Overview Repositories Revisions Requests Users Attributes Meta

Smaller SSL/TLS

Edit Package bearssl
https://bearssl.org

BearSSL is an implementation of the SSL/TLS protocol (RFC 5246) written in C. It aims at offering the following features:

* Be correct and secure. In particular, insecure protocol versions and choices of algorithms
are not supported, by design; cryptographic algorithm implementations are constant-time
by default.

* Be small, both in RAM and code footprint. For instance, a minimal server implementation
may fit in about 20 kilobytes of compiled code and 25 kilobytes of RAM.

* Be highly portable. BearSSL targets not only “big” operating systems like Linux and
Windows, but also small embedded systems and even special contexts like bootstrap code.

* Be feature-rich and extensible. SSL/TLS has many defined cipher suites and extensions;
BearSSL should implement most of them, and allow extra algorithm implementations to be
added afterwards, possibly from third parties.

  • Sources inherited from project security
  • 1 derived packages
  • Download package
  • osc -A https://api.opensuse.org checkout home:redwil:15.4/bearssl && cd $_
  • Create Badge
Refresh
Refresh
Source Files
Filename Size Changed
bearssl-0.6.tar.gz 0000765094 747 KB
bearssl-compile_flags.patch 0000000336 336 Bytes
bearssl.changes 0000006972 6.81 KB
bearssl.spec 0000003644 3.56 KB
Revision 6 (latest revision is 7)
Luigi Baldoni's avatar Luigi Baldoni (alois) accepted request 629353 from Luigi Baldoni's avatar Luigi Baldoni (alois) (revision 6) 
- Update to version 0.6
  * Added general-purpose implementations of EAX and CCM modes
    (including shared precomputation support for EAX).
  * Added general-purpose RSA/OAEP implementation.
  * Added general-purpose HKDF implementation.
  * Added support for CCM and CCM_8 TLS cipher suites (RFC 6655
    and RFC 7251).
  * Added RSA and EC key generation.
  * Added private key encoding support (“raw” and PKCS#8
    formats, both in DER and PEM, for RSA and EC key pairs).
  * Made Base64 encoding/decoding constant-time (with regards to
    the encoded data bytes).
  * Added a generic API for random seed providers.
  * Added an extra DRBG based on AES/CTR + Hirose construction
    for reseeding.
  * Some cosmetic fixes to avoid warnings with picky compilers.
  * Makefile fix to achieve compatibility with OpenBSD.
  * Fixed a bug in bit length computation for big integers (this
    was breaking RSA signatures with some specific implementations
    and key lengths).
  * Made SSL/TLS client stricter in cipher suite selection (to
    align with server behaviour).
- Refreshed bearssl-compile_flags.patch
Comments 0
openSUSE Build Service is sponsored by
Places