SSL / TLS Client and Server
mbed TLS offers client-side and server-side API support all current SSL and TLS standards: SSL version 3, TLS version 1.0, TLS version 1.1 and TLS version 1.2 support.
Non-standard extension supported include:
- SSL Session Tickets (RFC 5077)
- Server Name Indication (SNI) (RFC 6066)
- Truncated HMAC (RFC 6066)
- Max Fragment Length (RFC 6066)
- Secure Renegotiation (RFC 5746)
- Application Layer Protocol Negotiation (ALPN) (Draft RFC)
The following key-exchange methods are support with SSL / TLS:
- RSA (RSA) key exchange
- RSA with Ephemeral Diffie Hellman (DHE-RSA) key exchange
- RSA with Elliptic Curve Ephemeral Diffie Hellman (ECDHE-RSA) key exchange
- RSA with Elliptic Curve Diffie Hellman (ECDH-RSA) key exchange
- ECDSA with Elliptic Curve Ephemeral Diffie Hellman (ECDHE-ECDSA) key exchange
- ECDSA with Elliptic Curve Diffie Hellman (ECDH-ECDSA) key exchange
- Pre Shared Key (PSK) key exchange
- Pre Shared Key with Diffie Hellman (DHE-PSK) key exchange
- Pre Shared Key with Elliptic Curve Ephemeral Diffie Hellman (ECDHE-PSK) key exchange
- Pre Shared Key with RSA (RSA-PSK) key exchange
mbed TLS also provides compliance with NSA Suite B, if you want.
Check out the supported SSL / TLS ciphersuites.
All cryptographic algorithms are implemented as loosely-coupled modules. You can just take the appropriate header files and source code files and drop them in your project.
- Symmetric encryption algorithms
- The symmetric algorithm included are among the most-used on the web:
AES, Blowfish, Triple-DES (3DES), DES, ARC4, Camellia, XTEA
- Modes of operation
- Electronic Codebook Mode (ECB), Cipher Block Chaining Mode (CBC), Cipher Feedback Mode (CFB), Counter Mode (CTR), Gallois Counter Mode (GCM), Counter Mode with CBC-MAC (CCM)
- Hash algorithms
- MD2, MD4, MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, RIPEMD-160
- RSA / PKCS#1
- mbed TLS has its own big number library for its RSA implementation and supports both PKCS#1 v1.5 (RSAES-PKCS1-v1_5 and RSASSA-PKCS1-v1_5) and PKCS#1 v2.1 (RSAES-OAEP and RSASSA-PSS) padding
- Diffie Hellman / PKCS#3
- mbed TLS provides an implementation for Diffie Hellman
- Elliptic Curve Cryptography (ECC)
- mbed TLS has its own big number library for its ECC implementation and supports both Elliptic Curve Ephemeral Diffie Hellman (ECDHE) and ECDSA. The following standardized curves / ECP groups are supported:
- secp192r1 - 192-bits NIST curve
- secp224r1 - 224-bits NIST curve
- secp256r1 - 256-bits NIST curve
- secp384r1 - 384-bits NIST curve
- secp521r1 - 521-bits NIST curve
- secp192k1 - 192-bits Koblitz curve
- secp224k1 - 224-bits Koblitz curve
- secp256k1 - 256-bits Koblitz curve
- bp256r1 - 256-bits Brainpool curve
- bp384r1 - 384-bits Brainpool curve
- bp512r1 - 512-bits Brainpool curve
- m255 - 255-bits Curve25519
- Random number generation
- We provide the NIST standardized CTR_DRBG and HMAC_DRBG random number generators
SSL relies on a number of underlying technologies.
mbed TLS supports:
- X.509 certificate and CRL reading from memory or disk in PEM and DER formats
- RSA and ECC private and public key reading from memory or disk in PEM and DER formats for:
- PKCS#1 private key format (
-----BEGIN RSA PRIVATE KEY-----)
- PKCS#8 public key format (
-----BEGIN PUBLIC KEY-----)
- PKCS#8 unencrypted private key format (
-----BEGIN PRIVATE KEY-----)
- PKCS#8 encrypted private key format (
-----BEGIN ENCRYPTED PRIVATE KEY-----)
- X.509 certificate and CSR (PKCS #10) writing in PEM and DER formats
- RSA private and public key writing in PEM and DER formats
- ECC private and public key writing in PEM and DER formats
- Support for PKCS#11 interfacing, using the OpenSC PKCS#11 helper library
- Support for PKCS#12 Password based encryption and derivation functions
- ASN.1 parsing and simple writing
- Base-64 decoding and encoding
- A generic cipher layer
- A generic hashing layer
- A generic public-key layer
- A generic platform layer for memory allocation and printf() abstraction
- A generic threading layer
Ensuring code quality
You want to use high-quality code that is bug-free. So do we! In order to ensure that we have implemented measures to uphold our code quality.
We use a continuous integration system using buildbot that checks all committed code on an ever increasing set of operating systems and chipsets.
Our in-source testing framework rigorously tests individual functions and units against known values. We have over 6600 validation, regression and code coverage tests to do our basic testing.
Because most of the world uses OpenSSL as a basis, we think it's no more that logical to ensure compatibility. We automatically check our library against OpenSSL for compliance. In addition we test against GnuTLS and we test SSL options, resumptions and extensions for correctness.
mbed TLS functionality is mostly designed around existing standards and specifications. We aim to be fully standard-compliant. Of course there are places where we have to support custom ways of doing things. Microsoft Windows and OpenSSL occasionally do things their own way :(
You can review our current status on standard compliance to get more details!