Replace OpenSSL by WolfSSL

[al-sabr]

Greetings again!

Since OpenSSL is an old library and not as performant as WolfSSL I thought to suggest to add an Adapter for it which will reduce the size and increase the performances of this library. I hope that this is a good idea that might inspire you.

Best regards

[zenomt]

Hi @al-sabr . Thank you for your suggestion.

I am not personally familiar with WolfSSL. I see that it uses the GPLv2 (not LGPL). I would need to study more to see whether providing an Adapter that links with GPLv2 code in this repo would require that Adapter (and possibly this entire Work) to also be covered by the GPL and its requirements. Regardless, any program incorporating both this library and WolfSSL would necessarily be covered by the GPL.

This investigation (and risk) aren't in my nights-and-weekends-hobby time/effort budget. However, I would encourage you to consider writing such an Adapter, using FlashCryptoAdapter_OpenSSL.cpp as a guide, and making it available in a different repository, with the appropriate licensing terms. I would be happy to provide a link to it in the README.

[zenomt]

Since the cryptographic primitives needed for FlashCrypto are just AES128, SHA256 (and HMAC-SHA256), strong pseudorandom numbers, and large integer math (or direct MODP Diffie-Hellman functions), it might be more worthwhile to create FlashCryptoAdapter subclasses using the cryptography libraries and facilities provided by common platforms/OSes, like iOS, Android, MacOS, Linux, and maybe even Windows.

[zenomt]

One more note on WolfSSL: It appears that WolfSSL includes (or can be built with) an OpenSSL compatibility layer. You can probably use the OpenSSL compatibility layer with FlashCryptoAdapter_OpenSSL by setting Make variable OPENSSL_INCLUDEDIR to something like

-I/path/to/WolfSSL/include/wolfssl -I/path/to/WolfSSL/include -DBN_secure_new=BN_new -DBN_CTX_secure_new=BN_CTX_new

(untested, I don't have or want to download WolfSSL).