Wireshark-dev: Re: [Wireshark-dev] Remove our bundled crypto library (in favor of Libgcrypt)?
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: Peter Wu <peter@xxxxxxxxxxxxx>
Date: Thu, 9 Feb 2017 15:37:17 +0100
On Tue, Feb 07, 2017 at 07:51:38AM +0100, Pascal Quantin wrote:
> Le 6 févr. 2017 22:00, "Peter Wu" <peter@xxxxxxxxxxxxx> a écrit :
> > On Mon, Feb 06, 2017 at 11:46:23AM -0800, Gerald Combs wrote:
[..]
> > > No objections here, although this might require packaging changes on
> > > Windows. Libgcrypt is currently provided by the GnuTLS package on that
> > > platform, but it looks like they switched to Nettle in more recent
> > > versions.
> > 
> > It seems that Libgcrypt support for GnuTLS was killed in November 2011
> > (GnuTLS 3.0.8). So the current GnuTLS 3.2.15 build for Windows does not
> > even need it. GnuTLS is only used for supporting parsing private RSA key
> > files (in various formats) in the SSL dissector.
> > 
> > (If a new Libgcrypt package is built, the 1.7 series should be used for
> > ChaCha20-Poly1305 support (TLS 1.3).)
> 
> 
> I can probably have a look at this when I'm back from vacation. OpenSuse
> still provides a 1.6.x version but we are already running our own libgcrypt
> build to workaround an issue with AES-NI.

Thanks Pascal, having Libgcrypt 1.7 for Windows (separate from GnUTLS)
would be great.

I pushed the initial version of the patch at
https://code.wireshark.org/review/20030

One of the macOS buildbots is also missing Libgcrypt, that also needs
to be fixed before merging the final patch.
-- 
Kind regards,
Peter Wu
https://lekensteyn.nl