Fedora Crypto Consolidation - History
Over the years there were attempts to consolidate cryptographic libraries in Fedora. The previous crypto consolidation effort is no longer pursued by the Fedora project. This page is retained as historical record, and to provide a simple guideline in selecting a crypto back-end when choice exists. Proceed to the historical record of the Crypto Consolidation Project.
Selecting a crypto library
For applications which may provide multiple cryptographic back-ends, our recommendation is to utilize the back-end preferred by the upstream project/developer, as long as it does integrate with the Fedora system, that is, following Packaging:CryptoPolicies and Features/SharedSystemCertificates. When considering integration with Red Hat Enterprise Linux, it is preferred to utilize one of the following crypto libraries (in no particular order).
- NSS
- GNUTLS
- OpenSSL
- libgcrypt
Although nettle is available as a cryptographic back-end in Red Hat Enterprise Linux, it should only used as last resort, as there is no API or ABI stability guarrantee.