> On May 8, 2018, at 2:16 AM, Peter Stuge <peter_at_stuge.se> wrote:
>> It’s currently at review stage, it is fully functional. Key
>> reading is backend agnostic. However, it is only implemented in
>> OpenSSL. ED25519 is also only in OpenSSL. It is just a matter of
>> if we wait for OpenSSL 1.1.1 to ship and use ED25519 support from
>> there, or use the curve implementation from BoringSSL which is part
>> of the PR.
>
> I'm certainly in favor of backend-agnostic code.
>
> But do I remember correctly that BoringSSL is derived from OpenSSL?
>
> In that case I think it would be nicer to reuse the ed25519 code in
> OpenSSH instead, to not force the compliance requirements set out by
> the OpenSSL license onto libssh2 users with a different backend.
The issue was when I wrote the ED25519 support, OpenSSL had not yet implemented ED25519 while BoringSSL has had it for years. The implementation easily integrated with the OpenSSL backend so it was the way to go for my needs. All that said, OpenSSL 1.1.1 will finally be adding the curve. I’m in the process of updating my PR to use 1.1.1 and remove the reliance on the Boring curve files. Should be ready for review today at some point.
Will
_______________________________________________
libssh2-devel https://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2018-05-08