Move away from openssl #274
Comments
|
Yes, OpenSSL is known for compatibility issues, even on the platforms on which it's supposed to be supported. If someone wants to have a go at it, please shout in the next couple of days. |
mihai-dinculescu
changed the title
|
Hi Mihai, I made local changes to tapo to remove openssl and replace it with sha1 and sha2 and I commented the rsa stuff out as it was to complicated for the moment. Also Claude and ChatGpt were not really giving consistent solutions. But the dummy tapo was finally building with tauri and I could install the android native app with tapo. Of course the requests were not working because of the commented out stuff. I am a Rust Newbee. I have some experience with Golang and Python and I found a lot of crypto crates and I am not sure which to go for ... Also the question is how trustworthy they are. I figured that openssl is a pretty solid battle proofed solution. Not sure what the security requirements for your project are ... But I will try again today evening to see if I can get the rsa stuff also working ... |
|
I've started having a quick look, and there seem to be three areas that openssl covers and could be replaced with lower-level crates.
|
|
Working :-) I tried yesterdayh ChatGpt4 and Claude3.5 until my free tokens were over. I did not really succeed but got some inspirations. The problem with the AI is that there are many crate versions of rsa and cipher and cbc and the guys are changing the API frequently. The AI gets confused und mixes different versions. So it becomes worse after some time. I started today fresh and limited the changes and used an older crate version for rsa which is 0.7 instead of 0.9 and with some manual fixing now it works for me. You can see it in the picture :-)
I am a big fan of your tapo library ... Only in case I did not mention this before. I guess the refactoring would need a look from an expierienced guy and the upgrade to rsa 0.9 I would also think is necessary. But I am putting the stuff I have as a pull request so you can see where this is going and you can fine tune it. Or give me some comments and I try to fine tune it. I am also not sure if you have some test cases which I can run and validate the changes ... |
|
I now also upgraded to crate version 0.9.6 for rsa so this should be fixed. |
|
This is great! #275. |
|
Yes. That is the scary part :-) I only understand half of it. Cryptography sucks and Cryptography with Rust sucks even more :-) But take your time. I can live with the fork for now :-) In case I find problems I let you know ... |
|
Ok, I think I've got it. #281 Your PR has been a great source of inspiration, and I've ended up writing the same thing, which is just a tad more optimised (e.g., the padding is done through the library rather than manually). Mind giving it a try? |
|
I will today night. Let you know as Sohn as I have results
Mihai Dinculescu ***@***.***> schrieb am Fr., 18. Okt. 2024,
17:02:
… Ok, I think I've got it. #281
<#281>
Your PR has been a great source of inspiration, and I've ended up writing
the same thing, which is just a tad more optimised (e.g., the padding is
done through the library rather than manually).
Mind giving it a try?
—
Reply to this email directly, view it on GitHub
<#274 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ACZPKPEE5S3DOFIH66XQCF3Z4EPIHAVCNFSM6AAAAABPTD3RUCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDIMRSGY4DAMJQGM>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
Replace openssl with rust native libraries Addresses #274.
I am using tauri to create a mobile android app using tapo as a depenendy.
Tapo has a depenency on openssl which gives me cross compile problems.
Is this a known issue?
Did you consider switching to rustls to avoid native openssl issues during compilation?
The text was updated successfully, but these errors were encountered: