diff options
Diffstat (limited to 'README')
| -rw-r--r-- | README | 286 |
1 files changed, 116 insertions, 170 deletions
@@ -1,173 +1,119 @@ - SSLeay 0.9.1a 06-Jul-1998 - Copyright (c) 1997, Eric Young - All rights reserved. - -This directory contains Eric Young's (eay@cryptsoft.com) implementation -of SSL and supporting libraries. - -The current version of this library is available from - ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-x.x.x.tar.gz - -There are patches to a number of internet applications which can be found in - ftp://ftp.psy.uq.oz.au/pub/Crypto/SSLapps/ - -A Web page containing the SSLeay FAQ written by Tim Hudson <tjh@cryptsoft.com> -can be found at - http://www.psy.uq.oz.au/~ftp/Crypto - -Additional documentation is being slowly written by Eric Young, and is being -added to http://www.cryptsoft.com/ssleay/doc. It will normally also be -available on http://www.psy.uq.oz.au/~ftp/Crypto/ssleay - -This Library and programs are FREE for commercial and non-commercial -usage. The only restriction is that I must be attributed with the -development of this code. See the COPYRIGHT file for more details. -Donations would still be accepted :-). - -THIS LIBRARY IS NOT %100 COMPATABLE WITH SSLeay 0.6.6 - -The package includes - -libssl.a: - My implementation of SSLv2, SSLv3 and the required code to support - both SSLv2 and SSLv3 in the one server. - -libcrypto.a: - General encryption and X509 stuff needed by SSL but not - actually logically part of it. It includes routines for the following: - - Ciphers - libdes - My libdes DES encryption package which has been floating - around the net for a few years. It includes 15 - 'modes/variations' of DES (1, 2 and 3 key versions of ecb, - cbc, cfb and ofb; pcbc and a more general form of cfb and ofb) - including desx in cbc mode, - a fast crypt(3), and routines to read passwords from the - keyboard. - RC4 encryption, - RC2 encryption - 4 different modes, ecb, cbc, cfb and ofb. - Blowfish encryption - 4 different modes, ecb, cbc, cfb and ofb. - IDEA encryption - 4 different modes, ecb, cbc, cfb and ofb. - - Digests - MD5 and MD2 message digest algorithms, fast implementations, - SHA (SHA-0) and SHA-1 message digest algorithms, - MDC2 message digest. A DES based hash that is polular on smart cards. - - Public Key - RSA encryption/decryption/generation. There is no limit - on the number of bits. - DSA encryption/decryption/generation. There is no limit on the - number of bits. - Diffie-Hellman key-exchange/key generation. There is no limit - on the number of bits. - - X509v3 certificates - X509 encoding/decoding into/from binary ASN1 and a PEM - based ascii-binary encoding which supports encryption with - a private key. - Program to generate RSA and DSA certificate requests and to - generate RSA and DSA certificates. - - Systems - The normal digital envelope routines and base64 encoding. - Higher level access to ciphers and digests by name. New ciphers can be - loaded at run time. - The BIO io system which is a simple non-blocking IO abstraction. - Current methods supported are file descriptors, sockets, - socket accept, socket connect, memory buffer, buffering, - SSL client/server, file pointer, encryption, digest, - non-blocking testing and null. - Data structures - A dynamically growing hashing system - A simple stack. - A Configuration loader that uses a format similar to MS .ini files. - -Programs in this package include - enc - a general encryption program that can encrypt/decrypt using - one of 17 different cipher/mode combinations. The - input/output can also be converted to/from base64 - ascii encoding. - dgst - a generate message digesting program that will generate - message digests for any of md2, md5, sha (sha-0 or sha-1) - or mdc2. - asn1parse - parse and display the structure of an asn1 encoded - binary file. - rsa - Manipulate RSA private keys. - dsa - Manipulate DSA private keys. - dh - Manipulate Diffie-Hellman parameter files. - dsaparam- Manipulate and generate DSA parameter files. - crl - Manipulate certificate revocation lists. - crt2pkcs7- Generate a pkcs7 object containing a crl and a certificate. - x509 - Manipulate x509 certificates, self-sign certificates. - req - Manipulate PKCS#10 certificate requests and also - generate certificate requests. - genrsa - Generates an arbitrary sized RSA private key. - gendh - Generates a set of Diffie-Hellman parameters, the prime - will be a strong prime. - ca - Create certificates from PKCS#10 certificate requests. - This program also maintains a database of certificates - issued. - verify - Check x509 certificate signatures. - speed - Benchmark SSLeay's ciphers. - s_server- A test SSL server. - s_client- A test SSL client. - s_time - Benchmark SSL performance of SSL server programs. - errstr - Convert from SSLeay hex error codes to a readable form. - -Documents avaliable are - A Postscript and html reference manual - (written by Tim Hudson tjh@cryptsoft.com). - - A list of text protocol references I used. - An initial version of the library manual. + OpenTLS 0.9.1c 22-Dec-1998 + + Copyright (c) 1998 The OpenTLS Project + Copyright (c) 1995-1998 Eric Young + All rights reserved. + + The OpenTLS Project is a collaborative effort to develop a robust, + commercial-grade, fully featured, and Open Source toolkit implementing the + Transport Layer Security (TLS v1) and Secure Sockets Layer (SSL v2/v3) + protocols with full-strength cryptography world-wide. The project is managed + by a worldwide community of volunteers that use the Internet to communicate, + plan, and develop the OpenTLS tookit and its related documentation. + + OpenTLS is based on the excellent SSLeay library developed from Eric A. Young + and Tim J. Hudson. The OpenTLS toolkit is licensed under a BSD-style licence, + which basically means that you are free to get and use it for commercial and + non-commercial purposes. + + The package includes: + + libssl.a: + Implementation of SSLv2, SSLv3, TLSv1 and the required code to support + both SSLv2, SSLv3 and TLSv1 in the one server. + + libcrypto.a: + General encryption and X.509 stuff needed by TLS/SSL but not actually + logically part of it. It includes routines for the following: + + Ciphers + libdes - EAY's libdes DES encryption package which has been floating + around the net for a few years. It includes 15 + 'modes/variations' of DES (1, 2 and 3 key versions of ecb, + cbc, cfb and ofb; pcbc and a more general form of cfb and + ofb) including desx in cbc mode, a fast crypt(3), and + routines to read passwords from the keyboard. + RC4 encryption, + RC2 encryption - 4 different modes, ecb, cbc, cfb and ofb. + Blowfish encryption - 4 different modes, ecb, cbc, cfb and ofb. + IDEA encryption - 4 different modes, ecb, cbc, cfb and ofb. + + Digests + MD5 and MD2 message digest algorithms, fast implementations, + SHA (SHA-0) and SHA-1 message digest algorithms, + MDC2 message digest. A DES based hash that is polular on smart cards. + + Public Key + RSA encryption/decryption/generation. + There is no limit on the number of bits. + DSA encryption/decryption/generation. + There is no limit on the number of bits. + Diffie-Hellman key-exchange/key generation. + There is no limit on the number of bits. + + X.509v3 certificates + X509 encoding/decoding into/from binary ASN1 and a PEM + based ascii-binary encoding which supports encryption with a + private key. Program to generate RSA and DSA certificate + requests and to generate RSA and DSA certificates. + + Systems + The normal digital envelope routines and base64 encoding. Higher + level access to ciphers and digests by name. New ciphers can be + loaded at run time. The BIO io system which is a simple non-blocking + IO abstraction. Current methods supported are file descriptors, + sockets, socket accept, socket connect, memory buffer, buffering, SSL + client/server, file pointer, encryption, digest, non-blocking testing + and null. + + Data structures + A dynamically growing hashing system + A simple stack. + A Configuration loader that uses a format similar to MS .ini files. + + Programs in this package include: + + enc - a general encryption program that can encrypt/decrypt using + one of 17 different cipher/mode combinations. The + input/output can also be converted to/from base64 + ascii encoding. + dgst - a generate message digesting program that will generate + message digests for any of md2, md5, sha (sha-0 or sha-1) + or mdc2. + asn1parse - parse and display the structure of an asn1 encoded + binary file. + rsa - Manipulate RSA private keys. + dsa - Manipulate DSA private keys. + dh - Manipulate Diffie-Hellman parameter files. + dsaparam- Manipulate and generate DSA parameter files. + crl - Manipulate certificate revocation lists. + crt2pkcs7- Generate a pkcs7 object containing a crl and a certificate. + x509 - Manipulate x509 certificates, self-sign certificates. + req - Manipulate PKCS#10 certificate requests and also + generate certificate requests. + genrsa - Generates an arbitrary sized RSA private key. + gendh - Generates a set of Diffie-Hellman parameters, the prime + will be a strong prime. + ca - Create certificates from PKCS#10 certificate requests. + This program also maintains a database of certificates + issued. + verify - Check x509 certificate signatures. + speed - Benchmark SSLeay's ciphers. + s_server- A test SSL server. + s_client- A test SSL client. + s_time - Benchmark SSL performance of SSL server programs. + errstr - Convert from SSLeay hex error codes to a readable form. + To install this package, read the INSTALL file. -For the Microsoft word, read MICROSOFT -This library has been compiled and tested on Solaris 2.[34] (sparc and x86), -SunOS 4.1.3, DGUX, OSF1 Alpha, HPUX 9, AIX 3.5(?), IRIX 5.[23], -LINUX, NeXT (intel), linux, Windows NT, Windows 3.1, MSDOS 6.22. - -Multithreading has been tested under Windows NT and Solaris 2.5.1 - -Due to time constraints, the current release has only be rigorously tested -on Solaris 2.[45], Linux and Windows NT. - -For people in the USA, it is possible to compile SSLeay to use RSA -Inc.'s public key library, RSAref. From my understanding, it is -claimed by RSA Inc. to be illegal to use my public key routines inside the USA. -Read doc/rsaref.doc on how to build with RSAref. - -Read the documentation in the doc directory. It is quite rough, -but it lists the functions, you will probably have to look at -the code to work out how to used them. I will be working on -documentation. Look at the example programs. - -There should be a SSL reference manual which is being put together by -Tim Hudson (tjh@cryptsoft.com) in the same location as this -distribution. This contains a lot more information that is very -useful. For a description of X509 Certificates, their use, and -certification, read rfc1421, rfc1422, rfc1423 and rfc1424. ssl/README -also goes over the mechanism. - -We have setup some mailing lists for use by people that are interested -in helping develop this code and/or ask questions. - ssl-bugs@mincom.oz.au - ssl-users@mincom.oz.au - ssl-bugs-request@mincom.oz.au - ssl-users-request@mincom.oz.au - -I have recently read about a new form of software, that which is in -a permanent state of beta release. Linux and Netscape are 2 good -examples of this, and I would also add SSLeay to this category. -The Current stable release is 0.6.6. It has a few minor problems. -0.8.0 is not call compatable so make sure you have the correct version -of SSLeay to link with. - -eric (Jun 1997) - -Eric Young (eay@cryptsoft.com) -86 Taunton St. -Annerley 4103. -Australia. +For the Microsoft world, read INSTALL.W32 file. + +For people in the USA, it is possible to compile SSLeay to use RSA Inc.'s +public key library, RSAref. From my understanding, it is claimed by RSA Inc. +to be illegal to use my public key routines inside the USA. Read +doc/rsaref.doc on how to build with RSAref. + +Read the documentation in the doc directory. It is quite rough, but it lists +the functions, you will probably have to look at the code to work out how to +used them. I will be working on documentation. Look at the example programs. |