OpenSSL

OpenSSL implements the SSL and TLS cryptographic protocols, enabling secure communication over the Internet. The main 'openssl' package provides a general-purpose command line binary useful for various cryptographic operations such as creating RSA, DH, and DSA key parameters; generating X.509 certificates, CSRs, and CRLs; calculating message digests; encrypting and decrypting with ciphers; testing SSL/TLS clients and servers; and handling S/MIME signed or encrypted mail.

Related packages include libssl3t64 for shared libraries, libssl-dev for development files with headers and manpages, and libssl-doc for documentation and demos. Specialized providers like openssl-provider-fips offer FIPS 140-2 compliant algorithms, while openssl-provider-legacy supplies implementations of deprecated or insecure algorithms.

The c_rehash utility creates symbolic links to files based on their hash values, aiding in certificate directory management. OpenSSL is essential for cybersecurity tasks involving cryptographic operations and secure protocol testing.

OpenSSL provides shared libraries (libssl and libcrypto) implementing SSL/TLS protocols and cryptographic algorithms. The command-line tool /usr/bin/openssl executes subcommands like dgst for message digests, enc for symmetric encryption/decryption using ciphers (e.g., AES, DES), req for certificate requests, and s_client/s_server for SSL/TLS testing. Providers such as FIPS and legacy extend algorithm support, with FIPS conforming to Federal Information Processing Standards via validated modules. Hash-based linking via c_rehash organizes certificates by digest values for lookup.