From b06935f439af7150d3ae566922353c3f210e63ed Mon Sep 17 00:00:00 2001 From: Rich Salz Date: Thu, 29 Oct 2015 12:06:06 -0400 Subject: [PATCH] Various README updates Close GH Issue 69 Close GH PR 457 Some other updates By Rich Salz, Alessandro Ghedini, Steve Marquess, Collin Anderson Reviewed-by: Kurt Roeckx --- README | 113 ++++++++++++++++++--------------------------------------- 1 file changed, 35 insertions(+), 78 deletions(-) diff --git a/README b/README index 1ee02b3425..cc20f57d80 100644 --- a/README +++ b/README @@ -10,17 +10,17 @@ The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, fully featured, and Open Source toolkit implementing the - Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) - protocols as well as a full-strength general purpose cryptography library. - The project is managed by a worldwide community of volunteers that use the - Internet to communicate, plan, and develop the OpenSSL toolkit and its - related documentation. + Secure Sockets Layer (SSLv3) and Transport Layer Security (TLS) protocols as + well as a full-strength general purpose cryptograpic library. The project is + managed by a worldwide community of volunteers that use the Internet to + communicate, plan, and develop the OpenSSL toolkit and its related + documentation. - OpenSSL is based on the excellent SSLeay library developed from Eric A. Young + OpenSSL is descended from the SSLeay library developed by Eric A. Young and Tim J. Hudson. The OpenSSL toolkit is licensed under a dual-license (the - OpenSSL license plus the SSLeay license) situation, which basically means - that you are free to get and use it for commercial and non-commercial - purposes as long as you fulfill the conditions of both licenses. + OpenSSL license plus the SSLeay license), which means that you are free to + get and use it for commercial and non-commercial purposes as long as you + fulfill the conditions of both licenses. OVERVIEW -------- @@ -28,90 +28,39 @@ The OpenSSL toolkit includes: libssl.a: - Implementation of SSLv2, SSLv3, TLSv1 and the required code to support - both SSLv2, SSLv3 and TLSv1 in the one server and client. + Provides the client and server-side implementations for SSLv3 and TLS. libcrypto.a: - General encryption and X.509 v1/v3 stuff needed by SSL/TLS but not - actually logically part of it. It includes routines for the following: - - Ciphers - libdes - EAY's libdes DES encryption package which was floating - around the net for a few years, and was then relicensed by - him as part of SSLeay. It includes 15 'modes/variations' - of DES (1, 2 and 3 key versions of ecb, cbc, cfb and ofb; - pcbc and a more general form of cfb and ofb) including desx - in cbc mode, a fast crypt(3), and routines to read - passwords from the keyboard. - RC4 encryption, - RC2 encryption - 4 different modes, ecb, cbc, cfb and ofb. - Blowfish encryption - 4 different modes, ecb, cbc, cfb and ofb. - IDEA encryption - 4 different modes, ecb, cbc, cfb and ofb. - - Digests - MD5 and MD2 message digest algorithms, fast implementations, - SHA (SHA-0) and SHA-1 message digest algorithms, - MDC2 message digest. A DES based hash that is popular on smart cards. - - Public Key - RSA encryption/decryption/generation. - There is no limit on the number of bits. - DSA encryption/decryption/generation. - There is no limit on the number of bits. - Diffie-Hellman key-exchange/key generation. - There is no limit on the number of bits. - - X.509v3 certificates - X509 encoding/decoding into/from binary ASN1 and a PEM - based ASCII-binary encoding which supports encryption with a - private key. Program to generate RSA and DSA certificate - requests and to generate RSA and DSA certificates. - - Systems - The normal digital envelope routines and base64 encoding. Higher - level access to ciphers and digests by name. New ciphers can be - loaded at run time. The BIO io system which is a simple non-blocking - IO abstraction. Current methods supported are file descriptors, - sockets, socket accept, socket connect, memory buffer, buffering, SSL - client/server, file pointer, encryption, digest, non-blocking testing - and null. - - Data structures - A dynamically growing hashing system - A simple stack. - A Configuration loader that uses a format similar to MS .ini files. + Provides general cryptographic and X.509 support needed by SSL/TLS but + not logically part of it. openssl: A command line tool that can be used for: - Creation of RSA, DH and DSA key parameters + Creation of key parameters Creation of X.509 certificates, CSRs and CRLs - Calculation of Message Digests - Encryption and Decryption with Ciphers - SSL/TLS Client and Server Tests + Calculation of message digests + Encryption and decryption + SSL/TLS client and server tests Handling of S/MIME signed or encrypted mail + And more... INSTALLATION ------------ - To install this package under a Unix derivative, read the INSTALL file. For - a Win32 platform, read the INSTALL.W32 file. For OpenVMS systems, read - INSTALL.VMS. - - Read the documentation in the doc/ directory. It is quite rough, but it - lists the functions; you will probably have to look at the code to work out - how to use them. Look at the example programs. - - PROBLEMS - -------- - - For some platforms, there are some known problems that may affect the user - or application author. We try to collect those in doc/PROBLEMS, with current - thoughts on how they should be solved in a future of OpenSSL. + See the appropriate file: + INSTALL Linux, Unix, etc. + INSTALL.DJGPP DOS platform with DJGPP + INSTALL.NW Netware + INSTALL.OS2 OS/2 + INSTALL.VMS VMS + INSTALL.W32 Windows (32bit) + INSTALL.W64 Windows (64bit) + INSTALL.WCE Windows CE SUPPORT ------- - See the OpenSSL website www.openssl.org for details of how to obtain + See the OpenSSL website www.openssl.org for details on how to obtain commercial technical support. If you have any problems with OpenSSL then please take the following steps @@ -159,3 +108,11 @@ ---------------------------- See CONTRIBUTING + + LEGALITIES + ---------- + + A number of nations, in particular the U.S., restrict the use or export + of cryptography. If you are potentially subject to such restrictions + you should seek competent professional legal advice before attempting to + develop or distribute cryptographic code. -- 2.40.0