[bitcoin-dev] What is OpenSSL still used for?

Jonas Schnelli dev at jonasschnelli.ch
Thu Jan 21 07:42:56 UTC 2016


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi Andrew

> In the release notes for 0.12, it says that we have moved from
> using OpenSSL to libsecp256k1 for signature validation. So what
> else is it being used for that we need to keep it as a dependency?

Openssl was dropped from the consensus layer (ECC) in 0.12, though, it
still used for...

1) ... getting random numbers (randomize the ECC signing context)
2) [wallet only] ... AES256 encryption of private keys
3) [GUI only] ... SSL/X.509 for BIP70 (payment protocol)

Openssl dependency for 1) and 2) could be removed. There are some –
outdated – relevant PRs:

Entropy: https://github.com/bitcoin/bitcoin/pull/5885
AES: https://github.com/bitcoin/bitcoin/pull/5949

I guess for point 3) [BIP70] it makes sense to keep openssl.

/jonas
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJWoIwAAAoJECnUvLZBb1PsWSMP/2VyURcUUmnFodX1UUkkTQSu
KmEMqRe3Ak1v4B5S+7raodYE+7ePONedHrciUgNfj0GBDu7/5Wl3LD0GnFb0//Nl
JEHPzNQB8xhRjhXux17rq+Kf60qjc+uybJQDDs9KfQQYS+hFTUKXX61s7wwY/QAy
6Vi5FxZRThzFUFWFZvG9KbRLWEbBVONnXLaA4pB0o7UnU2wAHkmPP5wyeCJLy3cW
uggeLYh3X6GBF/+IQ0ndO4yFJ09ROXBS7N1VisJy2Z4zTJr0y6rAVVG9XcPtlkMc
SvMULeiB34odvlZMRMFdCYLHCuff30jN2+aEJST/d+lr4IB2ai8veXwt69yya4p2
4UUL5ueOzKWfgcxVT/qDDcVkZJFqrhdHmMaEggelRakQCSdLly+4X7Mdo/Dx/RC2
PYUDQVGGFephTpzBTQ3fpRGtZu2JX45T2RKyF2qcVlzXrRW7SjqzwGWWuutwbbrS
V9cSMMVS7NU90mgCE4e3G2oqi40H8dOzg+opf5ynChEccgJwUlxrfjj4kJbQZRH1
X00tGeVs93MxQes+vacYq7VYX4pzM1kiU3EMNStyAvCzd8FbGxmiv3C1VKhRj3xK
Oo98Yg18OBL2jQCWHza3nOU5jN8AnjlkXNvrqsaGedjVNirlnR6a+qmklNIiY1lE
kBxMbfAhTLPY3ukqtaSh
=4GfM
-----END PGP SIGNATURE-----


More information about the bitcoin-dev mailing list