MatrixSSL is an embedded SSL/TLS library under 50KB, designed for small footprint applications and devices. Secure Sockets Layer (SSL) and the next generation Transport Layer Security (TLS) are the most widely deployed protocols for creating secure connections between applications on a network.
SSL is used to secure proprietary applications as well as common Internet protocols such as HTTP, SIP, H.323 and EAP-TLS.
PeerSec Networks also provides an embedded SSH solution for Linux based devices. Embedded SSH is primarily used to securely manage a device through a command line interface, while embedded SSL provides security at the sockets layer for a variety of network protocols. SSH is provided as an add on component to MatrixSSL.
MatrixSSL supports all operating systems and has been ported to OSs including Mac OS X, VxWorks, uClinux, eCos, Nucleus, BREW, pSOS, Linux, Windows and PocketPC. MatrixSSL has been deployed on systems with no OS, filesystem or memory management. Ported pl
Here are some key features of "MatrixSSL":
· < 50KB total footprint with crypto provider
· SSLv3 and TLS server and client support
· Included crypto library - RSA, AES, 3DES, ARC4, SHA1, MD5
· Cipher Suites - RC4-MD5, RC4-SHA, DES-CBC3-SHA, AES128-SHA, AES256-SHA
· RSA public and private key generation
· X.509 certificate generation and signing
· Full support for fast session resumption/caching
· X.509 server and client certificate authentication
· Tight, heavily commented code in portable C
· User and developer documentation
What`s New in This Release: [ read full changelog ]
Feature Updates:
· New server-side configuration option to decrease binary executable size - Servers may now disable a new USE_CERT_PARSE define in crytpoConfig.h to exclude a relatively large portion of the x509.c source code. Previous versions of MatrixSSL would always pass the server certificate through an X.509 parse phase during initialization. This allowed the library to confirm the format of the certificate and perform algorithm tests based on the chosen cipher suite. However, these tests were in place primarily to prevent user error so if USE_CERT_PARSE is disabled, the user must be confident the certificate material is valid for the cipher suites that have been enabled in matrixsslConfig.h.
· New Pseudo-Random Number Generation algorithms -An implementation of Yarrow is now included in the MatrixSSL source code package. Random numbers are now retrieved through Yarrow by default. An entropy source and implementation of psGetEntropy is still required for each platform.
· Windows pro...
