openssl is the most common stack to deliver encryption. But – if you read articles like that:
https://queue.acm.org/detail.cfm?id=2602816
Quote (please read the full article):
And that brings me back to OpenSSL — which sucks. The code is a mess, the documentation is misleading, and the defaults are deceptive. Plus it is 300,000 lines of code that suffer from just about every software engineering ailment you can imagine:
- No central architectural authority
- 6,740 goto statements
- Inline assembly code
- Multiple different coding styles
- Obscure use of macro preprocessors
- Inconsistent naming conventions
- Far too many selections and options
- Unexplained dead code
- Misleading and incoherent comments
and so on and so on.
And it’s nobody’s fault.
No one was ever truly in charge of OpenSSL, it just sort of became the default landfill for prototypes of cryptographic inventions, and since it had everything cryptographic under the sun (somewhere , if you could find out how to use it), it also became the default source of cryptographic functionality.
i’m sure more than one person has thought „Nobody ever got fired for using OpenSSL“.
Poul is the creator of varnish – a wonderful solution for website caching. Thus I’ve started to have a look for alternative solutions. Open Source of course.