OpenSSL Alternatives

Similar projects and alternatives to OpenSSL

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better OpenSSL alternative or higher similarity.

Suggest an alternative to OpenSSL

Reviews and mentions

Posts with mentions or reviews of OpenSSL. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2021-10-12.
  • OpenSSL Is Implementing QUIC
    news.ycombinator.com | 2021-10-14
  • Is using libraries "cheating" yourself?
  • What we learn from twitch source code leak
    news.ycombinator.com | 2021-10-11
    I mean, it hasn't grown to a thousand entries, but https://github.com/openssl/openssl/blob/master/crypto/http/h...
  • TIL: There's a guy who is responsible for maintaining the database of time zones which computers and operating systems use to configure locales. His name is Paul Eggert. And he's a computer scientist based in California.
    It wasn't made by a single guy. OpenSSL was forked from SSLeay that was made by 2 guys (Eric Andrew Young and Tim Hudson) and they maintained it for a few years. There seem to be 3 developers (Richard Levitte, Stephen Henson, Andy Polyakov) who have contributed for 23 years straight according to the contribution graphs.
  • The difference between Go and Rust
    And yet they all do https://github.com/openssl/openssl/tree/1c0eede9827b0962f1d752fa4ab5d436fa039da4/crypto/aes/asm
  • OpenSSL 3.0
    news.ycombinator.com | 2021-09-07
    There are a lot of little tidbits in the changelog. For example:

    “Interactive mode from the openssl program has been removed

    From now on, running it without arguments is equivalent to openssl help.”

    https://github.com/openssl/openssl/blob/master/doc/man7/migr...

  • OpenSSL security advisory (2021-08-24)
    news.ycombinator.com | 2021-08-24
    It looks like its inclusion is guarded by a compiler flag: https://github.com/openssl/openssl/blob/b93f6c2db94f736b497f...

    If anyone needs to know if SM2 is enabled quickly on any system, this is guaranteed to include SM2 if it's compiled:

        openssl list --public-key-methods | grep sm2
  • Need help where to download OpenSSL for Windows 7 and if it's safe to use OpenSLL?
    reddit.com/r/software | 2021-08-12
    Nornally, you need to compile OpenSSL yourself, since they only offer the source code. But you can look here to see which websites offer 3rd party binaries for it. But I can't tell which one is safe.
  • Bug in Lynx' SSL certificate validation – leaks password in clear text via SNI
    news.ycombinator.com | 2021-08-07
    Let me say, I really appreciate OpenSSL, and it's made amazing progress in terms of security over the last few years. I make monthly donations to the developers as I believe it's critical infrastructure. Buutt...

    From [0], the issue arises when they send "user:[email protected]" to SSL_set_tlsext_host_name, which happily sets the SNI to whatever it's given [1]. As a point of comparison, when you create a Rustls client via ClientSession::new [2], you have to pass it a DNSNameRef, which will validate that there's no auth component in the string it wraps, and return an error if you try to set the server name to something involving auth details.

    I'm sure there's reasons why OpenSSL is set up to work like this, but I can't see why anyone would ever want to send those auth details in the clear in the SNI, and I wish it provided an API that would anticipate this misuse, like in Rust. The OpenSSL docs don't indicate it's an issue you should think about when invoking this function [3].

    I realise I'm picking on OpenSSL here, and GnuTLS appears to do the exact same thing. I'm just not certain anyone not wearing a hazmat suit and being watched by multiple other trained professionals should be handling OpenSSL code.

    0: https://www.openwall.com/lists/oss-security/2021/08/07/7

    1: https://github.com/openssl/openssl/blob/0e0a47377f98ac45648d...

    2: https://docs.rs/rustls/0.19.1/rustls/struct.ClientSession.ht...

    3: https://www.openssl.org/docs/man1.1.1/man3/SSL_set_tlsext_ho...

  • Cross-posting to Tumblr
    dev.to | 2021-07-05
    ### Install pre-requisites # For Mac/OSX: install command line tools and cross-compiler xcode-select --install brew install FiloSottile/musl-cross/musl-cross rustup target add x86_64-unknown-linux-musl ### Build OpenSSL with musl wget https://github.com/openssl/openssl/archive/OpenSSL_1_1_1f.tar.gz tar xzf OpenSSL_1_1_1f.tar.gz cd openssl-OpenSSL_1_1_1f export CROSS_COMPILE=x86_64-linux-musl- # `-DOPENSSL_NO_SECURE_MEMORY` is to avoid `define OPENSSL_SECURE_MEMORY` which needs `#include ` (which OSX doesn't have). ./Configure CFLAGS="-DOPENSSL_NO_SECURE_MEMORY -fpie -pie" no-shared no-async --prefix=output_abs_path/musl --openssldir=output_abs_path/musl/ssl linux-x86_64 make depend # Use `sysctl -n hw.physicalcpu` or `hw.logicalcpu` with `-j` if so inclined make # Install required stuff to `output_abs_path/musl/` (exclude man-pages, etc.) make install_sw # Set value from `--prefix` above export OPENSSL_DIR=output_abs_path/musl ### Build Rust lambda function cargo build --release
  • ELI5: Hashing Function
    https://github.com/openssl/openssl/blob/master/crypto/sha/sha512.c
  • Crypto Resources
    What about OpenSSL? There's also libgcrypt
  • Can anyone clarify what this ‘Pegasus API’ is? Is this Norman on iPhone 11?
    reddit.com/r/iosdev | 2021-05-21
    Binaries that are linked against OpenSSL include software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/). Please consult the OpenSSL license (https://www.openssl.org/source/license.html) for licensing terms.
  • Version controlled configuration and secrets management for Terraform
    dev.to | 2021-05-09
    Secrets like passwords can be version controlled in a similar way though they require encryption to keep them safe. We're using OpenSSL with a symmetric key to encrypt our secrets. Each secret is put into a tfsecrets file (internally a property file just like tfvars files for configuration). When encrypted, the file will have an extension of .tfsecrets.enc. When the plan or apply stages are executed, files are decrypted in memory (and not on disk, for security reasons) and used the same way.
  • #30DaysofAppwrite: SSL Certificates
    dev.to | 2021-05-06
    The TLS protocol provides cryptographically unique keypairs that not only provide encryption, but also include domain, host, and organization information in the certificate. However, since TLS technology is open-source, anyone can operate as a CA and sign certificates. To keep users secure, computers and browsers ship with lists of pre-vetted CAs to trust automatically[1]. Websites that use certificates issued by these trusted sources get the all-important lock🔒 next to their domain in the URL bar. Websites without them, however, face the dreaded Warning: Potential Security Risk Ahead.

Stats

Basic OpenSSL repo stats
33
16,741
10.0
3 days ago

openssl/openssl is an open source project licensed under Apache License 2.0 which is an OSI approved license.

SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
Find remote jobs at our new job board 99remotejobs.com. There are 37 new remote jobs listed recently.
Are you hiring? Post a new remote job listing for free.