MatrixSSL icon

MatrixSSL For Linux

3.3/5 19
GPL    

An Open Source project that provides an embedded SSL/TLS implementation for small footprint devices. #Embedded SSL  #Embedded TLS  #Small footprint device  #SSL  #TLS  #RSA  

Softpedia Review

changelog

Free Download

Review by:
4.5/5

MatrixSSL is an open source and commercial project that has been designed to provide embedded SSL (Secure Sockets Layer) and TLS (Transport Layer Security) implementations for small footprint devices and applications.

With under 50KB total footprint, the software includes SSL (Secure Sockets Layer) 3.0 client/sever support, TLS (Transport Layer Security) 1.0, 1.1 and 1.2 client/server support, a cryptographic library that implements the RSA, AES, MD5, SHA1, 3DES, ECC, ARC4, and RC2 encryption algorithms.

MatrixSSL provides various cipher suites, CRL (Certificate Revocation List) support, session cipher renegotiation and re-keying, X.509 certificate chain authentication, as well as optimizations for the assembly language, supporting Intel, MIPS and ARM platforms.

Among other interesting features, we can mention complete support for session caching and resumption, Stateless Session Tickets support, Server Name Indication support, RFC7301 Application Protocol Negotiation, and RSASSA-PSS Signature Algorithm support.

Another interesting feature is the ability to parse ASN.1 DER and X.509 .pem certificates. The project also supports PKCS#12, PKCS#5, PKCS#1.5 and PKCS#8 for key formatting, supports SSH (Secure Shell) command-line, supports DTLS (Datagram Transport Layer Security), provides pluggable cipher suite, crypto provider, perating system and malloc interfaces, supports TCP/IP, and offers both end-user and developer documentation.

To install the MatrixSSL software on your GNU/Linux operating system, download the latest release from the project’s website (see the homepage link at the end of the review), save it somewhere on your computer, and unpack it.

Open a terminal emulator app, go to the location where you’ve extracted the archive file (e.g. cd /home/softpedia/matrixssl-3-7-1-open - replace ‘softpedia’ with your username), run the ‘make’ command to compile the program, and then run the ‘sudo make install’ command to install it.

What's new in MatrixSSL 3.7.1:

  • Security Fixes:
  • X.509 and ASN.1 Parsing Improvements - The Advanced Threat Research team at Intel Security discovered several issues as part of their research on the BERSerk attack on RSA signature verification. MatrixSSL does not contain this vulnerability which can result in a MITM attack, however some other ASN.1 fields were not consistently checked against remaining buffer length when parsed. These have each been fixed, and the getAsnLength() internal API now also does a double check against the remaining buffer length for variable length fields in all cases.
  • Constant-Time Memory Compare - Calls to memcmp() have been replaced with a memcmpct() implementation to reduce the effectiveness of future timing based attacks.
Read the full changelog
User Comments
This enables Disqus, Inc. to process some of your data. Disqus privacy policy

MatrixSSL 3.7.1

add to watchlist add to download basket send us an update REPORT
  runs on:
Linux
  1 screenshot:
MatrixSSL - SSL session lifetime dynamic memory usage (in bytes)
  main category:
Security
  developer:
  visit homepage