Difference between revisions of "Related Links"

From OpenSSLWiki
Jump to navigationJump to search
(rename "Other" to "Books and documentation" and add a couple more entries to it)
m (Tweaked mbed description.)
 
(27 intermediate revisions by 6 users not shown)
Line 11: Line 11:
 
! scope="col" class="unsortable" | Description
 
! scope="col" class="unsortable" | Description
 
|-
 
|-
| [http://botan.randombit.net/ Botan] || a C++ cryptography library which includes a TLS implementation
+
| [http://sourceforge.net/projects/amissl/ AmiSSL] || an OpenSSL port to AmigaOS
 
|-
 
|-
| [http://www.bouncycastle.org/ Bouncy Castle] || cryptography API for Java and C#
+
| [http://botan.randombit.net/ Botan] || a C++ cryptography library which includes a TLS implementation
 +
|-
 +
| [http://boringssl.googlesource.com/boringssl/ BoringSSL] || a Google fork of OpenSSL ([https://www.imperialviolet.org/2014/06/20/boringssl.html Announcement ]) (Press coverage: [https://news.ycombinator.com/item?id=7922745 ycombinator], [http://arstechnica.com/security/2014/06/google-unveils-independent-fork-of-openssl-called-boringssl/ Ars Technica], [http://www.pcworld.com/article/2366440/google-develops-own-boring-version-of-openssl.html PC World], [http://www.zdnet.com/google-takes-openssl-and-turns-it-into-boringssl-7000030796/ ZDNet] )
 +
|-
 +
| [http://www.bouncycastle.org/ Bouncy Castle] || cryptography API for Java and C# ([[Wikipedia: Bouncy Castle (cryptography)]])
 
|-
 
|-
 
| [http://www.cs.auckland.ac.nz/~pgut001/cryptlib/ Cryptlib] || a security toolkit that allows one to easily add encryption and authentication services to software
 
| [http://www.cs.auckland.ac.nz/~pgut001/cryptlib/ Cryptlib] || a security toolkit that allows one to easily add encryption and authentication services to software
Line 20: Line 24:
 
|-
 
|-
 
| [http://www.gnutls.org/ GnuTLS] || an LGPL-licensed TLS library with substantial documentation
 
| [http://www.gnutls.org/ GnuTLS] || an LGPL-licensed TLS library with substantial documentation
 +
|-
 +
| [http://www.libressl.org/ LibreSSL] || an OpenBSD fork of OpenSSL (Press coverage: [http://www.zdnet.com/openbsd-forks-prunes-fixes-openssl-7000028613/ ZDNet], [http://arstechnica.com/information-technology/2014/04/openssl-code-beyond-repair-claims-creator-of-libressl-fork/ Ars Technica])
 
|-
 
|-
 
| [http://libtom.org/ LibTomCrypt] || public domain open source crypto library written in C
 
| [http://libtom.org/ LibTomCrypt] || public domain open source crypto library written in C
 +
|-
 +
| [http://www.flyn.org/projects/libtlssep/ libtlssep] || A simplified TLS library based on OpenSSL that decomposes socket operations from private key operations by providing two processes
 +
|-
 +
| [http://tls.mbed.org/ mbed TLS] || TLS library that handles the complexities of the Secure Sockets Layer (SSL) protocol for applications (formerly PolarSSL)
 +
|-
 +
| [http://www.mitls.org/wsgi miTLS] || a verified reference implementation of the TLS protocol. ([http://www.reddit.com/r/netsec/comments/1zn2d3/mitls_a_verified_reference_tls_implementation/ "reddit: miTLS - A verified reference TLS implementation"])
 
|-
 
|-
 
| [http://nacl.cr.yp.to/ NaCl] || NaCl (pronounced "salt") is a easy-to-use high-speed software library for network communication, encryption, decryption, and signatures
 
| [http://nacl.cr.yp.to/ NaCl] || NaCl (pronounced "salt") is a easy-to-use high-speed software library for network communication, encryption, decryption, and signatures
 
|-
 
|-
 
| [http://www.mozilla.org/projects/security/pki/nss/ NSS] || a set of libraries designed to support cross-platform development of security-enabled client and server applications
 
| [http://www.mozilla.org/projects/security/pki/nss/ NSS] || a set of libraries designed to support cross-platform development of security-enabled client and server applications
 +
|-
 +
| [http://pocoproject.org/ Poco] || Modern open source C++ class libraries for building network-based applications that run on desktop, server, mobile and embedded systems.
 +
|-
 +
| [http://github.com/awslabs/s2n s2n] || Amazon's open source implementation of the TLS/SSL protocols.
 +
|-
 +
| [http://www.ohloh.net/projects/xyssl XySSL] || a C library providing a very small footprint crypto library and SSL implementation.
 
|}
 
|}
  
Line 44: Line 62:
 
|[https://www.stunnel.org/index.html Stunnel] || an SSL encryption wrapper between remote client and local (inetd-startable) or remote server
 
|[https://www.stunnel.org/index.html Stunnel] || an SSL encryption wrapper between remote client and local (inetd-startable) or remote server
 
|}
 
|}
 +
 +
=== Languages libraries/Wrappers relying on openssl ===
 +
 +
* '''libcurl''' http://curl.haxx.se/ which can use openssl
 +
* '''PHP''' uses libcurl http://php.net/manual/en/intro.curl.php
 +
* '''Python''' pyOpenSSL https://github.com/pyca/pyopenssl cryptography https://github.com/pyca/cryptography
 +
* '''Perl''' Perl-Openssl http://sourceforge.net/projects/perl-openssl/
  
 
== Closed Source Cryptographic Libraries ==
 
== Closed Source Cryptographic Libraries ==
Line 63: Line 88:
 
! scope="col" width="150px" | Product
 
! scope="col" width="150px" | Product
 
! scope="col" class="unsortable" | Description
 
! scope="col" class="unsortable" | Description
 +
|-
 +
| Stonesoft Firewall Appliances [https://www.stonesoft.com/en/customer_care/documentation/appliances/]
 +
| Stonesoft (now McAfee) Appliances uses openssl as SSL/TLS communication library, license advertised [http://www.stonesoft.com/en/customer_care/support/third_party_licenses.html]
 
|-
 
|-
 
| [http://www.example.com No Entry]  || This is a placeholder
 
| [http://www.example.com No Entry]  || This is a placeholder
 
|}
 
|}
 +
 +
Even if this section is empty now, it exist a numerous number of closed source products using OpenSSL.
  
 
== Books and Documentation ==  
 
== Books and Documentation ==  
Line 77: Line 107:
 
| [https://en.wikipedia.org/wiki/Comparison_of_TLS_implementations Comparison of TLS implementations]  || Wikipedia article comparing various TLS libraries
 
| [https://en.wikipedia.org/wiki/Comparison_of_TLS_implementations Comparison of TLS implementations]  || Wikipedia article comparing various TLS libraries
 
|-
 
|-
| [http://blog.ivanristic.com/2013/05/announcing-bulletproof-ssl-tls-and-pki.html OpenSSL Cookbook]  || Free chapter from upcoming book "Bulletproof SSL/TLS and PKI"
+
| [http://www.keylength.com/ keylength.com]  || site which summarizes various key length recommendations
 +
|-
 +
| [https://www.feistyduck.com/books/openssl-cookbook/ OpenSSL Cookbook]  || A free ebook that covers configuration and command-line usage (first
 +
published in 2013; continuously updated)
 
|-
 
|-
 
| [http://shop.oreilly.com/product/9780596002701.do Network Security with OpenSSL]  || O'Reilly book from 2002
 
| [http://shop.oreilly.com/product/9780596002701.do Network Security with OpenSSL]  || O'Reilly book from 2002
 +
|}
 +
 +
== Testing Resources ==
 +
 +
{| class="wikitable sortable" border="1"
 +
|+ Testing Resources
 +
|-
 +
! scope="col" width="150px" | Title
 +
! scope="col" class="unsortable" | Description
 +
|-
 +
| [https://www.tls-o-matic.com/ TLS-O-MATIC]  || A set of tests for TLS clients
 +
|-
 +
| [https://www.ssllabs.com/ssltest/ SSL Labs server test]  || Probes any HTTPS server on the Internet and assigns it a letter grade
 +
|-
 +
| [https://www.ssllabs.com/ssltest/viewMyClient.html SSL Labs client test]  || Tests the TLS capabilities of your browser
 +
|-
 +
| [https://github.com/iSECPartners/tlspretense TLSPretense]  || A test framework for testing SSL/TLS client certificate validation
 +
|-
 +
| [https://sni.velox.ch/ sni.velox.ch] || Test for Server Name Indication
 
|}
 
|}

Latest revision as of 18:13, 6 July 2015

Please feel free to edit this page and add your own OpenSSL-based project or product. This is the one place where otherwise extraneous mention of commercial products is appropriate. Note such mention does not constitute endorsement per our Commercial Product Disclaimer.

Open Source Cryptographic Libraries[edit]

Products which are available under some form of Open Source license, and which may also be available under some form of commercial license.

Open Source Cryptographic Libraries
Library Description
AmiSSL an OpenSSL port to AmigaOS
Botan a C++ cryptography library which includes a TLS implementation
BoringSSL a Google fork of OpenSSL (Announcement ) (Press coverage: ycombinator, Ars Technica, PC World, ZDNet )
Bouncy Castle cryptography API for Java and C# (Wikipedia: Bouncy Castle (cryptography))
Cryptlib a security toolkit that allows one to easily add encryption and authentication services to software
Crypto++ a free C++ class library of cryptographic schemes
GnuTLS an LGPL-licensed TLS library with substantial documentation
LibreSSL an OpenBSD fork of OpenSSL (Press coverage: ZDNet, Ars Technica)
LibTomCrypt public domain open source crypto library written in C
libtlssep A simplified TLS library based on OpenSSL that decomposes socket operations from private key operations by providing two processes
mbed TLS TLS library that handles the complexities of the Secure Sockets Layer (SSL) protocol for applications (formerly PolarSSL)
miTLS a verified reference implementation of the TLS protocol. ("reddit: miTLS - A verified reference TLS implementation")
NaCl NaCl (pronounced "salt") is a easy-to-use high-speed software library for network communication, encryption, decryption, and signatures
NSS a set of libraries designed to support cross-platform development of security-enabled client and server applications
Poco Modern open source C++ class libraries for building network-based applications that run on desktop, server, mobile and embedded systems.
s2n Amazon's open source implementation of the TLS/SSL protocols.
XySSL a C library providing a very small footprint crypto library and SSL implementation.

Open Source Products Using OpenSSL[edit]

Products which are available under some form of Open Source License, and which may also be available under some form of commercial license.

Open Source Products Using OpenSSL
Product Description
libevent an event driven library which can optionally use OpenSSL
mod_ssl SSL/TLS module for the Apache HTTP Server
Stunnel an SSL encryption wrapper between remote client and local (inetd-startable) or remote server

Languages libraries/Wrappers relying on openssl[edit]

Closed Source Cryptographic Libraries[edit]

Closed Source Cryptographic Libraries
Library Description
No Entry This is a placeholder

Closed Source Products Using OpenSSL[edit]

Closed Source Products Using OpenSSL
Product Description
Stonesoft Firewall Appliances [1] Stonesoft (now McAfee) Appliances uses openssl as SSL/TLS communication library, license advertised [2]
No Entry This is a placeholder

Even if this section is empty now, it exist a numerous number of closed source products using OpenSSL.

Books and Documentation[edit]

Books and Documentation
Title Description
Comparison of TLS implementations Wikipedia article comparing various TLS libraries
keylength.com site which summarizes various key length recommendations
OpenSSL Cookbook A free ebook that covers configuration and command-line usage (first

published in 2013; continuously updated)

Network Security with OpenSSL O'Reilly book from 2002

Testing Resources[edit]

Testing Resources
Title Description
TLS-O-MATIC A set of tests for TLS clients
SSL Labs server test Probes any HTTPS server on the Internet and assigns it a letter grade
SSL Labs client test Tests the TLS capabilities of your browser
TLSPretense A test framework for testing SSL/TLS client certificate validation
sni.velox.ch Test for Server Name Indication