]>
Commit | Line | Data |
---|---|---|
d02b48c6 | 1 | |
1c308226 | 2 | OpenSSL 0.9.2 06-Mar-1999 |
651d0aff | 3 | |
1c308226 | 4 | Copyright (c) 1998-1999 The OpenSSL Project |
058bf559 | 5 | Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson |
651d0aff RE |
6 | All rights reserved. |
7 | ||
f1c236f8 | 8 | The OpenSSL Project is a collaborative effort to develop a robust, |
651d0aff | 9 | commercial-grade, fully featured, and Open Source toolkit implementing the |
1c308226 | 10 | Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) |
651d0aff RE |
11 | protocols with full-strength cryptography world-wide. The project is managed |
12 | by a worldwide community of volunteers that use the Internet to communicate, | |
f1c236f8 | 13 | plan, and develop the OpenSSL tookit and its related documentation. |
651d0aff | 14 | |
f1c236f8 | 15 | OpenSSL is based on the excellent SSLeay library developed from Eric A. Young |
1c308226 RE |
16 | and Tim J. Hudson. The OpenSSL toolkit is licensed under a dual-license (the |
17 | OpenSSL license plus the SSLeay license) situation, which basically means | |
18 | that you are free to get and use it for commercial and non-commercial | |
19 | purposes as long as you fullfill the conditions of both licenses. | |
651d0aff | 20 | |
1c308226 | 21 | The OpenSSL toolkit includes: |
651d0aff RE |
22 | |
23 | libssl.a: | |
24 | Implementation of SSLv2, SSLv3, TLSv1 and the required code to support | |
1c308226 | 25 | both SSLv2, SSLv3 and TLSv1 in the one server and client. |
651d0aff RE |
26 | |
27 | libcrypto.a: | |
1c308226 RE |
28 | General encryption and X.509 v1/v3 stuff needed by SSL/TLS but not |
29 | actually logically part of it. It includes routines for the following: | |
651d0aff RE |
30 | |
31 | Ciphers | |
32 | libdes - EAY's libdes DES encryption package which has been floating | |
33 | around the net for a few years. It includes 15 | |
34 | 'modes/variations' of DES (1, 2 and 3 key versions of ecb, | |
35 | cbc, cfb and ofb; pcbc and a more general form of cfb and | |
36 | ofb) including desx in cbc mode, a fast crypt(3), and | |
37 | routines to read passwords from the keyboard. | |
38 | RC4 encryption, | |
39 | RC2 encryption - 4 different modes, ecb, cbc, cfb and ofb. | |
40 | Blowfish encryption - 4 different modes, ecb, cbc, cfb and ofb. | |
41 | IDEA encryption - 4 different modes, ecb, cbc, cfb and ofb. | |
42 | ||
43 | Digests | |
44 | MD5 and MD2 message digest algorithms, fast implementations, | |
45 | SHA (SHA-0) and SHA-1 message digest algorithms, | |
46 | MDC2 message digest. A DES based hash that is polular on smart cards. | |
47 | ||
48 | Public Key | |
49 | RSA encryption/decryption/generation. | |
50 | There is no limit on the number of bits. | |
51 | DSA encryption/decryption/generation. | |
52 | There is no limit on the number of bits. | |
53 | Diffie-Hellman key-exchange/key generation. | |
54 | There is no limit on the number of bits. | |
55 | ||
56 | X.509v3 certificates | |
57 | X509 encoding/decoding into/from binary ASN1 and a PEM | |
58 | based ascii-binary encoding which supports encryption with a | |
59 | private key. Program to generate RSA and DSA certificate | |
60 | requests and to generate RSA and DSA certificates. | |
61 | ||
62 | Systems | |
63 | The normal digital envelope routines and base64 encoding. Higher | |
64 | level access to ciphers and digests by name. New ciphers can be | |
65 | loaded at run time. The BIO io system which is a simple non-blocking | |
66 | IO abstraction. Current methods supported are file descriptors, | |
67 | sockets, socket accept, socket connect, memory buffer, buffering, SSL | |
68 | client/server, file pointer, encryption, digest, non-blocking testing | |
69 | and null. | |
70 | ||
71 | Data structures | |
72 | A dynamically growing hashing system | |
73 | A simple stack. | |
74 | A Configuration loader that uses a format similar to MS .ini files. | |
75 | ||
1c308226 RE |
76 | openssl: |
77 | A command line tool which provides the following functions: | |
651d0aff RE |
78 | |
79 | enc - a general encryption program that can encrypt/decrypt using | |
80 | one of 17 different cipher/mode combinations. The | |
81 | input/output can also be converted to/from base64 | |
82 | ascii encoding. | |
83 | dgst - a generate message digesting program that will generate | |
84 | message digests for any of md2, md5, sha (sha-0 or sha-1) | |
85 | or mdc2. | |
86 | asn1parse - parse and display the structure of an asn1 encoded | |
87 | binary file. | |
88 | rsa - Manipulate RSA private keys. | |
89 | dsa - Manipulate DSA private keys. | |
90 | dh - Manipulate Diffie-Hellman parameter files. | |
91 | dsaparam- Manipulate and generate DSA parameter files. | |
92 | crl - Manipulate certificate revocation lists. | |
93 | crt2pkcs7- Generate a pkcs7 object containing a crl and a certificate. | |
94 | x509 - Manipulate x509 certificates, self-sign certificates. | |
95 | req - Manipulate PKCS#10 certificate requests and also | |
96 | generate certificate requests. | |
97 | genrsa - Generates an arbitrary sized RSA private key. | |
058bf559 | 98 | gendsa - Generates DSA parameters. |
651d0aff RE |
99 | gendh - Generates a set of Diffie-Hellman parameters, the prime |
100 | will be a strong prime. | |
101 | ca - Create certificates from PKCS#10 certificate requests. | |
102 | This program also maintains a database of certificates | |
103 | issued. | |
104 | verify - Check x509 certificate signatures. | |
058bf559 | 105 | speed - Benchmark OpenSSL's ciphers. |
651d0aff RE |
106 | s_server- A test SSL server. |
107 | s_client- A test SSL client. | |
108 | s_time - Benchmark SSL performance of SSL server programs. | |
058bf559 RE |
109 | errstr - Convert from OpenSSL hex error codes to a readable form. |
110 | nseq - Netscape certificate sequence utility | |
651d0aff | 111 | |
1c308226 RE |
112 | To install this package under a Unix derivative, read the INSTALL file. For |
113 | a Win32 platform, read the INSTALL.W32 file. | |
651d0aff | 114 | |
1c308226 RE |
115 | For people in the USA, it is possible to compile OpenSSL to use RSA Inc.'s |
116 | public key library, RSAref. Read doc/ssleay.txt under 'rsaref.doc' on how to | |
117 | build with RSAref. | |
651d0aff | 118 | |
1c308226 RE |
119 | Read the documentation in the doc/ directory. It is quite rough, but it |
120 | lists the functions, you will probably have to look at the code to work out | |
121 | how to used them. Look at the example programs. | |
d02b48c6 | 122 |