Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Consider replacing the net.i2p.crypto:eddsa with maintained alternative. #1223

Open
tomekl007 opened this issue Sep 4, 2024 · 2 comments
Open

Consider replacing the net.i2p.crypto:eddsa with maintained alternative. #1223

tomekl007 opened this issue Sep 4, 2024 · 2 comments
Labels
proposal Enhancement idea or proposal

Comments

@tomekl007
Copy link

Proposed change

The net.i2p.crypto:eddsa used in the jnats has not been updated for five years.
Maybe the library will need to be switched to a different one or replaced with custom code?

Use case

The dependant library is old and not maintained.

Contribution

No response
@tomekl007 tomekl007 added the proposal Enhancement idea or proposal label Sep 4, 2024
@scottf
Copy link
Contributor

scottf commented Sep 9, 2024

Are there any security issues with it? Are you aware of a suitable replacement?

@laurentgo
Copy link

Isn't bouncycastle a well-maintained security library for Java with support for EdDSA? Support within JDK was added in Java 15 (and not backported to Java 11)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
proposal Enhancement idea or proposal
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@scottf @laurentgo @tomekl007