Skip to content
Lightweight Embedded SSL/TLS Implementation for IoT Devices
Branch: master
Clone or download
Janne Johansson
Janne Johansson MatrixSSL 4.2.1
Latest commit 91fd0f1 Jun 20, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
apps MatrixSSL 4.2.1 Jun 20, 2019
configs MatrixSSL 4.2.1 Jun 20, 2019
core MatrixSSL 4.2.1 Jun 20, 2019
crypto MatrixSSL 4.2.1 Jun 20, 2019
doc MatrixSSL 4.2.1 Jun 20, 2019
makefiles MatrixSSL 4.0.0 Sep 13, 2018
matrixssl MatrixSSL 4.2.1 Jun 20, 2019
testkeys MatrixSSL 4.2.1 Jun 20, 2019
thirdparty MatrixSSL 3.9.3 Jun 22, 2017
xcode MatrixSSL 4.0.0 Sep 13, 2018
.gitattributes MatrixSSL 3.8.3 Open Apr 15, 2016
.gitignore MatrixSSL 3.8.3 Open Apr 15, 2016
AUTHORS MatrixSSL 3.9.0 Mar 10, 2017
FILES MatrixSSL 3.9.1 Mar 21, 2017
INSTALL Added xcode files. Apr 18, 2016
LICENSE GPLv2 May 4, 2016
Makefile MatrixSSL 4.1.0 Apr 17, 2019
README.html MatrixSSL 4.0.1 Nov 15, 2018
README.md MatrixSSL 4.2.1 Jun 20, 2019
common.mk MatrixSSL 4.0.0 Sep 13, 2018
pgp.asc MatrixSSL 3.8.4 Jul 20, 2016
readme.txt MatrixSSL 4.1.0 Apr 17, 2019
release_notes-4-2-1-open.html MatrixSSL 4.2.1 Jun 20, 2019

README.md

MatrixSSL Banner

Lightweight Embedded SSL/TLS Implementation Official source repository of matrixssl.org

release license

tls-attacker-status coverity-status

##Overview MatrixSSL has been continuously maintained since 2002. It is the first open source small footprint SSL stack. Until recently, releases were tracked on http://freecode.com/projects/matrixssl

MatrixSSL is an embedded SSL and TLS implementation designed for small footprint IoT devices requiring low overhead per connection. It includes client and server support through TLS 1.3, mutual authentication, session resumption, and implementations of RSA, ECC, AES, SHA1, SHA-256, ChaCha20-Poly1305 and more. The source is well documented and contains portability layers for additional operating systems, cipher suites, and cryptography providers.

##Reporting Issues Please email support@matrixssl.org. Sensitive emails can be encrypted using the public key in this directory pgp.asc, Key fingerprint = D6AD F1C5 E34E 696B 0953 556C 8BB2 B39A 2795 C6B3.

##Features

  • Small total footprint with crypto provider
  • SSL 3.0 and TLS 1.0, 1.1, 1.2 and 1.3 server and client support
  • Included crypto library - RSA, ECC, AES, 3DES, ARC4, SHA1, SHA256, MD5, ChaCha20-Poly1305
  • Assembly language optimizations for Intel, ARM and MIPS
  • Session re-keying and cipher renegotiation
  • Full support for session resumption/caching
  • Server Name Indication and Stateless Session Tickets
  • RFC7301 Application Protocol Negotiation
  • Server and client X.509 certificate chain authentication
  • Client authentication with an external security token
  • Parsing of X.509 .pem and ASN.1 DER certificate formats
  • PKCS#1.5, PKCS#5 PKCS#8 and PKCS#12 support for key formatting
  • RSASSA-PSS Signature Algorithm support
  • Certificate Revocation List (CRL) support
  • Fully cross platform, portable codebase; minimum use of system calls
  • Pluggable cipher suite interface
  • Pluggable crypto provider interface
  • Pluggable operating system and malloc interface
  • TCP/IP optional
  • Multithreading optional
  • Only a handful of external APIs, all non-blocking
  • Example client and server code included
  • Clean, heavily commented code in portable C
  • User and developer documentation
You can’t perform that action at this time.