Libre OpenSSL: The OpenSSL Alternative
Libre OpenSSL: The OpenSSL Alternative
Well, OpenSSL has made it to Version 3, and there were quite a few bumps along the way. The most significant happened in 2012 when HeartBleed nearly opened up the Internet. Overall, the OpenSSL open source community lacked resources, and for something that provided the core of trust on many systems, it lacked full-time developers and had poor checking of code. It has since moved from Version 1.1 to 3.0, and has improved, but it is still full of bugs and struggles to support the most up-to-date methods. To overcome its significant problems, Libre OpenSSL was created as a fork of the main code and is now in a most stable form than OpenSSL.
The jibe at OpenSSL is obvious from the Web site, with a heart on the hat and the Heartbleed symbol on the page tab [here]:
The Basics
With OpenSSL, we can encrypt with 128-bit AES CBC with:
% echo -n "Hello"
| openssl enc -aes-128-cbc -pass pass:"qwerty" -pbkdf2 -e -base64 -S 241fa86763b85341
IWULThyMx9RTLmFAu4L3xg==and then decrypt with:
% echo U2FsdGVkX18kH6hnY7hTQYGmLZ4ZWNeKOcacCkoAZxI=
| openssl enc -aes-128-cbc -pass pass:"qwerty" -d -base64 -pbkdf2
hello But let’s try the most popular AES method of GCM:
% echo -n "Hello"
| openssl enc -aes-128-gcm -pass pass:"qwerty" -pbkdf2 -e -base64 -S 241fa86763b85341
enc: AEAD ciphers not supported
enc: Use -help for summary.There are also many other quirks with OpenSSL, and where many older methods have been dropped or give exceptions with little reason. One of the most significant is that the current version does not support the three popular versions of AES: GCM, CCM and XTS. Luckily, Libre OpenSSL forked in OpenSSL in 2014, as many were unhappy with the way the OpenSSL was being supported. Libre OpenSSL now supports:
-aes-128-cbc -aes-128-ccm -aes-128-cfb
-aes-128-cfb1 -aes-128-cfb8 -aes-128-ctr
-aes-128-ecb -aes-128-gcm -aes-128-ofb
-aes-128-xts -aes-192-cbc -aes-192-ccm
-aes-192-cfb -aes-192-cfb1 -aes-192-cfb8
-aes-192-ctr -aes-192-ecb -aes-192-gcm
-aes-192-ofb -aes-256-cbc -aes-256-ccm
-aes-256-cfb -aes-256-cfb1 -aes-256-cfb8
-aes-256-ctr -aes-256-ecb -aes-256-gcm
-aes-256-ofb -aes-256-xts -aes128
-aes192 -aes256 -bf
-bf-cbc -bf-cfb -bf-ecb
-bf-ofb -blowfish -camellia-128-cbc
-camellia-128-cfb -camellia-128-cfb1 -camellia-128-cfb8
-camellia-128-ecb -camellia-128-ofb -camellia-192-cbc
-camellia-192-cfb -camellia-192-cfb1 -camellia-192-cfb8
-camellia-192-ecb -camellia-192-ofb -camellia-256-cbc
-camellia-256-cfb -camellia-256-cfb1 -camellia-256-cfb8
-camellia-256-ecb -camellia-256-ofb -camellia128
-camellia192 -camellia256 -cast
-cast-cbc -cast5-cbc -cast5-cfb
-cast5-ecb -cast5-ofb -chacha
-des -des-cbc -des-cfb
-des-cfb1 -des-cfb8 -des-ecb
-des-ede -des-ede-cbc -des-ede-cfb
-des-ede-ofb -des-ede3 -des-ede3-cbc
-des-ede3-cfb -des-ede3-cfb1 -des-ede3-cfb8
-des-ede3-ofb -des-ofb -des3
-desx -desx-cbc -gost89
-gost89-cnt -gost89-ecb -id-aes128-CCM
-id-aes128-GCM -id-aes128-wrap -id-aes192-CCM
-id-aes192-GCM -id-aes192-wrap -id-aes256-CCM
-id-aes256-GCM -id-aes256-wrap -idea
-idea-cbc -idea-cfb -idea-ecb
-idea-ofb -rc2 -rc2-40-cbc
-rc2-64-cbc -rc2-cbc -rc2-cfb
-rc2-ecb -rc2-ofb -rc4
-rc4-40 -rc4-hmac-md5 -sm4
-sm4-cbc -sm4-cfb -sm4-ctr
-sm4-ecb -sm4-ofbIf we compare it with OpenSSL, we see that three of the most up-to-date methods of CCM, GCM and XTS are missing:
-aes-128-cbc -aes-128-cfb -aes-128-cfb1
-aes-128-cfb8 -aes-128-ctr -aes-128-ecb
-aes-128-ofb -aes-192-cbc -aes-192-cfb
-aes-192-cfb1 -aes-192-cfb8 -aes-192-ctr
-aes-192-ecb -aes-192-ofb -aes-256-cbc
-aes-256-cfb -aes-256-cfb1 -aes-256-cfb8
-aes-256-ctr -aes-256-ecb -aes-256-ofb
-aes128 -aes128-wrap -aes192
-aes192-wrap -aes256 -aes256-wrap
-aria-128-cbc -aria-128-cfb -aria-128-cfb1
-aria-128-cfb8 -aria-128-ctr -aria-128-ecb
-aria-128-ofb -aria-192-cbc -aria-192-cfb
-aria-192-cfb1 -aria-192-cfb8 -aria-192-ctr
-aria-192-ecb -aria-192-ofb -aria-256-cbc
-aria-256-cfb -aria-256-cfb1 -aria-256-cfb8
-aria-256-ctr -aria-256-ecb -aria-256-ofb
-aria128 -aria192 -aria256
-bf -bf-cbc -bf-cfb
-bf-ecb -bf-ofb -blowfish
-camellia-128-cbc -camellia-128-cfb -camellia-128-cfb1
-camellia-128-cfb8 -camellia-128-ctr -camellia-128-ecb
-camellia-128-ofb -camellia-192-cbc -camellia-192-cfb
-camellia-192-cfb1 -camellia-192-cfb8 -camellia-192-ctr
-camellia-192-ecb -camellia-192-ofb -camellia-256-cbc
-camellia-256-cfb -camellia-256-cfb1 -camellia-256-cfb8
-camellia-256-ctr -camellia-256-ecb -camellia-256-ofb
-camellia128 -camellia192 -camellia256
-cast -cast-cbc -cast5-cbc
-cast5-cfb -cast5-ecb -cast5-ofb
-chacha20 -des -des-cbc
-des-cfb -des-cfb1 -des-cfb8
-des-ecb -des-ede -des-ede-cbc
-des-ede-cfb -des-ede-ecb -des-ede-ofb
-des-ede3 -des-ede3-cbc -des-ede3-cfb
-des-ede3-cfb1 -des-ede3-cfb8 -des-ede3-ecb
-des-ede3-ofb -des-ofb -des3
-des3-wrap -desx -desx-cbc
-id-aes128-wrap -id-aes128-wrap-pad -id-aes192-wrap
-id-aes192-wrap-pad -id-aes256-wrap -id-aes256-wrap-pad
-id-smime-alg-CMS3DESwrap -idea -idea-cbc
-idea-cfb -idea-ecb -idea-ofb
-rc2 -rc2-128 -rc2-40
-rc2-40-cbc -rc2-64 -rc2-64-cbc
-rc2-cbc -rc2-cfb -rc2-ecb
-rc2-ofb -rc4 -rc4-40
-seed -seed-cbc -seed-cfb
-seed-ecb -seed-ofb -sm4
-sm4-cbc -sm4-cfb -sm4-ctr
-sm4-ecb -sm4-ofbAlong with this, quite a few of the ciphers above do not actually work and give exceptions, such as RC2:
% echo -n "Hello" | openssl enc -rc2 -pass pass:"qwerty" -pbkdf2 -e -base64 -S 241fa86763b85341
Error setting cipher RC2-CBC
80E2AB0202000000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:crypto/evp/evp_fetch.c:373:Global default library context, Algorithm (RC2-CBC : 3), Properties ()Whereas, using Libre OpenSSL, we get:
% echo -n "Hello" | openssl_libre enc -rc2 -pass pass:"qwerty" -pbkdf2 -e -base64 -S 241fa86763b85341
WARNING: can't open config file: c:/libressl/ssl/openssl.cnf
U2FsdGVkX18kH6hnY7hTQbnm4bBATYYfpIB3glRQ+Qc=OpenSSL is a bit of a mess and is broken in many places, whereas Libre OpenSSL has all its functionality working. Here are the symmetric key methods implemented in Libre OpenSSL here:
https://asecuritysite.com/openssl/openssl3_2
A sample run gives:
Linux command: echo -n "hello" | openssl_libre enc -aes-128-cbc -pass pass:"qwerty" -e -base64 -S 241fa86763b85341 -pbkdf2
Windows command: echo | set /p = "hello" | openssl_libre enc -aes-128-cbc -pass pass:"qwerty" -e -base64 -S 241fa86763b85341 -pbkdf2
Message: hello
Mode: aes-128-cbc
Password: qwerty
KDF: PBKDF2
Salt: 241fa86763b85341
LibreSSL 3.5.3
======== Base64 ======
U2FsdGVkX18kH6hnY7hTQYGmLZ4ZWNeKOcacCkoAZxI=
======== Hex ======
00000000: 5361 6c74 6564 5f5f 241f a867 63b8 5341 Salted__$..gc.SA
00000010: 81a6 2d9e 1958 d78a 39c6 9c0a 4a00 6712 ..-..X..9...J.g.The Base64 version is “U2FsdGVkX18kH6hnY7hTQYGmLZ4ZWNeKOcacCkoAZxI=”
If we analyse the hex dump, we see the salt value:
5361 6c74 6564 5f5f [“Salted__”]
241f a867 63b8 5341 [Salt value]
81a6 2d9e 1958 d78a 39c6 9c0a 4a00 6712 [Ciphertext]
The OpenSSL output thus starts with “Salted__”, and followed by the salt value, and then the ciphertext.
Hashing
While Libre OpenSSL supports most of the widely used hashing methods. It also has the Streebog hash:
Linux command: echo -n "Hello" | openssl_libre dgst -streebog256
Windows command: echo | set /p = "Hello" | openssl_libre dgst -streebog256
Message: Hello
Mode: streebog256
========
: 3c10d2ffe0787bc8bd6eacd337d59c314ce689c847a422f6c34b4b75f45751bcThe Streeblog hash is a new version of the Gosh hash.
Conclusions
For a program that holds up the security and trust of the Internet, OpenSSL still struggles to keep up with modern technology and still seems full of bugs. If you are looking for an alternative, Libre OpenSSL just drops into your system in a seamless way.
Here is Libre OpenSSL in action:
https://asecuritysite.com/openssl/openssl3_2
and for decrypting: