[Resource] openssl Author: Eric Yang et official website: http: //www.openssl.org Chinese website recommended: http: //gdwzh.126.com current version: openssl-0.9.7 [Cryptlib] Author: Wei Dai download Website: http://www.eskimo.com/~weidai/cryptlib.html Current version: Version 5.0
In the encryption library of open source code, OpenSSSL and CRYPTLIB are more popular. This article will make some comparisons according to their own understanding, hoping to be useful to everyone. These two libraries are not the same. OpenSSL is mainly for the implementation of the SSL / TLS protocol, and the functionality of SSL is very complete, and the algorithm is just an essential part, of course, is also very important and perfect. A part. Crypylib is an encryption algorithm and related coding standards. [OpenSSL composition and characteristics] OpenSSL is a very excellent SSL / TLS open source package, including SSL libraries, encryption algorithm, and application three parts, and provides test programs and some application examples to implement SSL / TLS protocol and its related PKI standards. OpenSSL Because of the development of the development, the C language is used as a written language. However, OpenSSL can find a lot of object-oriented ideas, such as the BIO package is a typical example. For those skilled in the original start to contact OpenSSL, it may feel a bit difficult because OpenSSL's structure is very booming, even if it is necessary to read its very imperfect document, the workload is also very expandable. It is recommended to start contacting OpenSSL, in addition to some basic passwords and PKI concepts, it is best to start with some applications that use it. In fact, OpenSSL's application has been perfect, many CAs are based on these basis. For many people, the OpenSSL application is enough to complete the features they need, and the OpenSSL application provides some features of the following: 1. Generation and format conversion function of various types of keys and key parameters 2. Use various Encryption algorithm performs data encryption function 3. Certificate request, certificate generation, and issuance and certificate of other relevant standards, implementation of a CA function 4. Information summary algorithm and its related encoding implementation 5.sl protocol simulation client and The server-side implementation can be used to test SSL servers and SSL client programs. [CryptLib composition and characteristics] CryptLib implements various public key algorithms, symmetric encryption algorithms, digital signature algorithms, information summary algorithms, and other algorithms thereof, and more. It is written in C language because it is an object-oriented language, so it is easier to clarify its structure for beginners. The library does not provide an application, just supplies applications as library functions. Because of C object-oriented ideas, the peeling of algorithms may easily relative to OpenSSL. For those who do not need to involve SSL protocols, use the library function application is a good choice. [Application Status and Recommendations] Currently, many CAs and other PKI business programs are open-based, based on OpenSSL development, the benefits of OpenSSL development is very short, and powerful. Cryptlib is only limited to the encryption algorithm, so it does not have OpenSSL, but this is a better choice for only the encryption algorithm. It is recommended that if your application involves the PKI protocol such as SSL, OpenSSL should be used, if only some encryption algorithms apply, it is recommended to use CryptLib.
