1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
|
Return-Path: <laanwj@gmail.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id 979ECDA5
for <bitcoin-dev@lists.linuxfoundation.org>;
Mon, 25 Jan 2016 11:58:33 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-wm0-f47.google.com (mail-wm0-f47.google.com [74.125.82.47])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id E039FCB
for <bitcoin-dev@lists.linuxfoundation.org>;
Mon, 25 Jan 2016 11:58:32 +0000 (UTC)
Received: by mail-wm0-f47.google.com with SMTP id r129so60913432wmr.0
for <bitcoin-dev@lists.linuxfoundation.org>;
Mon, 25 Jan 2016 03:58:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=date:from:to:cc:subject:message-id:references:mime-version
:content-type:content-disposition:content-transfer-encoding
:in-reply-to; bh=nnZensH94WHFi6abE4SJf+jOeXd5/9YzzyuDcbBFuys=;
b=dNIW4AgSYh/79mL2/rxoCu4459YDUgObLIpV4e8fqvtNSM3q0aN6sGCFkJHvEzICHD
06szeuA/OObQcRSc7sGewo0Zhazrog6Fpzy4GhJgiSX+q5AD7jMKAUNRDQZPOXsB7qYe
9qrYOypGYyNSjki0wdL1pB5bhipEI5asjUqe4fkCcuiKoV0B21bqFfvuHesDHYNQF54D
Hg+bUdgd2ebegN0XSwahPKsafHx257qLeRRrkOIL/aOz8037ZpPC2Uq2HhgYRWtJwkg+
APCAk4OQIpzaLGmN8L5StoznbP41KnfUkvMuqxgS5SUowoCtYHR9kjGfy3lSxx5oEu3E
/eHA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20130820;
h=x-gm-message-state:date:from:to:cc:subject:message-id:references
:mime-version:content-type:content-disposition
:content-transfer-encoding:in-reply-to;
bh=nnZensH94WHFi6abE4SJf+jOeXd5/9YzzyuDcbBFuys=;
b=CG+yCvWyyqK0Yo8sYTc9gfdKgzQq9JBHvNQeiZigO9Qt9d9v+fr+Kb1axzfATgfUpA
M1N9KA/mLhW+rpnG4A+1ZWyLAMDVMaYTWajCCQ8xUP7erC2wzfKins/+UPTuXonzne+U
iwIbFyKkqO9iWTTsQsp0BIf8ex3qSVjGjYfgf24KM+OTusrB7hRcl1V6+qdfxcuLE0sg
3NrTZVqzF+gEa4/4CbPq/InEya5vZ4g7CyT+JWJSrly9nBuglxjJuhWkrvAzJ4rrpw3o
DVYTpVccN03d6U+nLZJ6fZ9xSFVxqPdwxVsATYqd5fmjcm9pPOWoMASIBNFkPsQkd85+
R/Sg==
X-Gm-Message-State: AG10YOQ/ptXUwW6XbSXSMLbA4BlZbeItGFfDQw9ctCt97tIceioTvmASqwPeO4SOlQGsGw==
X-Received: by 10.195.18.5 with SMTP id gi5mr17026390wjd.167.1453723111522;
Mon, 25 Jan 2016 03:58:31 -0800 (PST)
Received: from amethyst.visucore.com (dhcp-089-098-228-253.chello.nl.
[89.98.228.253]) by smtp.gmail.com with ESMTPSA id
cs4sm18920900wjc.10.2016.01.25.03.58.30
(version=TLS1_2 cipher=AES128-SHA bits=128/128);
Mon, 25 Jan 2016 03:58:30 -0800 (PST)
Date: Mon, 25 Jan 2016 12:58:29 +0100
From: "Wladimir J. van der Laan" <laanwj@gmail.com>
To: Jonas Schnelli <dev@jonasschnelli.ch>
Message-ID: <20160125115829.GA17769@amethyst.visucore.com>
References: <CADToNK--p5FBxCKXGbab4sa_uOkWL=GxcNKA8f6Dgcz+NE0BMg@mail.gmail.com>
<56A08C00.8020403@jonasschnelli.ch>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <56A08C00.8020403@jonasschnelli.ch>
X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM,
RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
Cc: bitcoin-dev@lists.linuxfoundation.org
Subject: Re: [bitcoin-dev] What is OpenSSL still used for?
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Development Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Jan 2016 11:58:33 -0000
> > In the release notes for 0.12, it says that we have moved from
> > using OpenSSL to libsecp256k1 for signature validation. So what
> > else is it being used for that we need to keep it as a dependency?
>
> Openssl was dropped from the consensus layer (ECC) in 0.12, though, it
> still used for...
>
> 1) ... getting random numbers (randomize the ECC signing context)
> 2) [wallet only] ... AES256 encryption of private keys
> 3) [GUI only] ... SSL/X.509 for BIP70 (payment protocol)
>
> Openssl dependency for 1) and 2) could be removed. There are some –
> outdated – relevant PRs:
>
> Entropy: https://github.com/bitcoin/bitcoin/pull/5885
> AES: https://github.com/bitcoin/bitcoin/pull/5949
>
> I guess for point 3) [BIP70] it makes sense to keep openssl.
Exactly - the plan is that OpenSSL will, in due time, be a dependency only if the
GUI is enabled. Most of the work for that is already done but it has to be made
up to date and carefully tested and integrated.
Wladimir
|