By using the Open SSL library, developers can write applications that take advantage of Secure Sockets Layer (SSL v2/v3), Transport Layer Security (TLS v1). The Open SSL library uses the included full-strength general-purpose cryptography library, which can be used by itself. Security features such as the following can be implemented:
- Data integrity: An application can detect if data has been modified during transmission.
- Authenticity: An application can verify the identity of the sender using certificates.
- Privacy: An application can ensure that no intermediary between the sender and the recipient can understand the data.
Transport Layer Security is an extension of SSL. It is now overseen by an international standards organization. It provides the same capabilities as SSL (data integrity, authenticity, and privacy between client and server), but takes advantage of newer, more advanced cryptographic technology. It is backwards compatible with SSL.
The cryptographic library includes a multitude of encryption algorithms. The symmetric, or private key, encryption algorithms offered include Rijndael (now officially the Advanced Encryption Standard, or AES, algorithm of the U.S. government), IDEA, DES, 3DES, RC2, RC4, and Blowfish. The asymmetric, or private/public key, encryption algorithms include RSA, DSA, and Diffie-Hellman. Also included are message digest algorithms such as MD2, MD5, MDC2, and SHA, whose resulting hashes can be used by digital signature schemes to digitally sign documents. The Open SSL library uses some but not all of these algorithms.
To compile for the Win32 platform, Perl or compiling under Cygwin is required. Some of the encryption routines/algorithms are covered by patents.