Drop Windows support for now

Question

Drop Windows support for now

brodybits opened this issue 7 years ago · 2 comments

The existing Windows platform version uses libTomCrypt which is nice but I was told it has inferior entropy. The ultimate solution is to replace libTomCrypt with OpenSSL crypto and an effort was made in 2016 as discussed in #30. Until I have a chance to revisit OpenSSL crypto for Windows I would like to drop the Windows support.

P.S. I would like to drop Windows support before integrating SQLCipher 3.4.2 / 3.5.8 ref: #62

Answer 1 · 2018-03-05T17:19:20.000Z

Windows platform support has been dropped. It is desired to support Windows again using OpenSSL as discussed in #30.

Answer 2 · 2018-12-16T17:42:12.000Z

In response to the question in #78 here are the reasons I have completely dropped Windows support for now:

Existing Windows implementation was using LibTomCrypt which I was told has inferior entropy. Inferior encryption characteristics are not wanted.
I do not want any chance that someone makes an application that may accidentally stores sensitive data on the Windows platform.

While it is desired to support Windows using a recent version of OpenSSL I do not have plans to do this anytime soon. In case of any urgent need please send a request to sales@litehelpers.net and I would be happy to quote an estimate.

I added the bug-security label since I think the use of inferior entropy from LibTomCrypt should be considered a security issue.

/cc @nsteenbeek