Welcome to the OpenSSL Project
==============================
-[![openssl logo][]][www.openssl.org]
+[![openssl logo]][www.openssl.org]
-[![travis badge][]][travis jobs]
-[![appveyor badge][]][appveyor jobs]
+[![github actions ci badge]][github actions ci]
+[![appveyor badge]][appveyor jobs]
OpenSSL is a robust, commercial-grade, full-featured Open Source Toolkit
-for the Transport Layer Security (TLS) protocol formerly known as the
-Secure Sockets Layer (SSL) protocol. The protocol implementation is based
-on a full-strength general purpose cryptographic library, which can also
-be used stand-alone.
+for the TLS (formerly SSL), DTLS and QUIC (currently client side only)
+protocols.
+
+The protocol implementations are based on a full-strength general purpose
+cryptographic library, which can also be used stand-alone. Also included is a
+cryptographic module validated to conform with FIPS standards.
OpenSSL is descended from the SSLeay library developed by Eric A. Young
and Tim J. Hudson.
-The official Home Page of the OpenSSL Project is [www.openssl.org][].
+The official Home Page of the OpenSSL Project is [www.openssl.org].
Table of Contents
=================
The OpenSSL toolkit includes:
- **libssl**
- an implementation of all TLS protocol versions up to TLSv1.3 ([RFC 8446][]).
+ an implementation of all TLS protocol versions up to TLSv1.3 ([RFC 8446]),
+ DTLS protocol versions up to DTLSv1.2 ([RFC 6347]) and
+ the QUIC (currently client side only) version 1 protocol ([RFC 9000]).
- **libcrypto**
a full-strength general purpose cryptographic library. It constitutes the
- creation of X.509 certificates, CSRs and CRLs
- calculation of message digests
- encryption and decryption
- - SSL/TLS client and server tests
+ - SSL/TLS/DTLS and client and server tests
+ - QUIC client tests
- handling of S/MIME signed or encrypted mail
- and more...
The OpenSSL project does not distribute the toolkit in binary form.
However, for a large variety of operating systems precompiled versions
-of the OpenSSL toolkit are available. In particular on Linux and other
-Unix operating systems it is normally recommended to link against the
+of the OpenSSL toolkit are available. In particular, on Linux and other
+Unix operating systems, it is normally recommended to link against the
precompiled shared libraries provided by the distributor or vendor.
+We also maintain a list of third parties that produce OpenSSL binaries for
+various Operating Systems (including Windows) on the [Binaries] page on our
+wiki.
+
For Testing and Development
---------------------------
the entire project history gives you much more insight into the
code base.
-The official OpenSSL Git Repository is located at [git.openssl.org][].
-There is a GitHub mirror of the repository at [github.com/openssl/openssl][],
+The official OpenSSL Git Repository is located at [git.openssl.org].
+There is a GitHub mirror of the repository at [github.com/openssl/openssl],
which is updated automatically from the former on every commit.
A local copy of the Git Repository can be obtained by cloning it from
git clone https://github.com/yourname/openssl.git
-This is necessary, because all development of OpenSSL nowadays is done via
+This is necessary because all development of OpenSSL nowadays is done via
GitHub pull requests. For more details, see [Contributing](#contributing).
Build and Install
platforms, the installation instructions are amended by a platform specific
document.
- * [NOTES.ANDROID](NOTES.ANDROID)
- * [NOTES.DJGPP](NOTES.DJGPP)
- * [NOTES.PERL](NOTES.PERL)
- * [NOTES.UNIX](NOTES.UNIX)
- * [NOTES.VALGRIND](NOTES.VALGRIND)
- * [NOTES.VMS](NOTES.VMS)
- * [NOTES.WIN](NOTES.WIN)
+ * [Notes for UNIX-like platforms](NOTES-UNIX.md)
+ * [Notes for Android platforms](NOTES-ANDROID.md)
+ * [Notes for Windows platforms](NOTES-WINDOWS.md)
+ * [Notes for the DOS platform with DJGPP](NOTES-DJGPP.md)
+ * [Notes for the OpenVMS platform](NOTES-VMS.md)
+ * [Notes on Perl](NOTES-PERL.md)
+ * [Notes on Valgrind](NOTES-VALGRIND.md)
-Specific notes on upgrading to OpenSSL 3.0 from previous versions, as well as
-known issues are available on the OpenSSL
-[wiki](https://wiki.openssl.org/index.php/OpenSSL_3.0).
+Specific notes on upgrading to OpenSSL 3.x from previous versions can be found
+in the [ossl-guide-migration(7ossl)] manual page.
Documentation
=============
+README Files
+------------
+
+There are some README.md files in the top level of the source distribution
+containing additional information on specific topics.
+
+ * [Information about the OpenSSL QUIC protocol implementation](README-QUIC.md)
+ * [Information about the OpenSSL Provider architecture](README-PROVIDERS.md)
+ * [Information about using the OpenSSL FIPS validated module](README-FIPS.md)
+ * [Information about the legacy OpenSSL Engine architecture](README-ENGINES.md)
+
+The OpenSSL Guide
+-----------------
+
+There are some tutorial and introductory pages on some important OpenSSL topics
+within the [OpenSSL Guide].
+
Manual Pages
------------
available online.
- [OpenSSL master](https://www.openssl.org/docs/manmaster)
-- [OpenSSL 1.1.1](https://www.openssl.org/docs/man1.1.1)
+- [OpenSSL 3.0](https://www.openssl.org/docs/man3.0)
+- [OpenSSL 3.1](https://www.openssl.org/docs/man3.1)
+
+Demos
+-----
+
+The are numerous source code demos for using various OpenSSL capabilities in the
+[demos subfolder](./demos).
Wiki
----
-There is a Wiki at [wiki.openssl.org][] which is currently not very active.
-It contains a lot of useful information, not all of which is up to date.
+There is a Wiki at [wiki.openssl.org] which is currently not very active.
+It contains a lot of useful information, not all of which is up-to-date.
License
=======
you are free to get and use it for commercial and non-commercial
purposes as long as you fulfill its conditions.
-See the [LICENSE](LICENSE) file for more details.
+See the [LICENSE.txt](LICENSE.txt) file for more details.
Support
=======
There are various ways to get in touch. The correct channel depends on
-your requirement. see the [SUPPORT](SUPPORT.md) file for more details.
+your requirement. See the [SUPPORT](SUPPORT.md) file for more details.
Contributing
============
If you are interested and willing to contribute to the OpenSSL project,
please take a look at the [CONTRIBUTING](CONTRIBUTING.md) file.
-Since 2016, development takes place in public on the GitHub open source
-platform. The OpenSSL Project Pages at [openssl.github.io][] are a
-valuable source of information if you want to get familiar with our
-development process on GitHub.
-
Legalities
==========
A number of nations restrict the use or export of cryptography. If you are
-potentially subject to such restrictions you should seek legal advice before
+potentially subject to such restrictions, you should seek legal advice before
attempting to develop or distribute cryptographic code.
Copyright
=========
-Copyright (c) 1998-2020 The OpenSSL Project
+Copyright (c) 1998-2023 The OpenSSL Project Authors
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
<https://github.com/openssl/openssl>
"OpenSSL GitHub Mirror"
-[openssl.github.io]:
- <https://mspncp.github.io>
- "OpenSSL Project Pages"
-
[wiki.openssl.org]:
<https://wiki.openssl.org>
"OpenSSL Wiki"
+[ossl-guide-migration(7ossl)]:
+ <https://www.openssl.org/docs/manmaster/man7/ossl-guide-migration.html>
+ "OpenSSL Migration Guide"
+
[RFC 8446]:
<https://tools.ietf.org/html/rfc8446>
+[RFC 6347]:
+ <https://tools.ietf.org/html/rfc6347>
+
+[RFC 9000]:
+ <https://tools.ietf.org/html/rfc9000>
+
+[Binaries]:
+ <https://wiki.openssl.org/index.php/Binaries>
+ "List of third party OpenSSL binaries"
+
+[OpenSSL Guide]:
+ <https://www.openssl.org/docs/manmaster/man7/ossl-guide-introduction.html>
+ "An introduction to OpenSSL"
+
<!-- Logos and Badges -->
-<!--
- Note: The security token for the appveyor badge (the random number in
- the URL below) was obtained for the mspncp/openssl project.
- It needs to be replaced by the correct token by some core member
- (@levitte, @mattcaswell?). It can be obtained for project members at
- https://ci.appveyor.com/project/openssl/openssl/settings/badges.
--->
[openssl logo]:
doc/images/openssl.svg
"OpenSSL Logo"
-[travis badge]:
- <https://travis-ci.org/openssl/openssl.svg?branch=master>
- "Travis Build Status"
+[github actions ci badge]:
+ <https://github.com/openssl/openssl/workflows/GitHub%20CI/badge.svg>
+ "GitHub Actions CI Status"
-[travis jobs]:
- <https://travis-ci.org/openssl/openssl>
- "Travis Jobs"
+[github actions ci]:
+ <https://github.com/openssl/openssl/actions?query=workflow%3A%22GitHub+CI%22>
+ "GitHub Actions CI"
[appveyor badge]:
- <https://ci.appveyor.com/api/projects/status/ikn2l4u1xsume63u/branch/master?svg=true>
+ <https://ci.appveyor.com/api/projects/status/8e10o7xfrg73v98f/branch/master?svg=true>
"AppVeyor Build Status"
[appveyor jobs]: