LibTomNet [v0.01]

Thor Lancelot Simon tls at
Tue Jul 8 17:42:10 EDT 2003

On Tue, Jul 08, 2003 at 02:20:46PM -0700, Eric Murray wrote:
> For comparison purposes, I have a copy of an SSLv3/TLS client library
> I wrote in 1997.   It's 56k of (Intel Linux) code for everything
> except RSA.   That includes the ASN.1 and X.509 parser.
> Implementing the server-specific parts would add only another
> couple k.  This was done for a handheld computer but runs on
> unix as well.

I believe the Certicom library is somewhere around there in size, and
it is a pretty extensive implementation.  Costs money though. ;-)

> OpenSSL is huge because it's also a general purpose crypto lib, supports
> a bunch of hardware and a bunch of algorithms, SSLv2 (ew), old apis, 
> non-blocking, etc etc.

It's also hideously overabstracted.  That, to my mind, is why it's both
hard to use and hard to maintain.  Unfortunately, its "API" is the only
one that is in wide use on Unix systems, which means that any alternative
would probably be forced to duplicate a frightening amount of OpenSSL's
internal complexity in order to present its _external_ complexity.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list