CycloneSSL is a lightweight TLS/DTLS implementation targeted for use by embedded application developers. It provides the ability to secure communications over the Internet (e.g. IoT protocols, electronic mail, web server, file transfer, VoIP). CycloneSSL is available either as open source (GPLv2, Evaluation) or under a royalty-free commercial license.
Key Features
- Server and/or client operation
- Supports TLS 1.0, TLS 1.1, TLS 1.2 and TLS 1.3 protocols
- Supports DTLS 1.0 and DTLS 1.2 (Datagram Transport Layer Security)
- Legacy support for SSL 3.0
- Robust and efficient implementation
- Supports ECC (Elliptic Curve Cryptography)
- Rich set of TLS cipher suites (including Suite B profile)
- RSA, Diffie-Hellman and ECDH key exchange algorithms
- Compliant with BSD socket API
- Flexible memory footprint. Built-time configuration to embed only the necessary features
- Consistent application programming interface (API)
- Portable architecture (no processor dependencies)
- The library is distributed as a full ANSI C and highly maintainable source code
- Demo projects available on STM32 evaluation boards (Nucleo, Discovery, Eval)
Supported Algorithms
- ECDH key exchange based on Curve25519 (X25519) and Curve448 (X448)
- FFDHE (Finite Field Diffie-Hellman Ephemeral
- Supports PSK (Pre-Shared Key) cipher suites
- RSA signature schemes (RSASSA PKCS#1 v1.5 and RSASSA-PSS)
- DSA and ECDSA signature schemes
- EdDSA signature scheme (Ed25519 and Ed448 elliptic curves)
- Supports stream ciphers and CBC block ciphers
- Cipher Block Chaining-MAC (CCM) and Galois Counter Mode (GCM)
- ChaCha20Poly1305 Authenticated Encryption with Associated Data (AEAD)
- Supports RC4, IDEA, DES, 3DES, AES, Camellia, SEED and ARIA encryption algorithms
- Supports MD5, SHA-1, SHA-256, SHA-384 and SHA-512 hash algorithms
- Session resumption mechanism
- Session ticket mechanism
- Supports secure renegotiation
- Fallback SCSV signaling cipher suite
- SNI extension (Server Name Indication)
- Raw Public Keys (RFC 7250)
- Maximum Fragment Length extension (RFC 6066)
- Record Size Limit extension (RFC 8449)
- Application-Layer Protocol Negotiation (ALPN) extension
- Extended Master Secret extension
- ClientHello Padding extension (RFC 7685)
- (EC)DHE key establishment (TLS 1.3)
- PSK key establishment (TLS 1.3)
- PSK with (EC)DHE key establishment (TLS 1.3)
- Middlebox compatibility mode (TLS 1.3)
- Key update mechanism (TLS 1.3)
- Early data (TLS 1.3 client)
- X.509 certificates and PKIX path validation
License: Open Source (GPLv2, Evaluation) or Commercial
Supported Devices | STM32,STM32MP1,SPC5 |
Software Function | Connect |
Middleware | Cryptography, TLS, DTLS |
Deliverable | Source |
License Type | Commercial with free trial version |
Site |
Served Countries:
Worldwide