public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: "Wladimir J. van der Laan" <laanwj@gmail.com>
To: Jonas Schnelli <dev@jonasschnelli.ch>
Cc: bitcoin-dev@lists.linuxfoundation.org
Subject: Re: [bitcoin-dev] What is OpenSSL still used for?
Date: Mon, 25 Jan 2016 12:58:29 +0100	[thread overview]
Message-ID: <20160125115829.GA17769@amethyst.visucore.com> (raw)
In-Reply-To: <56A08C00.8020403@jonasschnelli.ch>

> > In the release notes for 0.12, it says that we have moved from
> > using OpenSSL to libsecp256k1 for signature validation. So what
> > else is it being used for that we need to keep it as a dependency?
> 
> Openssl was dropped from the consensus layer (ECC) in 0.12, though, it
> still used for...
> 
> 1) ... getting random numbers (randomize the ECC signing context)
> 2) [wallet only] ... AES256 encryption of private keys
> 3) [GUI only] ... SSL/X.509 for BIP70 (payment protocol)
> 
> Openssl dependency for 1) and 2) could be removed. There are some –
> outdated – relevant PRs:
> 
> Entropy: https://github.com/bitcoin/bitcoin/pull/5885
> AES: https://github.com/bitcoin/bitcoin/pull/5949
> 
> I guess for point 3) [BIP70] it makes sense to keep openssl.

Exactly - the plan is that OpenSSL will, in due time, be a dependency only if the
GUI is enabled. Most of the work for that is already done but it has to be made
up to date and carefully tested and integrated.

Wladimir


      reply	other threads:[~2016-01-25 11:58 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-01-19  1:39 [bitcoin-dev] What is OpenSSL still used for? Andrew C
2016-01-19  3:58 ` Ethan Heilman
2016-01-21  2:57   ` Douglas Roark
2016-01-21  7:42 ` Jonas Schnelli
2016-01-25 11:58   ` Wladimir J. van der Laan [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20160125115829.GA17769@amethyst.visucore.com \
    --to=laanwj@gmail.com \
    --cc=bitcoin-dev@lists.linuxfoundation.org \
    --cc=dev@jonasschnelli.ch \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox