The following book reviews are the copyright of their respective authors and no part should be reproduced without the express permission of the author. Publishers and Authors of the books reviewed may reproduce the whole or extracts of a review for their book. To request copyright permission please email firstname.lastname@example.org.
All the reviews herein are the opinions of the reviewer and are not necessarily the views of Birmingham Perl Mongers and its members. If you feel a review or comment has been made in error, please contact email@example.com to rectify the situation.
Static Link: http://birmingham.pm.org/reviews/51
|Title:||Network Security with OpenSSL|
|Author(s):||John Vega, Matt Messier & Pravir Chandra|
One of my job roles recently involved adding Transport Layer Security (TLS) support to the qmail SMTP application, in the guise of the Extended SMTP command STARTTLS, using the open source OpenSSL library to provide the backend crypto graphical support. Coming from a background of encryption software development, I was confident with crypto terminology, but I had no hands-on experience of TLS (or SSL) itself. Development time, as is always, was limited and I needed to learn OpenSSL fast. Where to turn?
Whilst the OpenSSL has a reasonably documented website (www.openssl.org) the documentation is mainly man page, API based - there is little in the way of examples, and a fair number of holes in the documentation. An active and reliable mailing list (http://groups.google.com/groups?group=mailing.openssl.users) is available, but I wanted to learn OpenSSL myself, not rely on others! Enter Network Security with OpenSSL
The book was released in June 2002 and at the time of writing there have since been 13 releases of OpenSSL. However, as these releases have generally been security updates, the book still stands accurate.
In a well designed first chapter the reader is introduced (or refreshed) on the foundations and terminology of cryptography and if required, guided through the downloading and building of OpenSSL.
The second chapter covers the command line interface of OpenSSL, when the library is used in an interactive context. Although you are more likely to be using OpenSSL as an API, learning the OpenSSL CLI is essential for OpenSSL development, particularly in the generation of X.509 certificates, or the use of the s_client and s_server tools for debugging your development. This chapter is backed up by the books appendix, which is an easy reading reference guide to the CLI.
The following seven chapters of this book are dedicated towards using OpenSSL as an API for your own development. The authors have based the content of these chapters on the key applications of OpenSSL, including Public Key Infrastructure, SSL/TLS Programming and Symmetric Cryptography.
I have found the chapter on SSL/TLS Programming to be almost essential in order to get my development complete. The chapter guides you through creating a fully functional SSL client and server using C, and is complete with well explained source code listings, which are also available for download from a supplemental website. O'Reilly Sidebars are used to good effect to explain slightly off-topic areas, whilst allowing the reader to remain focused on the topic at hand.
OpenSSL is primarily a C language based library. However chapter nine is likely to interest readers of this review. "OpenSSL in Other Languages" discusses using OpenSSL in Perl (Net::SSLeay), Python and PHP. Whilst my development with OpenSSL has been only in C, This chapter presents itself as being a good lightweight reference to using OpenSSL with Perl, although I would suggest the use of other on-line resources to supplement the chapter.
I would recommend Network Security with OpenSSL without hesitation to any developers who are considering or are already using OpenSSL. It is both authoritative and readable.
- Mark Songhurst, © 4th May 2004
We are one of the UK's largest Perl user groups, representing Birmingham UK to the international Perl community since 2000. We hold monthly social and technical presentations, and several of our members are now regular attendees and speakers at the YAPC::Europe Perl Conferences.
For further information about Birmingham.pm, please read our Frequently Asked Questions page.
For details about joining our mailing list, please Click Here for more details.
No meeting currently scheduled
14th Dec - Brum.pm Social
Download the Birmingham.pm ICalendar
or subscribe to our Google Calendar
Aberdeen Perl Mongers
Bath Perl Mongers
Birmingham Perl Mongers
Bristol Perl Mongers
Devon & Cornwall Perl Mongers
Edinburgh Perl Mongers
Glasgow Perl Mongers
London Perl Mongers
Milton Keynes Perl Mongers
North of England Perl Mongers
Nottingham Perl Mongers
Southampton Perl Mongers
Thames Valley Perl Mongers
• Linux System Programming
• Mastering Perl
• GIMP 2 for Photographers
• Minimal Perl
• Wicked Cool Perl Scripts
• Red Hat Linux 9 Unleashed
• IRC Hacks - 100 Industrial-Strength Tips & Tools
• eBay Hacks - 100 Industrial-Strength Tips & Tools
• Exploiting Software - How To Break Code
• Mac OS X Unleashed, 2nd Edition
* New Reviews
.. More Reviews