[bitcoin-dev] What is OpenSSL still used for?

Wladimir J. van der Laan laanwj at gmail.com
Mon Jan 25 11:58:29 UTC 2016


> > In the release notes for 0.12, it says that we have moved from
> > using OpenSSL to libsecp256k1 for signature validation. So what
> > else is it being used for that we need to keep it as a dependency?
> 
> Openssl was dropped from the consensus layer (ECC) in 0.12, though, it
> still used for...
> 
> 1) ... getting random numbers (randomize the ECC signing context)
> 2) [wallet only] ... AES256 encryption of private keys
> 3) [GUI only] ... SSL/X.509 for BIP70 (payment protocol)
> 
> Openssl dependency for 1) and 2) could be removed. There are some –
> outdated – relevant PRs:
> 
> Entropy: https://github.com/bitcoin/bitcoin/pull/5885
> AES: https://github.com/bitcoin/bitcoin/pull/5949
> 
> I guess for point 3) [BIP70] it makes sense to keep openssl.

Exactly - the plan is that OpenSSL will, in due time, be a dependency only if the
GUI is enabled. Most of the work for that is already done but it has to be made
up to date and carefully tested and integrated.

Wladimir


More information about the bitcoin-dev mailing list