PolarSSL is a light-weight cryptographic and SSL/TLS library written in C. PolarSSL makes it easy for developers to include cryptographic and SSL/TLS capabilities in their (embedded) applications with as little hassle as possible. Loose coupling of the components inside the library means that it is easy to separate the parts that are needed, without needing to include the total library. PolarSSL is written with embedded systems in mind and has been ported on a number of architectures, including ARM, PowerPC, MIPS, and Motorola 68000. The source is written to have very loose coupling, enabling easy integration of parts in other software projects. Very loosely coupled cryptographic algorithms for MD2, MD4, MD5, SHA1, SHA-256, SHA-512, AES, Camellia, DES, Triple DES, ARC3, and RSA are included.
1.3.812 Jul 2014 11:26
Security: Fix length checking for AEAD ciphersuites. Features: Add CCM module and cipher mode to Cipher Layer. Support for CCM and CCM_8 ciphersuites. Support for parsing and verifying RSASSA-PSS signatures in the X.509 modules (certificates, CRLs and CSRs). Blowfish in the cipher layer now supports variable length keys. Add example config.h for PSK with CCM, optimized for low RAM usage. Optimize for RAM usage in example config.h for NSA Suite B profile. Add POLARSSL_REMOVE_ARC4_CIPHERSUITES to allow removing RC4 ciphersuites from the default list (inactive by default). Add server-side enforcement of sent renegotiation requests (ssl_set_renegotiation_enforced()). Add SSL_CIPHERSUITES config.h flag to allow specifying a list of ciphersuites to use and save some memory if the list is small.