LibTomNet [v0.01]

Eric Murray ericm at
Tue Jul 8 17:20:46 EDT 2003

On Tue, Jul 08, 2003 at 04:32:41PM -0400, Thor Lancelot Simon wrote:
> I trimmed OpenSSL down to just TLSv1 and only the FIPS-140 conformant
> algorithms for a FIPS-140 conformance project at ReefEdge (and yes,


> The result was still several hundred kilobytes -- actually, I don't
> have exact numbers handy but I believe it was more than a megabyte
> in size.  OpenSSL is not the TLS implementation I would use if I had 
> any other free option that offered reasonable performance. :-(

For comparison purposes, I have a copy of an SSLv3/TLS client library
I wrote in 1997.   It's 56k of (Intel Linux) code for everything
except RSA.   That includes the ASN.1 and X.509 parser.
Implementing the server-specific parts would add only another
couple k.  This was done for a handheld computer but runs on
unix as well.

OpenSSL is huge because it's also a general purpose crypto lib, supports
a bunch of hardware and a bunch of algorithms, SSLv2 (ew), old apis, 
non-blocking, etc etc.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list