FeaturesDownloadsSupportNewsAbout
| home |
| features |
| downloads |
| support |
| news |
| about |
| sitemap |
| PreviewQt |
Since v5.0 PhotoQt supports extensions, both QML-only and QML+CPP extensions. There is a set of official extensions that adds some very useful features and capabilities to PhotoQt.
[checksums] | How to build Extensions from source >>
Note that it is highly recommended to install the extensions from your distribution's repositories or via any official installer, as it includes proper extensions verification. When building and installing the extensions manually, you might have to manually grant them the "trusted" status from within the settings manager before you can enable them.
For these operating systems and types of packages the extensions are automatically included as part of the normal package: Windows, AppImage, FlatPak, Snap.
If you are a maintainer of the PhotoQt package for a distribution, it is very easy to create a package for the extensions that passes the verification in PhotoQt. It is possible to sign the verification with a custom private RSA key and add the public key corresponding to that private key to PhotoQt during configuration using -DEXTENSIONS_CUSTOM_PUBLIC_KEY=<public_key>.
To help with signing the extensions, a Python script is provided that simplifies that process. It is called generate_verification.py and is located in the scripts/ subfolder. It accepts the following command line arguments:
--private-key [filename]
--ext-dir [directory]
--skip-librariesThe first one specifies the custom private key (required to be specified), and the second one is the location of the extensions directory (parent directory by default). The corresponding public key then needs to be specified when configuring PhotoQt (-DEXTENSIONS_CUSTOM_PUBLIC_KEY=<public_key>) which will add that key in addition to the project's public key. The last flag instructs the Python script to not include any library file object in the verification process.
If it is not possible to sign the extensions after they have been built, it is also possible to exclude the shared libraries from the verification process in PhotoQt altogether. This is not recommended though, as there then would be no security guarantees possible for such a shared library. Nonetheless, to achieve this, configure PhotoQt with the -DWITH_EXTENSIONS_LIBRARY_VERIFICATION=OFF flag.
The public/private key pair needs to be generated with the RSA algorithm (SHA256). You can generate such a key pair using openssl by executing the following two commands:
$ openssl genrsa -out private.key 4096
$ openssl rsa -in private.key -pubout -out public.keyNote that it is always possible to manually trust an extensions that failed the verification check by granting it the "trusted" status in the settings manager.
Possibly relevant FAQs: