crypto for the average programmer
Ben Laurie
ben at algroup.co.uk
Fri Dec 16 12:41:48 EST 2005
leichter_jerrold at emc.com wrote:
> | > | > My question is, what is the layperson supposed to do, if they must
> use
> | > | > crypto and can't use an off-the-shelf product?
> | > |
> | > | When would that be the case?
> | > |
> | > | The only defensible situations I can think of in which a
> | > | non-crypto-specialist programmer would need to write crypto routines
> | > | would be an uncommon OS or hardware, or a new or rare programming
> | > | language which doesn't have libraries available from SourceForge etc.
> | > | Or maybe implementing an algorithm that's new enough it doesn't have a
> | > | decent free implementation, but I'm not sure such an algorithm should
> | > | be used in production code.
> | > I can tell you a situation that applied in one system I worked on: You
> | > could
> | > go with SSL, which gets you into GPL'ed code, not to mention the known
> |
> | Eh? OpenSSL is BSD, not GPL.
> When I last looked at this, OpenSSL was BSD, but it required some libraries
> (GMP?) that were GPL.
No, OpenSSL is self-contained. There is, IIRC, an engine that uses GMP
if you want, but its entirely optional; OpenSSL has its own bignum
implementation that's just as good.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list