MatrixSSL is an open-source TLS/SSL implementation designed for custom applications in embedded hardware environments.
The MatrixSSL library contains a full cryptographic software module that includes industry-standard public key and symmetric key algorithms. It is now called the Inside Secure TLS Toolkit.
Features
Features:5
- Protocol versions
- Public key algorithms
- Symmetric key algorithms
- Supported cipher suites
- TLS_AES_128_GCM_SHA256 (TLS 1.3)
- TLS_AES_256_GCM_SHA384 (TLS 1.3)
- TLS_CHACHA20_POLY1305_SHA256 (TLS 1.3)
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
- SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
- TLS_RSA_WITH_SEED_CBC_SHA
- TLS_DHE_PSK_WITH_AES_128_CBC_SHA
- TLS_DHE_PSK_WITH_AES_256_CBC_SHA
- TLS_PSK_WITH_AES_128_CBC_SHA
- TLS_PSK_WITH_AES_256_CBC_SHA
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
- TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
- TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
- TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
- TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
- TLS_RSA_WITH_AES_128_CBC_SHA
- TLS_RSA_WITH_AES_256_CBC_SHA
- TLS_RSA_WITH_AES_128_CBC_SHA256
- TLS_RSA_WITH_AES_256_CBC_SHA256
- TLS_RSA_WITH_AES_128_GCM_SHA256
- TLS_RSA_WITH_AES_256_GCM_SHA384
- SSL_RSA_WITH_3DES_EDE_CBC_SHA
- SSL_RSA_WITH_RC4_128_SHA
- SSL_RSA_WITH_RC4_128_MD5
- TLS_DH_anon_WITH_AES_128_CBC_SHA
- TLS_DH_anon_WITH_AES_256_CBC_SHA
- SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
- SSL_DH_anon_WITH_RC4_128_MD5
- Client authentication
- Secure Renegotiation
- Standard Session Resumption
- Stateless Session Resumption
- Transport independent
- PKCS#1 and PKCS#8 key parsing
- False Start
- Max Fragment Length extension
- Optional PKCS#11 Crypto Interface
Major Releases
| Version6 | Date |
|---|---|
| 4.0.0 | Sep 2018 |
| 3.9.0 | Mar 2017 |
| 3.8.3 | Apr 2016 |
| 3.7.1 | Dec 2014 |
| 3.6 | Apr 2014 |
| 3.4 | Jan 2013 |
| 3.3 | Feb 2012 |
| 3.2 | Jun 2011 |
| 3.1 | Mar 2010 |
| 3.0 | Aug 2009 |
| 2.2 | Jan 2008 |
| 2.1 | Nov 2005 |
| 1.7 | Apr 2005 |
| 1.1 | May 2004 |
| 1.0 | Jan 2004 |
See also
External links
References
"Evaluating PeerSec Networks' MatrixSSL on a Stellaris® Microcontroller" (PDF). Texas Instruments. 2009-06-24. Retrieved 2014-08-13.[permanent dead link] https://uk.farnell.com/images/e14/content/common/npi/medical/pdf/appnotes/ti/Texas_Instruments_LM3S6100_Application_Notes_3.pdf ↩
Eronen, Pasi (2006-11-09). "TLS Record Layer Bugs". IETF67 TLS WG. Retrieved 2014-08-13. https://www.ietf.org/proceedings/67/slides/tls-3/tls-3.ppt ↩
Young, Craig (2016-10-10). "Flawed MatrixSSL Code Highlights Need for Better IoT Update Practices". tripwire.com. Tripwire, Inc. Retrieved 2017-11-17. https://www.tripwire.com/state-of-security/security-data-protection/cyber-security/flawed-matrixssl-code-highlights-need-for-better-iot-update-practices/ ↩
"Inside Secure TLS Toolkit". Retrieved 2020-06-30. https://www.rambus.com/security/software-protocols/secure-communication-toolkits/tls-toolkit/ ↩
"MatrixSSL Documentation". Archived from the original on 2014-08-14. Retrieved 2014-08-13. https://web.archive.org/web/20140814231731/http://www.matrixssl.org/docs.html ↩
"MatrixSSL Release Notes". GitHub. https://github.com/matrixssl/matrixssl/blob/master/doc/CHANGES.txt ↩