Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Other Sellers on Amazon
+ $3.99 shipping
+ $3.99 shipping
+ $4.99 shipping
Network Security with OpenSSL Paperback – June 24, 2002
|New from||Used from|
All Books, All the Time
Read author interviews, book reviews, editors picks, and more at the Amazon Book Review. Read it now
Frequently bought together
Customers who bought this item also bought
"If you have struggled with OpenSSL and the supplied documentation then you will regret the amount of time that you have wasted before finding this book. If you are planning to use OpenSSL then you need to buy a copy - it's essential reading. What is more surprising is that even if you don't plan to use OpenSSL, then downloading it and trying out the examples in the book could be the education in practical cryptography you really need. What more can I say of any book, other than that I certainly won't be lending it to anyone else? It's going to remain firmly chained to my bookshelf for the foreseeable future - and no, you can't borrow it." - Mike James, VSJ, October 2003
About the Author
John Viega, Founder and Chief Scientist of Secure Software (www.securesoftware.com), is a well-known security expert, and coauthor of Building Secure Software (Addison-Wesley) and Network Security with OpenSSL (O'Reilly). John is responsible for numerous software security tools, and is the original author of Mailman, the GNU mailing list manager. He holds a B.A. and M.S. in Computer Science from the University of Virginia. Mr. Viega is also an Adjunct Professor of Computer Science at Virginia Tech (Blacksburg, VA) and a Senior Policy Researcher at the Cyberspace Policy Institute, and he serves on the Technical Advisory Board for the Open Web Applications Security Project. He also founded a Washington, D.C. area security interest group that conducts monthly lectures presented by leading experts in the field. He is the author or coauthor of nearly 80 technical publications, including numerous refereed research papers and trade articles.
Matt Messier, Director of Engineering at Secure Software, is a security authority who has been programming for nearly two decades. Besides coauthoring Network Security with OpenSSL, Matt coauthored the Safe C String Library, RATS, and EGADS, an Entropy Gathering and Distribution System used for securely seeding pseudo-random number generators. Prior to joining Secure Software, Matt worked for IBM and Lotus, on source and assembly level debugging techniques, and operating system concepts.
Pravir Chandra, Research Scientist at Secure Software Solutions, is an expert in language-level security. Most recently, he co-authored the DARPA-funded "catscan" tool for static security analysis of C source code. Pravir holds a B.S. in Computer Science from Case Western Reserve University, and wants you to know that Cleveland rocks!
Top customer reviews
That said, if you *must* use OpenSSL for some reason or other, then this book is the missing user manual that the library so desperately needs. It does a good job explaining the library APIs, both libssl and libcrypto, and additionally provides worked examples of common implementation tasks. It explains things well enough that, once you've read through it and rewritten the examples on your own, the library begins to make some sort of *sense* - if such a thing is really possible - and, if you combine this book with the library docs (which will now be less confusing) and the source for the OpenSSL command-line tools (which will now even be *legible*!), you now stand a chance of successfully building something useful.
There is an important caveat: this book was written for a much earlier version of OpenSSL, and thus certain important features are referred to by the book as "not yet available" or are simply not mentioned. That said, this will be less of an obstacle once you reach the point when the library begins to make its own strange sort of sense.
If your project requires OpenSSL, and there's really no way around it, then get this book. It will save you *months* of fruitlessly spinning your wheels, and it will get you on track.
The SSL library is C-library easily compiled as C++, and ported to PHP, PERL and JAVA etc.
It can be as has been compiled under Windows, Mac and Linux. OpenSSL is even shipped with Mac and Linux.
The OpenSSL package basically consists of two parts (i) the SSL part and (ii) the cryptographic library.
Given the large cross-platform functionality it should not come as a surprise that the souce code documentation is not always up to date.
This book is a welcome guide to OpenSSL. I guess that the vast majority of programmers developing secure programs use OpenSSL, either directly or indirectly. Without the book one has to continuously search on the Internet for code examples.
In this book all aspects of OpenSSL programming are illustrated with real life C examples. I have downloaded the source code of quite a number and I found them extremely helpful.
The OpenSSL package has also a number of utilities that can be run from the command line. This books describes it and gives some real examples. I have tried them all successfully.
The book describes SSL/TLS programming, symmetric encryption (low-level and intermediate level), Hashes/MACS, and Public Key cryptography.
I think reading this book, together with Cryptography Engineering: Design Principles and Practical Applications will end your status as a cryptography amateur.
It does contain some useful information, hence the 2 stars, but the authors' horrible writing style and inability to organize their thoughts really makes me want to give a 1-star review. Terrible book, although still better than the online documentation overall. And unfortunately, no one appears to have a written a better one (as of July 2009).
I am hoping that the author will publish a new version to cover the 1.0 release.
Very easy read for an experienced C/C++ developer with a number of code examples.
I give this book an 8+ and is a permanent part of my coding library.
As others have noted, this is a great book for programming. It's not as detailed if you are looking to set up your own PKI. Basically it is about 30 pages of the openssl command (using symmetric keys, generating private keys, making certificates, signing them) and ~270 pages or so of programming.