Task #2949
closed
Adding libcrypto-based crypto support
Description
CryptoPP is the crypto library used by ndn-cxx.
However, the support of CryptoPP is not very good (The code has not been updated for a long time). And it created several building issues in the past.
OpenSSL, though not perfect, keeps getting vulnerabilities fixed due to its larger user base. And we promised to people several years ago that we will eventually switch to OpenSSL when we have better understanding about crypto.
This implies that we need to provide crypto operation based on libcrypto, which is part of OpenSSL.
Updated by Junxiao Shi almost 9 years ago
Usage of CryptoPP is mainly in TPM, so this issue will conflict with #2948.
What would be the ordering to resolve the conflict?
Updated by Yingdi Yu almost 9 years ago
- Blocks Task #2948: Define new abstraction of Tpm added
Updated by Davide Pesavento almost 9 years ago
When you say "openssl", what do you mean exactly? Are you going to use libssl or libcrypto or both?
Updated by Yingdi Yu almost 9 years ago
Davide Pesavento wrote:
When you say "openssl", what do you mean exactly? Are you going to use
libsslorlibcryptoor both?
libcrypto in most cases, I need to check which one supports PKCS, if it is also libcrypto, then we do not need libssl.
Updated by Yingdi Yu over 8 years ago
- Subject changed from Replace CryptoPP with OpenSSL to Adding libcrypto-based crypto support
- Description updated (diff)
- Status changed from New to Closed
All subtasks are done, we can close this issue.
Updated by Davide Pesavento over 7 years ago
libcrypto is thread-unsafe by default, in all versions before 1.1.0. Are we doing anything about it? Do we care about thread safety in ndn-cxx?