PRODUCTS

Home

Download

License

Blog

Community

Contact

About

Products

Docs

Products -> CyaSSL Embedded SSL Library

Support Forums

Supported Chipmakers

  1. CyaSSL has support for chipsets including ARM, Intel, Motorola, mbed, Freescale, Microchip (PIC32), ST (STM32F2/F4), NXP, and more


  1. If you would like to use or test CyaSSL on another chipset, let us know and we’ll be happy to support you.

CyaSSL Embedded SSL Library (wolfSSL)

Version:  2.7.0

Release Date: 06/17/2013

View ChangeLog

Platform and Language Support


CyaSSL is built for maximum portability and is generally very easy to compile on new platforms.  If your desired platform is not listed under the supported operating environments, please contact us.


CyaSSL supports the C programming language as a primary interface. It also supports several other host languages, including Java, PHP, Perl, and Python (through a swig interface). If you have interest in using CyaSSL in another programming language that it does not currently supported, please contact us.


Commercial Support


Support packages for CyaSSL are available on an annual basis directly from yaSSL.  With three different package options, you can compare them side-by-side and choose the package that best fits your specific needs.  Please see our Support Packages page for more details or contact us with any questions.


Benchmarks


For benchmarking information or data, please visit our CyaSSL Benchmark page or contact us for more information.


Special Builds


LeanPSK - we recently implemented a set of build options for CyaSSL which enable the library to be built in as little as 20kB! This build configuration requires the use of pre-shared keys (PSK). Contact us for more details about this build.


CyaSSL Training Course


Interested in getting trained by the yaSSL team on subjects related to CyaSSL and SSL/TLS?  Learn more.

  1.   CyaSSL Manual

  2.   Documentation Page

  3.   SSL Tutorial

  4.   CyaSSL Benchmarks

Documentation:

CyaSSL is dual licensed under both the GPLv2 and commercial licensing.  For more information, please see the following links.

Licensing and Ordering:

  1.   License Information

  2.   Support Packages

  3.   Contact Us

Follow us on Twitter and Facebook!

Stay up to date:

  1.   Follow us on Twitter

  2.   Like us on Facebook

Download Now

Get the latest open source GPLv2 version now!

Supported Operating Environments

  1. Win32/64, Linux, Mac OS X, Solaris, ThreadX, VxWorks, FreeBSD, NetBSD, OpenBSD, embedded Linux, WinCE, Haiku, OpenWRT, iPhone (iOS), Android, Nintendo Wii and Gamecube through DevKitPro, QNX, MontaVista, OpenCL, NonStop, TRON/ITRON/µITRON, Micrium's µC/OS, FreeRTOS, SafeRTOS, Freescale MQX, Nucleus, TinyOS, HP/UX


  1. If you would like to test CyaSSL on another environment, let us know and we’ll be happy to support you.

HIGHLIGHTS


- Up to TLS 1.2 and DTLS

  1. -Full client and server support

  2. -Progressive list of supported ciphers

  3. -Key and Certificate generation

  4. -OCSP, CRL support

  5. -Support Available

LIGHTWEIGHT


- Small Size: 20-100kB

  1. -Runtime Memory:  1-36kB

  2. -20X smaller than OpenSSL

PORTABLE


  1. -Abstraction Layers (OS, Custom I/O, Standard C library)

  2. -Simple API

  3. -OpenSSL Compatibility Layer

  4. -Long list of supported platforms

Description

The CyaSSL embedded SSL library is a lightweight SSL library written in ANSI C and targeted for embedded and RTOS environments - primarily because of its small size, speed, and feature set.  It is commonly used in standard operating environments as well because of its royalty-free pricing and excellent cross platform support.  CyaSSL supports industry standards up to the current TLS 1.2 level, is up to 20 times smaller than OpenSSL, and offers progressive ciphers such as HC-128, RABBIT, and NTRU.  User benchmarking and feedback reports dramatically better performance when using CyaSSL over OpenSSL.

Features


  1. SSL version 3.0 and TLS versions 1.0, 1.1 and 1.2 (client and server)

  2. DTLS 1.0, 1.2 support (client and server)

  3. Minimum footprint size of 20-100 kB, depending on build options and operating environment

  4. Runtime memory usage between 1-36 kB (depending on I/O buffer sizes, public key algorithm, and key size)

  5. OpenSSL compatibility layer

  6. OCSP and CRL support

  7. Multiple Hashing Functions:

            MD2, MD4, MD5, SHA-1, SHA-2, SHA-256,

            SHA-384, SHA-512, RIPEMD-160

  1. Block, Stream, and Authenticated Ciphers:

            AES (CBC, CTR, GCM, CCM), Camellia, DES,

            3DES, ARC4, RABBIT, HC-128

  1. Public Key Options: 

            RSA, DSS, DH, EDH, NTRU

  1. Password-based Key Derivation: 

            HMAC, PBKDF2, PKCS#5

  1. ECC Support

            ECDH-ECDSA, ECDHE-ECDSA, ECDH-RSA,

            ECDHE-RSA

  1. RSA Key Generation

  2. Client authentication support

  3. PSK Pre-Shared Keys

  4. Simple API

  5. Persistent session and certificate cache

  6. zlib compression support

  7. Interchangeable crypto and certificate libraries

  8. PEM and DER certificate support

  9. x509 v3 Signed Certificate Generation

  10. SNI (Server Name Indication) support

  11. Certificate Manager

  12. Intel AES-NI support

  13. STM32F2/F4 hardware crypto support

  14. Cavium NITROX support

  15. SSL Sniffer (SSL Inspection) Support

  16. IPv4 and IPv6 support

  17. Abstraction Layers

            C Standard Library, Custom I/O,

            Memory hooks, Logging callbacks

  1. PKCS #8, #5, #12 Private Key Encryption

  2. yaSSL Embedded Web Server support (see yaSSL EWS)

  3. MySQL integration

  4. Lighttpd, GoAhead, Mongoose web server support

  5. stunnel integration

Copyright 2013 wolfSSL Inc.  All rights reserved.

embedded ssl

 

Embedded SSL