[LEDE-DEV] Uniform cryptography library

Michael Richardson mcr at sandelman.ca
Mon Dec 11 11:55:24 PST 2017


Matthias-Christian Ott <ott at mirix.org> wrote:
    > We could unify all packages to use a single cryptography library, for
    > example LibreSSL or mbed TLS. We could save some space, effort for

For some narrow things they are slightly interchangeable, but for many things
you want one of these to avoid the bloat of openssl.  The corollory of that
is if you want to unify, you wind up with the most bloated library, which is
openssl.

I don't think that mbedtls has an openssl compatible API, so the application
has to support it directly (at least, my use of it has not used such a thing)

    > I had a look at this for dropbear because I would like to add Ed25519
    > support to it. It didn't seem to require a lot of effort.

    > Do you think it would be worth the effort to unify the cryptography
    > libraries in LEDE?

It would certainly be cool.

--
]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        | network architect  [
]     mcr at sandelman.ca  http://www.sandelman.ca/        |   ruby on rails    [

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 487 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/lede-dev/attachments/20171211/7cc743c5/attachment.sig>


More information about the Lede-dev mailing list