| OLD | NEW |
|---|
| (Empty) | |
| 1 |
| 2 OpenSSL 0.9.8g |
| 3 |
| 4 Copyright (c) 1998-2007 The OpenSSL Project |
| 5 Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson |
| 6 All rights reserved. |
| 7 |
| 8 DESCRIPTION |
| 9 ----------- |
| 10 |
| 11 The OpenSSL Project is a collaborative effort to develop a robust, |
| 12 commercial-grade, fully featured, and Open Source toolkit implementing the |
| 13 Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) |
| 14 protocols as well as a full-strength general purpose cryptography library. |
| 15 The project is managed by a worldwide community of volunteers that use the |
| 16 Internet to communicate, plan, and develop the OpenSSL toolkit and its |
| 17 related documentation. |
| 18 |
| 19 OpenSSL is based on the excellent SSLeay library developed from Eric A. Young |
| 20 and Tim J. Hudson. The OpenSSL toolkit is licensed under a dual-license (the |
| 21 OpenSSL license plus the SSLeay license) situation, which basically means |
| 22 that you are free to get and use it for commercial and non-commercial |
| 23 purposes as long as you fulfill the conditions of both licenses. |
| 24 |
| 25 OVERVIEW |
| 26 -------- |
| 27 |
| 28 The OpenSSL toolkit includes: |
| 29 |
| 30 libssl.a: |
| 31 Implementation of SSLv2, SSLv3, TLSv1 and the required code to support |
| 32 both SSLv2, SSLv3 and TLSv1 in the one server and client. |
| 33 |
| 34 libcrypto.a: |
| 35 General encryption and X.509 v1/v3 stuff needed by SSL/TLS but not |
| 36 actually logically part of it. It includes routines for the following: |
| 37 |
| 38 Ciphers |
| 39 libdes - EAY's libdes DES encryption package which was floating |
| 40 around the net for a few years, and was then relicensed by |
| 41 him as part of SSLeay. It includes 15 'modes/variations' |
| 42 of DES (1, 2 and 3 key versions of ecb, cbc, cfb and ofb; |
| 43 pcbc and a more general form of cfb and ofb) including desx |
| 44 in cbc mode, a fast crypt(3), and routines to read |
| 45 passwords from the keyboard. |
| 46 RC4 encryption, |
| 47 RC2 encryption - 4 different modes, ecb, cbc, cfb and ofb. |
| 48 Blowfish encryption - 4 different modes, ecb, cbc, cfb and ofb. |
| 49 IDEA encryption - 4 different modes, ecb, cbc, cfb and ofb. |
| 50 |
| 51 Digests |
| 52 MD5 and MD2 message digest algorithms, fast implementations, |
| 53 SHA (SHA-0) and SHA-1 message digest algorithms, |
| 54 MDC2 message digest. A DES based hash that is popular on smart cards. |
| 55 |
| 56 Public Key |
| 57 RSA encryption/decryption/generation. |
| 58 There is no limit on the number of bits. |
| 59 DSA encryption/decryption/generation. |
| 60 There is no limit on the number of bits. |
| 61 Diffie-Hellman key-exchange/key generation. |
| 62 There is no limit on the number of bits. |
| 63 |
| 64 X.509v3 certificates |
| 65 X509 encoding/decoding into/from binary ASN1 and a PEM |
| 66 based ASCII-binary encoding which supports encryption with a |
| 67 private key. Program to generate RSA and DSA certificate |
| 68 requests and to generate RSA and DSA certificates. |
| 69 |
| 70 Systems |
| 71 The normal digital envelope routines and base64 encoding. Higher |
| 72 level access to ciphers and digests by name. New ciphers can be |
| 73 loaded at run time. The BIO io system which is a simple non-blocking |
| 74 IO abstraction. Current methods supported are file descriptors, |
| 75 sockets, socket accept, socket connect, memory buffer, buffering, SSL |
| 76 client/server, file pointer, encryption, digest, non-blocking testing |
| 77 and null. |
| 78 |
| 79 Data structures |
| 80 A dynamically growing hashing system |
| 81 A simple stack. |
| 82 A Configuration loader that uses a format similar to MS .ini files. |
| 83 |
| 84 openssl: |
| 85 A command line tool that can be used for: |
| 86 Creation of RSA, DH and DSA key parameters |
| 87 Creation of X.509 certificates, CSRs and CRLs |
| 88 Calculation of Message Digests |
| 89 Encryption and Decryption with Ciphers |
| 90 SSL/TLS Client and Server Tests |
| 91 Handling of S/MIME signed or encrypted mail |
| 92 |
| 93 |
| 94 PATENTS |
| 95 ------- |
| 96 |
| 97 Various companies hold various patents for various algorithms in various |
| 98 locations around the world. _YOU_ are responsible for ensuring that your use |
| 99 of any algorithms is legal by checking if there are any patents in your |
| 100 country. The file contains some of the patents that we know about or are |
| 101 rumored to exist. This is not a definitive list. |
| 102 |
| 103 RSA Security holds software patents on the RC5 algorithm. If you |
| 104 intend to use this cipher, you must contact RSA Security for |
| 105 licensing conditions. Their web page is http://www.rsasecurity.com/. |
| 106 |
| 107 RC4 is a trademark of RSA Security, so use of this label should perhaps |
| 108 only be used with RSA Security's permission. |
| 109 |
| 110 The IDEA algorithm is patented by Ascom in Austria, France, Germany, Italy, |
| 111 Japan, the Netherlands, Spain, Sweden, Switzerland, UK and the USA. They |
| 112 should be contacted if that algorithm is to be used; their web page is |
| 113 http://www.ascom.ch/. |
| 114 |
| 115 The MDC2 algorithm is patented by IBM. |
| 116 |
| 117 NTT and Mitsubishi have patents and pending patents on the Camellia |
| 118 algorithm, but allow use at no charge without requiring an explicit |
| 119 licensing agreement: http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html |
| 120 |
| 121 INSTALLATION |
| 122 ------------ |
| 123 |
| 124 To install this package under a Unix derivative, read the INSTALL file. For |
| 125 a Win32 platform, read the INSTALL.W32 file. For OpenVMS systems, read |
| 126 INSTALL.VMS. |
| 127 |
| 128 Read the documentation in the doc/ directory. It is quite rough, but it |
| 129 lists the functions; you will probably have to look at the code to work out |
| 130 how to use them. Look at the example programs. |
| 131 |
| 132 PROBLEMS |
| 133 -------- |
| 134 |
| 135 For some platforms, there are some known problems that may affect the user |
| 136 or application author. We try to collect those in doc/PROBLEMS, with current |
| 137 thoughts on how they should be solved in a future of OpenSSL. |
| 138 |
| 139 SUPPORT |
| 140 ------- |
| 141 |
| 142 If you have any problems with OpenSSL then please take the following steps |
| 143 first: |
| 144 |
| 145 - Download the current snapshot from ftp://ftp.openssl.org/snapshot/ |
| 146 to see if the problem has already been addressed |
| 147 - Remove ASM versions of libraries |
| 148 - Remove compiler optimisation flags |
| 149 |
| 150 If you wish to report a bug then please include the following information in |
| 151 any bug report: |
| 152 |
| 153 - On Unix systems: |
| 154 Self-test report generated by 'make report' |
| 155 - On other systems: |
| 156 OpenSSL version: output of 'openssl version -a' |
| 157 OS Name, Version, Hardware platform |
| 158 Compiler Details (name, version) |
| 159 - Application Details (name, version) |
| 160 - Problem Description (steps that will reproduce the problem, if known) |
| 161 - Stack Traceback (if the application dumps core) |
| 162 |
| 163 Report the bug to the OpenSSL project via the Request Tracker |
| 164 (http://www.openssl.org/support/rt2.html) by mail to: |
| 165 |
| 166 openssl-bugs@openssl.org |
| 167 |
| 168 Note that mail to openssl-bugs@openssl.org is recorded in the publicly |
| 169 readable request tracker database and is forwarded to a public |
| 170 mailing list. Confidential mail may be sent to openssl-security@openssl.org |
| 171 (PGP key available from the key servers). |
| 172 |
| 173 HOW TO CONTRIBUTE TO OpenSSL |
| 174 ---------------------------- |
| 175 |
| 176 Development is coordinated on the openssl-dev mailing list (see |
| 177 http://www.openssl.org for information on subscribing). If you |
| 178 would like to submit a patch, send it to openssl-dev@openssl.org with |
| 179 the string "[PATCH]" in the subject. Please be sure to include a |
| 180 textual explanation of what your patch does. |
| 181 |
| 182 Note: For legal reasons, contributions from the US can be accepted only |
| 183 if a TSU notification and a copy of the patch are sent to crypt@bis.doc.gov |
| 184 (formerly BXA) with a copy to the ENC Encryption Request Coordinator; |
| 185 please take some time to look at |
| 186 http://www.bis.doc.gov/Encryption/PubAvailEncSourceCodeNofify.html [sic] |
| 187 and |
| 188 http://w3.access.gpo.gov/bis/ear/pdf/740.pdf (EAR Section 740.13(e)) |
| 189 for the details. If "your encryption source code is too large to serve as |
| 190 an email attachment", they are glad to receive it by fax instead; hope you |
| 191 have a cheap long-distance plan. |
| 192 |
| 193 Our preferred format for changes is "diff -u" output. You might |
| 194 generate it like this: |
| 195 |
| 196 # cd openssl-work |
| 197 # [your changes] |
| 198 # ./Configure dist; make clean |
| 199 # cd .. |
| 200 # diff -ur openssl-orig openssl-work > mydiffs.patch |
| 201 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 467008:
Move lighttpd into deps because it's 20mb of win and mac specific... (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/