MatrixSSL 3.7.1

An Open Source project that provides an embedded SSL/TLS implementation for small footprint devices

  Add it to your Download Basket!

 Add it to your Watch List!


Rate it!

What's new in MatrixSSL 3.7.1:

  • Security Fixes:
  • X.509 and ASN.1 Parsing Improvements - The Advanced Threat Research team at Intel Security discovered several issues as part of their research on the BERSerk attack on RSA signature verification. MatrixSSL does not contain this vulnerability which can result in a MITM attack, however some other ASN.1 fields were not consistently checked against remaining buffer length when parsed. These have each been fixed, and the getAsnLength() internal API now also does a double check against the remaining buffer length for variable length fields in all cases.
  • Constant-Time Memory Compare - Calls to memcmp() have been replaced with a memcmpct() implementation to reduce the effectiveness of future timing based attacks.
Read full changelog
send us
an update
GPL (GNU General Public License) 
PeerSec Networks
3.3/5 19
ROOT \ Security
1 MatrixSSL Screenshot:
MatrixSSL - SSL session lifetime dynamic memory usage (in bytes)
MatrixSSL is an open source and commercial project that has been designed to provide embedded SSL (Secure Sockets Layer) and TLS (Transport Layer Security) implementations for small footprint devices and applications.

Features at a glance

With under 50KB total footprint, the software includes SSL (Secure Sockets Layer) 3.0 client/sever support, TLS (Transport Layer Security) 1.0, 1.1 and 1.2 client/server support, a cryptographic library that implements the RSA, AES, MD5, SHA1, 3DES, ECC, ARC4, and RC2 encryption algorithms.

Additionally, MatrixSSL provides various cipher suites, CRL (Certificate Revocation List) support, session cipher renegotiation and re-keying, X.509 certificate chain authentication, as well as optimizations for the assembly language, supporting Intel, MIPS and ARM platforms.

Among other interesting features, we can mention complete support for session caching and resumption, Stateless Session Tickets support, Server Name Indication support, RFC7301 Application Protocol Negotiation, and RSASSA-PSS Signature Algorithm support.

Another interesting feature is the ability to parse ASN.1 DER and X.509 .pem certificates. The project also supports PKCS#12, PKCS#5, PKCS#1.5 and PKCS#8 for key formatting, supports SSH (Secure Shell) command-line, supports DTLS (Datagram Transport Layer Security), provides pluggable cipher suite, crypto provider, perating system and malloc interfaces, supports TCP/IP, and offers both end-user and developer documentation.

Getting started with MatrixSSL

To install the MatrixSSL software on your GNU/Linux operating system, download the latest release from the project’s website (see the homepage link at the end of the review), save it somewhere on your computer, and unpack it.

Open a terminal emulator app, go to the location where you’ve extracted the archive file (e.g. cd /home/softpedia/matrixssl-3-7-1-open - replace ‘softpedia’ with your username), run the ‘make’ command to compile the program, and then run the ‘sudo make install’ command to install it.

MatrixSSL was reviewed by , last updated on January 14th, 2015

#embedded SSL #embedded TLS #small footprint device #SSL #TLS #RSA #AES

Add your review!