Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Drop Windows support for now #63

Closed
brodycj opened this issue Dec 28, 2017 · 2 comments
Closed

Drop Windows support for now #63

brodycj opened this issue Dec 28, 2017 · 2 comments

Comments

@brodycj
Copy link
Collaborator

brodycj commented Dec 28, 2017

The existing Windows platform version uses libTomCrypt which is nice but I was told it has inferior entropy. The ultimate solution is to replace libTomCrypt with OpenSSL crypto and an effort was made in 2016 as discussed in #30. Until I have a chance to revisit OpenSSL crypto for Windows I would like to drop the Windows support.

P.S. I would like to drop Windows support before integrating SQLCipher 3.4.2 / 3.5.8 ref: #62

brodycj pushed a commit to cbforks/cordova-sqlcipher-adapter-dev that referenced this issue Jan 24, 2018
@brodycj
Copy link
Collaborator Author

brodycj commented Mar 5, 2018

Windows platform support has been dropped. It is desired to support Windows again using OpenSSL as discussed in #30.

@brodycj brodycj closed this as completed Mar 5, 2018
@brodycj brodycj changed the title Planning to drop Windows support for now Drop Windows support for now Dec 16, 2018
@brodycj
Copy link
Collaborator Author

brodycj commented Dec 16, 2018

In response to the question in #78 here are the reasons I have completely dropped Windows support for now:

  • Existing Windows implementation was using LibTomCrypt which I was told has inferior entropy. Inferior encryption characteristics are not wanted.
  • I do not want any chance that someone makes an application that may accidentally stores sensitive data on the Windows platform.

While it is desired to support Windows using a recent version of OpenSSL I do not have plans to do this anytime soon. In case of any urgent need please send a request to sales@litehelpers.net and I would be happy to quote an estimate.

I added the bug-security label since I think the use of inferior entropy from LibTomCrypt should be considered a security issue.

/cc @nsteenbeek

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

1 participant