Can mcrypt be stripped/legalized a similar way as openssl is done?

Tom 'spot' Callaway tcallawa at
Thu Sep 22 19:54:42 UTC 2005

On Thu, 2005-09-22 at 20:12 +0400, Dmitry Butskoy wrote:
> The mcrypt package itself looks similar to, for example, openssl.
> Both 
> have illegal things in their upstream. To distribute openssl, Fedora 
> deletes all the problem code from it (and makes an own tarball).
>   Can mcrypt be distributed the same way? In other words, whether 
> "accurately cleared mcrypt" can be added to Fedora Extras? 

You know, we might not even need to do this. The items we removed from
openssl (IDEA, MDC2, RC-5) aren't present in libmcrypt.

Libmcrypt has:

3-way: clear of patents 
3DES: included in openssl
Arc Four: clear of patents, in the linux kernel
Blowfish: included in openssl
Cast-128: included in openssl
Cast-256: included in openssl
DES: included in openssl
Enigma: A one-rotor version of german enigma cipher, clear of patents
GOST: clear of patents
LOKI97: clear of patents
RC-2: included in openssl
Rijndael-128: (AES) in openssl
Rijndael-192: (AES) in openssl
Rijndael-256: (AES) in openssl
Safer+: clear of patents
Safer-sk64: clear of patents
Safer-sk128: clear of patents
Serpent: AES variant, clear of patents, in the linux kernel
Twofish: AES varient, clear of patents, in the linux kernel
Wake: clear of patents
Xtea: clear of patents, in the linux kernel

US export restrictions should be the same for mcrypt as they are for
openssl, so I think we're fine. Of course, IANAL.
Greg, any chance we could get an answer back from legal before 2046?

Tom "spot" Callaway: Red Hat Senior Sales Engineer || GPG ID: 93054260
Fedora Extras Steering Committee Member (RPM Standards and Practices)
Aurora Linux Project Leader:
Lemurs, llamas, and sparcs, oh my!

More information about the fedora-extras-list mailing list