SSL/TLS library side by side comparison
Brian stumbled on this side by side comparison of SSL/TLS libraries and gave his review of it:
So in summary of what code bases I find usable from a licensing prospective:
TropicSSL and axTLS are clear winners in terms of the license
CyaSSL and PolarSSL are GPL V2 + FLOSS which is less desirableNext I looked at the code bases.
CyaSSL looks the most complex, and that is born out in terms of the code size (27kLOC). Meanwhile PolarSSL/TopicSSL and axTLS come in at less than half of that with 12-14kLOC.
In terms of file/module organization TropicSSL/XySSL/PolarSSL looks a bit better than axTLS at least at first glance.
I conclude that if I want to have the most robust SSL/TSL I should look to port CyaSSL. If I want the freest SSL I should adopt axTLS or TropicSSL/XySSL. axTLS is still maintained by the original author while XySSL is not.
Via the forum.
This entry was posted in code and tagged comparison, SSL/TSL library, wiki article.
Comments
SChannel i guess S is for “secure”… or maybe for “strict”.
Isn’t the title wrong – it should be SSL/TLS (Transport Layer Security) – or am I missing something?
updated, thanks!
You may wish to fix the tag also. Sorry you propagated my character inversion! Pretty typical error for me… :-/
I was confused for a minute until I read the linked forum post where Brian states that this is from the point of view of embedded systems. OpenSSL is taken out of consideration despite being BSD licensed because it only supports the big platforms like Windows, Linux etc…
Yep. That is why. If you have the memory that probably is the clear choice to use, but it is quite large (10x the size of the smallest ones).
nice post!
This is missing a columnt: BEAST vulnerability!