This package includes the SharkSSL lite library and header files.
Dependents: WebSocket-Client-Example SharkMQ-LED-Demo
SharkSSL-Lite
Description: SharkSSL is an SSL v3.0 TLS v1.0/1.1/1.2 implementation of the TLS and SSL protocol standard. With its array of compile-time options and Raycrypto proprietary cryptographic algorithms, SharkSSL can be fine-tuned to a footprint that occupies less than 20 kB, while maintaining full x.509 authentication. The SharkSSL-Lite download includes a subset of SharkSSL and header files made for use in non-commercial and for evaluation purposes.
Features
- SSL|TLS v1.2
- Size: 21kB
- Encryption: Elliptic Curve Cryptography (ECC) | ChaCha20/Poly1305
- SharkSSL Online Documentation
- SMQ (Simple Message Queues) Client and SMQ Documentation
- Secure WebSocket Client
- Secure MQTT Client
Examples
- SharkMQ LED Demo: Secure control of LEDs on your mbed board using a browser.
- WebSocket Client: Connect to ELIZA the Psychotherapist
Limitations
SharkSSL-Lite includes a limited set of ciphers. To use SharkSSL-Lite, the peer side must support Elliptic Curve Cryptography (ECC) and you must use ECC certificates. The peer side must also support the new ChaCha20/Poly1305 cipher combination.
ChaCha20 and Poly1305 for TLS is published RFC 7905. The development of this new cipher was a response to many attacks discovered against other widely used TLS cipher suites. ChaCha20 is the cipher and Poly1305 is an authenticated encryption mode.
SharkSSL-Lite occupies less than 20kB, while maintaining full x.509 authentication. The ChaCha20/Poly1305 cipher software implementation is equally as fast as many hardware accelerated AES engines.
Creating ECC Certificates for SharkSSL-Lite
The following video shows how to create an Elliptic Curve Cryptography (ECC) certificate for a server, how to install the certificate in the server, and how to make the mbed clients connecting to the server trust this certificate. The server in this video is installed on a private/personal computer on a private network for test purposes. The video was produced for the embedded.com article How to run your own secure IoT cloud server.
README.txt@0:e0adec41ad6b, 2016-04-06 (annotated)
- Committer:
- wini
- Date:
- Wed Apr 06 00:46:36 2016 +0000
- Revision:
- 0:e0adec41ad6b
SharkSSL-Lite V1.0 for mbed
Who changed what in which revision?
User | Revision | Line number | New contents of line |
---|---|---|---|
wini | 0:e0adec41ad6b | 1 | |
wini | 0:e0adec41ad6b | 2 | This package includes the SharkSSL lite library and header files. |
wini | 0:e0adec41ad6b | 3 | |
wini | 0:e0adec41ad6b | 4 | Online documentation: https://realtimelogic.com/ba/doc/en/C/shark/ |
wini | 0:e0adec41ad6b | 5 | |
wini | 0:e0adec41ad6b | 6 | The pre-compiled SharkSSL library is compiled with ECC, |
wini | 0:e0adec41ad6b | 7 | ChaCha20/Poly1305, and includes the following additional features: |
wini | 0:e0adec41ad6b | 8 | |
wini | 0:e0adec41ad6b | 9 | SharkMQ (secure pub/sub protocol optimized for IoT): |
wini | 0:e0adec41ad6b | 10 | https://realtimelogic.com/products/simplemq/ |
wini | 0:e0adec41ad6b | 11 | https://realtimelogic.com/ba/doc/?url=SMQ.html |
wini | 0:e0adec41ad6b | 12 | |
wini | 0:e0adec41ad6b | 13 | Secure WebSocket client library: |
wini | 0:e0adec41ad6b | 14 | https://realtimelogic.com/products/sharkssl/websocket-client/ |
wini | 0:e0adec41ad6b | 15 | |
wini | 0:e0adec41ad6b | 16 | SharkMQTT (Secure MQTT client library): |
wini | 0:e0adec41ad6b | 17 | https://realtimelogic.com/products/sharkmqtt/ |