cURL / Mailing Lists / curl-library / Single Mail


Re: upcoming fun

From: Adam D. Moss <>
Date: Mon, 11 Apr 2005 10:13:26 +0100

Daniel Stenberg wrote:
> We either need code in libcurl that does DES and MD4, or we use a lib
> that provides them.
> 1. OpenSSL provides them, so when we built with that there's no problem.
> 2. GnuTLS uses libgcrypt for encryption, and that too offers DES and MD4
> functions. We just haven't adjusted the libcurl NTLM code to use the
> libgcrypt functions.

If (for some reason) libcurl wishes to move in a non-OpenSSL direction,
it seems to me that is a better fit than
libmhash, libmcrypt, libgcrypt or GNU TLS from a license point of view,
and is wonderfully modular and flexible (resulting in a superb
footprint). I think it covers all of libcurl's hashing and encryption
requirements in one library.

As I say, though, that's mainly just for the non-OpenSSL case, since
libTomCrypt is a relatively low-level bundle of auth / hash /
encryption / certificate modules and doesn't really know about
anything as high-level as SSL, though it has been used as the basis
of at least one (commercial) SSL implementation and at least one SSH
client/server implementation, so for anyone interested in having
HTTPS happen without the incredibly large OpenSSL footprint,
libTomCrypt is probably a mostly-complete set of building blocks.
I've only lightly dabbled in libTomCrypt myself so far.

Received on 2005-04-11