OpenSSL

OpenSSL is one of the most popular open source TLS/SSL implementations. You can compile in on/for Windows, with some caveats.

As I use OpenSSL frequently for pentesting, I want it to support as many ciphers as possible. That's the reason I forked the offical github repo, and added several features to it: A number of (insecure) ciphers have been removed from the official version of OpenSSL, which hinders testing.

Currently 1.0.2-chacha aligns with the official 1.0.2 branch (OpenSSL_1_0_2-stable). Support for the ChaCha20 and Poly1305 ciphers is merged from the OpenSSL repo itself (the 1.0.2-aead branch).

A number of additional features is either added or backported from OpenSSL's master branch. See https://github.com/PeterMosmans/openssl/tree/1.0.2-chacha for the full source, which compiles on any platform (as good as the offical OpenSSL source).

Below you can find the binaries for Windows 32 and 64 bit, a build of the latest commit. For easy identification the OpenSSL header contains the branch name (1.0.2-chacha).

The files are signed using my PGP key 0x40E874AD. Please see the article on creating and verifying digital signatures of files for more information on how to verify signatures.

Note that you need the corresponding (32-bit or 64-bit) zlib1.dll - OpenSSL was compiled with zlib support, which cannot be added statically.

Windows x86_64 (64 bit)

Build commands

Configure mingw64 no-shared enable-static-engine zlib enable-camellia \
enable-cms enable-ec enable-ec2m enable-ecdh enable-ecdsa \
enable-ec_nistp_64_gcc_128 enable-gost enable-idea enable-md2 \
enable-mdc2 enable-rc2 enable-rc5 enable-rfc3779 enable-seed \
enable-ssl-trace enable-ssl2 enable-ssl3 experimental-jpake \
no-zlib-dynamic -static-libgcc --openssldir=c:/programs/openssl
make depend
make
make report
URL
https://www.onwebsecurity.com/files/openssl-1.0.2-chacha-latest.zip
PGP signature file
https://www.onwebsecurity.com/files/openssl-1.0.2-chacha-latest.zip.sig
sha256
4fb095b0723af082513e41cee64fd3195ab27eefc87ce3e503afd
build date
28-06-2017

Compiler used:

gcc version 6.3.0 (Rev3, Built by MSYS2 project)

Windows x86 (32 bit)

Build commands

Configure mingw no-shared enable-static-engine zlib no-zlib-dynamic \
enable-gost enable-idea enable-md2 enable-rc5 enable-rfc3779 \
enable-ssl-trace enable-ssl2 enable-ssl3 experimental-jpake \
--openssldir=c\:/programs/openssl
make depend
make
make report
URL
https://www.onwebsecurity.com/files/openssl-1.0.2-chacha-latest-x86.zip
PGP signature file
https://www.onwebsecurity.com/files/openssl-1.0.2-chacha-latest-x86.zip.sig
sha256
78db89684a3c443a1922af478855aeb05bbbad782df3d11565879a4a680e3836
build date
19-03-2016

Compiler used:

gcc version 5.3.0 (Rev2, Built by MSYS2 project)

See also other announcements and posts regarding OpenSSL on this site.