Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 95555D28 for ; Thu, 21 Jan 2016 07:51:39 +0000 (UTC) X-Greylist: delayed 00:08:41 by SQLgrey-1.7.6 Received: from server3 (server3.include7.ch [144.76.194.38]) by smtp1.linuxfoundation.org (Postfix) with ESMTP id DCF2CA8 for ; Thu, 21 Jan 2016 07:51:38 +0000 (UTC) Received: by server3 (Postfix, from userid 115) id C06FC2E60537; Thu, 21 Jan 2016 08:42:55 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, FSL_HELO_NON_FQDN_1 autolearn=ham version=3.3.1 Received: from Jonass-MacBook-Pro.local (cable-static-140-182.teleport.ch [87.102.140.182]) by server3 (Postfix) with ESMTPSA id 2FFCA2D00751; Thu, 21 Jan 2016 08:42:55 +0100 (CET) To: bitcoin-dev@lists.linuxfoundation.org, achow101@gmail.com References: From: Jonas Schnelli X-Enigmail-Draft-Status: N1110 Message-ID: <56A08C00.8020403@jonasschnelli.ch> Date: Thu, 21 Jan 2016 08:42:56 +0100 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:38.0) Gecko/20100101 Thunderbird/38.4.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 8bit Subject: Re: [bitcoin-dev] What is OpenSSL still used for? X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Development Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Jan 2016 07:51:39 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi Andrew > In the release notes for 0.12, it says that we have moved from > using OpenSSL to libsecp256k1 for signature validation. So what > else is it being used for that we need to keep it as a dependency? Openssl was dropped from the consensus layer (ECC) in 0.12, though, it still used for... 1) ... getting random numbers (randomize the ECC signing context) 2) [wallet only] ... AES256 encryption of private keys 3) [GUI only] ... SSL/X.509 for BIP70 (payment protocol) Openssl dependency for 1) and 2) could be removed. There are some – outdated – relevant PRs: Entropy: https://github.com/bitcoin/bitcoin/pull/5885 AES: https://github.com/bitcoin/bitcoin/pull/5949 I guess for point 3) [BIP70] it makes sense to keep openssl. /jonas -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJWoIwAAAoJECnUvLZBb1PsWSMP/2VyURcUUmnFodX1UUkkTQSu KmEMqRe3Ak1v4B5S+7raodYE+7ePONedHrciUgNfj0GBDu7/5Wl3LD0GnFb0//Nl JEHPzNQB8xhRjhXux17rq+Kf60qjc+uybJQDDs9KfQQYS+hFTUKXX61s7wwY/QAy 6Vi5FxZRThzFUFWFZvG9KbRLWEbBVONnXLaA4pB0o7UnU2wAHkmPP5wyeCJLy3cW uggeLYh3X6GBF/+IQ0ndO4yFJ09ROXBS7N1VisJy2Z4zTJr0y6rAVVG9XcPtlkMc SvMULeiB34odvlZMRMFdCYLHCuff30jN2+aEJST/d+lr4IB2ai8veXwt69yya4p2 4UUL5ueOzKWfgcxVT/qDDcVkZJFqrhdHmMaEggelRakQCSdLly+4X7Mdo/Dx/RC2 PYUDQVGGFephTpzBTQ3fpRGtZu2JX45T2RKyF2qcVlzXrRW7SjqzwGWWuutwbbrS V9cSMMVS7NU90mgCE4e3G2oqi40H8dOzg+opf5ynChEccgJwUlxrfjj4kJbQZRH1 X00tGeVs93MxQes+vacYq7VYX4pzM1kiU3EMNStyAvCzd8FbGxmiv3C1VKhRj3xK Oo98Yg18OBL2jQCWHza3nOU5jN8AnjlkXNvrqsaGedjVNirlnR6a+qmklNIiY1lE kBxMbfAhTLPY3ukqtaSh =4GfM -----END PGP SIGNATURE-----