) -- && OSSL_PARAM_BLD_push_BN(pBuilder, "b", b.data()) -- && OSSL_PARAM_BLD_push_BN(pBuilder, "order", order.data()) -- && OSSL_PARAM_BLD_push_BN(pBuilder, "cofactor", cofactor.data()) -- && OSSL_PARAM_BLD_push_octet_string(pBuilder, "generator", generator.data(), static_cast(generator.size())) -- && OSSL_PARAM_BLD_push_utf8_string(pBuilder, "field-type", "prime-field", 12); -- }); +- return OSSL_PARAM_BLD_push_BN(pBuilder, "p", p.data()) +- && OSSL_PARAM_BLD_push_BN(pBuilder, "a", a.data()) +- && OSSL_PARAM_BLD_push_BN(pBuilder, "b", b.data()) +- && OSSL_PARAM_BLD_push_BN(pBuilder, "order", order.data()) +- && OSSL_PARAM_BLD_push_BN(pBuilder, "cofactor", cofactor.data()) +- && OSSL_PARAM_BLD_push_octet_string(pBuilder, "generator", generator.data(), static_cast(generator.size())) +- && OSSL_PARAM_BLD_push_utf8_string(pBuilder, "field-type", "prime-field", 12); +- }); - - if (params == nullptr) - { @@ -330,10 +260,10 @@ index 10db88f..5c0ff53 100644 - - -#else - QSharedPointer EcUtil::generateKey(const QSharedPointer& pCurve) + QByteArray EcUtil::getEncodedPublicKey(const QSharedPointer& pKey, bool pCompressed) { - if (pCurve.isNull()) -@@ -257,6 +126,3 @@ QSharedPointer EcUtil::generateKey(const QSharedPointer& + if (pKey.isNull()) +@@ -293,6 +151,3 @@ QSharedPointer EcUtil::generateKey(const QSharedPointer& return key; } @@ -341,35 +271,35 @@ index 10db88f..5c0ff53 100644 - -#endif diff --git a/src/card/base/pace/ec/EcUtil.h b/src/card/base/pace/ec/EcUtil.h -index b575341..f7db521 100644 +index 63eb16c..914c268 100644 --- a/src/card/base/pace/ec/EcUtil.h +++ b/src/card/base/pace/ec/EcUtil.h -@@ -32,9 +32,7 @@ class EcUtil +@@ -26,24 +26,15 @@ class EcUtil + static QSharedPointer oct2point(const QSharedPointer& pCurve, const QByteArray& pCompressedData); static QSharedPointer create(EC_GROUP* pEcGroup); - -#if OPENSSL_VERSION_NUMBER < 0x30000000L static QSharedPointer create(EC_KEY* pEcKey); -#endif - static QSharedPointer create(EC_POINT* pEcPoint); - -@@ -44,14 +42,7 @@ class EcUtil - + static QSharedPointer create(BIGNUM* pBigNum); + static QSharedPointer create(EVP_PKEY* pEcGroup); static QSharedPointer create(EVP_PKEY_CTX* pEcGroup); -#if OPENSSL_VERSION_NUMBER >= 0x30000000L -- static QByteArray getEncodedPublicKey(const QSharedPointer& pKey); +- static QByteArray getEncodedPublicKey(const QSharedPointer& pKey, bool pCompressed = false); - static QSharedPointer getPrivateKey(const QSharedPointer& pKey); - static QSharedPointer create(const std::function& pFunc); - static QSharedPointer generateKey(const QSharedPointer& pCurve); -#else + static QByteArray getEncodedPublicKey(const QSharedPointer& pKey, bool pCompressed = false); + static QSharedPointer getPrivateKey(const QSharedPointer& pKey); static QSharedPointer generateKey(const QSharedPointer& pCurve); -#endif static QSharedPointer createCurve(int pNid); }; -@@ -68,7 +59,6 @@ inline QSharedPointer EcUtil::create(EC_GROUP* pEcGroup) +@@ -60,7 +51,6 @@ inline QSharedPointer EcUtil::create(EC_GROUP* pEcGroup) } @@ -377,7 +307,7 @@ index b575341..f7db521 100644 inline QSharedPointer EcUtil::create(EC_KEY* pEcKey) { static auto deleter = [](EC_KEY* ecKey) -@@ -80,8 +70,6 @@ inline QSharedPointer EcUtil::create(EC_KEY* pEcKey) +@@ -72,8 +62,6 @@ inline QSharedPointer EcUtil::create(EC_KEY* pEcKey) } @@ -386,35 +316,44 @@ index b575341..f7db521 100644 inline QSharedPointer EcUtil::create(EC_POINT* pEcPoint) { static auto deleter = [](EC_POINT* ecPoint) +diff --git a/src/card/base/pace/ec/EcdhGenericMapping.cpp b/src/card/base/pace/ec/EcdhGenericMapping.cpp +index 04cee51..571c7a0 100644 +--- a/src/card/base/pace/ec/EcdhGenericMapping.cpp ++++ b/src/card/base/pace/ec/EcdhGenericMapping.cpp +@@ -49,12 +49,7 @@ bool EcdhGenericMapping::generateEphemeralDomainParameters(const QByteArray& pRe + return false; + } + +-#if OPENSSL_VERSION_NUMBER >= 0x30000000L +- const QSharedPointer localPubKeyPtr = EcUtil::oct2point(mCurve, EcUtil::getEncodedPublicKey(mLocalKey)); +- const EC_POINT* localPubKey = localPubKeyPtr.data(); +-#else + const EC_POINT* localPubKey = EC_KEY_get0_public_key(mLocalKey.data()); +-#endif + if (!EC_POINT_cmp(mCurve.data(), localPubKey, remotePubKey.data(), nullptr)) + { + qCCritical(card) << "The exchanged public keys are equal."; +diff --git a/src/card/base/pace/ec/EcdhGenericMapping.h b/src/card/base/pace/ec/EcdhGenericMapping.h +index e9c9768..188befb 100644 +--- a/src/card/base/pace/ec/EcdhGenericMapping.h ++++ b/src/card/base/pace/ec/EcdhGenericMapping.h +@@ -22,11 +22,7 @@ class EcdhGenericMapping + + private: + const QSharedPointer mCurve; +-#if OPENSSL_VERSION_NUMBER >= 0x30000000L +- QSharedPointer mLocalKey; +-#else + QSharedPointer mLocalKey; +-#endif + + QSharedPointer createNewGenerator(const QSharedPointer& pRemotePubKey, const QSharedPointer& pS); + diff --git a/src/card/simulator/SimulatorCard.cpp b/src/card/simulator/SimulatorCard.cpp -index 87491d7..2da83b1 100644 +index 3c4e218..a39fb54 100644 --- a/src/card/simulator/SimulatorCard.cpp +++ b/src/card/simulator/SimulatorCard.cpp -@@ -22,9 +22,7 @@ - #include - #include - #include --#if OPENSSL_VERSION_NUMBER < 0x30000000L -- #include --#endif -+#include - - - using namespace governikus; -@@ -369,12 +367,8 @@ ResponseApduResult SimulatorCard::executeGeneralAuthenticate(const CommandApdu& - mPaceTerminalKey = cmdData.getData(V_ASN1_CONTEXT_SPECIFIC, ASN1Struct::PACE_EPHEMERAL_PUBLIC_KEY); - - auto asn1KeyAgreement = newObject(); --#if OPENSSL_VERSION_NUMBER >= 0x30000000L -- const auto& encodedPublicKey = EcUtil::getEncodedPublicKey(mCardKey); --#else - const auto& curve = EcUtil::create(EC_GROUP_dup(EC_KEY_get0_group(mCardKey.data()))); - const auto& encodedPublicKey = EcUtil::point2oct(curve, EC_KEY_get0_public_key(mCardKey.data())); --#endif - Asn1OctetStringUtil::setValue(encodedPublicKey, asn1KeyAgreement->mEphemeralPublicKey); - responseData = encodeObject(asn1KeyAgreement.data()); - break; -@@ -461,42 +455,6 @@ QByteArray SimulatorCard::ecMultiplication(const QByteArray& pPoint) const +@@ -661,42 +661,6 @@ QByteArray SimulatorCard::ecMultiplication(const QByteArray& pPoint) const return QByteArray(); } @@ -457,7 +396,7 @@ index 87491d7..2da83b1 100644 const auto& curve = EcUtil::create(EC_GROUP_dup(EC_KEY_get0_group(mCardKey.data()))); auto point = EcUtil::oct2point(curve, pPoint); if (!point) -@@ -515,7 +473,6 @@ QByteArray SimulatorCard::ecMultiplication(const QByteArray& pPoint) const +@@ -715,7 +679,6 @@ QByteArray SimulatorCard::ecMultiplication(const QByteArray& pPoint) const return EcUtil::point2oct(curve, result.data(), true); @@ -466,11 +405,11 @@ index 87491d7..2da83b1 100644 diff --git a/src/card/simulator/SimulatorCard.h b/src/card/simulator/SimulatorCard.h -index b709d17..23f858b 100644 +index fc9db00..7a881cb 100644 --- a/src/card/simulator/SimulatorCard.h +++ b/src/card/simulator/SimulatorCard.h -@@ -35,11 +35,7 @@ class SimulatorCard - QSharedPointer mPaceChat; +@@ -39,11 +39,7 @@ class SimulatorCard + int mPaceKeyId; QByteArray mPaceNonce; QByteArray mPaceTerminalKey; -#if OPENSSL_VERSION_NUMBER >= 0x30000000L @@ -478,14 +417,14 @@ index b709d17..23f858b 100644 -#else QSharedPointer mCardKey; -#endif - QSharedPointer mTaAuxData; - - public: + QSharedPointer mTaCertificate; + QByteArray mTaSigningData; + QByteArray mTaAuxData; diff --git a/src/card/simulator/SimulatorFileSystem.cpp b/src/card/simulator/SimulatorFileSystem.cpp -index 122ca4f..046d540 100644 +index 5c01caa..4cbe60c 100644 --- a/src/card/simulator/SimulatorFileSystem.cpp +++ b/src/card/simulator/SimulatorFileSystem.cpp -@@ -327,11 +327,7 @@ QByteArray SimulatorFileSystem::getEfCardAccess() const +@@ -347,11 +347,7 @@ QByteArray SimulatorFileSystem::getPassword(PacePasswordId pPasswordId) const } @@ -497,7 +436,7 @@ index 122ca4f..046d540 100644 { if (!mKeys.contains(pKeyId)) { -@@ -347,13 +343,8 @@ QSharedPointer SimulatorFileSystem::getKey(int pKeyId) const +@@ -367,13 +363,8 @@ QSharedPointer SimulatorFileSystem::getKey(int pKeyId) const return nullptr; } @@ -512,21 +451,21 @@ index 122ca4f..046d540 100644 diff --git a/src/card/simulator/SimulatorFileSystem.h b/src/card/simulator/SimulatorFileSystem.h -index cb9704b..44d4054 100644 +index 7d8458f..57065db 100644 --- a/src/card/simulator/SimulatorFileSystem.h +++ b/src/card/simulator/SimulatorFileSystem.h -@@ -38,11 +38,7 @@ class SimulatorFileSystem - [[nodiscard]] StatusCode write(qsizetype pOffset, const QByteArray& pData); +@@ -43,11 +43,7 @@ class SimulatorFileSystem [[nodiscard]] QByteArray getEfCardAccess() const; + [[nodiscard]] QByteArray getPassword(PacePasswordId pPasswordId) const; -#if OPENSSL_VERSION_NUMBER >= 0x30000000L - [[nodiscard]] QSharedPointer getKey(int pKeyId) const; -#else [[nodiscard]] QSharedPointer getKey(int pKeyId) const; -#endif - - [[nodiscard]] StatusCode verify(const Oid& pOid, const QSharedPointer& pAuxiliaryData) const; + [[nodiscard]] QSharedPointer getTrustPoint() const; + void setTrustPoint(const QSharedPointer& pTrustPoint); -- -2.45.2 +2.51.0 diff --git a/AusweisApp2-1.24.1-use_Qt_TranslationsPath.patch b/AusweisApp2-1.24.1-use_Qt_TranslationsPath.patch index 2cc4234..e4fcd01 100644 --- a/AusweisApp2-1.24.1-use_Qt_TranslationsPath.patch +++ b/AusweisApp2-1.24.1-use_Qt_TranslationsPath.patch @@ -1,8 +1,17 @@ -Index: AusweisApp2-1.24.1/src/global/FileDestination.h -=================================================================== ---- AusweisApp2-1.24.1.orig/src/global/FileDestination.h -+++ AusweisApp2-1.24.1/src/global/FileDestination.h -@@ -9,8 +9,10 @@ +From 056e560ed6432e99a297d1c1d2c89c89621bd825 Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Thu, 6 Mar 2025 01:00:00 +0100 +Subject: [PATCH] AusweisApp2-1.24.1-use_Qt_TranslationsPath.patch + +--- + src/global/FileDestination.h | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/src/global/FileDestination.h b/src/global/FileDestination.h +index 2fd5826..781e9b9 100644 +--- a/src/global/FileDestination.h ++++ b/src/global/FileDestination.h +@@ -7,8 +7,10 @@ #include #include #include @@ -11,9 +20,9 @@ Index: AusweisApp2-1.24.1/src/global/FileDestination.h #include +#include + namespace governikus - { -@@ -52,6 +54,13 @@ class FileDestination +@@ -51,6 +53,13 @@ class FileDestination QStandardPaths::StandardLocation pStandard = QStandardPaths::AppDataLocation) { #if (defined(Q_OS_LINUX) && !defined(Q_OS_ANDROID)) || (defined(Q_OS_BSD4) && !defined(Q_OS_MACOS) && !defined(Q_OS_IOS)) @@ -27,3 +36,6 @@ Index: AusweisApp2-1.24.1/src/global/FileDestination.h if (const auto& match = QStandardPaths::locate(pStandard, pFilename, pOption); !match.isNull()) { return match; +-- +2.48.1 + diff --git a/AusweisApp2.spec b/AusweisApp2.spec index b84316a..cd964a5 100644 --- a/AusweisApp2.spec +++ b/AusweisApp2.spec @@ -24,10 +24,6 @@ fi \ %global build_fflags %(echo '%{build_fflags}' | sed -e 's!-ffat-lto-objects!-fno-fat-lto-objects!g') %global build_fcflags %(echo '%{build_fflags}' | sed -e 's!-ffat-lto-objects!-fno-fat-lto-objects!g') -# Build and package Doxygen documentation? -%bcond_without doxy - -# Do we build with Qt6? %if 0%{?fedora} || 0%{?rhel} >= 9 %global qt6_build 1 %else @@ -41,7 +37,7 @@ fi \ %global newname AusweisApp Name: AusweisApp2 -Version: 2.2.2 +Version: 2.4.0 Release: %autorelease Summary: %{pkg_sum} @@ -66,8 +62,8 @@ Source1000: gen_openssl_cnf.py Patch01000: %{name}-1.24.1-use_Qt_TranslationsPath.patch # Needed because Fedora's openssl does not support elliptic curves using custom parameters. # Request to enable them was denied: https://bugzilla.redhat.com/show_bug.cgi?id=2259403 -# It is currently not clear if the legacy API works by accident or by design. It does work as of January 2024. -Patch01001: %{name}-2.0.1-use-legacy-openssl-api.patch +# It is currently not clear if the legacy API works by accident or by design. It does work as of March 2025. +Patch01001: 0001-Use-legacy-OpenSSL-API.patch BuildRequires: cmake BuildRequires: crypto-policies @@ -162,10 +158,6 @@ used by %{name}. Summary: User and API documentation for %{name} BuildArch: noarch -%if %{with doxy} -BuildRequires: doxygen -BuildRequires: graphviz -%endif BuildRequires: hardlink BuildRequires: python3-sphinx BuildRequires: python3-sphinx_rtd_theme @@ -173,11 +165,6 @@ BuildRequires: python3-sphinx_rtd_theme # Do not raise conflicts about shared license files. Requires: (%{name} = %{version}-%{release} if %{name}) -# The doc-api package is faded, since we can ship the -# Doxygen documentation noarch'ed as well now. -Obsoletes: %{name}-doc-api < 1.20.1-2 -Provides: %{name}-doc-api = %{version}-%{release} - %description doc This package contains the user and API documentation for %{name}. @@ -232,16 +219,10 @@ EOF %if (0%{?fedora} || 0%{?rhel} > 8) # Documentation. -%cmake_build --target installation_integration notes sdk -%if %{with doxy} -%cmake_build --target doxy -%endif +%cmake_build --target installation_integration_de installation_integration_en notes sdk %else # Documentation. -%ninja_build -C %{_vpath_builddir} installation_integration notes sdk -%if %{with doxy} -%ninja_build -C %{_vpath_builddir} doxy -%endif +%ninja_build -C %{_vpath_builddir} installation_integration_de installation_integration_en notes sdk %endif @@ -266,13 +247,10 @@ rm -fr %{buildroot}%{_datadir}/%{newname}/translations %endif # Excessive docs. -mkdir -p %{buildroot}%{_pkgdocdir}/{installation_integration,notes,sdk} +mkdir -p %{buildroot}%{_pkgdocdir}/{installation_integration_{de,en},notes,sdk} install -pm 0644 README.rst %{buildroot}%{_pkgdocdir} -%if %{with doxy} -mkdir -p %{buildroot}%{_pkgdocdir}/doxy -cp -a %{_vpath_builddir}/doc/html/* %{buildroot}%{_pkgdocdir}/doxy -%endif -cp -a %{_vpath_builddir}/docs/installation_integration/html/* %{buildroot}%{_pkgdocdir}/installation_integration +cp -a %{_vpath_builddir}/docs/installation_integration_de/html/* %{buildroot}%{_pkgdocdir}/installation_integration_de +cp -a %{_vpath_builddir}/docs/installation_integration_en/html/* %{buildroot}%{_pkgdocdir}/installation_integration_en cp -a %{_vpath_builddir}/docs/notes/html/* %{buildroot}%{_pkgdocdir}/notes cp -a %{_vpath_builddir}/docs/sdk/html/* %{buildroot}%{_pkgdocdir}/sdk find %{buildroot}%{_pkgdocdir} -type d -print0 | xargs -0 chmod -c 0755 diff --git a/sources b/sources index 09f9352..7862543 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (AusweisApp-2.2.2.tar.gz) = f86dabd4d7347e3986045407e0d2f94174552a676215292954d558d0b3c7df1ab5212b623a809bd36136ad79bd57541969e30783c46ddd01c786581ad01e727f -SHA512 (AusweisApp-2.2.2.tar.gz.asc) = 416cba597bd35a4688c516b6d6812d5750be167b633fc7e367567d7af66dc02c22684c866e2c0e42cdd712052cabe0811321e2937c36793967855275d773993e -SHA512 (AusweisApp-2.2.2.tar.gz.sha256) = 8dbc58f33a90eb05971bff008e3752bba55f5291be4269d970ec1a794c2295aa304ee32aba729ac22c9521edebce2a9c7420741fe35155ce18c6b91e9ec3e08b +SHA512 (AusweisApp-2.4.0.tar.gz) = 6e0d89b30176f7722bebab01322363ee38ff43573167061d4a97d840b669f3e579ad9fb62345b97b75490690fd5e03f25994eaa1a77334171fcdd28d39ec3e4a +SHA512 (AusweisApp-2.4.0.tar.gz.asc) = ac8ffdb68d5847978bf639a8f32462053bddcace5d9c3d6cb16e788bb2dbe98ae3b7cafe089246fa786fa4b3e048b81b608cbe77e948a843b2dcd774796d2a56 +SHA512 (AusweisApp-2.4.0.tar.gz.sha256) = 257634437251fc22b3d85386a282ee4ce68d2f0db1112a912a54db9a6741ecb79b4180c490486d9ff8519246e62165b5953ed5739e9de0e180bb46decfeff16a SHA512 (AusweisApp2-pubring.gpg) = 3aae27b673f4eb2f7d3bda6c839b3d11829a730bde546e92abb889abb1c2453e786dc906154074485406692f5b9abbb3e1fb293e6b397696b6371016723621cd