PolarSSL library - Crypto and SSL made easy

  •        1750

Download PolarSSL PolarSSL is an SSL library written in ANSI C. PolarSSL makes it easy for developers to include cryptographic and SSL/TLS capabilities in their (embedded) products with as little hassle as possible. It is designed to be readable, documented, tested, loosely coupled and portable. It supports Symmetric encryption algorithms, hash algorithms, RSA with PKCS and X.509 certificate, SSL and TLS.




Related Projects

Cryptlib - provides Encryption and Authentication Service

cryptlib is a powerful security toolkit that allows even inexperienced crypto programmers to easily add encryption and authentication services to their software. It provides support for S/MIME and PGP/OpenPGP secure enveloping, SSL/TLS and SSH secure sessions, CA services such as CMP, SCEP, RTCS, and OCSP, and other security operations such as secure timestamping.

Nogotofail - Network Security Testing Tool

Nogotofail is a network security testing tool designed to help developers and security researchers spot and fix weak TLS/SSL connections and sensitive cleartext traffic on devices and applications in a flexible, scalable, powerful way. It includes testing for common SSL certificate verification issues, HTTPS and TLS/SSL library bugs, SSL and STARTTLS stripping issues, cleartext issues, and more.

SSL-TLS-clientserver - SSL/TLS client server examples using libssl and polarssl

SSL/TLS client server examples using libssl and polarssl

ghostunnel - A simple SSL/TLS proxy with mutual authentication for securing non-TLS services

Ghostunnel is a simple TLS proxy with mutual authentication support for securing non-TLS backend applications.Ghostunnel supports two modes, client mode and server mode. Ghostunnel in server mode runs in front of a backend server and accepts TLS-secured connections, which are then proxied to the (insecure) backend. A backend can be a TCP domain/port or a UNIX domain socket. Ghostunnel in client mode accepts (insecure) connections through a TCP or UNIX domain socket and proxies them to a TLS-secured service. In other words, ghostunnel is a replacement for stunnel.

Ejbca - PKI Certificate Authority software

EJBCA is an enterprise class PKI Certificate Authority software. It supports SSL/TLS, Smart card logon to Windows and/or Linux, Signing and encrypting email (SMIME), Mobile PKI, Secure mobile networks and lot more.

certstrap - Tools to bootstrap CAs, certificate requests, and signed certificates.

A simple certificate manager written in Go, to bootstrap your own certificate authority and public key infrastructure. Adapted from etcd-ca.certstrap is a very convenient app if you don't feel like dealing with openssl, its myriad of options or config files.

certigo - A utility to examine and validate certificates in a variety of formats

Certigo is a utility to examine and validate certificates to help with debugging SSL/TLS issues.Supports all common file formats: Certigo can read and dump certificates in various formats. It can automatically detect and read from X.509 (DER/PEM), JCEKS, PKCS7 and PKCS12 files. Certificates can be dumped to a human-readable format, a set of PEM blocks, or a JSON object for use in scripting.

lemur - Repository for the Lemur Certificate Manager

Lemur manages TLS certificate creation. While not able to issue certificates itself, Lemur acts as a broker between CAs and environments providing a central portal for developers to issue TLS certificates with 'sane' defaults.It works on CPython 3.5. We deploy on Ubuntu and develop on OS X.

tls-example - Golang crypto/tls example. x509 certificate create and sign.

Golang crypto/tls example. x509 certificate create and sign.


Use PolarSSL in your Rubies. Ruby wrapper for the PolarSSL cryptographic and SSL/TLS library.

s2n - an implementation of the TLS/SSL protocols from Amazon

s2n is a C99 implementation of the TLS/SSL protocols that is designed to be simple, small, fast, and with security as a priority. s2n implements SSLv3, TLS1.0, TLS1.1, and TLS1.2. For encryption, s2n supports 128-bit and 256-bit AES, in the CBC and GCM modes, 3DES, and RC4. For forward secrecy, s2n supports both DHE and ECDHE.

OpenSSL - Toolkit for SSL and TLS

The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.

acme - :lock: acmetool, an automatic certificate acquisition tool for ACME (Let's Encrypt)

acmetool is an easy-to-use command line tool for automatically acquiring certificates from ACME servers (such as Let's Encrypt). Designed to flexibly integrate into your webserver setup to enable automatic verification. Unlike the official Let's Encrypt client, this doesn't modify your web server configuration.You can perform verifications using port 80 or 443 (if you don't yet have a server running on one of them); via webroot; by configuring your webserver to proxy requests for /.well-known/acme-challenge/ to a special port (402) which acmetool can listen on; or by configuring your webserver not to listen on port 80, and instead running acmetool's built in HTTPS redirector (and challenge responder) on port 80. This is useful if all you want to do with port 80 is redirect people to port 443.

tlspretense - A test framework for testing SSL/TLS client certificate validation.

A test framework for testing SSL/TLS client certificate validation.

EasyCert - EasyCert quickly generates web server TLS certificates that have been self-signed by a private certificate authority that it also creates

Use EasyCert to easily generate webserver certificates against a private certificate authority that is also generated by this tool. Why would you want to use this? This should only be used within company networks, never public facing. You would use this to implement your own TLS connections where you are dealing in a test environment where the security doesn't really matter. This is more about making sure things work across https correctly. In other words, when you are working on anything production-level you'd want to acquire a genuine certificate from a trusted certificate authority and probably pay for it or better yet use LetsEncrypt.This has been tested and run on OSX which is comes pre-installed with openssl, that is all you need.

TLS - Transport Layer Security protocol implementation in Python

Transport Layer Security (TLS) is a cryptographic protocol designed to provide communication security over the Internet. This is an open source Python implementation of TLS 1.2, using the Python Cryptographic Authority's (PyCA's) Cryptography libraries for all cryptographic primitives (e.g. AES, RSA, etc.). This project is part of PyCA's efforts to standardize and improve crypto libraries in Python.


PolarSSL-for-iOS is a light-weight open source cryptographic and SSL/TLS library for using with iOS.

KeyBox - Web-based SSH console that centrally manages administrative access to systems

KeyBox is an open-source web-based SSH console that centrally manages administrative access to systems. Web-based administration is combined with management and distribution of user's public SSH keys. Key management and administration is based on profiles assigned to defined users. KeyBox layers TLS/SSL on top of SSH and acts as a bastion host for administration. Protocols are stacked (TLS/SSL + SSH) so infrastructure cannot be exposed through tunneling / port forwarding.

clinker - SSL and TLS security checker for Firefox

SSL and TLS security checker for Firefox