badbytes at freehaven.net
Tue Jul 23 11:46:36 UTC 2002
There's been some mention of us needing to switch to another crypto lib in
order to be able to release the coide under GPL. Before I start messing
with the code, could I have some feedback on the following libs if you've
First of all, do we actually need to switch libs? As far as I can tell,
the openssl website says that it's perfectly OK to release the code under
GPL if it uses openssl. The only problem they mention is taking someone
else's GPL code and adding openssl stuff to it. The argument is that
openssl is not included as standard in all operating systems which some
authors say violates the GPL.
But since it's our code (we haven't nicked it from anyone else!), we can
allow ourselves to use openssl. Or did I not read through that correctly?
Roger suggested looking at the following -
gnutls - this is a TLS implementation in beta stage, which uses libgcrypt
(see below) for the crypto primitives. So it's pretty useless in itself
(to us I mean).
libgcrypt - this is the GnuPG crypto library, underl the GPL. Looks like
it contains all we need, am compiling it now.
NSS - mozilla SSL implementation, seems as if it's got all we need but I
am not sure whether it supports DES in OFB mode (or are we switching to
block as we discussed, Roger?)
Any other suggestions would be great. Thanks!
GPG Public Keys @ http://matejpfajfar.co.uk/keys
More information about the tor-dev