LibTomNet [v0.01]

Thor Lancelot Simon tls at rek.tjls.com
Tue Jul 8 16:32:41 EDT 2003 

On Tue, Jul 08, 2003 at 09:18:53PM +0100, M Taylor wrote:
> On Tue, Jul 08, 2003 at 12:19:54PM -0700, Eric Rescorla wrote:
> >
> > As I said before, the problem here isn't SSL. Rather, it's the way
> > that OpenSSL does things.  Now, it would be a real contribution for
> > you to write a simple wrapper for OpenSSL. I've seen people do stuff
> > like that, but it's generally too custom for general use.
> 
> stunnel (www.stunnel.org), which is an "universial SSL wrapper".
> 
> So perhaps Tom could could write a EZ-OpenSSL wrapper, which remove
> legacy options (disable SSLv2 and SSLv3, just TLSv1), limit algorithm
> choice to sensible defaults, and ensure the programmer has as decent
> as available random numbers. 

The problem isn't just the interface that OpenSSL presents to the
application programmer (which is lousy, and which in a lot of cases is
totally undocumented; it also has the "Kerberos problem" which is to say
that to do cryptographically necessary things it is often necessary to 
use internal or deprecated functions directly, and these change from
release to release... ugh!) it's also how it's implemented.

I trimmed OpenSSL down to just TLSv1 and only the FIPS-140 conformant
algorithms for a FIPS-140 conformance project at ReefEdge (and yes,
we did then have that version of OpenSSL tested and certified, but no,
you can't have it for free ;-)).  It was not so hard, but it was
immensely time-consuming and I had to learn a totally unreasonable
amount about OpenSSL's internals to actually ensure that all the
nonconformant algorithms were disabled (in some cases it would have
been impractical to not build them at all, unfortunately).

The result was still several hundred kilobytes -- actually, I don't
have exact numbers handy but I believe it was more than a megabyte
in size.  OpenSSL is not the TLS implementation I would use if I had 
any other free option that offered reasonable performance. :-(

Thor

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list