Inspired both by recent news stories and a TODO item for a personal project, I’ve poking around the various cryptographic libraries with an eye to hashing. I’m looking at both MD5 and SHA512, and there are no shortage of libraries that provide this functionality. And no, I’m not interested in bundling Yet Another MD5 implementation. 
So far, I’ve played with openssl, gnutls, mhash and libgcrypt. I also took a brief look at nss. I got openssl, mhash and libgcrypt working, and gave up on gnutls and nss fairly early on. I decided against openssl for licensing reasons (my project is GPLv3+), and mhash is somewhat less active upstream than libgcrypt. As of this writing, I think I’ll probably stick with libgcrypt, since it’s pretty easy to use and supports a large number of algorithms, but I’m curious. Are there any other implementations I should know about that would be better to use that I’ve not listed above? I have no problem using libgcrypt, I just thought I’d see if anyone out there had any favourites, and is so, why. Or any horror stories.
There is this effort in Fedora:
https://fedoraproject.org/wiki/FedoraCryptoConsolidation
Not sure you care about that though.
Yeah, I know. I’m thinking about it.
libgcrypt is working well, but I’ll try NSS. This isn’t something that I expect I’ll ever put in Fedora, or even necessarily release, but I suppose it would be good to get some NSS experience for that reason as well.