Greetings SSL developers. Several months ago, we spent a considerable amount of time attempting to reduce the size of OpenSSL to make it suitable for our embedded Web services software. We did the research and saw that this was a query that came up about once a month, but never seemed to be resolved. We worked with Martin Witzel's early release of small OpenSSL, and applied our own changes to it, but it proved very difficult to untangle the code enough to produce a library with a target of < 200K. This is not really the fault of OpenSSL; it was designed as a powerful, comprehensive library that is the de-facto standard for most people's experience with security.
Many companies in our place have developed their own compact implementation, sometimes based on OpenSSL, but have not released the code back into the public. We felt that if we were to develop an open source "SSL lite" designed for devices, we would contribute it to the open source community so other companies and projects wouldn't have to go through the process of implementing it again. We're happy to announce that the source is now available for public download at: http://www.matrixssl.org The software is currently in beta, and should not be used in production systems until it's had more of a workout and the benefit of community feedback. Here's a quick overview of the features currently supported: - SSLv3 server protocol support - Full session resumption support - Under 50K library footprint with crypto provider - Included crypto library - RSA, 3DES, ARC4, SHA1, MD5 (some based on http://www.libtomcrypt.org) - Cipher suites - RC4-MD5, RC4-SHA and DES-CBC3-SHA - Pluggable interface for new cipher suites, crypto providers and OS support - Nine public apis, all non-blocking - Reference implementation (Mbedthis AppWeb embedded Web server - http://www.mbedthis.com) - Clean, well documented source code and documentation - GNU Public License, with alternate license available for proprietary commercial use I'm interested in hearing the development community's feedback on MatrixSSL. We've developed a complementary library to OpenSSL that we hope will be able expand the range of users for open source security software. If you are interested in keeping up with the latest news on this project, including security advisories and bug fixes, we've set up an XML RSS news feed at: http://www.matrixssl.org/index.xml J Harper PeerSec Networks http://www.peersec.com ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
