OpenSSL and EC Libraries: Difference between revisions

From Bitcoin Wiki
Jump to navigation Jump to search
Andytoshi (talk | contribs)
Editors
3 edits
Create page, ask for comments on IRC..
 
934 (talk | contribs)
Editors
882 edits
→‎Fixes / Workarounds: convenience link to stackoverflow.com for "how-to"
 
(2 intermediate revisions by 2 users not shown)
Line 1: Line 1:
== OpenSSL Without Elliptic Curve Support ==
== OpenSSL Without Elliptic Curve Support ==


Some algorithms in OpenSSL library may be restricted by patent law. Due to strong coupling between the elliptic curve support Bitcoin requires and these nominally non-free algorithms, some Linux distributions (most notably Fedora) ship OpenSSL libraries with elliptic curve support disabled. Since Bitcoin depends on elliptic curve cryptography, it cannot be used with such libraries.
Some algorithms in OpenSSL library may be restricted by patent law. Due to strong coupling between the elliptic curve support Bitcoin requires and these nominally non-free algorithms, some Linux distributions (most notably Fedora) ship OpenSSL libraries with elliptic curve support disabled. Since Bitcoin depends on elliptic curve cryptography (although ''not'' on any restricted algorithms), it cannot be used with such libraries.


== Fixes / Workarounds ==
== Fixes / Workarounds ==


Some fixes are


* Compile your own OpenSSL and use this rather than the distribution package manager's library.
One workaround is to compile your own OpenSSL and use this rather than the distribution package manager's library. Some hints how to do this can be found in the answers of [https://stackoverflow.com/questions/22952287/how-to-upgrade-openssl-in-centos-6-5-linux-unix-from-source How to upgrade OpenSSL (stackoverflow.com)].
* Use the RPMs provided by gmaxwell [https://people.xiph.org/~greg/openssl/] rather than the distribution package manager's library. (Warning: as of May 2014, these libraries are still vulnerable to the Heartbleed exploit, which does not seriously affect Bitcoin but may expose other parts of your system.)

Latest revision as of 15:34, 1 August 2015

OpenSSL Without Elliptic Curve Support

Some algorithms in OpenSSL library may be restricted by patent law. Due to strong coupling between the elliptic curve support Bitcoin requires and these nominally non-free algorithms, some Linux distributions (most notably Fedora) ship OpenSSL libraries with elliptic curve support disabled. Since Bitcoin depends on elliptic curve cryptography (although not on any restricted algorithms), it cannot be used with such libraries.

Fixes / Workarounds

One workaround is to compile your own OpenSSL and use this rather than the distribution package manager's library. Some hints how to do this can be found in the answers of How to upgrade OpenSSL (stackoverflow.com).

Retrieved from "https://en.bitcoin.it/w/index.php?title=OpenSSL_and_EC_Libraries&oldid=58117"