2020-05-07 19:44:01 +08:00
|
|
|
Welcome to the OpenSSL Project
|
|
|
|
==============================
|
|
|
|
|
2020-10-17 16:45:49 +08:00
|
|
|
[![openssl logo]][www.openssl.org]
|
1998-12-21 18:52:47 +08:00
|
|
|
|
2021-01-24 15:42:52 +08:00
|
|
|
[![github actions ci badge]][github actions ci]
|
2024-06-28 19:04:43 +08:00
|
|
|
![Nightly OS Zoo ci badge](https://github.com/openssl/openssl/actions/workflows/os-zoo.yml/badge.svg)
|
2024-08-22 00:32:28 +08:00
|
|
|
![Provider Compatibility](https://github.com/openssl/openssl/actions/workflows/provider-compatibility.yml/badge.svg)
|
|
|
|
![Quic Interop](https://github.com/openssl/openssl/actions/workflows/run_quic_interop.yml/badge.svg)
|
2024-06-29 01:17:41 +08:00
|
|
|
![Daily checks](https://github.com/openssl/openssl/actions/workflows/run-checker-daily.yml/badge.svg)
|
2019-11-30 03:45:28 +08:00
|
|
|
|
|
|
|
OpenSSL is a robust, commercial-grade, full-featured Open Source Toolkit
|
2023-10-25 20:10:59 +08:00
|
|
|
for the TLS (formerly SSL), DTLS and QUIC (currently client side only)
|
|
|
|
protocols.
|
2023-10-25 18:10:51 +08:00
|
|
|
|
|
|
|
The protocol implementations are based on a full-strength general purpose
|
|
|
|
cryptographic library, which can also be used stand-alone. Also included is a
|
|
|
|
cryptographic module validated to conform with FIPS standards.
|
1998-12-22 23:04:48 +08:00
|
|
|
|
2019-11-29 06:10:51 +08:00
|
|
|
OpenSSL is descended from the SSLeay library developed by Eric A. Young
|
|
|
|
and Tim J. Hudson.
|
1999-03-06 22:04:40 +08:00
|
|
|
|
2020-10-17 16:45:49 +08:00
|
|
|
The official Home Page of the OpenSSL Project is [www.openssl.org].
|
2019-11-30 03:45:28 +08:00
|
|
|
|
|
|
|
Table of Contents
|
|
|
|
=================
|
|
|
|
|
|
|
|
- [Overview](#overview)
|
|
|
|
- [Download](#download)
|
|
|
|
- [Build and Install](#build-and-install)
|
|
|
|
- [Documentation](#documentation)
|
|
|
|
- [License](#license)
|
|
|
|
- [Support](#support)
|
|
|
|
- [Contributing](#contributing)
|
|
|
|
- [Legalities](#legalities)
|
1998-12-22 23:04:48 +08:00
|
|
|
|
2019-11-29 06:10:51 +08:00
|
|
|
Overview
|
|
|
|
========
|
2018-12-06 19:52:18 +08:00
|
|
|
|
2019-11-29 06:10:51 +08:00
|
|
|
The OpenSSL toolkit includes:
|
1998-12-22 23:04:48 +08:00
|
|
|
|
2019-11-30 03:45:28 +08:00
|
|
|
- **libssl**
|
2023-10-25 18:10:51 +08:00
|
|
|
an implementation of all TLS protocol versions up to TLSv1.3 ([RFC 8446]),
|
|
|
|
DTLS protocol versions up to DTLSv1.2 ([RFC 6347]) and
|
2023-10-25 20:10:59 +08:00
|
|
|
the QUIC (currently client side only) version 1 protocol ([RFC 9000]).
|
2019-11-30 03:45:28 +08:00
|
|
|
|
|
|
|
- **libcrypto**
|
|
|
|
a full-strength general purpose cryptographic library. It constitutes the
|
|
|
|
basis of the TLS implementation, but can also be used independently.
|
|
|
|
|
|
|
|
- **openssl**
|
|
|
|
the OpenSSL command line tool, a swiss army knife for cryptographic tasks,
|
|
|
|
testing and analyzing. It can be used for
|
2020-05-07 19:44:01 +08:00
|
|
|
- creation of key parameters
|
|
|
|
- creation of X.509 certificates, CSRs and CRLs
|
|
|
|
- calculation of message digests
|
|
|
|
- encryption and decryption
|
2023-10-25 18:10:51 +08:00
|
|
|
- SSL/TLS/DTLS and client and server tests
|
|
|
|
- QUIC client tests
|
2020-05-07 19:44:01 +08:00
|
|
|
- handling of S/MIME signed or encrypted mail
|
|
|
|
- and more...
|
2019-11-30 03:45:28 +08:00
|
|
|
|
|
|
|
Download
|
|
|
|
========
|
1998-12-22 23:04:48 +08:00
|
|
|
|
2019-11-30 03:45:28 +08:00
|
|
|
For Production Use
|
|
|
|
------------------
|
1998-12-22 23:04:48 +08:00
|
|
|
|
2019-11-30 03:45:28 +08:00
|
|
|
Source code tarballs of the official releases can be downloaded from
|
|
|
|
[www.openssl.org/source](https://www.openssl.org/source).
|
|
|
|
The OpenSSL project does not distribute the toolkit in binary form.
|
2000-02-24 07:47:05 +08:00
|
|
|
|
2019-11-30 03:45:28 +08:00
|
|
|
However, for a large variety of operating systems precompiled versions
|
2022-09-22 19:27:27 +08:00
|
|
|
of the OpenSSL toolkit are available. In particular, on Linux and other
|
|
|
|
Unix operating systems, it is normally recommended to link against the
|
2019-11-30 03:45:28 +08:00
|
|
|
precompiled shared libraries provided by the distributor or vendor.
|
1999-03-06 22:04:40 +08:00
|
|
|
|
2023-10-25 18:10:51 +08:00
|
|
|
We also maintain a list of third parties that produce OpenSSL binaries for
|
|
|
|
various Operating Systems (including Windows) on the [Binaries] page on our
|
|
|
|
wiki.
|
|
|
|
|
2019-11-30 03:45:28 +08:00
|
|
|
For Testing and Development
|
|
|
|
---------------------------
|
1999-03-06 22:04:40 +08:00
|
|
|
|
2019-11-30 03:45:28 +08:00
|
|
|
Although testing and development could in theory also be done using
|
|
|
|
the source tarballs, having a local copy of the git repository with
|
|
|
|
the entire project history gives you much more insight into the
|
|
|
|
code base.
|
|
|
|
|
2020-10-17 16:45:49 +08:00
|
|
|
The official OpenSSL Git Repository is located at [git.openssl.org].
|
|
|
|
There is a GitHub mirror of the repository at [github.com/openssl/openssl],
|
2019-11-30 03:45:28 +08:00
|
|
|
which is updated automatically from the former on every commit.
|
|
|
|
|
|
|
|
A local copy of the Git Repository can be obtained by cloning it from
|
|
|
|
the original OpenSSL repository using
|
|
|
|
|
2020-05-07 19:44:01 +08:00
|
|
|
git clone git://git.openssl.org/openssl.git
|
2019-11-30 03:45:28 +08:00
|
|
|
|
|
|
|
or from the GitHub mirror using
|
|
|
|
|
2020-05-07 19:44:01 +08:00
|
|
|
git clone https://github.com/openssl/openssl.git
|
2019-11-30 03:45:28 +08:00
|
|
|
|
|
|
|
If you intend to contribute to OpenSSL, either to fix bugs or contribute
|
|
|
|
new features, you need to fork the OpenSSL repository openssl/openssl on
|
|
|
|
GitHub and clone your public fork instead.
|
|
|
|
|
2020-05-07 19:44:01 +08:00
|
|
|
git clone https://github.com/yourname/openssl.git
|
2019-11-30 03:45:28 +08:00
|
|
|
|
2022-09-22 19:27:27 +08:00
|
|
|
This is necessary because all development of OpenSSL nowadays is done via
|
2019-11-30 03:45:28 +08:00
|
|
|
GitHub pull requests. For more details, see [Contributing](#contributing).
|
|
|
|
|
|
|
|
Build and Install
|
|
|
|
=================
|
|
|
|
|
|
|
|
After obtaining the Source, have a look at the [INSTALL](INSTALL.md) file for
|
|
|
|
detailed instructions about building and installing OpenSSL. For some
|
|
|
|
platforms, the installation instructions are amended by a platform specific
|
|
|
|
document.
|
|
|
|
|
2021-02-02 01:57:40 +08:00
|
|
|
* [Notes for UNIX-like platforms](NOTES-UNIX.md)
|
|
|
|
* [Notes for Android platforms](NOTES-ANDROID.md)
|
|
|
|
* [Notes for Windows platforms](NOTES-WINDOWS.md)
|
|
|
|
* [Notes for the DOS platform with DJGPP](NOTES-DJGPP.md)
|
|
|
|
* [Notes for the OpenVMS platform](NOTES-VMS.md)
|
|
|
|
* [Notes on Perl](NOTES-PERL.md)
|
|
|
|
* [Notes on Valgrind](NOTES-VALGRIND.md)
|
2019-11-30 03:45:28 +08:00
|
|
|
|
2023-10-25 18:10:51 +08:00
|
|
|
Specific notes on upgrading to OpenSSL 3.x from previous versions can be found
|
2023-08-22 18:56:30 +08:00
|
|
|
in the [ossl-guide-migration(7ossl)] manual page.
|
2019-11-30 03:45:28 +08:00
|
|
|
|
|
|
|
Documentation
|
|
|
|
=============
|
|
|
|
|
2023-10-25 18:10:51 +08:00
|
|
|
README Files
|
|
|
|
------------
|
|
|
|
|
|
|
|
There are some README.md files in the top level of the source distribution
|
|
|
|
containing additional information on specific topics.
|
|
|
|
|
|
|
|
* [Information about the OpenSSL QUIC protocol implementation](README-QUIC.md)
|
|
|
|
* [Information about the OpenSSL Provider architecture](README-PROVIDERS.md)
|
|
|
|
* [Information about using the OpenSSL FIPS validated module](README-FIPS.md)
|
|
|
|
* [Information about the legacy OpenSSL Engine architecture](README-ENGINES.md)
|
|
|
|
|
|
|
|
The OpenSSL Guide
|
|
|
|
-----------------
|
|
|
|
|
|
|
|
There are some tutorial and introductory pages on some important OpenSSL topics
|
|
|
|
within the [OpenSSL Guide].
|
|
|
|
|
2019-11-30 03:45:28 +08:00
|
|
|
Manual Pages
|
|
|
|
------------
|
|
|
|
|
|
|
|
The manual pages for the master branch and all current stable releases are
|
|
|
|
available online.
|
|
|
|
|
|
|
|
- [OpenSSL master](https://www.openssl.org/docs/manmaster)
|
2022-03-10 06:58:02 +08:00
|
|
|
- [OpenSSL 3.0](https://www.openssl.org/docs/man3.0)
|
2023-10-25 18:10:51 +08:00
|
|
|
- [OpenSSL 3.1](https://www.openssl.org/docs/man3.1)
|
2023-11-05 07:18:08 +08:00
|
|
|
- [OpenSSL 3.2](https://www.openssl.org/docs/man3.2)
|
2019-11-30 03:45:28 +08:00
|
|
|
|
2023-10-25 19:48:31 +08:00
|
|
|
Demos
|
|
|
|
-----
|
|
|
|
|
|
|
|
The are numerous source code demos for using various OpenSSL capabilities in the
|
|
|
|
[demos subfolder](./demos).
|
|
|
|
|
2019-11-30 03:45:28 +08:00
|
|
|
Wiki
|
|
|
|
----
|
|
|
|
|
2020-10-17 16:45:49 +08:00
|
|
|
There is a Wiki at [wiki.openssl.org] which is currently not very active.
|
2022-09-22 19:27:27 +08:00
|
|
|
It contains a lot of useful information, not all of which is up-to-date.
|
2019-11-30 03:45:28 +08:00
|
|
|
|
|
|
|
License
|
2019-11-29 06:10:51 +08:00
|
|
|
=======
|
2009-08-13 00:44:33 +08:00
|
|
|
|
2019-11-30 03:45:28 +08:00
|
|
|
OpenSSL is licensed under the Apache License 2.0, which means that
|
|
|
|
you are free to get and use it for commercial and non-commercial
|
|
|
|
purposes as long as you fulfill its conditions.
|
1999-03-06 22:04:40 +08:00
|
|
|
|
2020-06-10 20:15:28 +08:00
|
|
|
See the [LICENSE.txt](LICENSE.txt) file for more details.
|
1999-03-06 22:04:40 +08:00
|
|
|
|
2019-11-30 03:45:28 +08:00
|
|
|
Support
|
|
|
|
=======
|
1999-03-06 22:04:40 +08:00
|
|
|
|
2019-11-30 03:45:28 +08:00
|
|
|
There are various ways to get in touch. The correct channel depends on
|
2022-09-22 19:27:27 +08:00
|
|
|
your requirement. See the [SUPPORT](SUPPORT.md) file for more details.
|
1999-03-06 22:04:40 +08:00
|
|
|
|
2019-11-30 03:45:28 +08:00
|
|
|
Contributing
|
|
|
|
============
|
2015-07-29 00:41:36 +08:00
|
|
|
|
2019-11-30 03:45:28 +08:00
|
|
|
If you are interested and willing to contribute to the OpenSSL project,
|
|
|
|
please take a look at the [CONTRIBUTING](CONTRIBUTING.md) file.
|
1999-05-06 08:40:46 +08:00
|
|
|
|
2019-11-30 03:45:28 +08:00
|
|
|
Legalities
|
|
|
|
==========
|
2015-10-30 00:06:06 +08:00
|
|
|
|
2019-11-30 03:45:28 +08:00
|
|
|
A number of nations restrict the use or export of cryptography. If you are
|
2022-09-22 19:27:27 +08:00
|
|
|
potentially subject to such restrictions, you should seek legal advice before
|
2019-11-30 03:45:28 +08:00
|
|
|
attempting to develop or distribute cryptographic code.
|
2019-11-29 06:10:51 +08:00
|
|
|
|
|
|
|
Copyright
|
|
|
|
=========
|
|
|
|
|
2024-03-20 20:07:54 +08:00
|
|
|
Copyright (c) 1998-2024 The OpenSSL Project Authors
|
2019-11-29 06:10:51 +08:00
|
|
|
|
|
|
|
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
|
|
|
|
|
|
|
|
All rights reserved.
|
2019-11-30 03:45:28 +08:00
|
|
|
|
|
|
|
<!-- Links -->
|
|
|
|
|
|
|
|
[www.openssl.org]:
|
2020-05-07 19:44:01 +08:00
|
|
|
<https://www.openssl.org>
|
2019-11-30 03:45:28 +08:00
|
|
|
"OpenSSL Homepage"
|
|
|
|
|
|
|
|
[git.openssl.org]:
|
2020-05-07 19:44:01 +08:00
|
|
|
<https://git.openssl.org>
|
2019-11-30 03:45:28 +08:00
|
|
|
"OpenSSL Git Repository"
|
|
|
|
|
|
|
|
[git.openssl.org]:
|
2020-05-07 19:44:01 +08:00
|
|
|
<https://git.openssl.org>
|
2019-11-30 03:45:28 +08:00
|
|
|
"OpenSSL Git Repository"
|
|
|
|
|
|
|
|
[github.com/openssl/openssl]:
|
2020-05-07 19:44:01 +08:00
|
|
|
<https://github.com/openssl/openssl>
|
2019-11-30 03:45:28 +08:00
|
|
|
"OpenSSL GitHub Mirror"
|
|
|
|
|
|
|
|
[wiki.openssl.org]:
|
2020-05-07 19:44:01 +08:00
|
|
|
<https://wiki.openssl.org>
|
2019-11-30 03:45:28 +08:00
|
|
|
"OpenSSL Wiki"
|
|
|
|
|
2023-08-22 18:56:30 +08:00
|
|
|
[ossl-guide-migration(7ossl)]:
|
|
|
|
<https://www.openssl.org/docs/manmaster/man7/ossl-guide-migration.html>
|
2022-03-09 00:36:37 +08:00
|
|
|
"OpenSSL Migration Guide"
|
2020-10-17 16:40:25 +08:00
|
|
|
|
2019-11-30 03:45:28 +08:00
|
|
|
[RFC 8446]:
|
2020-05-07 19:44:01 +08:00
|
|
|
<https://tools.ietf.org/html/rfc8446>
|
2019-11-30 03:45:28 +08:00
|
|
|
|
2023-10-25 18:10:51 +08:00
|
|
|
[RFC 6347]:
|
|
|
|
<https://tools.ietf.org/html/rfc6347>
|
|
|
|
|
|
|
|
[RFC 9000]:
|
|
|
|
<https://tools.ietf.org/html/rfc9000>
|
|
|
|
|
|
|
|
[Binaries]:
|
2023-10-25 20:10:59 +08:00
|
|
|
<https://wiki.openssl.org/index.php/Binaries>
|
2023-10-25 18:10:51 +08:00
|
|
|
"List of third party OpenSSL binaries"
|
|
|
|
|
|
|
|
[OpenSSL Guide]:
|
2023-10-25 20:10:59 +08:00
|
|
|
<https://www.openssl.org/docs/manmaster/man7/ossl-guide-introduction.html>
|
2023-10-25 18:10:51 +08:00
|
|
|
"An introduction to OpenSSL"
|
|
|
|
|
2019-11-30 03:45:28 +08:00
|
|
|
<!-- Logos and Badges -->
|
|
|
|
|
|
|
|
[openssl logo]:
|
|
|
|
doc/images/openssl.svg
|
|
|
|
"OpenSSL Logo"
|
|
|
|
|
2021-01-24 15:42:52 +08:00
|
|
|
[github actions ci badge]:
|
|
|
|
<https://github.com/openssl/openssl/workflows/GitHub%20CI/badge.svg>
|
|
|
|
"GitHub Actions CI Status"
|
2019-11-30 03:45:28 +08:00
|
|
|
|
2021-01-24 15:42:52 +08:00
|
|
|
[github actions ci]:
|
|
|
|
<https://github.com/openssl/openssl/actions?query=workflow%3A%22GitHub+CI%22>
|
|
|
|
"GitHub Actions CI"
|
2019-11-30 03:45:28 +08:00
|
|
|
|
|
|
|
[appveyor badge]:
|
2020-07-03 02:00:03 +08:00
|
|
|
<https://ci.appveyor.com/api/projects/status/8e10o7xfrg73v98f/branch/master?svg=true>
|
2019-11-30 03:45:28 +08:00
|
|
|
"AppVeyor Build Status"
|
|
|
|
|
|
|
|
[appveyor jobs]:
|
2020-05-07 19:44:01 +08:00
|
|
|
<https://ci.appveyor.com/project/openssl/openssl/branch/master>
|
2019-11-30 03:45:28 +08:00
|
|
|
"AppVeyor Jobs"
|