Embedded SSL library supports TLS
May 9, 2006 — by LinuxDevices Staff — from the LinuxDevices Archive — 33 viewsA project to create a free (LGPL), small-footprint client/server SSL library supporting TLS (transport layer security) has achieved its initial release. The axTLS library includes a CGI-enabled web server, test tools, and language binding for C#, VB.Net, Java, and Perl. Written in ANSI C, it has been tested on Linux, Win32/Cygwin, and Solaris, according to the project.
The axTLS library is highly configurable, and uses mtool, the ncurses-based configuration system used by busybox and the Linux kernel. It has four main configuration options, including:
- Basic server mode — 44KB
- Server mode with client verification — 50KB
- Client/Server — 55KB
- Client/Server with diagnostics — 63KB
axTLS's mconf-based configuration system
(Click to enlarge)
axTLS includes a CGI-enabled https server based on anti-Web, and has also been built with mini-httpd and busybox, according to the project website.
Touted features include:
- Uses TLSv1 (transport layer security, an improvement on SSLv3)
- Session resumption for high SSL performance
- AES128/AES256 for high quality encryption (as well as RC4, for resource-constrained systems, and IE6 compatibility)
- Variable RSA key sizes (512-4096 bits have been tested)
- Simple API with about 20 functions in C, and no structures
- Peer client/server verification, certificate chaining, session renegotiation
- DER/PEM ASN.1, X509v1 formats
- Highly configurable compile-time options
- Interfaces for C#, VB.NET, Java, and Perl
Availability
axTLS is available now, under the GNU LGPL. Additional details can be found on the axTLS website.
This article was originally published on LinuxDevices.com and has been donated to the open source community by QuinStreet Inc. Please visit LinuxToday.com for up-to-date news and articles about Linux and open source.