Good,free crypto library for using in a commercial or lgpl software?
I want to use MD5 and SHA1 for serial numbering in my program.I looked at OpenSSL,it provides an easy way to apply MD5(md5 seems like not much secure these days I know that) but I am a bit lost in licencing terms.Can I use openssl library in a commercial(or lgpl) licenced software or not?Is there a good alternative library?
There is Poco c++ library which includes crypto library for md5 (and maybe sha1 too) but it says it is based on RSA and I think this may cause to investigate RSA's licence terms too,and I am very bad at interpreting licence terms.
There is Poco c++ library which includes crypto library for md5 (and maybe sha1 too) but it says it is based on RSA and I think this may cause to investigate RSA's licence terms too,and I am very bad at interpreting licence terms.
Last edited on
http://stackoverflow.com/questions/180870/what-is-the-best-encryption-library-in-c-c
i've used 'cryptopp' in the past before, but cant remember if it will suit your exact requirements.
i've used 'cryptopp' in the past before, but cant remember if it will suit your exact requirements.
closed account (3qX21hU5)
Here is the license for openSSL http://www.openssl.org/source/license.html
In other words
1) You must include the copyright notice
2) If you advertise features provided by openSLL you must include "This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/)" in that advertisement.
4) You can't use openSLL Toolkit or openSLL Project to endorse or promote your software without permission from openSLL
5) Cant use openSLL in the projects name
6) You MUST include this in any redistribution "This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/)"
If you include any Windows specific code (or a derivative thereof) from
the apps directory (application code) you must include an acknowledgement: "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
So basically it sums up to yes you can use openSLL in comercial software as long as you follow those guidelines.
In other words
1) You must include the copyright notice
2) If you advertise features provided by openSLL you must include "This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/)" in that advertisement.
4) You can't use openSLL Toolkit or openSLL Project to endorse or promote your software without permission from openSLL
5) Cant use openSLL in the projects name
6) You MUST include this in any redistribution "This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/)"
If you include any Windows specific code (or a derivative thereof) from
the apps directory (application code) you must include an acknowledgement: "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
So basically it sums up to yes you can use openSLL in comercial software as long as you follow those guidelines.
Last edited on
Thanks for your answers.
I have looked at cryptopp and it seems good.
I think both cryptopp and openssl can use md5 and md5 belongs to RSA I think.When I use md5 in cryptopp or openssl,in addition to their licence,should I also read and apply the terms in RSA's licence agreement too?
I have looked at cryptopp and it seems good.
I think both cryptopp and openssl can use md5 and md5 belongs to RSA I think.When I use md5 in cryptopp or openssl,in addition to their licence,should I also read and apply the terms in RSA's licence agreement too?
Last edited on
I heard that md5 is in public domain so we don't need to apply the terms in RSA's licence.But I still have problems understanding the licence.
In Cryptopp's licence,it says:
Should I show both licences to the user in the program?(maybe before installing the program?)
In Cryptopp's licence,it says:
| Compilation Copyright (c) 1995-2013 by Wei Dai. All rights reserved. This copyright applies only to this software distribution package as a compilation, and does not imply a copyright on any particular file in the package. All individual files in this compilation are placed in the public domain by Wei Dai and other contributors. I would like to thank the following authors for placing their works into the public domain: Joan Daemen - 3way.cpp Leonard Janke - cast.cpp, seal.cpp Steve Reid - cast.cpp Phil Karn - des.cpp Andrew M. Kuchling - md2.cpp, md4.cpp Colin Plumb - md5.cpp Seal Woods - rc6.cpp Chris Morgan - rijndael.cpp Paulo Baretto - rijndael.cpp, skipjack.cpp, square.cpp Richard De Moliner - safer.cpp Matthew Skala - twofish.cpp Kevin Springle - camellia.cpp, shacal2.cpp, ttmac.cpp, whrlpool.cpp, ripemd.cpp Ronny Van Keer - sha3.cpp The Crypto++ Library (as a compilation) is currently licensed under the Boost Software License 1.0 (http://www.boost.org/users/license.html). Boost Software License - Version 1.0 - August 17th, 2003 Permission is hereby granted, free of charge, to any person or organization obtaining a copy of the software and accompanying documentation covered by this license (the "Software") to use, reproduce, display, distribute, execute, and transmit the Software, and to prepare derivative works of the Software, and to permit third-parties to whom the Software is furnished to do so, all subject to the following: The copyright notices in the Software and this entire statement, including the above license grant, this restriction and the following disclaimer, must be included in all copies of the Software, in whole or in part, and all derivative works of the Software, unless such copies or derivative works are solely in the form of machine-executable object code generated by a source language processor. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. |
Should I show both licences to the user in the program?(maybe before installing the program?)
Last edited on
Topic archived. No new replies allowed.