Is OpenSSL Audited Yet? Partial Audit Complete

CII/OCAP/NCC/OSTIF/QuarksLab is auditing...

There is the FIPS Object Module version(s) which has been looked at by a CMVP lab, but that isn't what everyone is using, and that only validated crypto algorithms anyways. Which seems to have been sealed under certificate 1747 while a new FIPS module is being done...

If you think a full external open audit should be done, tweet #IsOpenSSLAuditedYet

OpenSSL is accessible here

OCAP, who did the TrueCrypt audit has been superceded by the OSTIF VeraCrypt audit

LibreSSL fork of OpenSSL is accessible here




OpenSSL 1.1.1 partial audit completed by OSTIF and friends, focusing on the new TLS 1.3 parts, so not a full audit, but auditing most of the parts most people will be using from now on.

Gory details here


Almost there? The OpenSSL 1.1.0 audit by OCAP kinda disappeared. Perhaps Kenn White can comment...

Separately there seems to be a new audit, now for OpenSSL 1.1.1 (Which seems to be the next major version, and the one with TLS 1.3), Sponsored via crowdfunding through OSTIF, with the audit being done by a group called QuarksLab.

"OpenSSL and Monero Bulletproofs Audits are Underway!"


Almost there...

"The Open Crypto Audit Project worked with the OpenSSL team during the 2+ year development of v. 1.1. Our report will be out shortly."


Not much news on the OpenSSL audit front but...

Oh boy, truecrypt had a pretty bad bug in their windows driver that allows system takeover that just dropped. Notably, this is something the Phase 1 audit done by ISEC probably should have caught, though they were more focused on encryption correctness/safety than driver holes. Naturally that means all truecrypt 7.1a windows users are officially screwed. Veracrypt apparently has patched this along with implementing some of the phase 2 audit recommendations. No word yet from the CipherShed folks though. Guess this means all AWS bulk uploader/downloader folks must switch to VeraCrypt for now...


Truecrypt audit is done, NCC/OCAP found some things but nothing fatal, though the audit scope was kinda limited. OCAP says they'll now dig in hard on OpenSSL 1.1.0 for their audit. I can see why, but that sorta leaves 0.9.8/1.0.0/1.0.1/1.0.2 users out.


OCAP/NCC have announced they are starting the audit of OpenSSL (the new reformatted codebase recently completed). As for how long this will take, who knows, but the interesting bits found during the LibreSSL cleanup will give them a head start. They seem to not be going for a full audit, but the more important/regularly used pieces. Annoucement here


LibreSSL 2.0.0 is out for people to start playing with. In other news, OpenSSL foundation seems to have published a roadmap, hired a new dev, and started grinding through the 10 year bug backlog. There may be hope yet...


CII is handing off the OpenSSL audit to OCAP it seems. CII is also intending to do NTP (probably needed) and OpenSSH (probably not needed but it will make everyone feel better).

In other news, TrueCrypt just imploded. Going theories are superbug scorched earth campaign to protect users, NSL/warrant canary, rage quit, and my personal favorite is that snitch Sabu releasing a version that doesn't violate his sentencing guidelines for the lulz. The TrueCrypt audit guys (OCAP) will still do phase 2 of the audit for completeness, and to try to have more faith in version 7.1a, allegedly the last safe version. NSL/warrant canary is probably the most likely based on circumstantial evidence at this point.


Well, maybe all the big companies who might care might put their money where their mouths are. The Linux Foundation is helming something called the Core Infrastructure Initiative to collect money and sponsor work on open source software that is heavily used in critical internet infrastructure. While not OpenSSL specific, I imagine their first target will be OpenSSL. I wonder how cooperative Theo and the LibreSSL folks will be. Plus, where does this put OCAP in the spectrum of things?

The CII is already begging for donations despite gettings $millions allegedly, so something smells.


LibreSSL commit comments are comedy gold. "ain't nobody got time for hpux"

Someone put together a page pulling out the comments with humor value here.


Theo makes good on the forking promise. The Purge begins.

LibreSSL is accessible here and oh the irony that it isn't accessible via SSL...

But Theo is basically begging for money to return multiplatform capability so there's that issue still. Golf clap for using the blink tag though.


OpenBSD is doing a partial audit/repair of OpenSSL it seems (Theo putting money where his mouth is, only without real money since the OpenBSD foundation and OpenSSL are still doing poorly regarding donations). But their primary method of doing so is removing support for platforms OpenBSD doesn't cover (Windows). So what they make might be *nix/*BSD portable but that's it. Might be usable to OpenSSL upstream but don't bet on it.

So they're basically forking it (OpenSSL 1.0.1g so I guess they won't pull 1.0.2beta parts). So what will OpenBSD's fork be called? OpenTLS? OpenOpenSSL?


Phase 1 of the Truecypt audit is done, nothing hideous found it seems. OCAP starting to shape up to do these kinds of crypto audits perhaps?

Akamai thought they were good with their custom malloc, but looks like they also got caught with their pants down too.


Looks like this might be happening after all. Maybe.


Yeah, that heartbleed fiasco is making people sorta serious about doing an external audit, maybe. Google is doing some work looking long and hard at OpenSSL as part of their library standardization work with Chromium apparently, but who knows how open they want to be about their work. Everyone seems to agree the codebase is a hot mess though. With the TrueCrypt audit wrapping up phase 1 of their audit, maybe they can start the framework of an audit for OpenSSL?