axTLS Embedded SSL

What is it?

The axTLS embedded SSL project is a highly configurable client/server TLSv1.2 library designed for platforms with small memory requirements. It comes with a small HTTP/HTTPS server and additional test tools.

Download

	Latest version
	A Win32 demo to show some basic functionality. Run as below.

To run it

	Go to the axTLS directory and type "make". Select the appropriate OS and then run it (as superuser, from the _stage directory) with:
	./axhttpd
	Point your browser at https://127.0.0.1 (or whatever your server name is).
	You will be asked to accept the axTLS certificate (press ok).
	You can access the same pages using normal HTTP on http://127.0.0.1.
	On the demo you can run the axssl server followed by the axssl client. Type a few characters into the client and see them appear on the server (on Linux/Unix you can type characters from the server and see them on the client).

See the README for notes, changes and errata.

Some countries have export restrictions on cryptography software. Check here for details.

Features

	A very small footprint (around 50-60kB for the library in 'server only' mode).
	Supports TLSv1.2/1.1/1.0
	Session resumption for high SSL performance.
	AES128/AES256 for high quality encryption.
	SHA256/SHA384/SHA512 for high quality digests.
	Portable across many systems (written in ANSI C). Tested on Linux/Win32/Cygwin.
	Variable RSA key sizes (512-4096 bits have been tested).
	A very simple API - ~20 functions in C and no structures.
	Peer client/server verification, certificate chaining, session renegotiation.
	X509v1, PKCS#8, PKCS#12 keys/certificates in DER/PEM format,
	Highly configurable compile-time options (using BusyBox-like config tool)
	Partial openssl compatibility.
	Interfaces for C#, VB.NET, Java, Perl and Lua.
	It's free! (BSD style licensing)

Not supported

	SSLv2 or SSLv3.
	Anonymous or Ephemeral DH.
	DSA or ECC.
	DES/3DES/RC4 ciphers.
	Key generation (however certificate generation is supported).