Wireshark-dev: Re: [Wireshark-dev] Remove our bundled crypto library (in favor of Libgcrypt)?
From: Gerald Combs <[email protected]>
Date: Mon, 6 Feb 2017 11:46:23 -0800
On 2/5/17 8:15 AM, João Valverde wrote:
> On 02/05/2017 03:21 PM, Peter Wu wrote:
>> Hey,
>> Recently I discovered that wsutil actually contains a lot of
>> cryptographic functionalities (AES, SHA-1, DES, etc.). This duplicates
>> Libgcrypt functionality.
>> At the moment Libgcrypt is optional and used to provide decryption
>> functionality for SSL/TLS/DTLS, IPsec DVBCI, 802.15.4, SNMP, Zigbee and
>> more.  What do you think about nuking the bundled crypto routines in
>> wsutil and use Libgcrypt instead?
>> The easiest option would be making Libgcrypt mandatory, otherwise we
>> would have to add ifdef's everywhere (or create a compatibility layer
>> that disables crypto when Libgcrypt is unavailable).
> +1 mandatory dependency.

No objections here, although this might require packaging changes on
Windows. Libgcrypt is currently provided by the GnuTLS package on that
platform, but it looks like they switched to Nettle in more recent versions.