Overview
Examples
Screenshots
Comparisons
Applications
Download
Documentation
Tutorials
Bazaar
Status & Roadmap
FAQ
Authors & License
Forums
Funding Ultimate++
Search on this site
Search in forums












SourceForge.net Logo
Home » U++ Library support » U++ MT-multithreading and servers » OpenSSL encryption and hashing functions in U++
OpenSSL encryption and hashing functions in U++ [message #26522] Fri, 07 May 2010 22:01 Go to next message
koldo is currently offline  koldo
Messages: 3354
Registered: August 2008
Senior Veteran
Hello Tomáš

Mindtraveller and me wanted to propose you to include OpenSSL encryption and hashing functions in U++.

Perhaps the adequate place would be package Web/SSL.

Functions to include there are now in AESStream bazaar package. They support for now:

- AES: AES-128/192/256 stream encryption
- SHA-2: SHA-224/256/384/512 string hashing

What do you think?


Best regards
Iñaki
Re: OpenSSL encryption and hashing functions in U++ [message #26554 is a reply to message #26522] Tue, 11 May 2010 09:10 Go to previous messageGo to next message
koldo is currently offline  koldo
Messages: 3354
Registered: August 2008
Senior Veteran
Hello Tomáš

Here I explain you some advantages of functions proposed:

- AESStream: It is an easy way to do strong encryption of Strings or files.

- SHA-2: Actually U++ includes SHA-1 support. However, from Wikipedia:
SHA-1 is being retired for most government uses; the U.S. National Institute of Standards and Technology says, 
"Federal agencies should  stop using SHA-1 for...applications that require collision resistance as soon as practical, 
and must use the SHA-2 family of hash functions for these applications after 2010"

Thanks to OpenSSL the SHA-2 implementation is very thin and simple.


Best regards
Iñaki
Re: OpenSSL encryption and hashing functions in U++ [message #26564 is a reply to message #26554] Tue, 11 May 2010 18:28 Go to previous messageGo to next message
Mindtraveller is currently offline  Mindtraveller
Messages: 917
Registered: August 2007
Location: Russia, Moscow rgn.
Experienced Contributor

koldo, AFAIR you suggested to switch to some other library with less restrictive license.
I'd like to ask Mirek what he thinks about adding new classes to Web/SSL and receiving our efforts on switching from OpenSSL.
Re: OpenSSL encryption and hashing functions in U++ [message #26569 is a reply to message #26564] Wed, 12 May 2010 07:48 Go to previous messageGo to next message
koldo is currently offline  koldo
Messages: 3354
Registered: August 2008
Senior Veteran
Mindtraveller wrote on Tue, 11 May 2010 18:28

koldo, AFAIR you suggested to switch to some other library with less restrictive license.
I'd like to ask Mirek what he thinks about adding new classes to Web/SSL and receiving our efforts on switching from OpenSSL.

Hello Mindtraveller

The reason of asking Tomáš is because he is the author and maintainer of package Web/SSL, so he has to decide Smile.

About using other library instead of OpenSSL, well, that is a second and secondary question. Why?: It exists a library called OpenTLS that wants to cover all OpenSSL features with a less restrictive license. However:

- OpenTLS seems to be in a preliminary state and it should have to be studied if it covers all options required by Web/SSL
- OpenSSL license is not bad as it permits commercial and non-commercial use. However it is not completely compatible with GPL (http://en.wikipedia.org/wiki/OpenSSL)


Best regards
Iñaki
Re: OpenSSL encryption and hashing functions in U++ [message #26570 is a reply to message #26569] Wed, 12 May 2010 07:53 Go to previous message
Mindtraveller is currently offline  Mindtraveller
Messages: 917
Registered: August 2007
Location: Russia, Moscow rgn.
Experienced Contributor

If OpenSSL permits commercial use, I see no real need to change it with other library.
Previous Topic: Small mistake in text
Next Topic: CoWork tidy up
Goto Forum:
  


Current Time: Thu Mar 28 10:07:05 CET 2024

Total time taken to generate the page: 0.01688 seconds