[cryptography] Just how bad is OpenSSL ?

Jeffrey Walton noloader at gmail.com
Wed Oct 31 17:15:45 EDT 2012

On Fri, Oct 26, 2012 at 3:38 PM, Andy Isaacson <adi at hexapodia.org> wrote:
> On Fri, Oct 26, 2012 at 06:29:47PM +0000, John Case wrote:
>> So, given what is in the stanford report and then reading this rant
>> about openssl, I am wondering just how bad openssl is ?  I've never
>> had to implement it or code with it, so I really have no idea.
>> How long has it been "understood" that it's a mess (if it is indeed
>> a mess) ?  How dangerous is it ?
>> It looks like the rant was published in 2009 ....
> "Bad" is such a subjective measurement.
> OpenSSL is very very hard for a non-expert to code against.  It's hard
> to figure out what interfaces you should use, what interfaces are well
> tested, what interfaces are known to be unsafe, and what interfaces are
> buggy but can be used safely with careful coding.  It's fairly easy to
> accidentally disable security critical codepaths in the process of
> iterative "hmm that doesn't quite work, the docs are unclear, maybe this
> is a bug in my code or maybe a bug in OpenSSL?" that is a normal part of
> software development.  If you need to implement anything even slightly
> different from what was expected by the authors.
OpenSSL gets a lot of critiques for its documentation (or lack
thereof), but there is [at least] one exception: the FIPS User Guide
and Security Policy. Both are well written and full of technical


More information about the cryptography mailing list