Main Page

This is the OpenSSL wiki. The main site is https://www.openssl.org . If this is your first visit or to get an account please see the Welcome page. Your participation and Contributions are valued.

This wiki is intended as a place for collecting, organizing, and refining useful information about OpenSSL that is currently strewn among multiple locations and formats.

OpenSSL Quick Links[edit]

OpenSSL Overview		Compilation and Installation		Configuration "packages"		Internals
libcrypto API		libssl API		Examples		Index of all API functions
License		Command Line Utilities		Related Links		Binaries
SSL and TLS Protocols		1.1 API Changes		FIPS modules		TLS1.3
Mailing Lists		OpenSSL 3.0

Administrivia[edit]

Site guidelines, legal and admininstrative issues.

• Basic rules, Commercial Product Disclaimer, Contributions, Copyright, License
• Using This Wiki

Wiki User's Guide, Configuration settings list, MediaWiki FAQ, MediaWiki Mailing List

Reference[edit]

This section contains the automagically generated man pages from the OpenSSL git repository, and similar "man" style reference documentation. The man pages are automatically imported from the OpenSSL git repository and local wiki modifications are submitted as patches.

• OpenSSL Manual Pages
• API, Libcrypto API, Libssl API
• FIPS mode(), FIPS_mode_set()

Usage and Programming[edit]

This section has discussions of practical issues in using OpenSSL

• Building from Source

Where to find it, the different versions, how to build and install it.

• OpenSSL Overview
• Versioning
• Compilation and Installation
• EVP

Programming techniques and example code

Use of EVP is preferred for most applications and circumstances

• EVP Asymmetric Encryption and Decryption of an Envelope
• EVP Authenticated Encryption and Decryption
• EVP Symmetric Encryption and Decryption
• EVP Key and Parameter Generation
• EVP Key Agreement
• EVP Message Digests
• EVP Key Derivation
• EVP Signing and Verifying (including MAC codes)

• STACK API
• List of SSL OP Flags
• Low Level APIs

Creating an OpenSSL Engine to use indigenous ECDH ECDSA and HASH Algorithms

More specialized non-EVP usage

• Diffie-Hellman parameters

• FIPS Mode
• Simple TLS Server
• Simple TLS Client
• Simple DTLS Server
• Simple DTLS Client

Concepts and Theory[edit]

Discussions of basic cryptographic theory and concepts Discussions of common operational issues

• Base64
• FIPS 140-2
• Random Numbers
• Diffie Hellman
• Elliptic Curve Diffie Hellman
• Elliptic Curve Cryptography

Security Advisories[edit]

• OpenSSL Security Policy
• OpenSSL Vulnerabilities List
• Security Advisories Additional Information

Feedback and Contributions[edit]

• How to notify us of suspected security vulnerabilities
• How to report bugs, other than for suspected vulnerabilities
• General background on source and documentation contributions - must read
• Contributing code fixes, other than for suspected vulnerabilities, as well as fixes and other improvements to manual pages:

• If you are unsure as to whether a feature will be useful for the general OpenSSL community please discuss it on the openssl-users mailing list first. Someone may be already working on the same thing or there may be a good reason as to why that feature isn't implemented.
• Follow the instructions for accessing source code in the appropriate branches. Note that manual pages and the FAQ are maintained with the source code.
• Submit a pull request for each separate fix (also documented there)
• Submit a bug report (see second bullet, above) and reference the pull request. Or you can attach the patch to the ticket.

• Contributing fixes and other improvements to the web site

• Follow the instructions for accessing web site sources
• Create a patch (also documented there)
• Submit a bug report and add the patch as an attachment

• Developing For OpenSSL
• Known patches not part of OpenSSL
• Contributing to this wiki

Internals and Development[edit]

This section is for internal details of primary interest to OpenSSL maintainers and power users

• Code reformatting

• Internals
• Code Quality
• Static and Dynamic Analysis
• OCB Licence details
• Defect and Feature Review Process
• Unit Testing (includes other automated testing information)
• How to Integrate a Symmetric Cipher