CycloneSSL - Embedded TLS/DTLS Library

CycloneSSL Logo

CycloneSSL is a lightweight TLS/DTLS implementation targeted for use by embedded application developers. It provides the ability to secure communications over the Internet (e.g. IoT protocols, electronic mail, web server, file transfer, VoIP).

Features

  • Server and/or client operation
  • Supports TLS 1.0, TLS 1.1, TLS 1.2 and TLS 1.3 protocols
  • Supports DTLS 1.0 and DTLS 1.2 (Datagram Transport Layer Security)
  • Legacy support for SSL 3.0
  • Robust and efficient implementation
  • Supports ECC (Elliptic Curve Cryptography)
  • Rich set of TLS cipher suites (including Suite B profile)
  • RSA, Diffie-Hellman and ECDH key exchange algorithms
  • ECDH key exchange based on Curve25519 (X25519) and Curve448 (X448)
  • FFDHE (Finite Field Diffie-Hellman Ephemeral
  • Supports PSK (Pre-Shared Key) cipher suites
  • RSA signature schemes (RSASSA PKCS#1 v1.5 and RSASSA-PSS)
  • DSA and ECDSA signature schemes
  • EdDSA signature scheme (Ed25519 and Ed448 elliptic curves)
  • Supports stream ciphers and CBC block ciphers
  • Cipher Block Chaining-MAC (CCM) and Galois Counter Mode (GCM)
  • ChaCha20Poly1305 Authenticated Encryption with Associated Data (AEAD)
  • Supports RC4, IDEA, DES, 3DES, AES, Camellia, SEED and ARIA encryption algorithms
  • Supports MD5, SHA-1, SHA-256, SHA-384 and SHA-512 hash algorithms
  • Session resumption mechanism
  • Supports secure renegotiation
  • Fallback SCSV signaling cipher suite
  • SNI extension (Server Name Indication)
  • Maximum Fragment Length extension (RFC 6066)
  • Record Size Limit extension (RFC 8449)
  • ALPN extension (Application-Layer Protocol Negotiation)
  • Extended Master Secret extension
  • ClientHello Padding extension
  • Session ticket mechanism (TLS 1.3)
  • (EC)DHE key establishment (TLS 1.3)
  • PSK key establishment (TLS 1.3)
  • PSK with (EC)DHE key establishment (TLS 1.3)
  • Middlebox compatibility mode (TLS 1.3)
  • Key update mechanism (TLS 1.3)
  • Early data (TLS 1.3 client)
  • Supports X.509 certificates as well as Raw Public Keys (RPK)
  • PKIX path validation
  • Compliant with BSD socket API
  • Flexible memory footprint. Built-time configuration to embed only the necessary features
  • Consistent application programming interface (API)
  • Portable architecture (no processor dependencies)

Supported Devices

CycloneSSL supports the following 32-bit architectures
  • ARM7
  • ARM9
  • Cortex-M3
  • Cortex-M4
  • Cortex-M7
  • Cortex-R4
  • Cortex-A5
  • Cortex-A8
  • Cortex-A9
  • RISC-V
  • APS1 / APS3 / APS3R / APS5 / FPS6
  • AVR32
  • Coldfire V2
  • PIC32
  • PowerPC e200
  • RX600
  • Xtensa LX6

Supported Cipher Suites

CycloneSSL implements all the necessary cryptographic features to make your application safe and secure.
  • (†) denotes insecure cipher suites
  • (w) denotes weak cipher suites

TLS 1.3 cipher suites

  • TLS_AES_128_GCM_SHA256
  • TLS_AES_256_GCM_SHA384
  • TLS_AES_128_CCM_SHA256
  • TLS_AES_128_CCM_8_SHA256
  • TLS_CHACHA20_POLY1305_SHA256

TLS 1.3 cipher suites

  • TLS_RSA_WITH_RC4_128_MD5 (†)
  • TLS_RSA_WITH_RC4_128_SHA (†)
  • TLS_RSA_WITH_IDEA_CBC_SHA (†)
  • TLS_RSA_WITH_DES_CBC_SHA (†)
  • TLS_RSA_WITH_3DES_EDE_CBC_SHA (w)
  • TLS_RSA_WITH_AES_128_CBC_SHA (w)
  • TLS_RSA_WITH_AES_256_CBC_SHA (w)
  • TLS_RSA_WITH_AES_128_CBC_SHA256
  • TLS_RSA_WITH_AES_256_CBC_SHA256
  • TLS_RSA_WITH_AES_128_GCM_SHA256
  • TLS_RSA_WITH_AES_256_GCM_SHA384
  • TLS_RSA_WITH_AES_128_CCM
  • TLS_RSA_WITH_AES_256_CCM
  • TLS_RSA_WITH_AES_128_CCM_8
  • TLS_RSA_WITH_AES_256_CCM_8
  • TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (w)
  • TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (w)
  • TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
  • TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
  • TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
  • TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
  • TLS_RSA_WITH_SEED_CBC_SHA (w)
  • TLS_RSA_WITH_ARIA_128_CBC_SHA256
  • TLS_RSA_WITH_ARIA_256_CBC_SHA384
  • TLS_RSA_WITH_ARIA_128_GCM_SHA256
  • TLS_RSA_WITH_ARIA_256_GCM_SHA384
  • TLS_RSA_WITH_NULL_MD5 (†)
  • TLS_RSA_WITH_NULL_SHA (†)
  • TLS_RSA_WITH_NULL_SHA256 (†)

DHE_RSA cipher suites

  • TLS_DHE_RSA_WITH_DES_CBC_SHA (†)
  • TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (w)
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA (w)
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA (w)
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
  • TLS_DHE_RSA_WITH_AES_128_CCM
  • TLS_DHE_RSA_WITH_AES_256_CCM
  • TLS_DHE_RSA_WITH_AES_128_CCM_8
  • TLS_DHE_RSA_WITH_AES_256_CCM_8
  • TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (w)
  • TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (w)
  • TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
  • TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
  • TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
  • TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
  • TLS_DHE_RSA_WITH_SEED_CBC_SHA (w)
  • TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256
  • TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384
  • TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256
  • TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384
  • TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256

DHE_DSS cipher suites

  • TLS_DHE_DSS_WITH_DES_CBC_SHA (†)
  • TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (w)
  • TLS_DHE_DSS_WITH_AES_128_CBC_SHA (w)
  • TLS_DHE_DSS_WITH_AES_256_CBC_SHA (w)
  • TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
  • TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
  • TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
  • TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
  • TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA (w)
  • TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA (w)
  • TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256
  • TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256
  • TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256
  • TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384
  • TLS_DHE_DSS_WITH_SEED_CBC_SHA (w)
  • TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256
  • TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384
  • TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256
  • TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384

ECDHE_RSA cipher suites

  • TLS_ECDHE_RSA_WITH_RC4_128_SHA (†)
  • TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (w)
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (w)
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (w)
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
  • TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
  • TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
  • TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256
  • TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384
  • TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256
  • TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
  • TLS_ECDHE_RSA_WITH_NULL_SHA (†)

ECDHE_ECDSA cipher suites

  • TLS_ECDHE_ECDSA_WITH_RC4_128_SHA (†)
  • TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA (w)
  • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (w)
  • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (w)
  • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_ECDSA_WITH_AES_128_CCM
  • TLS_ECDHE_ECDSA_WITH_AES_256_CCM
  • TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
  • TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
  • TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
  • TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
  • TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
  • TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
  • TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256
  • TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384
  • TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256
  • TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384
  • TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
  • TLS_ECDHE_ECDSA_WITH_NULL_SHA (†)

PSK cipher suites

  • TLS_PSK_WITH_RC4_128_SHA (†)
  • TLS_PSK_WITH_3DES_EDE_CBC_SHA (w)
  • TLS_PSK_WITH_AES_128_CBC_SHA (w)
  • TLS_PSK_WITH_AES_256_CBC_SHA (w)
  • TLS_PSK_WITH_AES_128_CBC_SHA256
  • TLS_PSK_WITH_AES_256_CBC_SHA384
  • TLS_PSK_WITH_AES_128_GCM_SHA256
  • TLS_PSK_WITH_AES_256_GCM_SHA384
  • TLS_PSK_WITH_AES_128_CCM
  • TLS_PSK_WITH_AES_256_CCM
  • TLS_PSK_WITH_AES_128_CCM_8
  • TLS_PSK_WITH_AES_256_CCM_8
  • TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
  • TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
  • TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
  • TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
  • TLS_PSK_WITH_ARIA_128_CBC_SHA256
  • TLS_PSK_WITH_ARIA_256_CBC_SHA384
  • TLS_PSK_WITH_ARIA_128_GCM_SHA256
  • TLS_PSK_WITH_ARIA_256_GCM_SHA384
  • TLS_PSK_WITH_CHACHA20_POLY1305_SHA256
  • TLS_PSK_WITH_NULL_SHA (†)
  • TLS_PSK_WITH_NULL_SHA256 (†)
  • TLS_PSK_WITH_NULL_SHA384 (†)

RSA_PSK cipher suites

  • TLS_RSA_PSK_WITH_RC4_128_SHA (†)
  • TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA (w)
  • TLS_RSA_PSK_WITH_AES_128_CBC_SHA (w)
  • TLS_RSA_PSK_WITH_AES_256_CBC_SHA (w)
  • TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
  • TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
  • TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
  • TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
  • TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
  • TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
  • TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
  • TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
  • TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256
  • TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384
  • TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256
  • TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384
  • TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256
  • TLS_RSA_PSK_WITH_NULL_SHA (†)
  • TLS_RSA_PSK_WITH_NULL_SHA256 (†)
  • TLS_RSA_PSK_WITH_NULL_SHA384 (†)

DHE_PSK cipher suites

  • TLS_DHE_PSK_WITH_RC4_128_SHA (†)
  • TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA (w)
  • TLS_DHE_PSK_WITH_AES_128_CBC_SHA (w)
  • TLS_DHE_PSK_WITH_AES_256_CBC_SHA (w)
  • TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
  • TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
  • TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
  • TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
  • TLS_DHE_PSK_WITH_AES_128_CCM
  • TLS_DHE_PSK_WITH_AES_256_CCM
  • TLS_DHE_PSK_WITH_AES_128_CCM_8
  • TLS_DHE_PSK_WITH_AES_256_CCM_8
  • TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
  • TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
  • TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
  • TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
  • TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256
  • TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384
  • TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256
  • TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384
  • TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256
  • TLS_DHE_PSK_WITH_NULL_SHA (†)
  • TLS_DHE_PSK_WITH_NULL_SHA256 (†)
  • TLS_DHE_PSK_WITH_NULL_SHA384 (†)

ECDHE_PSK cipher suites

  • TLS_ECDHE_PSK_WITH_RC4_128_SHA (†)
  • TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA (w)
  • TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA (w)
  • TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA (w)
  • TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
  • TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
  • TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256
  • TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256
  • TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
  • TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
  • TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256
  • TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384
  • TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256
  • TLS_ECDHE_PSK_WITH_NULL_SHA (†)
  • TLS_ECDHE_PSK_WITH_NULL_SHA256 (†)
  • TLS_ECDHE_PSK_WITH_NULL_SHA384 (†)

DH_anon cipher suites

  • TLS_DH_anon_WITH_RC4_128_MD5 (†)
  • TLS_DH_anon_WITH_DES_CBC_SHA (†)
  • TLS_DH_anon_WITH_3DES_EDE_CBC_SHA (†)
  • TLS_DH_anon_WITH_AES_128_CBC_SHA (†)
  • TLS_DH_anon_WITH_AES_256_CBC_SHA (†)
  • TLS_DH_anon_WITH_AES_128_CBC_SHA256 (†)
  • TLS_DH_anon_WITH_AES_256_CBC_SHA256 (†)
  • TLS_DH_anon_WITH_AES_128_GCM_SHA256 (†)
  • TLS_DH_anon_WITH_AES_256_GCM_SHA384 (†)
  • TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA (†)
  • TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA (†)
  • TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 (†)
  • TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 (†)
  • TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256 (†)
  • TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384 (†)
  • TLS_DH_anon_WITH_SEED_CBC_SHA (†)
  • TLS_DH_anon_WITH_ARIA_128_CBC_SHA256 (†)
  • TLS_DH_anon_WITH_ARIA_256_CBC_SHA384 (†)
  • TLS_DH_anon_WITH_ARIA_128_GCM_SHA256 (†)
  • TLS_DH_anon_WITH_ARIA_256_GCM_SHA384 (†)

ECDH_anon cipher suites

  • TLS_ECDH_anon_WITH_RC4_128_SHA (†)
  • TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA (†)
  • TLS_ECDH_anon_WITH_AES_128_CBC_SHA (†)
  • TLS_ECDH_anon_WITH_AES_256_CBC_SHA (†)
  • TLS_ECDH_anon_WITH_NULL_SHA (†)

Supported Elliptic Curves

  • Curve25519 (X25519)
  • Curve448 (X448)
  • Ed25519
  • Ed448
  • secp160k1
  • secp160r1
  • secp160r2
  • secp192k1
  • secp192r1 (NIST P-192)
  • secp224k1
  • secp224r1 (NIST P-224)
  • secp256k1
  • secp256r1 (NIST P-256)
  • secp384r1 (NIST P-384)
  • secp521r1 (NIST P-521)
  • brainpoolP256r1
  • brainpoolP384r1
  • brainpoolP512r1