Date: Thu, 26 Oct 2017 18:33:36 -0700 From: "Simon J. Gerraty" <sjg@juniper.net> To: Eric McCorkle <eric@metricspace.net> Cc: "freebsd-arch@freebsd.org" <freebsd-arch@freebsd.org>, <freebsd-security@freebsd.org>, "freebsd-hackers@freebsd.org" <freebsd-hackers@freebsd.org>, <sjg@juniper.net> Subject: Re: Crypto overhaul Message-ID: <11245.1509068016@kaos.jnpr.net> In-Reply-To: <dc08792a-3215-611c-eb9f-4936a0d621f9@metricspace.net> References: <dc08792a-3215-611c-eb9f-4936a0d621f9@metricspace.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Eric McCorkle <eric@metricspace.net> wrote: > * BearSSL's design seemingly lends itself to acting as a userland, > kernel, and bootloader library. On the other hand, it's new (which > means it will need to be reviewed by crypto experts and thoroughly > tested), and has one developer at this point. BearSSL is indeed very new, and review by crypto experts would be most welcome. It works very nicely though for verifying signatures, X.509 cert chains etc - everything I needed for the loader to do verification of modules. And it is *tiny* I think all the verification stuff added about 80-90K to the size of the loader. The author, has been extremely responsive and helpful, nice to work with. The API is very different to OpenSSL so I would not contemplate trying to use it as a replacement for userland crypto lib anytime soon. But for the loader (and kernel if needed) it could be a very good option. FWIW I did not need to touch kernel, since I have the loader verify the kernel and the mdimg it uses for /, thus init etc are also verified before we pass control to kernel.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?11245.1509068016>