OpenSSL

Cryptography and SSL/TLS Toolkit

Standards

This page is an incomplete list of the things that are implemented — in whole, or at least mostly — in OpenSSL.

Implemented

Note that some of the following are disabled by default.

  • RFC 1319: The MD2 Message-Digest Algorithm
  • RFC 1320: The MD4 Message-Digest Algorithm
  • RFC 1321: The MD5 Message-Digest Algorithm
  • RFC 2246: The TLS Protocol Version 1
  • RFC 2268: A Description of the RC2(r) Encryption Algorithm
  • RFC 2315: PKCS 7: Cryptographic Message Syntax Version 1.5
  • RFC 2560: X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP
  • RFC 2898: PKCS #5: Password-Based Cryptography Specification Version 2.0
  • RFC 2986: PKCS #10: Certification Request Syntax Specification Version 1.7
  • RFC 3161: Internet X.509 Public Key Infrastructure, Time-Stamp Protocol (TSP)
  • RFC 3174: US Secure Hash Algorithm 1 (SHA1)
  • RFC 3268: Advanced Encryption Standard (AES) Ciphersuites for Transport Layer Security (TLS)
  • RFC 3279: Algorithms and Identifiers for the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
  • RFC 3280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
  • RFC 3447: Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1
  • RFC 3713: A Description of the Camellia Encryption Algorithm
  • RFC 3820: Internet X.509 Public Key Infrastructure (PKI) Proxy Certificate Profile
  • RFC 4132: Addition of Camellia Cipher Suites to Transport Layer Security (TLS)
  • RFC 4162: Addition of SEED Cipher Suites to Transport Layer Security (TLS)
  • RFC 4269: The SEED Encryption Algorithm
  • PKCS#11: Standards for Cryptographic Tokens
  • RFC 4346: The Transport Layer Security (TLS) Protocol Version 1.1
  • RFC 5208: PKCS#8: Private-Key Information Syntax Specification Version 1.2
  • RFC 5246: The Transport Layer Security (TLS) Protocol Version 1.2
  • RFC 6962: Certificate Transparency
  • RFC 7292: PKCS #12: Personal Information Exchange Syntax v1.1

Related

These are documents that are close to OpenSSL, for example the STARTTLS documents.

  • RFC 1421: Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryption and Authentication Procedures
  • RFC 1422: Privacy Enhancement for Internet Electronic Mail: Part II: Certificate-Based Key Management
  • RFC 1423: Privacy Enhancement for Internet Electronic Mail: Part III: Algorithms, Modes, and Identifiers
  • RFC 1424: Privacy Enhancement for Internet Electronic Mail: Part IV: Key Certification and Related Services
  • RFC 2025: The Simple Public-Key GSS-API Mechanism (SPKM)
  • RFC 2510: Internet X.509 Public Key Infrastructure Certificate Management Protocols
  • RFC 2511: Internet X.509 Certificate Request Message Format
  • RFC 2527: Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework
  • RFC 2538: Storing Certificates in the Domain Name System (DNS)
  • RFC 2539: Storage of Diffie-Hellman Keys in the Domain Name System (DNS)
  • RFC 2559: Internet X.509 Public Key Infrastructure Operational Protocols - LDAPv2
  • RFC 2585: Internet X.509 Public Key Infrastructure Operational Protocols: FTP and HTTP
  • RFC 2587: Internet X.509 Public Key Infrastructure LDAPv2 Schema
  • RFC 2595: Using TLS with IMAP, POP3 and ACAP
  • RFC 2631: Diffie-Hellman Key Agreement Method
  • RFC 2632: S/MIME Version 3 Certificate Handling
  • RFC 2716: PPP EAP TLS Authentication Protocol
  • RFC 2797: Certificate Management Messages over CMS
  • RFC 2817: Upgrading to TLS Within HTTP/1.1
  • RFC 2818: HTTP Over TLS
  • RFC 2984: Use of the CAST-128 Encryption Algorithm in CMS
  • RFC 2985: PKCS #9: Selected Object Classes and Attribute Types Version 2.0
  • RFC 3029: Internet X.509 Public Key Infrastructure Data Validation and Certification Server Protocols
  • RFC 3039: Internet X.509 Public Key Infrastructure Qualified Certificates Profile
  • RFC 3058: Use of the IDEA Encryption Algorithm in CMS
  • RFC 3161: Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP)
  • RFC 3185: Reuse of CMS Content Encryption Keys
  • RFC 3207: SMTP Service Extension for Secure SMTP over Transport Layer Security
  • RFC 3217: Triple-DES and RC2 Key Wrapping
  • RFC 3274: Compressed Data Content Type for Cryptographic Message Syntax (CMS)
  • RFC 3278: Use of Elliptic Curve Cryptography (ECC) Algorithms in Cryptographic Message Syntax (CMS)
  • RFC 3281: An Internet Attribute Certificate Profile for Authorization
  • RFC 3369: Cryptographic Message Syntax (CMS)
  • RFC 3370: Cryptographic Message Syntax (CMS) Algorithms
  • RFC 3394: Advanced Encryption Standard (AES) Key Wrap Algorithm
  • RFC 3436: Transport Layer Security over Stream Control Transmission Protocol
  • RFC 3657: Use of the Camellia Encryption Algorithm in Cryptographic Message Syntax (CMS)
  • RFC 7693: The BLAKE2 Cryptographic Hash and Message Authentication Code (MAC)