MatrixSSL

MatrixSSL

Developer(s)	Rambus
Initial release	January 25, 2004 (2004-01-25)
Stable release	4.6.0[1] / 29 December 2022; 15 months ago (29 December 2022)
Repository	github.com/matrixssl/matrixssl
Written in	C
Operating system	Multi-platform
Type	Security library
License	dual GPLv2 or proprietary
Website	www.matrixssl.org

MatrixSSL is an open-source TLS/SSL implementation designed for custom applications in embedded hardware environments.^[2][3][4]

The MatrixSSL library contains a full cryptographic software module that includes industry-standard public key and symmetric key algorithms. It is now called the Inside Secure TLS Toolkit.^[5]

Features

Features:^[6]

• Protocol versions
  • SSL 3.0
  • TLS 1.0
  • TLS 1.1
  • TLS 1.2
  • TLS 1.3
  • DTLS 1.0
  • DTLS 1.2
• Public key algorithms
  • RSA
  • Elliptic curve cryptography
  • Diffie–Hellman
• Symmetric key algorithms
  • AES
  • AES-GCM
  • Triple DES
  • ChaCha
  • ARC4
  • SEED
• Supported cipher suites
  • TLS_AES_128_GCM_SHA256 (TLS 1.3)
  • TLS_AES_256_GCM_SHA384 (TLS 1.3)
  • TLS_CHACHA20_POLY1305_SHA256 (TLS 1.3)
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
  • SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
  • TLS_RSA_WITH_SEED_CBC_SHA
  • TLS_DHE_PSK_WITH_AES_128_CBC_SHA
  • TLS_DHE_PSK_WITH_AES_256_CBC_SHA
  • TLS_PSK_WITH_AES_128_CBC_SHA
  • TLS_PSK_WITH_AES_256_CBC_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA256
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
  • TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
  • TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
  • TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
  • TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
  • TLS_RSA_WITH_AES_128_CBC_SHA
  • TLS_RSA_WITH_AES_256_CBC_SHA
  • TLS_RSA_WITH_AES_128_CBC_SHA256
  • TLS_RSA_WITH_AES_256_CBC_SHA256
  • TLS_RSA_WITH_AES_128_GCM_SHA256
  • TLS_RSA_WITH_AES_256_GCM_SHA384
  • SSL_RSA_WITH_3DES_EDE_CBC_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_MD5
  • TLS_DH_anon_WITH_AES_128_CBC_SHA
  • TLS_DH_anon_WITH_AES_256_CBC_SHA
  • SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
  • SSL_DH_anon_WITH_RC4_128_MD5
• Client authentication
• Secure Renegotiation
• Standard Session Resumption
• Stateless Session Resumption
• Transport independent
• PKCS#1 and PKCS#8 key parsing
• False Start
• Max Fragment Length extension
• Optional PKCS#11 Crypto Interface

Major Releases

Version[7]	Date
4.0.0	Sep 2018
3.9.0	Mar 2017
3.8.3	Apr 2016
3.7.1	Dec 2014
3.6	Apr 2014
3.4	Jan 2013
3.3	Feb 2012
3.2	Jun 2011
3.1	Mar 2010
3.0	Aug 2009
2.2	Jan 2008
2.1	Nov 2005
1.7	Apr 2005
1.1	May 2004
1.0	Jan 2004

See also

• Comparison of TLS implementations
• GnuTLS
• wolfSSL

External links

• Official website
• Inside Secure website

References

1. "Release 4.6.0". 29 December 2022. Retrieved 18 January 2023.
2. "Evaluating PeerSec Networks' MatrixSSL on a Stellaris® Microcontroller" (PDF). Texas Instruments. 2009-06-24. Retrieved 2014-08-13.^{[permanent dead link]}
3. Eronen, Pasi (2006-11-09). "TLS Record Layer Bugs". IETF67 TLS WG. Retrieved 2014-08-13.
4. Young, Craig (2016-10-10). "Flawed MatrixSSL Code Highlights Need for Better IoT Update Practices". tripwire.com. Tripwire, Inc. Retrieved 2017-11-17.
5. "Inside Secure TLS Toolkit". Retrieved 2020-06-30.
6. "MatrixSSL Documentation". Archived from the original on 2014-08-14. Retrieved 2014-08-13.
7. "MatrixSSL Release Notes". GitHub.