openssl/openssl
By the numbers
Data collected on 2026-04-30 from master at commit e905da2c20.
Size
OpenSSL is a large, mostly-C project with a substantial Perl-based build/test/asm-generator stack and a full POD man-page set.
xychart-beta horizontal
title "Lines of code by language"
x-axis ["C (sources)", "C (headers)", "Perl (.pl/.pm)", "POD man pages", "Test C", "Asm/perl-asm"]
y-axis "Lines (thousands)" 0 --> 950
bar [565, 95, 100, 270, 196, 271]| Category | Count |
|---|---|
C source files (*.c) |
1588 |
C header files (*.h) |
545 |
Lines of C in crypto/, ssl/, providers/, apps/, include/ |
~630,000 |
Lines of C in test/ |
~196,000 |
Perl scripts (*.pl) |
287 |
Perl modules (*.pm) |
53 |
POD documentation files (*.pod) |
913 |
.S/asm files |
10 |
build.info files |
128 |
The largest C source files (excluding generated tables in crypto/ec/):
| File | Lines |
|---|---|
ssl/ssl_lib.c |
8,538 |
ssl/quic/quic_impl.c |
5,905 |
ssl/s3_lib.c |
5,688 |
ssl/t1_lib.c |
5,139 |
apps/s_server.c |
4,802 |
apps/speed.c |
4,774 |
ssl/statem/statem_srvr.c |
4,748 |
ssl/statem/statem_clnt.c |
4,510 |
apps/s_client.c |
4,467 |
crypto/ec/curve25519.c |
5,879 |
The two crypto/ec/ecp_*256_table.c files are precomputed lookup tables (16k and 14k lines).
Activity
- Total commits in repo: 39,696 (since 1998-12-21).
- Commits in the last 365 days: 2,544.
- Commits in the last 90 days: 828.
- Commits in the last 28 days: 191.
- Distinct authors over project lifetime: 1,453.
xychart-beta
title "Commits per year"
x-axis [1999, 2002, 2005, 2008, 2011, 2014, 2017, 2020, 2023, 2026]
y-axis "Commits" 0 --> 4000
bar [1297, 1119, 808, 521, 1009, 988, 2563, 2668, 2264, 1007]The 2016 spike (3,924 commits) corresponds to the run-up to OpenSSL 1.1.0; the 2020–2021 sustained level (~2,700/year) covers the 3.0 rewrite. 2026 numbers cover only Jan–Apr.
Churn hotspots (last 90 days)
| Directory | Commits touching it (last 90 days) |
|---|---|
doc/man3/ |
281 |
crypto/x509/ |
227 |
include/openssl/ |
170 |
test/recipes/ |
150 |
ssl/statem/ |
87 |
crypto/evp/ |
86 |
doc/man7/ |
84 |
doc/man1/ |
84 |
providers/fips/ |
76 |
ssl/ech/ |
72 |
include/internal/ |
63 |
.github/workflows/ |
61 |
crypto/asn1/ |
59 |
apps/lib/ |
52 |
providers/implementations/kdfs/ |
47 |
The mix is healthy: docs first (man3), followed by the X.509 and EVP cores, the test recipes, the TLS/ECH state machine, FIPS, CI configuration. Nothing is anomalously hot.
Bot-attributed commits
In the last 365 days, 0 commits include a Co-authored-by: …[bot] trailer (e.g. factory-droid[bot], dependabot[bot], github-actions[bot]). This is a lower bound on AI-assisted work — Copilot-style inline tools leave no trace in git history. OpenSSL relies on Dependabot for GitHub Action version bumps but those land as direct commits from the maintainer who reviews them, without bot co-authorship.
Complexity
| Metric | Value |
|---|---|
Public C headers under include/openssl/ |
142 |
Lines in the largest public header (include/openssl/ssl.h.in) |
~3,400 |
OSSL_FUNC_* provider dispatch IDs (include/openssl/core_dispatch.h) |
several hundred — the file is ~48 KB |
OSSL_PARAM well-known names (include/openssl/core_names.h.in) |
~200 |
TLS extensions handled in ssl/statem/extensions.c |
30+ (rendered as a table at the top of the file) |
TODO/FIXME/HACK/XXX comments in crypto, ssl, providers, apps |
125 |
Tests
The harness lives under test/recipes/*.t (Perl), driven by make test:
| Bucket | Approximate test count |
|---|---|
Test recipe files (test/recipes/*.t) |
~330 |
Standalone C test programs (test/*.c) |
~360 |
External test suites in test/external/ |
wycheproof, tlsfuzzer, tlslite-ng, krb5, gost-engine, oqs-provider, pkcs11-provider, pyca-cryptography, python-ecdsa, cloudflare-quiche |
| Largest single test program | test/sslapitest.c at ~475 KB |
CI
| Workflow | Purpose |
|---|---|
ci.yml |
Per-PR fast feedback (Linux configurations, sanitizers, build matrix) |
os-zoo.yml |
Nightly build across many OSes |
compiler-zoo.yml |
Nightly build across many compilers |
cross-compiles.yml, aarch64-more-cross-compiles.yml, riscv-more-cross-compiles.yml |
Cross-compilation matrices |
run-checker-daily.yml, run-checker-merge.yml |
A grid of Configure flag combinations |
provider-compatibility.yml, prov-compat-label.yml |
Cross-version FIPS provider compatibility |
run_quic_interop.yml |
QUIC interop matrix |
interop-tests.yml |
TLS interop |
fips-checksums.yml, fips-label.yml |
FIPS module fingerprint sanity |
fuzz-checker.yml, oss-fuzz.yml |
Fuzzing entry points |
valgrind-daily.yml |
Memory-leak runs |
static-analysis.yml, static-analysis-on-prem.yml |
Coverity-style scans |
style-checks.yml |
clang-format and codespell |
(Source: .github/workflows/.)
Build artefacts
A standard ./Configure && make -j on Linux produces, among other things:
libcrypto.so.4,libssl.so.4(shared libraries)libcrypto.a,libssl.a(archives)apps/openssl— the CLIproviders/legacy.so(the legacy provider as a separate module)providers/fips.so(only whenenable-fipswas set; built with reproducible-checksum constraints — see providers/fips)- A directory of fuzzer binaries under
fuzz/ - A test-runs directory populated by
make test
Built by Factory AutoWiki from public repository content. It is a generated preview for codebase exploration, not source-maintained documentation.