MatrixSSL

MatrixSSL is an open-source TLS/SSL implementation designed for custom applications in embedded hardware environments.

The MatrixSSL library contains a full cryptographic software module that includes industry-standard public key and symmetric key algorithms. It is now called the Inside Secure TLS Toolkit.

Features
Features:
 * Protocol versions
 * SSL 3.0
 * TLS 1.0
 * TLS 1.1
 * TLS 1.2
 * TLS 1.3
 * DTLS 1.0
 * DTLS 1.2
 * Public key algorithms
 * RSA
 * Elliptic curve cryptography
 * Diffie–Hellman
 * Symmetric key algorithms
 * AES
 * AES-GCM
 * Triple DES
 * ChaCha
 * ARC4
 * SEED
 * Supported cipher suites
 * TLS_AES_128_GCM_SHA256 (TLS 1.3)
 * TLS_AES_256_GCM_SHA384 (TLS 1.3)
 * TLS_CHACHA20_POLY1305_SHA256 (TLS 1.3)
 * TLS_DHE_RSA_WITH_AES_128_CBC_SHA
 * TLS_DHE_RSA_WITH_AES_256_CBC_SHA
 * TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
 * TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
 * SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
 * TLS_RSA_WITH_SEED_CBC_SHA
 * TLS_DHE_PSK_WITH_AES_128_CBC_SHA
 * TLS_DHE_PSK_WITH_AES_256_CBC_SHA
 * TLS_PSK_WITH_AES_128_CBC_SHA
 * TLS_PSK_WITH_AES_256_CBC_SHA
 * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
 * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
 * TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
 * TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
 * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
 * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
 * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
 * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA256
 * TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
 * TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
 * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
 * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
 * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
 * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
 * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
 * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
 * TLS_RSA_WITH_AES_128_CBC_SHA
 * TLS_RSA_WITH_AES_256_CBC_SHA
 * TLS_RSA_WITH_AES_128_CBC_SHA256
 * TLS_RSA_WITH_AES_256_CBC_SHA256
 * TLS_RSA_WITH_AES_128_GCM_SHA256
 * TLS_RSA_WITH_AES_256_GCM_SHA384
 * SSL_RSA_WITH_3DES_EDE_CBC_SHA
 * SSL_RSA_WITH_RC4_128_SHA
 * SSL_RSA_WITH_RC4_128_MD5
 * TLS_DH_anon_WITH_AES_128_CBC_SHA
 * TLS_DH_anon_WITH_AES_256_CBC_SHA
 * SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
 * SSL_DH_anon_WITH_RC4_128_MD5
 * Client authentication
 * Secure Renegotiation
 * Standard Session Resumption
 * Stateless Session Resumption
 * Transport independent
 * PKCS#1 and PKCS#8 key parsing
 * False Start
 * Max Fragment Length extension
 * Optional PKCS#11 Crypto Interface