OpenSSL VS LibreSSL

Compare OpenSSL vs LibreSSL and see what are their differences.

LibreSSL

LibreSSL Portable itself. This includes the build scaffold and compatibility layer that builds portable LibreSSL from the OpenBSD source code. Pull requests or patches sent to [email protected] are welcome. (by libressl-portable)
Our great sponsors
  • Scout APM - A developer's best friend. Try free for 14-days
  • Nanos - Run Linux Software Faster and Safer than Linux with Unikernels
  • SaaSHub - Software Alternatives and Reviews
OpenSSL LibreSSL
37 1
16,997 1,067
2.5% 1.7%
10.0 7.5
2 days ago 4 days ago
C C
Apache License 2.0 -
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

OpenSSL

Posts with mentions or reviews of OpenSSL. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2021-11-18.
  • Trouble integrating OpenSSL library
    1 project | reddit.com/r/C_Programming | 20 Nov 2021
    Has anyone successfully integrated OpenSSL library? I am having trouble compiling the master branch (as well as the 1_1_1 stable. With the master, I include the path //ssl/openssl/include in my Makefile but I see the following missing file error
  • Alpine Linux: Considering LibreSSL as default OpenSSL provider again
    3 projects | news.ycombinator.com | 18 Nov 2021
    Ariadne actually answers this in that thread: https://github.com/openssl/openssl/issues/16660#issuecomment...

    I'll quote the section:

    "Given that the OpenSSL 3 migration had an outcome where our contingency plan came into effect, I believe it to be the most prudent course of action to evaluate all possible options before committing to trying the OpenSSL 3 migration again, such an evaluation would be required by the TSC anyway."

    The Alpine project operates independently from OpenSSL, so it's no surprise they published their own report to discuss their own timelines. I'm not sure I can attest to this being a "personal" reaction from my interpretation. Instead, this seems rather like the Alpine project's reaction to their own internal deadlines. Tossing out OpenSSL may appear flippant from a distance, but getting SSL correct for their own releases and finding projects that want to work alongside them (as LibreSSL is supposedly responsive towards doing) should be a priority if you're in charge of getting this work ticket over the line.

    Of course, the wording and general attitude towards OpenSSL developers can be interpreted however you want, but I don't see this as outright hostility or a personal reaction so much as "this ticket was left for over a month, and our project needs to make forward progress."

    3 projects | news.ycombinator.com | 18 Nov 2021
    Ehh, it doesn't seem very hasty to me. The proposal is for Alpine 3.17 or 3.18, which are 1 and 1.5 years away respectively. That's plenty of time to consider the pros and cons, try it, and revert if it ends up being a poor choice.

    > Seems like this stems from https://github.com/openssl/openssl/issues/16660 which contains the full backstory and some more information.

    I wouldn't call that the "full backstory", since it is only about a single issue outlined in this proposal. Though she does explain that fact in that GitHub thread too, and also why they're looking into alternatives:

    > Given that the OpenSSL 3 migration had an outcome where our contingency plan came into effect, I believe it to be the most prudent course of action to evaluate all possible options before committing to trying the OpenSSL 3 migration again, such an evaluation would be required by the TSC anyway.

    > and instead the author chose to write on Twitter and in AlpineLinux GitLab about the frustrations.

    Eh, I wouldn't read too much into short twitter vents. As for the Alpine Linux GitLab, well, she's the head of Alpine's security team and a member of the TSC, so coming up with proposals as for what should be investigated w.r.t. security critical packages is one of the things she's supposed to be doing.

    3 projects | news.ycombinator.com | 18 Nov 2021
    Seems like this stems from https://github.com/openssl/openssl/issues/16660 which contains the full backstory and some more information.

    kaniini, same as Ariadne Conill who posted the issue in the linked GitLab instance, opened a issue about a regression. They felt the response from the OpenSSL team wasn't as fast as expected, and created the text that this submission is linking to.

    Seems expectations of a quick fix was never told about in the GitHub repository for OpenSSL, and instead the author chose to write on Twitter and in AlpineLinux GitLab about the frustrations.

    I can't help but to see this as a personal reaction to these events, and unsure about the merit to change it out so hastily. But, I'm not super up-to-date about things in LibreSSL/OpenSSL land so I could be wrong, it has happened before.

  • OpenSSL Is Implementing QUIC
    1 project | news.ycombinator.com | 14 Oct 2021
  • Is using libraries "cheating" yourself?
    3 projects | reddit.com/r/learnprogramming | 12 Oct 2021
  • What we learn from twitch source code leak
    1 project | news.ycombinator.com | 11 Oct 2021
    I mean, it hasn't grown to a thousand entries, but https://github.com/openssl/openssl/blob/master/crypto/http/h...
  • TIL: There's a guy who is responsible for maintaining the database of time zones which computers and operating systems use to configure locales. His name is Paul Eggert. And he's a computer scientist based in California.
    2 projects | reddit.com/r/todayilearned | 2 Oct 2021
    It wasn't made by a single guy. OpenSSL was forked from SSLeay that was made by 2 guys (Eric Andrew Young and Tim Hudson) and they maintained it for a few years. There seem to be 3 developers (Richard Levitte, Stephen Henson, Andy Polyakov) who have contributed for 23 years straight according to the contribution graphs.
  • The difference between Go and Rust
    6 projects | reddit.com/r/programming | 28 Sep 2021
    And yet they all do https://github.com/openssl/openssl/tree/1c0eede9827b0962f1d752fa4ab5d436fa039da4/crypto/aes/asm
  • OpenSSL 3.0
    3 projects | news.ycombinator.com | 7 Sep 2021
    There are a lot of little tidbits in the changelog. For example:

    “Interactive mode from the openssl program has been removed

    From now on, running it without arguments is equivalent to openssl help.”

    https://github.com/openssl/openssl/blob/master/doc/man7/migr...

LibreSSL

Posts with mentions or reviews of LibreSSL. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2021-01-03.

What are some alternatives?

When comparing OpenSSL and LibreSSL you can also consider the following projects:

GnuTLS - GnuTLS

mbedTLS - An open source, portable, easy to use, readable and flexible SSL library

Crypto++ - free C++ class library of cryptographic schemes

libsodium - A modern, portable, easy to use crypto library.

Botan - Cryptography Toolkit

LibTomCrypt - LibTomCrypt is a fairly comprehensive, modular and portable cryptographic toolkit that provides developers with a vast array of well known published block ciphers, one-way hash functions, chaining modes, pseudo-random number generators, public key cryptography and a plethora of other routines.

cfssl - CFSSL: Cloudflare's PKI and TLS toolkit

Bcrypt - Modern(-ish) password hashing for your software and your servers

GnuPG - Mirror of git://git.gnupg.org/gnupg.git — master branch contains no changes from upstream.

s2n - s2n : an implementation of the TLS/SSL protocols