Project

General

Profile

Actions

Task #2949

closed

Adding libcrypto-based crypto support

Added by Yingdi Yu over 9 years ago. Updated over 8 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Security
Target version:
Start date:
07/02/2015
Due date:
% Done:

100%

Estimated time:
(Total: 0.00 h)

Description

CryptoPP is the crypto library used by ndn-cxx.
However, the support of CryptoPP is not very good (The code has not been updated for a long time). And it created several building issues in the past.

OpenSSL, though not perfect, keeps getting vulnerabilities fixed due to its larger user base. And we promised to people several years ago that we will eventually switch to OpenSSL when we have better understanding about crypto.

This implies that we need to provide crypto operation based on libcrypto, which is part of OpenSSL.


Subtasks 3 (0 open3 closed)

Feature #3007: OpenSSL dependencyClosedYingdi Yu07/02/2015

Actions
Feature #3009: Crypto transformation concatenationClosedYingdi Yu07/02/2015

Actions
Task #3010: Create key using OpenSSLClosedYingdi Yu07/02/2015

Actions

Related issues 1 (0 open1 closed)

Blocks ndn-cxx - Task #2948: Define new abstraction of TpmClosedYingdi Yu06/24/2015

Actions
Actions #1

Updated by Junxiao Shi over 9 years ago

Usage of CryptoPP is mainly in TPM, so this issue will conflict with #2948.
What would be the ordering to resolve the conflict?

Actions #2

Updated by Yingdi Yu over 9 years ago

  • Blocks Task #2948: Define new abstraction of Tpm added
Actions #3

Updated by Yingdi Yu over 9 years ago

The new TPM file will use openssl.

Actions #4

Updated by Davide Pesavento over 9 years ago

When you say "openssl", what do you mean exactly? Are you going to use libssl or libcrypto or both?

Actions #5

Updated by Yingdi Yu over 9 years ago

Davide Pesavento wrote:

When you say "openssl", what do you mean exactly? Are you going to use libssl or libcrypto or both?

libcrypto in most cases, I need to check which one supports PKCS, if it is also libcrypto, then we do not need libssl.

Actions #6

Updated by Yingdi Yu about 9 years ago

  • Subject changed from Replace CryptoPP with OpenSSL to Adding libcrypto-based crypto support
  • Description updated (diff)
  • Status changed from New to Closed

All subtasks are done, we can close this issue.

Actions #7

Updated by Davide Pesavento over 8 years ago

libcrypto is thread-unsafe by default, in all versions before 1.1.0. Are we doing anything about it? Do we care about thread safety in ndn-cxx?

Actions

Also available in: Atom PDF