The State of OpenSSL for pyca/cryptography
4 months ago
- #Cryptography
- #Python
- #OpenSSL
- The Python cryptography library (pyca/cryptography) has relied on OpenSSL for core cryptographic algorithms for 12 years.
- OpenSSL's development trajectory is described in three acts: under-maintained pre-2014, post-Heartbleed improvements, and post-2021 regressions in OpenSSL 3.
- OpenSSL 3 introduced performance regressions, complexity, and API issues, leading to frustration among maintainers.
- Performance issues include significant slowdowns in parsing and key loading, with some operations being 3x slower than OpenSSL 1.1.1.
- The pyca/cryptography library achieved better performance by migrating some functionalities to Rust, showing that improvements are possible.
- OpenSSL 3's new APIs, like OSSL_PARAM, are criticized for reducing performance, increasing complexity, and making code less readable.
- OpenSSL's testing and verification practices are insufficient, with flaky CI and gaps in test coverage leading to undetected bugs.
- Memory safety is a concern, as OpenSSL has not committed to migrating to memory-safe languages like Rust, unlike other projects.
- The pyca/cryptography team is considering reducing reliance on OpenSSL, potentially switching to forks like LibreSSL, BoringSSL, or AWS-LC.
- Future steps may include dropping OpenSSL support entirely and exploring alternatives like Graviola for cryptographic implementations.