Automic VaultAutomic Vault

brew

Install gmssl with Homebrew

Toolkit for Chinese national cryptographic standards. Version 3.2.0 via Homebrew; verified 2026-06-21.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install gmssl

local Homebrew formula metadata

overview

Package summary

Toolkit for Chinese national cryptographic standards

Commands and aliases

  • gmssl

history

Project history and usage

GmSSL is an open-source cryptographic toolkit developed by Peking University for Chinese commercial cryptography standards. It provides a gmssl command-line tool, a C library, protocol support, and language bindings around SM2, SM3, SM4, SM9, TLCP, TLS, and related algorithms.

Project history

The public GitHub repository was created in 2014. The README describes GmSSL as a domestic commercial cryptography open-source library independently developed by Peking University, covering national cryptographic algorithms, standards, secure communication protocols, mainstream operating systems and processors, cryptographic keys, and cryptographic cards.

The 3.x series was a major rewrite. The README states that GmSSL 3 reduced memory needs and binary size, removed the OpenSSL-compatible API from the core, adopted CMake, targeted embedded environments, and added a separate OpenSSL compatibility layer for applications such as Nginx.

GmSSL releases show a 3.0.0 release in 2022, 3.1.x releases in 2023, and 3.2.0 in 2026. The README's changelog for 3.1.1 onward includes TLS 1.3 work, TLCP support, post-quantum algorithms, command-line options for cryptographic operations, performance improvements, and removal of broken algorithms such as RC4 and MD5.

Adoption history

GmSSL's adoption is tied to compliance and interoperability needs around Chinese national cryptographic standards. Its README emphasizes SM algorithms, TLCP, RFC 8998 TLS 1.3 cipher suites, hardware interfaces such as SDF and SKF, and language bindings for Java, PHP, Go, Python, Rust, and Node.js.

Homebrew packaging gives macOS and Unix-like developers a convenient way to test the gmssl CLI and library without building the full CMake project manually. The GitHub repository's large star and fork counts also indicate broader interest than a single-vendor compliance sample.

How it is used

Practitioners build GmSSL with CMake, install the gmssl command-line tool and libgmssl, and use it to exercise SM-family algorithms, certificate workflows, digital envelopes, TLS/TLCP protocol support, and benchmark tests.

Application developers use the C library or language bindings when they need Chinese commercial cryptography support in services, embedded systems, mobile platforms, or compatibility layers for existing OpenSSL-oriented software.

Why package nerds care

GmSSL is package-significant because cryptographic standards support is hard to vendor casually. A package-managed build gives users a repeatable toolkit for SM2, SM3, SM4, SM9, TLCP, and TLS experiments without treating a security-sensitive C library as a one-off source checkout.

It also shows a common packaging tension in crypto: users want a familiar OpenSSL-like CLI surface, but the project deliberately changed APIs in GmSSL 3 and moved OpenSSL compatibility into a separate layer.

Timeline

  • 2014: Public GitHub repository created.
  • 2018: GMBrowser v0.1 release published in the repository release stream.
  • 2022: GmSSL 3.0.0 released.
  • 2023: GmSSL 3.1.x releases published.
  • 2026: GmSSL 3.2.0 released.

Related projects

  • OpenSSL is related through the compatibility-layer discussion in the README.
  • GmSSL-Java, GmSSL-PHP, GmSSL-Go, GmSSL-Python, gmssl-rs, and GmSSL-Nodejs provide language bindings around the core library.
  • SoftSDF is a related software SDF module for development and testing.

security posture

Risk level: green

narrow executable package without higher-risk signals.

Risk classifier

green risk · low confidence · appliance

Why

  • narrow executable package without higher-risk signals

Signals

  • metadata:no-higher-risk-signals

Install behavior

  • No Homebrew post-install hook is recorded in formula metadata.
  • Homebrew bottle metadata is available for 6 platform targets.
  • Build metadata lists 1 build dependencies.

Recommended review

Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.

executables

Installed executables

CommandKindExposureNote
gmsslcliglobal executable

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version3.2.0
manager updated2026-06-21
local dataok
upstreamcurrent
latest detectedv3.2.0

https://github.com/guanzhi/GmSSL

  • okNo freshness warnings were generated.

install metadata

Package metadata

Package keybrew:gmssl
Version3.2.0
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/gmssl
Homepagehttps://github.com/guanzhi/GmSSL
Repositoryhttps://github.com/guanzhi/GmSSL
Upstream docshttps://github.com/guanzhi/GmSSL#readme
LicenseApache-2.0
Source archivehttps://github.com/guanzhi/GmSSL/archive/refs/tags/v3.2.0.tar.gz
Last updated2026-06-21T07:05:30Z
Pulseupdated
Build dependenciescmake
Bottleavailable (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-installnot defined
Servicenone declared

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Namegmssl
Version Scheme0
Revision0
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated package history
  • package relationship graph
  • package version freshness
  • package-page enrichment