PolarSSL

From Wikipedia, the free encyclopedia
Jump to: navigation, search
PolarSSL
Developer(s) Paul Bakker
Stable release

1.3.8 (July 11, 2014; 3 months ago (2014-07-11) [1]) [±]

1.2.11 (July 11, 2014; 3 months ago (2014-07-11) [1]) [±]
Preview release 1.3.8 (July 11, 2014; 3 months ago (2014-07-11) [2]) [±]
Written in C
Operating system Multi-platform
Type Security library
License GPLv2 or proprietary
Website https://polarssl.org/

The PolarSSL SSL library is a dual licensed (GPLv2 or proprietary) implementation of the SSL and TLS protocols and the respective cryptographic algorithms and support code required. Stated on the website is that PolarSSL aims to be "easy to understand, use, integrate and expand".

History[edit]

The PolarSSL SSL library is the official continuation fork of the XySSL SSL library. XySSL was created by the French "white hat hacker" Christophe Devine and was first released on November 1, 2006 under GPL and BSD licenses. In 2008 Christophe Devine was no longer able to support XySSL and allowed Paul Bakker to create the official fork, named PolarSSL.[3]

In 2011 the Dutch government approved an integration between OpenVPN and PolarSSL, which is named OpenVPN-NL. This version of OpenVPN has been approved for use in protecting government communications up to the level of Restricted.[4]

Library[edit]

The core SSL library is written in the C programming language and implements the SSL module, the basic cryptographic functions and provides various utility functions. Unlike OpenSSL and other implementations of TLS, PolarSSL is designed to fit on small embedded devices, with the minimum complete TLS stack requiring under 60KB of program space and under 64KB of RAM. It is also highly modular: each component, such as a cryptographic function, can be used independently from the rest of the framework. Versions are also available for Microsoft Windows and Linux. Because PolarSSL is written in the C programming language, without external dependencies, it works on most operating systems and architectures without any trouble.

Later versions of the SSL library (> PolarSSL 1.3.0) add abstraction layers for memory allocation and threading to the core "to support better integration with existing embedded operating systems".[5]

Design priorities[edit]

The PolarSSL library expresses a focus on readability of the code, documentation, automated regression tests, a loosely coupled design and portable code.[6]

Development Documentation[edit]

The following documentation is available for developers:

  • High Level Design;[7] This document provides a high level description of the different modules inside the library, with UML diagrams, use cases and interactions in common scenarios.
  • API documentation;[8] The API documentation is Doxygen-generated documentation from the header files of the library.
  • Source code documentation;[9] The source code of the library is documented to clarify structures, decisions and code constructs.

Automated Testing[edit]

PolarSSL provides automated testing of the code and of PolarSSL's compatibility as follows:

  • A test framework is included with the source code that contains over 5000 automated tests (based on the number of tests in version 1.3.2 of the library) to test for regressions and compatibility on different platforms.
  • A continuous integration system based on Buildbot[10]
  • A compatibility script (compat.sh[11]) that tests compatibility of SSL communication with OpenSSL.

Use[edit]

PolarSSL is used as the SSL component in large open source projects:

Platforms[edit]

PolarSSL is currently available for most Operating Systems including Linux, Microsoft Windows, OS X, OpenWrt, Android, iOS and FreeRTOS. Chipsets supported at least include ARM, x86, PowerPC, MIPS.

Major version releases[edit]

  • PolarSSL 1.2.10 was released on October 7, 2013
  • PolarSSL 1.3.0 was released on October 1, 2013
  • PolarSSL 1.2.6 was released on March 15, 2013
  • PolarSSL 1.2.5 was released on February 2, 2013
  • PolarSSL 1.2.0 was released on October 31, 2012
  • PolarSSL 1.1.4 was released on May 31, 2012
  • PolarSSL 1.1.0 was released on December 22, 2011
  • PolarSSL 1.0.0 was released on August 9, 2011
  • PolarSSL 0.14.0 was released on August 16, 2010
  • PolarSSL 0.13.1 was released on March 24, 2010
  • PolarSSL 0.12.1 was released on October 4, 2009
  • PolarSSL 0.12.0 was released on July 28, 2009
  • PolarSSL 0.11.0 was released on May 3, 2009

Algorithms[edit]

PolarSSL supports a number of different cryptographic algorithms:

Ciphers
AES, Camellia, DES, RC4, RC5, Triple DES, XTEA, Blowfish
Cryptographic hash functions
MD5, MD2, MD4, SHA-1, SHA-2
Public-key cryptography
RSA, Diffie-Hellman key exchange, Elliptic curve cryptography (ECC), Elliptic curve Diffie–Hellman (ECDH), Elliptic Curve DSA (ECDSA)

See also[edit]

References[edit]

  1. ^ a b "Download overview - PolarSSL". 2014-07-11. Retrieved 2014-07-13. 
  2. ^ "Download overview - PolarSSL". 2014-07-11. Retrieved 2014-07-13. 
  3. ^ "About us". PolarSSL. Retrieved 2014-05-08. 
  4. ^ [1][dead link]
  5. ^ "New features in PolarSSL 1.3.0 - Tech Updates". Polarssl.org. Retrieved 2014-05-08. 
  6. ^ "PolarSSL Features: easy to use SSL library and well-documented". Polarssl.org. Retrieved 2014-05-08. 
  7. ^ "PolarSSL High Level Design". Polarssl.org. Retrieved 2014-05-08. 
  8. ^ "v1.3.6 source code documentation - API Documentation". PolarSSL. Retrieved 2014-05-08. 
  9. ^ "polarssl/polarssl ¡ GitHub". Github.com. Retrieved 2014-05-08. 
  10. ^ "PolarSSL Core Features: Check out all technical details". Polarssl.org. Retrieved 2014-05-08. 
  11. ^ executable file 1038 lines (940 sloc) 39.573 kb (2014-02-13). "polarssl/tests/compat.sh at development · polarssl/polarssl · GitHub". Github.com. Retrieved 2014-05-08. 

External links[edit]