Standard Compliance

Where would we be without standards?

Without standards, the Internet would be an even bigger chaos than it already is. For SSL / TLS the cryptographic building blocks, protocols and data formats are (almost) all defined in public standards.

SSL / TLS Client and Server

PolarSSL implements all current versions of the SSL and TLS protocol.

A lot of common features are specified in additional standards. PolarSSL supports the AES GCM and Camellia ciphersuites and implements extensions such as secure renegotiation and the ServerName extension commonly known as Server Name Indication (SNI).

Symmetric ciphers

PolarSSL implements the most used standard symmetric ciphers.

AES

Camellia

Blowfish

ARCFOUR (RC4)

DES / Triple-DES

XTEA

Cipher modes

Hash / Message Digest algorithms

PolarSSL implements the most used standard message digest algorithms.

SHA-2 and SHA1

MD5, MD4 and MD2

Random Generators

CTR-DRBG

HMAC-DRBG

HAVEGE

RSA and big number implementation

RSA is implemented using its own big number library.

X509 certificates, CRLs, Keys and ASN.1

X509 certificates are at the basis of most PKIs and are used in the SSL protocols to represent identities. X509 certificates are layed out in the ASN.1 standard which used the DER format to describe data.

ASN.1 and DER are described here:

Diffie-Hellman-Merkle

PKCS#5

PKCS#8

PKCS#12