Sign in to follow this  
wood_brian

Alternatives to OpenSSL

Recommended Posts

After spending several frustrating weeks on Open SSL, I've recently and gladly learned that there are some alternatives to it. GnuTLS, NSS and yaSSL are alternatives that I'm aware of. Does anyone have experience with these alternatives that they would be willing to share? Thanks in advance. Brian Wood http://webEbenezer.net (651) 251-9384

Share this post


Link to post
Share on other sites
Quote:
Original post by wood_brian

After spending several frustrating weeks on Open SSL, I've recently and gladly learned that there are some alternatives to it. GnuTLS, NSS and yaSSL are alternatives that I'm aware of. Does anyone have experience with these alternatives that they would be willing to share? Thanks in advance.



One more option --
http://www.cs.auckland.ac.nz/~pgut001/cryptlib/

It's nice to have options, but I would like to get some feedback on these libs.

Brian Wood
http://webEbenezer.net
(651) 251-9384

Share this post


Link to post
Share on other sites
The Apache stuff is fairly solid from my experience (which is not super deep).

Also, there's Crypto++, which is a wonderful C++ library with more crypto algorithms than you can shake a stick at (including D-H exchange, etc) -- but it's not a high-level SSL/TLS implementation; it's a library that you could use to implement SSL/TLS on top of. In general, though, I recommend against rolling your own, as implementation bugs can compromise security as much or more than weak ciphers.

Share this post


Link to post
Share on other sites
What's the actual problem you're having with OpenSSL? Because (generally) all encryption libraries will tend to be fiddly and have a lot of complicated small moving parts.

OpenSSL's main flaw, IMHO, is the documentation being... ah... 'casually dressed' shall we say. For actual functionality it did almost all of the things that I ever asked it to, and the one it didn't turned out to be an actual bug which was fixed about two days after I mentioned it to anyone.


Share this post


Link to post
Share on other sites
Quote:
Original post by hplus0603
The Apache stuff is fairly solid from my experience (which is not super deep).

Also, there's Crypto++, which is a wonderful C++ library with more crypto algorithms than you can shake a stick at (including D-H exchange, etc) -- but it's not a high-level SSL/TLS implementation; it's a library that you could use to implement SSL/TLS on top of. In general, though, I recommend against rolling your own, as implementation bugs can compromise security as much or more than weak ciphers.



I had looked at crypto++ also. At first I was hopeful it would be just what I was looking for, but then realized, as you mention, that it isn't a high-level TLS implementation. I'm kind of tempted to roll my own with crypto++, but at least for now I'm not pursuing that option. Thanks.

Brian Wood
http://webEbenezer.net
(651) 251-9384

Share this post


Link to post
Share on other sites
Quote:
Original post by Katie
What's the actual problem you're having with OpenSSL? Because (generally) all encryption libraries will tend to be fiddly and have a lot of complicated small moving parts.


It's been a few weeks since I put that code aside, but I think I was having a problem with SSL_accept. Without OpenSSL I can handle a situation like this:

handle connection request from client A
handle connection request from client B
handle data from either client A or B.

When SSL_accept was added, I think I was getting an SSL_ERROR_WANT_READ. The way I understand it, I would have to do this:

handle connection request from client A (by waiting for data from client A that will satisfy SSL_accept)
handle connection requests or data available

The SSL_accept documentation says when you get SSL_ERROR_WANT_READ
"The calling process then must repeat the call after taking appropriate action to satisfy the needs of SSL_accept(). The action depends on the underlying BIO. When using a non-blocking socket, nothing is to be done, but select() can be used to check for the required condition."

I don't want to put off other clients while waiting for data from client A like that.


Quote:

OpenSSL's main flaw, IMHO, is the documentation being... ah... 'casually dressed' shall we say. For actual functionality it did almost all of the things that I ever asked it to, and the one it didn't turned out to be an actual bug which was fixed about two days after I mentioned it to anyone.


I dislike a number of things about it including the API and documentation.


Brian Wood
http://webEbenezer.net
(651) 251-9384

Share this post


Link to post
Share on other sites
Quote:
Original post by wood_brian
handle connection request from client A (by waiting for data from client A that will satisfy SSL_accept)
handle connection requests or data available

The SSL_accept documentation says when you get SSL_ERROR_WANT_READ
"The calling process then must repeat the call after taking appropriate action to satisfy the needs of SSL_accept(). The action depends on the underlying BIO. When using a non-blocking socket, nothing is to be done, but select() can be used to check for the required condition."

I don't want to put off other clients while waiting for data from client A like that.


You're looking at things in too-linear of a fashion. You wouldn't wait for client A's data to become available, you would move on to other clients and the next time you got something from client A, you'd call SSL_accept() again. There's no requirement that you block waiting for client A.

Share this post


Link to post
Share on other sites
Quote:
Original post by Dragon88


You're looking at things in too-linear of a fashion. You wouldn't wait for client A's data to become available, you would move on to other clients and the next time you got something from client A, you'd call SSL_accept() again. There's no requirement that you block waiting for client A.


I'd like to find out if other alternatives are as messy in this regard. My thinking is they may not be. I'd rather not build that goldberg machine if I don't have to.


Share this post


Link to post
Share on other sites
Quote:
Original post by wood_brian
Quote:
Original post by Dragon88


You're looking at things in too-linear of a fashion. You wouldn't wait for client A's data to become available, you would move on to other clients and the next time you got something from client A, you'd call SSL_accept() again. There's no requirement that you block waiting for client A.


I'd like to find out if other alternatives are as messy in this regard. My thinking is they may not be. I'd rather not build that goldberg machine if I don't have to.


I'm not sure how you're even coming to the conclusion that this is in any way "messy." You should already have an architecture that receives from every client with pending data every cycle, and handles it. This is a very minor, incremental change on top of such an architecture.
If you don't have that sort of architecture, then I contend that your architecture isn't going to scale well anyways, and you should probably redesign.

Share this post


Link to post
Share on other sites
OpenSSL *is* fine.

Your question is really whether there are any higher level APIs for using it which mean you don't have to faff about dealing with the need_read level returns from the calls.

Which is a fair enough question, because, yes, that whole interface is fiddly and you can break your nails on it.

You could look at using Qt; it includes an SSL socket toolkit. Although that will mean a lot of baggage in terms of extra app stuff will come along.

You could look at boost::asio which includes an SSL support system and (IIRC) will happily let SSL and plain-text sockets all play nicely together. This has the advantage of being droppable-inable.


Mind you, if you're really thrown your toys out of the pram and foffed then you won't be reading this, so you'll have to find them by a harder route...

Share this post


Link to post
Share on other sites
It is my experience that you can either use OpenSSL, which is complete, tested, supported, and widely used, or you can use an alternative that is incomplete and probably has security holes as wide enough to drive a truck through. You can always write the missing bits and do your own security audits and maintain patches. After all, even the Debian Linux distro did that.

But if you don't like the API and don't like having to do asynchronous programming, then OpenSSL is not for you. I know I hated using it, but my experience is all the alternatives are far far worse.

Share this post


Link to post
Share on other sites
Quote:
Original post by hplus0603
Your link is broken.


I'll try again, but since it isn't my site, it could break again.

http://botan.randombit.net

I still haven't decided on anything encryption-wise so am glad to see this thread coming back to life. Was thinking of posting to another group, but hadn't gotten around to that. I tried a day or two of cryptlib but wasn't getting a warm fuzzy there. I would like to find the bzip2 of encryption -- carefully designed and reasonably well documented.

Brian Wood

Share this post


Link to post
Share on other sites
Quote:
Original post by wood_brian
I would like to find the bzip2 of encryption -- carefully designed and reasonably well documented.


The problem with this type of development is that people don't really get paid to do it anymore, which limits the choices somewhat.

So it typically relies on waiting until some Big Name funds the development and releases it as open source (aka OpenSSL). Or purchasing a proprietary implementation. Or hiring third-party integration consultant. Free only gets so far.

When it comes to non-trivial work, those $200 bids for Facebook clone, incl. 300 mil users don't really deliver.

Share this post


Link to post
Share on other sites
Yeah I don't really have the time to make it up from scratch. I thought yaSSL had great potential but its documentation is non-existent and I seem to having a few problems with it. Hell, if I could find some static openssl (MinGW) libraries for download I may just go back to that.

Share this post


Link to post
Share on other sites
Quote:
Original post by wood_brian
I still haven't decided on anything encryption-wise so am glad to see this thread coming back to life. Was thinking of posting to another group, but hadn't gotten around to that. I tried a day or two of cryptlib but wasn't getting a warm fuzzy there. I would like to find the bzip2 of encryption -- carefully designed and reasonably well documented.


If you're looking for warm fuzzies, cryptography is not where you should be looking. "Real" crypto (the kind that is expected to secure truly private data) is not friendly. I've worked with OpenSSL extensively and I don't see anything about it that isn't "carefully designed." Look at the people who use it for god's sake. It is THE definitive crypto suite. As far as "reasonably well documented" goes, I've never had trouble with the documentation, but I'm a *nix systems dev of many years, so maybe I'm just anesthetized to low-level development.

Anyways I don't think what you want exists. You want an easy crypto lib that you can just "plug in" to your existing code without having to rethink your existing code flow. I don't see that happening.

Share this post


Link to post
Share on other sites
Quote:
Original post by Dragon88


If you're looking for warm fuzzies, cryptography is not where you should be looking. "Real" crypto (the kind that is expected to secure truly private data) is not friendly.


Agreed. I built an SSL wrapper based on some old outdated VB code and it was pretty horrendous. Unless you're planning on making it your life's work I'd just go with a pre-made library. Though if you do pull it off, more power to you.

Share this post


Link to post
Share on other sites
Quote:
Original post by Antheus

The problem with this type of development is that people don't really get paid to do it anymore, which limits the choices somewhat.

So it typically relies on waiting until some Big Name funds the development and releases it as open source (aka OpenSSL). Or purchasing a proprietary implementation. Or hiring third-party integration consultant. Free only gets so far.


Yeah, this is a problem I think if you try to do both free and open source. I don't think that works very well as a business model. I have some open source, but mostly closed source. I've been thinking that the choices are somewhat numerous and if there had been a few mergers it might be easier to decide. I may hire someone on a short-term basis if I need it for this, but haven't decided on that yet.



Brian

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this