Integration of proprietary crypto libraries/standards/algorithms.

[BenJoice]

Is it possible to integrate your own libraries or cryptography into an openvpn outsource solution? How it is possible to implement it. For example, I ask you to consider the following projects that I would like to implement with openvpn: https://github.com/agievich/bee2 https://github.com/bcrypto/btls

[schwabe]

Theoretically, additional cryptography libraries can be supported by OpenVPN. We already support OpenSSL and mbed TLS. However, this need to bring a clear advantage to the project. Adding a crypto library that only works for Belarussian ciphers is very low on that list. So no core team member of OpenVPN will invest any time into looking into those libraries. However, OpenSSL provides the engine and/or provider support that should integrating other algorithms into OpenSSL and therefore also into OpenVPN.

I would recommend going that way for that.

Please also note, that OpenVPN Inc has a quite strong position on the Ukraine conflict https://openvpn.net/blog/openvpn-ceo-stands-with-ukraine/

[cron2]

Hi,

On Sun, Mar 19, 2023 at 11:42:05AM -0700, Arthur Sakolchik wrote:

https://github.com/bcrypto/btls

Since this references a "patch for OpenSSL", this is the way to go - no modifications to OpenVPN needed.

(Having your own cipher library in OpenVPN is possible, but is fairly complex work, not just "quickly done in a rainy afternoon")

gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress

Gert Doering - Munich, Germany @.***