RECENT POSTS
- Introduction to FreeBSD Security Best Practices
- Working with Package Management in FreeBSD
- Understanding FreeBSD Security Advisories and Updates
- Troubleshooting Common System Administration Issues in FreeBSD
- Tips for Hardening FreeBSD to achieve System Protection
- Setting Up DHCP Server in FreeBSD
- Secure User and Group Management in FreeBSD Systems
- Secure Remote Access with SSH in FreeBSD
- Optimizing System Performance in FreeBSD
- Network Packet Capture with tcpdump in FreeBSD
- All posts ...
Do you have GDPR compliance issues ?
Check out Legiscope a GDPR compliance software, that will save you weeks of work, automating your documentation, the training of your teams and all processes you need to keep your organisation compliant with privacy regulations
Bearssl
Jul 20, 2023
Implementation of TLS/SSL in C
BearSSL is an implementation of the SSL/TLS protocol RFC 5246 written in C. It aims at offering the following features
-
Be correct and secure. In particular, insecure protocol versions and choices of algorithms are not supported, by design; cryptographic algorithm implementations are constant-time by default.
-
Be small, both in RAM and code footprint. For instance, a minimal server implementation may fit in about 20 kilobytes of compiled code and 25 kilobytes of RAM.
-
Be highly portable. BearSSL targets not only “big” operating systems like Linux and Windows, but also small embedded systems and even special contexts like bootstrap code.
-
Be feature-rich and extensible. SSL/TLS has many defined cipher suites and extensions; BearSSL should implement most of them, and allow extra algorithm implementations to be added afterwards, possibly from third parties.
Checkout these related ports:
- Zzuf - Transparent application input fuzzer
- Zlint - X.509 certificate linter
- Zeronet - Decentralized websites using Bitcoin crypto and BitTorrent network
- Zenmap - GUI frontend for the Nmap scanning utility
- Zeek - System for detecting network intruders in real-time
- Zaproxy - The OWASP zed attack proxy
- Yubioath-desktop - GUI for displaying OATH codes with a Yubikey
- Yubikey-personalization-gui - Graphical YubiKey personalization tool
- Yubikey-manager-qt - Cross-platform application for configuring any YubiKey
- Yubikey-agent - Seamless ssh-agent for YubiKeys
- Yubico-piv-tool - Yubico PIV tool
- Ylva - Command line password manager and file encryption program
- Ykpers - Library and tool for personalization of Yubico's YubiKey
- Ykclient - Yubico C client library
- Yersinia - Layer 2 vulnerability scanner (switches, spanning tree, 802.1q ...)