MatrixSSL
PeerSec MatrixSSL is an embedded SSL implementation designed for small footprint devices and applications requiring low overhead per connection. The library is less than 50K on disk with cipher suites. It includes SSL client and SSL server support, session resumption, and implementations of RSA, 3DES, ARC4, SHA1, and MD5. The source is well documented and contains portability layers for additional operating systems, cipher suites, and cryptography providers.
| Tags | Communications Internet Web HTTP Servers Security Cryptography Software Development Embedded Systems Libraries Networking |
|---|---|
| Licenses | GPL |
| Operating Systems | Windows OS Independent POSIX Linux Other Unix Mac OS X |
| Implementation | C |
Recent releases
- 24 Jun 2009 21:58
Changes: Additional checks and proper error handling for three types of malformed X.509 certificates. These do not constitute a remote attack vector for the Open Source release. The size calculations for SSL_FULL conditions when encoding the FINISHED flight of handshake messages have been fixed. The USE_MULTITHREADING define in matrixConfig.h is now off by default so that POSIX platforms will not require pthreads by default. Windows project files for library and example application builds are now based on the freely available Microsoft Visual Studio C++ 2008 Express Edition.
- 10 Sep 2008 20:00
Changes: The matrixRsaParsePubKey routine has added support for X.509 SubjectPublicKeyInfo formatted keys. There is full parsing support of the subjectAltName extension in certificates. Clients are allowed to send multiple compression parameters in the CLIENT_HELLO message. The matrixX509ReadCert routine supports additional PEM file header and footer formats A filename misspelling in httpsReflector.c for loading the example CAcertCln.der certificate has been corrected.
- 09 Feb 2007 14:13
Changes: API changes: ‘const’ qualifiers have been added to literal string parameters for matrixRsaReadPrivKey, matrixRsaReadKeys, matrixRsaReadKeysEx, and matrixX509ReadPubKey. There is additional error reporting in the RSA public decryption routine. The enforcement of maximum certificate chain length has been improved. The –fPIC compile option has been added to default POSIX builds. A one-time memory leak on error conditional during certificate parsing has been fixed.
- 11 Oct 2006 03:34
Changes: An issue with empty message denial-of-service countermeasure was corrected. This fix is most relevant to use-cases that involve an OpenSSL client communicating with a MatrixSSL server using block ciphers (SSL_RSA_WITH_3DES_EDE_CBC_SHA, for example). For more information on the issue please see http://www.openssl.org/~bodo/tls-cbc.txt.
- 12 Jul 2006 17:15
Changes: Cleaner POSIX cross-platform compiles for newer releases of Linux and Intel Macs. Additional X.509 certificate field parsing and error handling.
- All comments
Recent commentsno os
does anyone have a no-os implementation of matrixssl?