OpenSSL
The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, fully featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) as well as a full-strength general-purpose cryptography library.
| Tags | Software Development Libraries Security Cryptography |
|---|
Recent releases
- 29 Mar 2009 10:11
Changes: Three security flaws of moderate severity were fixed: Printing the contents of an ASN1 certificate with an illegal encoded length could cause an application crash (CVE-2009-0590). CMS verification could cause an invalid set of signed attributes to appear valid (CVE-2009-0591). A malformed ASN1 structure could cause invalid memory access (CVE-2009-0789). Further minor modifications were made.
- 08 Jan 2009 21:37
Changes: Several incorrect checks, allowing a malformed signature to be treated as a good signature rather than as an error, were fixed. This vulnerability was reported as CVE-2008-5077. Experimental JPAKE support was implemented. Support for XMPP STARTTLS was added in s_client. Several other minor changes were made.
- 29 Sep 2008 17:34
Changes: An incomplete fix for unsafe triple-checked locking was updated. Several precautionary measures were introduced. Support for the Local Machine Keyset attribute in PKCS#12 files was added. Several minor bugs were fixed.
- 01 Jun 2008 18:46
Changes: Two crashes discovered using the Codenomicon TLS test suite, as reported in CVE-2008-0891 and CVE-2008-1672, were fixed. The root CA certificates of commercial CAs were removed from the distribution. Functions were added to implement RFC3394 compatible AES key wrapping. Utility functions to handle ASN1 structures were added. The certificate status request TLS extension, as defined in RFC3546, was implemented. Several other bugfixes and enhancements were made.
- 03 Dec 2007 10:59
Changes: DTLS interoperation with non-compliant servers was fixed. IA64 assembler code was fixed. Binary incompatibility of the ssl_ctx_st structure was adjusted.
- All comments
Recent commentsNot free anymore
http://www.deadly.org/article.php3?sid=20020924004335 (http://www.deadly.org/article.php3?sid=20020924004335)
It means that OpenSSL is becoming a non-free software project, because
the code from Sun contains licenses which invoke patent litigation;
the licence on the new code basically builds a contract that says "if
you use this code, you cannot sue Sun".
http://marc.theaimsgroup.com/?l=openbsd-misc&m=103280816316720&w=2 (http://marc.theaimsgroup.com/?l=openbsd-misc&m=103280816316720&w=2)
Re: OpenSSL
Yes, OpenSSL is based on SSLeay. SSLeay is dead, and a few people took the last source (0.9.1b) and made it into OpenSSL (0.9.1c). OpenSSL has developped from there.
OPEN SSL API DOCUMENTATION
Could anyone recommend a good place to get documentation on OpenSSL? I've downloaded the software and I need to port it to VxWorks as a client. I would like to find documentation that describes the necessary API calls and the order that they must be called.
THANKS!
Re: OpenSSL
> Uhhh.... They are the same thing.
> SSLeay was renamed to OpenSSL, AFAIK.
To quote OpenSSL's page, "OpenSSL is based on the excellent SSLeay library..."
> I would warn you - if you want
> documentation for your software - look
> elsewhere.
Or you could visit openssl.org/docs and read the library function definitions, then subscribe to the mailing list and read the source to the example programs (like openssl itself). The documentation isn't perfect, but its available.
I highly recommend ignoring anything this guy says!
Before using OpenSSL, I used SSLeay which was good in its own right but I believe that OpenSSL has a bigger and brighter future than SSLeay.
Uhhh.... They are the same thing. SSLeay was renamed to OpenSSL, AFAIK. So yeah, considering that SSLeay is dead, I'd say that OpenSSL has a brighter future. Or, considering that they are the same thing, I guess they have the same future.
OpenSSL is easy to setup and use and compiles on a variety of systems. I would highly recommend OpenSSL to anyone wanting well done SSL support!
I would warn you - if you want documentation for your software - look elsewhere. Then come back here because there is nothing else. I would highly recommend OpenSSL to anyone wanting free/opensource SSL support because you have no other real choice!