]>
Commit | Line | Data |
---|---|---|
d02b48c6 | 1 | |
f1c236f8 | 2 | OpenSSL 0.9.1c 22-Dec-1998 |
651d0aff | 3 | |
f1c236f8 | 4 | Copyright (c) 1998 The OpenSSL Project |
651d0aff RE |
5 | Copyright (c) 1995-1998 Eric Young |
6 | All rights reserved. | |
7 | ||
f1c236f8 | 8 | The OpenSSL Project is a collaborative effort to develop a robust, |
651d0aff RE |
9 | commercial-grade, fully featured, and Open Source toolkit implementing the |
10 | Transport Layer Security (TLS v1) and Secure Sockets Layer (SSL v2/v3) | |
11 | protocols with full-strength cryptography world-wide. The project is managed | |
12 | by a worldwide community of volunteers that use the Internet to communicate, | |
f1c236f8 | 13 | plan, and develop the OpenSSL tookit and its related documentation. |
651d0aff | 14 | |
f1c236f8 RE |
15 | OpenSSL is based on the excellent SSLeay library developed from Eric A. Young |
16 | and Tim J. Hudson. The OpenSSL toolkit is licensed under a BSD-style licence, | |
651d0aff RE |
17 | which basically means that you are free to get and use it for commercial and |
18 | non-commercial purposes. | |
19 | ||
20 | The package includes: | |
21 | ||
22 | libssl.a: | |
23 | Implementation of SSLv2, SSLv3, TLSv1 and the required code to support | |
24 | both SSLv2, SSLv3 and TLSv1 in the one server. | |
25 | ||
26 | libcrypto.a: | |
27 | General encryption and X.509 stuff needed by TLS/SSL but not actually | |
28 | logically part of it. It includes routines for the following: | |
29 | ||
30 | Ciphers | |
31 | libdes - EAY's libdes DES encryption package which has been floating | |
32 | around the net for a few years. It includes 15 | |
33 | 'modes/variations' of DES (1, 2 and 3 key versions of ecb, | |
34 | cbc, cfb and ofb; pcbc and a more general form of cfb and | |
35 | ofb) including desx in cbc mode, a fast crypt(3), and | |
36 | routines to read passwords from the keyboard. | |
37 | RC4 encryption, | |
38 | RC2 encryption - 4 different modes, ecb, cbc, cfb and ofb. | |
39 | Blowfish encryption - 4 different modes, ecb, cbc, cfb and ofb. | |
40 | IDEA encryption - 4 different modes, ecb, cbc, cfb and ofb. | |
41 | ||
42 | Digests | |
43 | MD5 and MD2 message digest algorithms, fast implementations, | |
44 | SHA (SHA-0) and SHA-1 message digest algorithms, | |
45 | MDC2 message digest. A DES based hash that is polular on smart cards. | |
46 | ||
47 | Public Key | |
48 | RSA encryption/decryption/generation. | |
49 | There is no limit on the number of bits. | |
50 | DSA encryption/decryption/generation. | |
51 | There is no limit on the number of bits. | |
52 | Diffie-Hellman key-exchange/key generation. | |
53 | There is no limit on the number of bits. | |
54 | ||
55 | X.509v3 certificates | |
56 | X509 encoding/decoding into/from binary ASN1 and a PEM | |
57 | based ascii-binary encoding which supports encryption with a | |
58 | private key. Program to generate RSA and DSA certificate | |
59 | requests and to generate RSA and DSA certificates. | |
60 | ||
61 | Systems | |
62 | The normal digital envelope routines and base64 encoding. Higher | |
63 | level access to ciphers and digests by name. New ciphers can be | |
64 | loaded at run time. The BIO io system which is a simple non-blocking | |
65 | IO abstraction. Current methods supported are file descriptors, | |
66 | sockets, socket accept, socket connect, memory buffer, buffering, SSL | |
67 | client/server, file pointer, encryption, digest, non-blocking testing | |
68 | and null. | |
69 | ||
70 | Data structures | |
71 | A dynamically growing hashing system | |
72 | A simple stack. | |
73 | A Configuration loader that uses a format similar to MS .ini files. | |
74 | ||
75 | Programs in this package include: | |
76 | ||
77 | enc - a general encryption program that can encrypt/decrypt using | |
78 | one of 17 different cipher/mode combinations. The | |
79 | input/output can also be converted to/from base64 | |
80 | ascii encoding. | |
81 | dgst - a generate message digesting program that will generate | |
82 | message digests for any of md2, md5, sha (sha-0 or sha-1) | |
83 | or mdc2. | |
84 | asn1parse - parse and display the structure of an asn1 encoded | |
85 | binary file. | |
86 | rsa - Manipulate RSA private keys. | |
87 | dsa - Manipulate DSA private keys. | |
88 | dh - Manipulate Diffie-Hellman parameter files. | |
89 | dsaparam- Manipulate and generate DSA parameter files. | |
90 | crl - Manipulate certificate revocation lists. | |
91 | crt2pkcs7- Generate a pkcs7 object containing a crl and a certificate. | |
92 | x509 - Manipulate x509 certificates, self-sign certificates. | |
93 | req - Manipulate PKCS#10 certificate requests and also | |
94 | generate certificate requests. | |
95 | genrsa - Generates an arbitrary sized RSA private key. | |
96 | gendh - Generates a set of Diffie-Hellman parameters, the prime | |
97 | will be a strong prime. | |
98 | ca - Create certificates from PKCS#10 certificate requests. | |
99 | This program also maintains a database of certificates | |
100 | issued. | |
101 | verify - Check x509 certificate signatures. | |
102 | speed - Benchmark SSLeay's ciphers. | |
103 | s_server- A test SSL server. | |
104 | s_client- A test SSL client. | |
105 | s_time - Benchmark SSL performance of SSL server programs. | |
106 | errstr - Convert from SSLeay hex error codes to a readable form. | |
107 | ||
d02b48c6 | 108 | To install this package, read the INSTALL file. |
651d0aff RE |
109 | For the Microsoft world, read INSTALL.W32 file. |
110 | ||
111 | For people in the USA, it is possible to compile SSLeay to use RSA Inc.'s | |
112 | public key library, RSAref. From my understanding, it is claimed by RSA Inc. | |
113 | to be illegal to use my public key routines inside the USA. Read | |
114 | doc/rsaref.doc on how to build with RSAref. | |
115 | ||
116 | Read the documentation in the doc directory. It is quite rough, but it lists | |
117 | the functions, you will probably have to look at the code to work out how to | |
118 | used them. I will be working on documentation. Look at the example programs. | |
d02b48c6 | 119 |