rpms/AusweisApp2
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

merge into: rpms:rawhide
Branches Tags
rpms:rawhide
rpms:main
rpms:f41
rpms:f42
rpms:f43
rpms:f40
rpms:f39
rpms:f38
rpms:f37
rpms:f36
rpms:epel8
rpms:epel9
rpms:f35
rpms:epel8-playground
rpms:f34
rpms:f33
rpms:f31
rpms:f32
rpms:epel7
...
pull from: rpms:f41
Branches Tags
rpms:main
rpms:rawhide
rpms:f41
rpms:f42
rpms:f43
rpms:f40
rpms:f39
rpms:f38
rpms:f37
rpms:f36
rpms:epel8
rpms:epel9
rpms:f35
rpms:epel8-playground
rpms:f34
rpms:f33
rpms:f31
rpms:f32
rpms:epel7
Sign in to create a new pull request.

12 commits
rawhide ... f41

Author SHA1 Message Date
Julian Sikorski
cf035deeb6 Update to 2.4.0 2025-10-30 14:49:40 +01:00
Julian Sikorski
7e061b7232 Update to 2.3.2 2025-06-26 21:50:36 +02:00
Julian Sikorski
d846552860 Update to 2.3.1 2025-03-19 09:41:44 +01:00
Julian Sikorski
dea806f633 Update to 2.3.0 2025-03-10 23:41:38 +01:00
Jan Grulich
83353aeaaa Merge branch 'f41' into f40 2025-01-07 10:04:35 +01:00
Jan Grulich
632d407056 Rebuild (qt6) 2024-10-30 13:20:00 +01:00
Julian Sikorski
ab012bb060 Update to 2.2.2 2024-10-25 23:54:07 +02:00
Julian Sikorski
7019b2399f Update to 2.2.1 2024-09-11 22:43:19 +02:00
Julian Sikorski
db9ed42655 Fix QML error with Qt 6.6.3 2024-08-17 22:51:37 +02:00
Julian Sikorski
aa9e556c54 Merge branch 'rawhide' into f40 2024-07-04 22:51:38 +02:00
Jan Grulich
22705cb3b9 Merge branch 'rawhide' into f40 2024-04-18 09:02:04 +02:00
Julian Sikorski
a4e31d2aa0 Update to 2.1.1 2024-04-11 20:30:28 +02:00
5 changed files with 155 additions and 214 deletions
Download patch file Download diff file Expand all files Collapse all files

12
.gitignore vendored
View file

@ -23,3 +23,15 @@
/AusweisApp-2.2.2.tar.gz
/AusweisApp-2.2.2.tar.gz.asc
/AusweisApp-2.2.2.tar.gz.sha256
/AusweisApp-2.3.0.tar.gz
/AusweisApp-2.3.0.tar.gz.asc
/AusweisApp-2.3.0.tar.gz.sha256
/AusweisApp-2.3.1.tar.gz
/AusweisApp-2.3.1.tar.gz.asc
/AusweisApp-2.3.1.tar.gz.sha256
/AusweisApp-2.3.2.tar.gz
/AusweisApp-2.3.2.tar.gz.asc
/AusweisApp-2.3.2.tar.gz.sha256
/AusweisApp-2.4.0.tar.gz
/AusweisApp-2.4.0.tar.gz.asc
/AusweisApp-2.4.0.tar.gz.sha256

287
AusweisApp2-2.0.1-use-legacy-openssl-api.patch → 0001-Use-legacy-OpenSSL-API.patch
View file

@ -1,24 +1,23 @@
From 360d75e9ac2977a99b3e45e0e472a0abb02655cf Mon Sep 17 00:00:00 2001
From f5d48a49ea7055b7d4edf5f1398557b475419fb9 Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Thu, 4 Jul 2024 20:10:17 +0200
Subject: [PATCH] AusweisApp2-2.0.1-use-legacy-openssl-api.patch
Date: Thu, 30 Oct 2025 13:51:15 +0100
Subject: [PATCH] Use legacy OpenSSL API
---
src/card/base/asn1/EcdsaPublicKey.cpp | 39 ------
src/card/base/asn1/EcdsaPublicKey.cpp | 39 -----
src/card/base/asn1/EcdsaPublicKey.h | 6 +-
src/card/base/pace/ec/EcdhGenericMapping.cpp | 15 ---
src/card/base/pace/ec/EcdhGenericMapping.h | 4 -
src/card/base/pace/ec/EcdhKeyAgreement.cpp | 7 -
src/card/base/pace/ec/EcUtil.cpp | 134 -------------------
src/card/base/pace/ec/EcUtil.cpp | 145 -------------------
src/card/base/pace/ec/EcUtil.h | 12 --
src/card/simulator/SimulatorCard.cpp | 45 +------
src/card/base/pace/ec/EcdhGenericMapping.cpp | 5 -
src/card/base/pace/ec/EcdhGenericMapping.h | 4 -
src/card/simulator/SimulatorCard.cpp | 37 -----
src/card/simulator/SimulatorCard.h | 4 -
src/card/simulator/SimulatorFileSystem.cpp | 9 --
src/card/simulator/SimulatorFileSystem.h | 4 -
11 files changed, 2 insertions(+), 277 deletions(-)
10 files changed, 1 insertion(+), 264 deletions(-)
diff --git a/src/card/base/asn1/EcdsaPublicKey.cpp b/src/card/base/asn1/EcdsaPublicKey.cpp
index ea07eda..0f19c11 100644
index 7f54045..dc7e26b 100644
--- a/src/card/base/asn1/EcdsaPublicKey.cpp
+++ b/src/card/base/asn1/EcdsaPublicKey.cpp
@@ -182,7 +182,6 @@ QByteArray EcdsaPublicKey::getUncompressedPublicPoint() const
@ -52,15 +51,15 @@ index ea07eda..0f19c11 100644
-#else
- const auto& params = EcUtil::create([&curveData, pPublicPoint, pPublicPointLength, this](OSSL_PARAM_BLD* pBuilder){
- return OSSL_PARAM_BLD_push_BN(pBuilder, "p", curveData.p.data())
- && OSSL_PARAM_BLD_push_BN(pBuilder, "a", curveData.a.data())
- && OSSL_PARAM_BLD_push_BN(pBuilder, "b", curveData.b.data())
- && OSSL_PARAM_BLD_push_BN(pBuilder, "order", curveData.order.data())
- && OSSL_PARAM_BLD_push_BN(pBuilder, "cofactor", curveData.cofactor.data())
- && OSSL_PARAM_BLD_push_octet_string(pBuilder, "pub", pPublicPoint, static_cast<size_t>(pPublicPointLength))
- && OSSL_PARAM_BLD_push_octet_string(pBuilder, "generator", mBasePoint->data, static_cast<size_t>(mBasePoint->length))
- && OSSL_PARAM_BLD_push_utf8_string(pBuilder, "field-type", "prime-field", 12);
- });
- return OSSL_PARAM_BLD_push_BN(pBuilder, "p", curveData.p.data())
- && OSSL_PARAM_BLD_push_BN(pBuilder, "a", curveData.a.data())
- && OSSL_PARAM_BLD_push_BN(pBuilder, "b", curveData.b.data())
- && OSSL_PARAM_BLD_push_BN(pBuilder, "order", curveData.order.data())
- && OSSL_PARAM_BLD_push_BN(pBuilder, "cofactor", curveData.cofactor.data())
- && OSSL_PARAM_BLD_push_octet_string(pBuilder, "pub", pPublicPoint, static_cast<size_t>(pPublicPointLength))
- && OSSL_PARAM_BLD_push_octet_string(pBuilder, "generator", mBasePoint->data, static_cast<size_t>(mBasePoint->length))
- && OSSL_PARAM_BLD_push_utf8_string(pBuilder, "field-type", "prime-field", 12);
- });
-
- if (params == nullptr)
- {
@ -87,7 +86,7 @@ index ea07eda..0f19c11 100644
-#endif
}
diff --git a/src/card/base/asn1/EcdsaPublicKey.h b/src/card/base/asn1/EcdsaPublicKey.h
index 36f768e..45f78ec 100644
index 860bc74..c85e48b 100644
--- a/src/card/base/asn1/EcdsaPublicKey.h
+++ b/src/card/base/asn1/EcdsaPublicKey.h
@@ -13,9 +13,7 @@
@ -111,96 +110,16 @@ index 36f768e..45f78ec 100644
public:
static int decodeCallback(int pOperation, ASN1_VALUE** pVal, const ASN1_ITEM* pIt, void* pExarg);
diff --git a/src/card/base/pace/ec/EcdhGenericMapping.cpp b/src/card/base/pace/ec/EcdhGenericMapping.cpp
index 3e2d1d4..1a8e6a2 100644
--- a/src/card/base/pace/ec/EcdhGenericMapping.cpp
+++ b/src/card/base/pace/ec/EcdhGenericMapping.cpp
@@ -37,13 +37,8 @@ QByteArray EcdhGenericMapping::generateLocalMappingData()
mLocalKey = EcUtil::generateKey(mCurve);
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
- return EcUtil::getEncodedPublicKey(mLocalKey);
-
-#else
return EcUtil::point2oct(mCurve, EC_KEY_get0_public_key(mLocalKey.data()));
-#endif
}
@@ -56,12 +51,7 @@ bool EcdhGenericMapping::generateEphemeralDomainParameters(const QByteArray& pRe
return false;
}
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
- const QSharedPointer<const EC_POINT> localPubKeyPtr = EcUtil::oct2point(mCurve, EcUtil::getEncodedPublicKey(mLocalKey));
- const EC_POINT* localPubKey = localPubKeyPtr.data();
-#else
const EC_POINT* localPubKey = EC_KEY_get0_public_key(mLocalKey.data());
-#endif
if (!EC_POINT_cmp(mCurve.data(), localPubKey, remotePubKey.data(), nullptr))
{
qCCritical(card) << "The exchanged public keys are equal.";
@@ -81,12 +71,7 @@ bool EcdhGenericMapping::generateEphemeralDomainParameters(const QByteArray& pRe
QSharedPointer<EC_POINT> EcdhGenericMapping::createNewGenerator(const QSharedPointer<const EC_POINT>& pRemotePubKey, const QSharedPointer<const BIGNUM>& pS)
{
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
- const auto& privKeyPtr = EcUtil::getPrivateKey(mLocalKey);
- const BIGNUM* privKey = privKeyPtr.data();
-#else
const BIGNUM* privKey = EC_KEY_get0_private_key(mLocalKey.data());
-#endif
if (!privKey)
{
diff --git a/src/card/base/pace/ec/EcdhGenericMapping.h b/src/card/base/pace/ec/EcdhGenericMapping.h
index bdfa5a8..dea4bf0 100644
--- a/src/card/base/pace/ec/EcdhGenericMapping.h
+++ b/src/card/base/pace/ec/EcdhGenericMapping.h
@@ -22,11 +22,7 @@ class EcdhGenericMapping
private:
const QSharedPointer<EC_GROUP> mCurve;
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
- QSharedPointer<EVP_PKEY> mLocalKey;
-#else
QSharedPointer<EC_KEY> mLocalKey;
-#endif
QSharedPointer<EC_POINT> createNewGenerator(const QSharedPointer<const EC_POINT>& pRemotePubKey, const QSharedPointer<const BIGNUM>& pS);
diff --git a/src/card/base/pace/ec/EcdhKeyAgreement.cpp b/src/card/base/pace/ec/EcdhKeyAgreement.cpp
index 0f0ae09..45c8a76 100644
--- a/src/card/base/pace/ec/EcdhKeyAgreement.cpp
+++ b/src/card/base/pace/ec/EcdhKeyAgreement.cpp
@@ -96,15 +96,8 @@ KeyAgreement::CardResult EcdhKeyAgreement::performKeyExchange()
return {CardReturnCode::PROTOCOL_ERROR};
}
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
- const QByteArray terminalEphemeralPublicKeyBytes = EcUtil::getEncodedPublicKey(terminalEphemeralKey);
-
- const auto& privKeyPtr = EcUtil::getPrivateKey(terminalEphemeralKey);
- const BIGNUM* terminalEphemeralPrivateKey = privKeyPtr.data();
-#else
const QByteArray terminalEphemeralPublicKeyBytes = EcUtil::point2oct(curve, EC_KEY_get0_public_key(terminalEphemeralKey.data()));
const BIGNUM* const terminalEphemeralPrivateKey = EC_KEY_get0_private_key(terminalEphemeralKey.data());
-#endif
// Make a copy of the terminal public key for later mutual authentication.
mTerminalPublicKey = EcUtil::oct2point(curve, terminalEphemeralPublicKeyBytes);
diff --git a/src/card/base/pace/ec/EcUtil.cpp b/src/card/base/pace/ec/EcUtil.cpp
index 10db88f..5c0ff53 100644
index 069ad81..546438f 100644
--- a/src/card/base/pace/ec/EcUtil.cpp
+++ b/src/card/base/pace/ec/EcUtil.cpp
@@ -103,137 +103,6 @@ QSharedPointer<EC_POINT> EcUtil::oct2point(const QSharedPointer<const EC_GROUP>&
@@ -103,148 +103,6 @@ QSharedPointer<EC_POINT> EcUtil::oct2point(const QSharedPointer<const EC_GROUP>&
}
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
-QByteArray EcUtil::getEncodedPublicKey(const QSharedPointer<EVP_PKEY>& pKey)
-QByteArray EcUtil::getEncodedPublicKey(const QSharedPointer<EVP_PKEY>& pKey, bool pCompressed)
-{
- if (pKey.isNull())
- {
@ -211,10 +130,16 @@ index 10db88f..5c0ff53 100644
- uchar* key = nullptr;
- const size_t length = EVP_PKEY_get1_encoded_public_key(pKey.data(), &key);
- const auto guard = qScopeGuard([key] {
- OPENSSL_free(key);
- });
- OPENSSL_free(key);
- });
-
- return length > 0 ? QByteArray(reinterpret_cast<char*>(key), static_cast<int>(length)) : QByteArray();
- if (length == 0)
- {
- return QByteArray();
- }
-
- const QByteArray uncompressed(reinterpret_cast<char*>(key), static_cast<int>(length));
- return pCompressed ? EcUtil::compressPoint(uncompressed) : uncompressed;
-}
-
-
@ -230,8 +155,8 @@ index 10db88f..5c0ff53 100644
-{
- OSSL_PARAM_BLD* bld = OSSL_PARAM_BLD_new();
- const auto guard = qScopeGuard([bld] {
- OSSL_PARAM_BLD_free(bld);
- });
- OSSL_PARAM_BLD_free(bld);
- });
-
- if (bld == nullptr)
- {
@ -239,8 +164,13 @@ index 10db88f..5c0ff53 100644
- return nullptr;
- }
-
- if (OSSL_PARAM* params = nullptr;
- pFunc(bld) && (params = OSSL_PARAM_BLD_to_param(bld)) != nullptr)
- if (!pFunc(bld))
- {
- qCCritical(card) << "Cannot initialize parameter builder";
- return nullptr;
- }
-
- if (OSSL_PARAM* params = OSSL_PARAM_BLD_to_param(bld); params != nullptr)
- {
- static auto deleter = [](OSSL_PARAM* pParam)
- {
@ -289,14 +219,14 @@ index 10db88f..5c0ff53 100644
- }
-
- const auto& params = EcUtil::create([&p, &a, &b, &order, &cofactor, &generator](OSSL_PARAM_BLD* pBuilder){
- return OSSL_PARAM_BLD_push_BN(pBuilder, "p", p.data())
- && OSSL_PARAM_BLD_push_BN(pBuilder, "a", a.data())
- && OSSL_PARAM_BLD_push_BN(pBuilder, "b", b.data())
- && OSSL_PARAM_BLD_push_BN(pBuilder, "order", order.data())
- && OSSL_PARAM_BLD_push_BN(pBuilder, "cofactor", cofactor.data())
- && OSSL_PARAM_BLD_push_octet_string(pBuilder, "generator", generator.data(), static_cast<size_t>(generator.size()))
- && OSSL_PARAM_BLD_push_utf8_string(pBuilder, "field-type", "prime-field", 12);
- });
- return OSSL_PARAM_BLD_push_BN(pBuilder, "p", p.data())
- && OSSL_PARAM_BLD_push_BN(pBuilder, "a", a.data())
- && OSSL_PARAM_BLD_push_BN(pBuilder, "b", b.data())
- && OSSL_PARAM_BLD_push_BN(pBuilder, "order", order.data())
- && OSSL_PARAM_BLD_push_BN(pBuilder, "cofactor", cofactor.data())
- && OSSL_PARAM_BLD_push_octet_string(pBuilder, "generator", generator.data(), static_cast<size_t>(generator.size()))
- && OSSL_PARAM_BLD_push_utf8_string(pBuilder, "field-type", "prime-field", 12);
- });
-
- if (params == nullptr)
- {
@ -330,10 +260,10 @@ index 10db88f..5c0ff53 100644
-
-
-#else
QSharedPointer<EC_KEY> EcUtil::generateKey(const QSharedPointer<const EC_GROUP>& pCurve)
QByteArray EcUtil::getEncodedPublicKey(const QSharedPointer<EC_KEY>& pKey, bool pCompressed)
{
if (pCurve.isNull())
@@ -257,6 +126,3 @@ QSharedPointer<EC_KEY> EcUtil::generateKey(const QSharedPointer<const EC_GROUP>&
if (pKey.isNull())
@@ -293,6 +151,3 @@ QSharedPointer<EC_KEY> EcUtil::generateKey(const QSharedPointer<const EC_GROUP>&
return key;
}
@ -341,35 +271,35 @@ index 10db88f..5c0ff53 100644
-
-#endif
diff --git a/src/card/base/pace/ec/EcUtil.h b/src/card/base/pace/ec/EcUtil.h
index b575341..f7db521 100644
index 63eb16c..914c268 100644
--- a/src/card/base/pace/ec/EcUtil.h
+++ b/src/card/base/pace/ec/EcUtil.h
@@ -32,9 +32,7 @@ class EcUtil
@@ -26,24 +26,15 @@ class EcUtil
static QSharedPointer<EC_POINT> oct2point(const QSharedPointer<const EC_GROUP>& pCurve, const QByteArray& pCompressedData);
static QSharedPointer<EC_GROUP> create(EC_GROUP* pEcGroup);
-#if OPENSSL_VERSION_NUMBER < 0x30000000L
static QSharedPointer<EC_KEY> create(EC_KEY* pEcKey);
-#endif
static QSharedPointer<EC_POINT> create(EC_POINT* pEcPoint);
@@ -44,14 +42,7 @@ class EcUtil
static QSharedPointer<BIGNUM> create(BIGNUM* pBigNum);
static QSharedPointer<EVP_PKEY> create(EVP_PKEY* pEcGroup);
static QSharedPointer<EVP_PKEY_CTX> create(EVP_PKEY_CTX* pEcGroup);
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
- static QByteArray getEncodedPublicKey(const QSharedPointer<EVP_PKEY>& pKey);
- static QByteArray getEncodedPublicKey(const QSharedPointer<EVP_PKEY>& pKey, bool pCompressed = false);
- static QSharedPointer<BIGNUM> getPrivateKey(const QSharedPointer<const EVP_PKEY>& pKey);
- static QSharedPointer<OSSL_PARAM> create(const std::function<bool(OSSL_PARAM_BLD* pBuilder)>& pFunc);
- static QSharedPointer<EVP_PKEY> generateKey(const QSharedPointer<const EC_GROUP>& pCurve);
-#else
static QByteArray getEncodedPublicKey(const QSharedPointer<EC_KEY>& pKey, bool pCompressed = false);
static QSharedPointer<BIGNUM> getPrivateKey(const QSharedPointer<const EC_KEY>& pKey);
static QSharedPointer<EC_KEY> generateKey(const QSharedPointer<const EC_GROUP>& pCurve);
-#endif
static QSharedPointer<EC_GROUP> createCurve(int pNid);
};
@@ -68,7 +59,6 @@ inline QSharedPointer<EC_GROUP> EcUtil::create(EC_GROUP* pEcGroup)
@@ -60,7 +51,6 @@ inline QSharedPointer<EC_GROUP> EcUtil::create(EC_GROUP* pEcGroup)
}
@ -377,7 +307,7 @@ index b575341..f7db521 100644
inline QSharedPointer<EC_KEY> EcUtil::create(EC_KEY* pEcKey)
{
static auto deleter = [](EC_KEY* ecKey)
@@ -80,8 +70,6 @@ inline QSharedPointer<EC_KEY> EcUtil::create(EC_KEY* pEcKey)
@@ -72,8 +62,6 @@ inline QSharedPointer<EC_KEY> EcUtil::create(EC_KEY* pEcKey)
}
@ -386,35 +316,44 @@ index b575341..f7db521 100644
inline QSharedPointer<EC_POINT> EcUtil::create(EC_POINT* pEcPoint)
{
static auto deleter = [](EC_POINT* ecPoint)
diff --git a/src/card/base/pace/ec/EcdhGenericMapping.cpp b/src/card/base/pace/ec/EcdhGenericMapping.cpp
index 04cee51..571c7a0 100644
--- a/src/card/base/pace/ec/EcdhGenericMapping.cpp
+++ b/src/card/base/pace/ec/EcdhGenericMapping.cpp
@@ -49,12 +49,7 @@ bool EcdhGenericMapping::generateEphemeralDomainParameters(const QByteArray& pRe
return false;
}
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
- const QSharedPointer<const EC_POINT> localPubKeyPtr = EcUtil::oct2point(mCurve, EcUtil::getEncodedPublicKey(mLocalKey));
- const EC_POINT* localPubKey = localPubKeyPtr.data();
-#else
const EC_POINT* localPubKey = EC_KEY_get0_public_key(mLocalKey.data());
-#endif
if (!EC_POINT_cmp(mCurve.data(), localPubKey, remotePubKey.data(), nullptr))
{
qCCritical(card) << "The exchanged public keys are equal.";
diff --git a/src/card/base/pace/ec/EcdhGenericMapping.h b/src/card/base/pace/ec/EcdhGenericMapping.h
index e9c9768..188befb 100644
--- a/src/card/base/pace/ec/EcdhGenericMapping.h
+++ b/src/card/base/pace/ec/EcdhGenericMapping.h
@@ -22,11 +22,7 @@ class EcdhGenericMapping
private:
const QSharedPointer<EC_GROUP> mCurve;
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
- QSharedPointer<EVP_PKEY> mLocalKey;
-#else
QSharedPointer<EC_KEY> mLocalKey;
-#endif
QSharedPointer<EC_POINT> createNewGenerator(const QSharedPointer<const EC_POINT>& pRemotePubKey, const QSharedPointer<const BIGNUM>& pS);
diff --git a/src/card/simulator/SimulatorCard.cpp b/src/card/simulator/SimulatorCard.cpp
index 87491d7..2da83b1 100644
index 3c4e218..a39fb54 100644
--- a/src/card/simulator/SimulatorCard.cpp
+++ b/src/card/simulator/SimulatorCard.cpp
@@ -22,9 +22,7 @@
#include <QScopeGuard>
#include <QThread>
#include <QtEndian>
-#if OPENSSL_VERSION_NUMBER < 0x30000000L
- #include <openssl/bn.h>
-#endif
+#include <openssl/bn.h>
using namespace governikus;
@@ -369,12 +367,8 @@ ResponseApduResult SimulatorCard::executeGeneralAuthenticate(const CommandApdu&
mPaceTerminalKey = cmdData.getData(V_ASN1_CONTEXT_SPECIFIC, ASN1Struct::PACE_EPHEMERAL_PUBLIC_KEY);
auto asn1KeyAgreement = newObject<GA_PERFORMKEYAGREEMENTDATA>();
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
- const auto& encodedPublicKey = EcUtil::getEncodedPublicKey(mCardKey);
-#else
const auto& curve = EcUtil::create(EC_GROUP_dup(EC_KEY_get0_group(mCardKey.data())));
const auto& encodedPublicKey = EcUtil::point2oct(curve, EC_KEY_get0_public_key(mCardKey.data()));
-#endif
Asn1OctetStringUtil::setValue(encodedPublicKey, asn1KeyAgreement->mEphemeralPublicKey);
responseData = encodeObject(asn1KeyAgreement.data());
break;
@@ -461,42 +455,6 @@ QByteArray SimulatorCard::ecMultiplication(const QByteArray& pPoint) const
@@ -661,42 +661,6 @@ QByteArray SimulatorCard::ecMultiplication(const QByteArray& pPoint) const
return QByteArray();
}
@ -457,7 +396,7 @@ index 87491d7..2da83b1 100644
const auto& curve = EcUtil::create(EC_GROUP_dup(EC_KEY_get0_group(mCardKey.data())));
auto point = EcUtil::oct2point(curve, pPoint);
if (!point)
@@ -515,7 +473,6 @@ QByteArray SimulatorCard::ecMultiplication(const QByteArray& pPoint) const
@@ -715,7 +679,6 @@ QByteArray SimulatorCard::ecMultiplication(const QByteArray& pPoint) const
return EcUtil::point2oct(curve, result.data(), true);
@ -466,11 +405,11 @@ index 87491d7..2da83b1 100644
diff --git a/src/card/simulator/SimulatorCard.h b/src/card/simulator/SimulatorCard.h
index b709d17..23f858b 100644
index fc9db00..7a881cb 100644
--- a/src/card/simulator/SimulatorCard.h
+++ b/src/card/simulator/SimulatorCard.h
@@ -35,11 +35,7 @@ class SimulatorCard
QSharedPointer<CHAT> mPaceChat;
@@ -39,11 +39,7 @@ class SimulatorCard
int mPaceKeyId;
QByteArray mPaceNonce;
QByteArray mPaceTerminalKey;
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
@ -478,14 +417,14 @@ index b709d17..23f858b 100644
-#else
QSharedPointer<EC_KEY> mCardKey;
-#endif
QSharedPointer<AuthenticatedAuxiliaryData> mTaAuxData;
public:
QSharedPointer<const CVCertificate> mTaCertificate;
QByteArray mTaSigningData;
QByteArray mTaAuxData;
diff --git a/src/card/simulator/SimulatorFileSystem.cpp b/src/card/simulator/SimulatorFileSystem.cpp
index 122ca4f..046d540 100644
index 5c01caa..4cbe60c 100644
--- a/src/card/simulator/SimulatorFileSystem.cpp
+++ b/src/card/simulator/SimulatorFileSystem.cpp
@@ -327,11 +327,7 @@ QByteArray SimulatorFileSystem::getEfCardAccess() const
@@ -347,11 +347,7 @@ QByteArray SimulatorFileSystem::getPassword(PacePasswordId pPasswordId) const
}
@ -497,7 +436,7 @@ index 122ca4f..046d540 100644
{
if (!mKeys.contains(pKeyId))
{
@@ -347,13 +343,8 @@ QSharedPointer<EC_KEY> SimulatorFileSystem::getKey(int pKeyId) const
@@ -367,13 +363,8 @@ QSharedPointer<EC_KEY> SimulatorFileSystem::getKey(int pKeyId) const
return nullptr;
}
@ -512,21 +451,21 @@ index 122ca4f..046d540 100644
diff --git a/src/card/simulator/SimulatorFileSystem.h b/src/card/simulator/SimulatorFileSystem.h
index cb9704b..44d4054 100644
index 7d8458f..57065db 100644
--- a/src/card/simulator/SimulatorFileSystem.h
+++ b/src/card/simulator/SimulatorFileSystem.h
@@ -38,11 +38,7 @@ class SimulatorFileSystem
[[nodiscard]] StatusCode write(qsizetype pOffset, const QByteArray& pData);
@@ -43,11 +43,7 @@ class SimulatorFileSystem
[[nodiscard]] QByteArray getEfCardAccess() const;
[[nodiscard]] QByteArray getPassword(PacePasswordId pPasswordId) const;
-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
- [[nodiscard]] QSharedPointer<EVP_PKEY> getKey(int pKeyId) const;
-#else
[[nodiscard]] QSharedPointer<EC_KEY> getKey(int pKeyId) const;
-#endif
[[nodiscard]] StatusCode verify(const Oid& pOid, const QSharedPointer<AuthenticatedAuxiliaryData>& pAuxiliaryData) const;
[[nodiscard]] QSharedPointer<const CVCertificate> getTrustPoint() const;
void setTrustPoint(const QSharedPointer<const CVCertificate>& pTrustPoint);
--
2.45.2
2.51.0

26
AusweisApp2-1.24.1-use_Qt_TranslationsPath.patch
View file

@ -1,8 +1,17 @@
Index: AusweisApp2-1.24.1/src/global/FileDestination.h
===================================================================
--- AusweisApp2-1.24.1.orig/src/global/FileDestination.h
+++ AusweisApp2-1.24.1/src/global/FileDestination.h
@@ -9,8 +9,10 @@
From 056e560ed6432e99a297d1c1d2c89c89621bd825 Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Thu, 6 Mar 2025 01:00:00 +0100
Subject: [PATCH] AusweisApp2-1.24.1-use_Qt_TranslationsPath.patch
---
src/global/FileDestination.h | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/src/global/FileDestination.h b/src/global/FileDestination.h
index 2fd5826..781e9b9 100644
--- a/src/global/FileDestination.h
+++ b/src/global/FileDestination.h
@@ -7,8 +7,10 @@
#include <QCoreApplication>
#include <QDebug>
#include <QFile>
@ -11,9 +20,9 @@ Index: AusweisApp2-1.24.1/src/global/FileDestination.h
#include <QStringBuilder>
+#include <QtGlobal>
namespace governikus
{
@@ -52,6 +54,13 @@ class FileDestination
@@ -51,6 +53,13 @@ class FileDestination
QStandardPaths::StandardLocation pStandard = QStandardPaths::AppDataLocation)
{
#if (defined(Q_OS_LINUX) && !defined(Q_OS_ANDROID)) || (defined(Q_OS_BSD4) && !defined(Q_OS_MACOS) && !defined(Q_OS_IOS))
@ -27,3 +36,6 @@ Index: AusweisApp2-1.24.1/src/global/FileDestination.h
if (const auto& match = QStandardPaths::locate(pStandard, pFilename, pOption); !match.isNull())
{
return match;
--
2.48.1

38
AusweisApp2.spec
View file

@ -24,10 +24,6 @@ fi \
%global build_fflags %(echo '%{build_fflags}' | sed -e 's!-ffat-lto-objects!-fno-fat-lto-objects!g')
%global build_fcflags %(echo '%{build_fflags}' | sed -e 's!-ffat-lto-objects!-fno-fat-lto-objects!g')
# Build and package Doxygen documentation?
%bcond_without doxy
# Do we build with Qt6?
%if 0%{?fedora} || 0%{?rhel} >= 9
%global qt6_build 1
%else
@ -41,7 +37,7 @@ fi \
%global newname AusweisApp
Name: AusweisApp2
Version: 2.2.2
Version: 2.4.0
Release: %autorelease
Summary: %{pkg_sum}
@ -66,8 +62,8 @@ Source1000: gen_openssl_cnf.py
Patch01000: %{name}-1.24.1-use_Qt_TranslationsPath.patch
# Needed because Fedora's openssl does not support elliptic curves using custom parameters.
# Request to enable them was denied: https://bugzilla.redhat.com/show_bug.cgi?id=2259403
# It is currently not clear if the legacy API works by accident or by design. It does work as of January 2024.
Patch01001: %{name}-2.0.1-use-legacy-openssl-api.patch
# It is currently not clear if the legacy API works by accident or by design. It does work as of March 2025.
Patch01001: 0001-Use-legacy-OpenSSL-API.patch
BuildRequires: cmake
BuildRequires: crypto-policies
@ -162,10 +158,6 @@ used by %{name}.
Summary: User and API documentation for %{name}
BuildArch: noarch
%if %{with doxy}
BuildRequires: doxygen
BuildRequires: graphviz
%endif
BuildRequires: hardlink
BuildRequires: python3-sphinx
BuildRequires: python3-sphinx_rtd_theme
@ -173,11 +165,6 @@ BuildRequires: python3-sphinx_rtd_theme
# Do not raise conflicts about shared license files.
Requires: (%{name} = %{version}-%{release} if %{name})
# The doc-api package is faded, since we can ship the
# Doxygen documentation noarch'ed as well now.
Obsoletes: %{name}-doc-api < 1.20.1-2
Provides: %{name}-doc-api = %{version}-%{release}
%description doc
This package contains the user and API documentation for %{name}.
@ -232,16 +219,10 @@ EOF
%if (0%{?fedora} || 0%{?rhel} > 8)
# Documentation.
%cmake_build --target installation_integration notes sdk
%if %{with doxy}
%cmake_build --target doxy
%endif
%cmake_build --target installation_integration_de installation_integration_en notes sdk
%else
# Documentation.
%ninja_build -C %{_vpath_builddir} installation_integration notes sdk
%if %{with doxy}
%ninja_build -C %{_vpath_builddir} doxy
%endif
%ninja_build -C %{_vpath_builddir} installation_integration_de installation_integration_en notes sdk
%endif
@ -266,13 +247,10 @@ rm -fr %{buildroot}%{_datadir}/%{newname}/translations
%endif
# Excessive docs.
mkdir -p %{buildroot}%{_pkgdocdir}/{installation_integration,notes,sdk}
mkdir -p %{buildroot}%{_pkgdocdir}/{installation_integration_{de,en},notes,sdk}
install -pm 0644 README.rst %{buildroot}%{_pkgdocdir}
%if %{with doxy}
mkdir -p %{buildroot}%{_pkgdocdir}/doxy
cp -a %{_vpath_builddir}/doc/html/* %{buildroot}%{_pkgdocdir}/doxy
%endif
cp -a %{_vpath_builddir}/docs/installation_integration/html/* %{buildroot}%{_pkgdocdir}/installation_integration
cp -a %{_vpath_builddir}/docs/installation_integration_de/html/* %{buildroot}%{_pkgdocdir}/installation_integration_de
cp -a %{_vpath_builddir}/docs/installation_integration_en/html/* %{buildroot}%{_pkgdocdir}/installation_integration_en
cp -a %{_vpath_builddir}/docs/notes/html/* %{buildroot}%{_pkgdocdir}/notes
cp -a %{_vpath_builddir}/docs/sdk/html/* %{buildroot}%{_pkgdocdir}/sdk
find %{buildroot}%{_pkgdocdir} -type d -print0 | xargs -0 chmod -c 0755

6
sources
View file

@ -1,4 +1,4 @@
SHA512 (AusweisApp-2.2.2.tar.gz) = f86dabd4d7347e3986045407e0d2f94174552a676215292954d558d0b3c7df1ab5212b623a809bd36136ad79bd57541969e30783c46ddd01c786581ad01e727f
SHA512 (AusweisApp-2.2.2.tar.gz.asc) = 416cba597bd35a4688c516b6d6812d5750be167b633fc7e367567d7af66dc02c22684c866e2c0e42cdd712052cabe0811321e2937c36793967855275d773993e
SHA512 (AusweisApp-2.2.2.tar.gz.sha256) = 8dbc58f33a90eb05971bff008e3752bba55f5291be4269d970ec1a794c2295aa304ee32aba729ac22c9521edebce2a9c7420741fe35155ce18c6b91e9ec3e08b
SHA512 (AusweisApp-2.4.0.tar.gz) = 6e0d89b30176f7722bebab01322363ee38ff43573167061d4a97d840b669f3e579ad9fb62345b97b75490690fd5e03f25994eaa1a77334171fcdd28d39ec3e4a
SHA512 (AusweisApp-2.4.0.tar.gz.asc) = ac8ffdb68d5847978bf639a8f32462053bddcace5d9c3d6cb16e788bb2dbe98ae3b7cafe089246fa786fa4b3e048b81b608cbe77e948a843b2dcd774796d2a56
SHA512 (AusweisApp-2.4.0.tar.gz.sha256) = 257634437251fc22b3d85386a282ee4ce68d2f0db1112a912a54db9a6741ecb79b4180c490486d9ff8519246e62165b5953ed5739e9de0e180bb46decfeff16a
SHA512 (AusweisApp2-pubring.gpg) = 3aae27b673f4eb2f7d3bda6c839b3d11829a730bde546e92abb889abb1c2453e786dc906154074485406692f5b9abbb3e1fb293e6b397696b6371016723621cd