An Open Source project that provides an embedded SSL/TLS implementation for small footprint devices
With under 50KB total footprint, the software includes SSL 3.0 client/sever support, TLS 1.0, 1.1 and 1.2 client/server support, a crypto library that implements the RSA, AES, MD5, SHA1, 3DES, ECC, ARC4, and RC2 encryption algorithms, as well as optimizations for the assembly language, supporting Intel, MIPS and ARM platforms.
Among other features, MatrixSSL provides various cipher suites, CRL (Certificate Revocation List) support, session cipher renegotiation and re-keying, X.509 certificate chain authentication, and much more.
In a hurry? Add it to your Download Basket!
What's New in This Release:
- Bug Fixes and Improvements:
- Improved Run-Time Checks of Certificate Algorithms Against Cipher Suites Checking the public key and signature algorithms of the certificate material during initialization and cipher suite negotiation is now stricter. Servers now look at the signature algorithm of their certificate when negotiating cipher suites to ensure the authentication mechanism is consistent with the cipher suite. This enables the handshake to fail early in the process if the certificate material does not support a requested cipher suite. This is mainly a protection against user configuration errors because a server should not enable cipher suites it isn't prepared to support. Clients now confirm the server certificate signature algorithm as a pre-emptive measure during the parsing of the CERTIFICATE message. Previous versions would terminate the connection later in the handshake process when the unsupported algorithm was encountered for the public key operation itself.
- SSL Alert Sent on Handshake Message Creation Failure Previous versions would silently terminate the SSL connection if handshake message creation failed. Now an INTERNAL_ERROR alert is sent before closing the connection.