exaexa
commented
11 years ago Hello,
first, please don't package versions lower than 1.2 which was created yesterday (there are binary incompatibilities since it was necessary to add some security margin to symmetric ciphers).
On licencing&legal issues:
- To the best of my knowledge, used algorithms are not restricted by any patenting issues except for RC4 that must not be called RC4 but Arcfour. :)
- There may be anti-crypto laws in some countries, but those restrict all cryptography so it's probably not an issue.
- All code except several hash algorithm implementation was done by me and is licenced under LGPLv3
- src/tiger.[ch], src/sha2.[ch], src/ripemd128.[ch] have different licences, but all are free. Source code redistribution is okay, but for binary redistribution you need to add some notice from the BSD licences to the documentation (see top comments in the files).
There are no other bundled libraries than the sources of hash functions. Note that the software requires libgmp.
Now, is there some "recommended&best" method how I could add the binary redistribution notices so that the autotools' install output is readily binary redistributable? (if there is, preferably send me a git patch :) )
-mk
EDIT: after reading the fedora packaging guidelines about bundled libraries a new question surfaced: Is there some standard library (except for openssl) that would provide ripemd128, tiger192, sha256, sha384 and sha512 hashes?
cicku
Hi,
I'm packaging your project for Fedora.
Review request: https://bugzilla.redhat.com/show_bug.cgi?id=966324
Now I want to know something about license, can you tell me if there are some potential legal risks?
And, are there any bundled libraries?
Thanks.