Menu
I have looked around for good SSL/TLS libraries that support TLS 1.2
I also want to use this library on an embedded platform so it should be small, easy, secure and free. It should be a c/c++ library.
So far i have come across Cyassl, Polarssl Matrixssl a lot so i think that one of these should be a good choice (Openssl is way too big).
Now i would like to know why people use one over the other.
Thanks
241
An SSL Library is a programming library that secures communications. SSL is a standard way of establishing communication between two devices over a network where others could be “listening in” on the conversation. After establishing the secure link, the SSL library will encrypt the communications.
wolfSSL Provider for OpenSSL - wolfSSL has developed an OpenSSL 3.0 provider, allowing you to use the latest version of OpenSSL backed by our FIPS-certified wolfCrypt library.
Transport Layer Security (TLS) is the successor protocol to SSL. TLS is an improved version of SSL. It works in much the same way as the SSL, using encryption to protect the transfer of data and information. The two terms are often used interchangeably in the industry although SSL is still widely used.
Ok.. Just for starters they all do the same. All three can run on embedded platforms. The difference is where their focus is.
From my personal experience:
PolarSSL has loads of documentation, an understandable API, examples, and gives you the ability to actually delve into the code and understand what is happening. In my experience this is a great plus in case you need to debug a specific issue. They only provide Makefile / CMake / MSVC project files, so the task to include it in your embedded environment is yours.
Cyassl's code is harder to understand and tweak. But they have more pre-made Makefiles for specific development platforms. Depending on your environment this might weigh in (for me it rarely does). In a number of comparisons I did as a subcontractor, they are pricier than PolarSSL though.
Pick MatrixSSL if you don't have budget constraints ;) Definitely the priciest of all and I found no specific reasons to actually use it though in comparison to the alternatives..
With the whole NSA / PRISM thing around: If you want something specifically built in the US, then Cyassl is the best choice. If you want something non-US, PolarSSL is the only sane choice.
So if by free you mean: I'm going to use it in an Open Source project, then price does not matter. The verdict from the community: PolarSSL has good adoption in OpenVPN, Cyassl in MySQL.
52
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
