Search

Comparison of TLS implementations

The Transport Layer Security (TLS) protocol provides the ability to secure communications across or inside networks. This comparison of TLS implementations compares several of the most notable libraries. There are several TLS implementations which are free software and open source.

All comparison categories use the stable version of each implementation listed in the overview section. The comparison is limited to features that directly relate to the TLS protocol.

Overview

ImplementationDeveloped byOpen sourceSoftware licenseCopyright holderWritten inLatest stable version, release dateOrigin
BotanJack LloydYesSimplified BSD LicenseJack LloydC++3.2.0 (October 9, 2023; 7 months ago (2023-10-09)[1]) [±]US (Vermont)
BoringSSLGoogleYesOpenSSL-SSLeay dual-license, ISC licenseEric Young, Tim Hudson, Sun, OpenSSL project, Google, and othersC, C++, Go, assembly??Australia/EU
Bouncy CastleThe Legion of the Bouncy Castle Inc.YesMIT LicenseLegion of the Bouncy Castle Inc.Java, C#
Java1.77 / November 13, 2023; 6 months ago (2023-11-13)[2]
Java LTSBC-LJA 2.73.5 / March 1, 2024; 2 months ago (2024-03-01)[3]
Java FIPSBC-FJA 1.0.2.4 / September 28, 2023; 7 months ago (2023-09-28)[4]
C#2.3.0 / February 5, 2024; 3 months ago (2024-02-05)[5]
C# FIPSBC-FNA 1.0.2 / February 28, 2023; 14 months ago (2023-02-28)[6]
Australia
BSAFEDell, formerly RSA SecurityNoProprietaryDellJava, C, assemblySSL-J 6.5.1 (July 10, 2023; 10 months ago (2023-07-10)[7]) [±]

SSL-J 7.2 (December 20, 2023; 5 months ago (2023-12-20)[8]) [±]
Micro Edition Suite 4.6.2 (May 2, 2023; 12 months ago (2023-05-02)[9]) [±]
Micro Edition Suite 5.0.2.1 (September 18, 2023; 8 months ago (2023-09-18)[10]) [±]

Australia
cryptlibPeter GutmannYesSleepycat License and commercial licensePeter GutmannC3.4.5 (2019; 5 years ago (2019)[11]) [±]NZ
GnuTLSGnuTLS projectYesLGPL-2.1-or-laterFree Software FoundationC3.8.5[12]  2024-04-04EU (Greece and Sweden)
Java Secure Socket Extension (JSSE)OracleYesGNU GPLv2 and commercial licenseOracleJava22.0.1 (April 19, 2024; 33 days ago (2024-04-19)) [±]

21.0.0 LTS (September 19, 2023; 8 months ago (2023-09-19)) [±]
17.0.6 LTS (February 18, 2023; 15 months ago (2023-02-18)) [±]
11.0.17 LTS (October 18, 2022; 19 months ago (2022-10-18)[13]) [±]
8u401 LTS (January 16, 2024; 4 months ago (2024-01-16)[14]) [±]

US
LibreSSLOpenBSD ProjectYesApache-1.0, BSD-4-Clause, ISC, and public domainEric Young, Tim Hudson, Sun, OpenSSL project, OpenBSD Project, and othersC, assembly3.9.2[15]  2024-05-12Canada
MatrixSSL[16]PeerSec NetworksYesGNU GPLv2+ and commercial licensePeerSec NetworksC4.2.2 (September 11, 2019; 4 years ago (2019-09-11) [17]) [±]US
Mbed TLS (previously PolarSSL)ArmYesApache License 2.0, GNU GPLv2+ and commercial licenseArm HoldingsC3.6.0[18] (28 March 2024; 55 days ago (28 March 2024)) [±]EU (Netherlands)
Network Security Services (NSS)Mozilla, AOL, Red Hat, Sun, Oracle, Google and othersYesMPL 2.0NSS contributorsC, assembly
Standard3.84 / October 12, 2022; 19 months ago (2022-10-12)[19]
Extended Support Release3.79.1 / August 18, 2022; 21 months ago (2022-08-18)[19]
US
OpenSSLOpenSSL projectYesApache-2.0[a]Eric Young, Tim Hudson, Sun, OpenSSL project, and othersC, assembly3.3.0[20]  2024-04-09Australia/EU
s2nAmazonYesApache License 2.0, GNU GPLv2+ and commercial licenseAmazon, Inc.CContinuousUS
SchannelMicrosoftNoProprietaryMicrosoft Inc.Windows 11, 2021-10-05US
Secure TransportApple Inc.YesAPSL 2.0Apple Inc.57337.20.44 (OS X 10.11.2), 2015-12-08US
wolfSSL (previously CyaSSL)wolfSSL[21]YesGNU GPLv2+ and commercial licensewolfSSL Inc.[22]C, assembly5.6.4 (October 30, 2023; 6 months ago (2023-10-30)[23]) [±]US
Erlang/OTP SSL applicationEricssonYesApache License 2.0EricssonErlangOTP-21, 2018-06-19Sweden
ImplementationDeveloped byOpen sourceSoftware licenseCopyright ownerWritten inLatest stable version, release dateOrigin

TLS/SSL protocol version support

Several versions of the TLS protocol exist. SSL 2.0 is a deprecated[24] protocol version with significant weaknesses. SSL 3.0 (1996) and TLS 1.0 (1999) are successors with two weaknesses in CBC-padding that were explained in 2001 by Serge Vaudenay.[25] TLS 1.1 (2006) fixed only one of the problems, by switching to random initialization vectors (IV) for CBC block ciphers, whereas the more problematic use of mac-pad-encrypt instead of the secure pad-mac-encrypt was addressed with RFC 7366.[26] A workaround for SSL 3.0 and TLS 1.0, roughly equivalent to random IVs from TLS 1.1, was widely adopted by many implementations in late 2011.[27] In 2014, the POODLE vulnerability of SSL 3.0 was discovered, which takes advantage of the known vulnerabilities in CBC, and an insecure fallback negotiation used in browsers.[28]

TLS 1.2 (2008) introduced a means to identify the hash used for digital signatures. While permitting the use of stronger hash functions for digital signatures in the future (rsa,sha256/sha384/sha512) over the SSL 3.0 conservative choice (rsa,sha1+md5), the TLS 1.2 protocol change inadvertently and substantially weakened the default digital signatures and provides (rsa,sha1) and even (rsa,md5).[29]

Datagram Transport Layer Security (DTLS or Datagram TLS) 1.0 is a modification of TLS 1.1 for a packet-oriented transport layer, where packet loss and packet reordering have to be tolerated. The revision DTLS 1.2 based on TLS 1.2 was published in January 2012.[30]

TLS 1.3 (2018) specified in RFC 8446 includes major optimizations and security improvements. QUIC (2021) specified in RFC 9000 and DTLS 1.3 (2022) specified in RFC 9147 builds on TLS 1.3. The publishing of TLS 1.3 and DTLS 1.3 obsoleted TLS 1.2 and DTLS 1.2.

Note that there are known vulnerabilities in SSL 2.0 and SSL 3.0. In 2021, IETF published RFC 8996 also forbidding negotiation of TLS 1.0, TLS 1.1, and DTLS 1.0 due to known vulnerabilities. NIST SP 800-52 requires support of TLS 1.3 by January 2024. Support of TLS 1.3 means that two compliant nodes will never negotiate TLS 1.2.

ImplementationSSL 2.0 (insecure)[31]SSL 3.0 (insecure)[32]TLS 1.0 (deprecated)[33]TLS 1.1 (deprecated)[34]TLS 1.2[35]TLS 1.3DTLS 1.0 (deprecated)[36]DTLS 1.2[30]
BotanNoNo[37]NoNoYesYesNoYes
BoringSSLYesYesYesYesYesYes
Bouncy CastleNoNoYesYesYesYes
(draft version)		YesYes
BSAFE SSL-J[38]NoDisabled by defaultNo[a]No[a]YesYesNoNo
cryptlibNoDisabled by default at compile timeYesYesYesNoNo
GnuTLSNo[b]Disabled by default[39]YesYesYesYes[40]YesYes
JSSENo[b]Disabled by default[41]Disabled by default[42]Disabled by default[42]YesYesYesYes
LibreSSLNo[43]No[44]YesYesYesYesYesYes[45]
MatrixSSLNoDisabled by default at compile time[46]YesYesYesYesYesYes
Mbed TLSNoNo[47]No[47]No[47]YesYes
(experimental)		Yes[48]Yes[48]
NSSNo[c]Disabled by default[49]YesYes[50]Yes[51]Yes[52]Yes[50]Yes[53]
OpenSSLNo[54]Disabled by defaultYesYes[55]Yes[55]YesYesYes[56]
s2n[57]NoDisabled by defaultYesYesYesYesNoNo
Schannel XP, 2003[58]Disabled by default in MSIE 7Enabled by defaultEnabled by default in MSIE 7NoNoNoNoNo
Schannel Vista[59]Disabled by defaultEnabled by defaultYesNoNoNoNoNo
Schannel 2008[59]Disabled by defaultEnabled by defaultYesDisabled by default (KB4019276)Disabled by default (KB4019276)NoNoNo
Schannel 7, 2008R2[60]Disabled by defaultDisabled by default in MSIE 11YesEnabled by default in MSIE 11Enabled by default in MSIE 11NoYes[61]No[61]
Schannel 8, 2012[60]Disabled by defaultEnabled by defaultYesDisabled by defaultDisabled by defaultNoYesNo
Schannel 8.1, 2012R2, 10 v1507 & v1511[60]Disabled by defaultDisabled by default in MSIE 11YesYesYesNoYesNo
Schannel 10 v1607 / 2016[62]NoDisabled by defaultYesYesYesNoYesYes
Schannel 11 / 2022[63]NoDisabled by defaultYesYesYesYesYesYes
Secure Transport

OS X 10.2-10.7, iOS 1-4

YesYesYesNoNoNoNo
Secure Transport OS X 10.8-10.10, iOS 5-8No[d]YesYesYes[d]Yes[d]Yes[d]No
Secure Transport OS X 10.11, iOS 9NoNo[d]YesYesYesYesUn­known
Secure Transport OS X 10.13, iOS 11NoNo[d]YesYesYesYes
(draft version)[64]		YesUn­known
wolfSSLNoDisabled by default[65]Disabled by default[66]YesYesYesYesYes
Erlang/OTP SSL application[67]No [e]No [f]Disabled by default [e]Disabled by default [e]YesPartially [g]Disabled by default [e]Yes
ImplementationSSL 2.0 (insecure)[31]SSL 3.0 (insecure)[32]TLS 1.0 (deprecated)[33]TLS 1.1 (deprecated)[34]TLS 1.2[35]TLS 1.3DTLS 1.0 (deprecated)[36]DTLS 1.2[30]

NSA Suite B Cryptography

Required components for NSA Suite B Cryptography (RFC 6460) are:

Per CNSSP-15, the 256-bit elliptic curve (specified in FIPS 186-2), SHA-256, and AES with 128-bit keys are sufficient for protecting classified information up to the Secret level, while the 384-bit elliptic curve (specified in FIPS 186-2), SHA-384, and AES with 256-bit keys are necessary for the protection of Top Secret information.

ImplementationTLS 1.2 Suite B
BotanYes
Bouncy CastleYes
BSAFEYes[38]
cryptlibYes
GnuTLSYes
JSSEYes[68]
LibreSSLYes
MatrixSSLYes
Mbed TLSYes
NSSNo[69]
OpenSSLYes[56]
S2n
SchannelYes[70]
Secure TransportNo
wolfSSLYes
ImplementationTLS 1.2 Suite B

Certifications

Note that certain certifications have received serious negative criticism from people who are actually involved in them.[71]

ImplementationFIPS 140-1, FIPS 140-2[72]Embedded FIPS Solution
Level 1Level 2[disputed discuss]
Botan[73]
Bouncy CastleBC-FJA 1.0.0 (#2768)
BC-FJA 1.0.1 (#3152)
BSAFE SSL-J[74]Crypto-J 6.0 (1785, 1786)
Crypto-J 6.1 / 6.1.1.0.1 (2057, 2058)
Crypto-J 6.2 / 6.2.1.1 (2468, 2469)
Crypto-J 6.2.4 (3172, 3184)
Crypto-J 6.2.5 (#3819, #3820)
Crypto-J 6.3 (#4696, #4697)
cryptlib[75]
GnuTLS[76]Red Hat Enterprise Linux GnuTLS Cryptographic Module (#2780)
JSSE
LibreSSL[43]no support
MatrixSSL[77]SafeZone FIPS Cryptographic Module: 1.1 (#2389)
Mbed TLS[78]
NSS[79]Network Security Services: 3.2.2 (#247)
Network Security Services Cryptographic Module: 3.11.4 (#815), 3.12.4 (#1278), 3.12.9.1 (#1837)		Netscape Security Module: 1 (#7[notes 1]), 1.01 (#47[notes 2])
Network Security Services: 3.2.2 (#248[notes 3])
Network Security Services Cryptographic Module: 3.11.4 (#814[notes 4]), 3.12.4 (#1279, #1280[notes 5])
OpenSSL[80]OpenSSL FIPS Object Module: 1.0 (#624), 1.1.1 (#733), 1.1.2 (#918), 1.2, 1.2.1, 1.2.2, 1.2.3 or 1.2.4 (#1051)
2.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7 or 2.0.8 (#1747)
Schannel[81]Cryptographic modules in Windows NT 4.0, 95, 95, 2000, XP, Server 2003, CE 5, CE 6, Mobile 6.x, Vista, Server 2008, 7, Server 2008 R2, 8, Server 2012, RT, Surface, Phone 8
See details on Microsoft FIPS 140 Validated Cryptographic Modules
Secure TransportApple FIPS Cryptographic Module: 1.0 (OS X 10.6, #1514), 1.1 (OS X 10.7, #1701)
Apple OS X CoreCrypto Module; CoreCrypto Kernel Module: 3.0 (OS X 10.8, #1964, #1956), 4.0 (OS X 10.9, #2015, #2016)
Apple iOS CoreCrypto Module; CoreCrypto Kernel Module: 3.0 (iOS 6, #1963, #1944), 4.0 (iOS 7, #2020, #2021)
wolfSSL[82]wolfCrypt FIPS Module: 4.0 (#3389)
See details on NIST certificate for validated Operating Environments
wolfCrypt FIPS Module: 3.6.0 (#2425)
See details on NIST certificate for validated Operating Environments		Yes
ImplementationLevel 1Level 2Embedded FIPS Solution
FIPS 140-1, FIPS 140-2

Key exchange algorithms (certificate-only)

This section lists the certificate verification functionality available in the various implementations.

ImplementationRSA[35]RSA-EXPORT (insecure)[35]DHE-RSA (forward secrecy)[35]DHE-DSS (forward secrecy)[35]ECDH-ECDSA[83]ECDHE-ECDSA (forward secrecy)[83]ECDH-RSA[83]ECDHE-RSA (forward secrecy)[83]GOST R 34.10-94, 34.10-2001[84]
BotanDisabled by defaultNoYesDisabled by defaultNoYesNoYesNo
BSAFEYesNoYesYesYesYesYesYesNo
cryptlibYesNoYesYesNoYesNoNoNo
GnuTLSYesNoYesDisabled by default[39]NoYesNoYesNo
JSSEYesDisabled by defaultYesYesYesYesYesYesNo
LibreSSLYesNo[43]YesYesNoYesNoYesYes[85]
MatrixSSLYesNoYesNoYesYesYesYesNo
Mbed TLSYesNoYesNoYesYesYesYesNo
NSSYesDisabled by defaultYes[86]YesYesYesYesYesNo[87][88]
OpenSSLYesNo[54]YesDisabled by default[54]NoYesNoYesYes[89]
Schannel XP/2003YesYesNoXP: Max 1024 bits
2003: 1024 bits only		NoNoNoNoNo[90]
Schannel Vista/2008YesDisabled by defaultNo1024 bits by default[91]NoYesNoexcept AES_GCMNo[90]
Schannel 8/2012YesDisabled by defaultAES_GCM only[92][93][94]1024 bits by default[91]NoYesNoexcept AES_GCMNo[90]
Schannel 7/2008R2, 8.1/2012R2YesDisabled by defaultYes2048 bits by default[91]NoYesNoexcept AES_GCMNo[90]
Schannel 10YesDisabled by defaultYes2048 bits by default[91]NoYesNoYesNo[90]
Secure Transport OS X 10.6YesYesexcept AES_GCMYesYesexcept AES_GCMyesexcept AES_GCMNo
Secure Transport OS X 10.8-10.10YesNoexcept AES_GCMNoYesexcept AES_GCMYesexcept AES_GCMNo
Secure Transport OS X 10.11YesNoYesNoNoYesNoYesNo
wolfSSLYesNoYesNoYesYesYesYesNo
Erlang/OTP SSL applicationYesNoYesYesYesYesYesYesNo
ImplementationRSA[35]RSA-EXPORT (insecure)[35]DHE-RSA (forward secrecy)[35]DHE-DSS (forward secrecy)[35]ECDH-ECDSA[83]ECDHE-ECDSA (forward secrecy)[83]ECDH-RSA[83]ECDHE-RSA (forward secrecy)[83]GOST R 34.10-94, 34.10-2001[84]

Key exchange algorithms (alternative key-exchanges)

ImplementationSRP[95]SRP-DSS[95]SRP-RSA[95]PSK-RSA[96]PSK[96]DHE-PSK (forward secrecy)[96]ECDHE-PSK (forward secrecy)[97]KRB5[98]DH-ANON[35] (insecure)ECDH-ANON[83] (insecure)
BotanNoNoNoNoYesNoYesNoNoNo
BSAFE SSL-JNoNoNoNoYes[99]NoNoNoDisabled by defaultDisabled by default
cryptlibNoNoNoNoYesYesNoUn­knownNoNo
GnuTLSYesYesYesYesYesYesYesNoDisabled by defaultDisabled by default
JSSENoNoNoNoNoNoNoNoDisabled by defaultDisabled by default
LibreSSLNo[100]No[100]No[100]NoNoNoNoNoYesYes
MatrixSSLNoNoNoYesYesYesNoNoDisabled by defaultNo
Mbed TLSNoNoNoYesYesYesYesNoNoNo
NSSNo[101]No[101]No[101]No[102]No[102]No[102]No[102]NoClient side only, disabled by default[103]Disabled by default[104]
OpenSSLYesYesYesYesYesYesYesYes[105]Disabled by default[106]Disabled by default[106]
SchannelNoNoNoNoNoNoNoYesNoNo
Secure TransportNoNoNoNoNoNoNoUn­knownYesYes
wolfSSLYesYesYesYesYesYesYes[107]YesNoNo
Erlang/OTP SSL applicationDisabled by defaultDisabled by defaultDisabled by defaultDisabled by defaultDisabled by defaultDisabled by defaultNoNoDisabled by defaultDisabled by default
ImplementationSRP[95]SRP-DSS[95]SRP-RSA[95]PSK-RSA[96]PSK[96]DHE-PSK (forward secrecy)[96]ECDHE-PSK (forward secrecy)[97]KRB5[98]DH-ANON[35] (insecure)ECDH-ANON[83] (insecure)

Certificate verification methods

ImplementationApplication-definedPKIX path validation[108]CRL[109]OCSP[110]DANE (DNSSEC)[111]Trust on First Use (TOFU)CT[112]
BotanYesYesYesYesNoNoUn­known
Bouncy CastleYesYesYesYesYesNoUn­known
BSAFEYesYesYesYesNoNoUn­known
cryptlibYesYesYesYesNoNoUn­known
GnuTLSYesYesYesYesYesYesUn­known
JSSEYesYesYesYesNoNoNo
LibreSSLYesYesYesYesNoNoUn­known
MatrixSSLYesYesYesYes[113]NoNoUn­known
Mbed TLSYesYesYesNo[114]NoNoUn­known
NSSYesYesYesYesNo[115]NoUn­known
OpenSSLYesYesYesYesYesNoYes
s2nNo [116]Un­known [117]Un­known [118]
SchannelUn­knownYesYes[119]Yes[119]NoNoUn­known
Secure TransportYesYesYesYesNoNoUn­known
wolfSSLYesYesYesYesNoNoUn­known
Erlang/OTP SSL applicationYesYesYesNoNoNoUn­known
ImplementationApplication-definedPKIX path validationCRLOCSPDANE (DNSSEC)Trust on First Use (TOFU)CT

Encryption algorithms

ImplementationBlock cipher with mode of operationStream cipherNone
AES GCM
[120]		AES CCM
[121]		AES CBCCamellia GCM
[122]		Camellia CBC
[123]		ARIA GCM
[124]		ARIA CBC
[124]		SEED CBC
[125]		3DES EDE CBC
(insecure)[126]		GOST 28147-89 CNT
(proposed)
[84][n 1]		ChaCha20-Poly1305
[127]		Null
(insecure)
[n 2]
BotanYesYesYesYesYesNoNoDisabled by defaultDisabled by defaultNoYes[128]Not implemented
BoringSSLYesNoYesNoNoNoNoNoYesNoYes
BSAFE SSL-JYesYesYesNoNoNoNoNoDisabled by defaultNoNoDisabled by default
cryptlibYesNoYesNoNoNoNoNoYesNoNoNot implemented
GnuTLSYesYes[39]YesYesYesNoNoNoDisabled by default[129]NoYes[130]Disabled by default
JSSEYesNoYesNoNoNoNoNoDisabled by default[131]NoYes
(JDK 12+)[132]		Disabled by default
LibreSSLYes[43]NoYesNoYes[85]NoNoNo[43]YesYes[85]Yes[43]Disabled by default
MatrixSSLYesNoYesNoNoNoNoYesDisabled by defaultNoYes[133]Disabled by default
Mbed TLSYesYes [134]YesYesYesYes[135]Yes[135]NoNo[47]NoYes[136]Disabled by default at compile time
NSSYes[137]NoYesNo[138][n 3]Yes[139]NoNoYes[140]YesNo[87][88]Yes[141]Disabled by default
OpenSSLYes[142]Disabled by default[54]YesNoDisabled by default[54]Disabled by default[143]NoDisabled by default[54]Disabled by default[54]Yes[89]Yes[54]Disabled by default
Schannel XP/2003NoNo2003 only[144]NoNoNoNoNoYesNo[90]NoDisabled by default
Schannel Vista/2008, 2008R2, 2012NoNoYesNoNoNoNoNoYesNo[90]NoDisabled by default
Schannel 7, 8, 8.1/2012R2Yes except ECDHE_RSA
[92][93]		NoYesNoNoNoNoNoYesNo[90]NoDisabled by default
Schannel 10[145]YesNoYesNoNoNoNoNoYesNo[90]NoDisabled by default
Secure Transport OS X 10.6 - 10.10NoNoYesNoNoNoNoNoYesNoNoDisabled by default
Secure Transport OS X 10.11YesNoYesNoNoNoNoNoYesNoNoDisabled by default
wolfSSLYesYesYesNoNoNoNoNoYesNoYesDisabled by default
Erlang/OTP SSL applicationYesNoYesNoNoNoNoNoDisabled by defaultNoExperimentalDisable by default
ImplementationBlock cipher with mode of operationStream cipherNone
AES GCM
[120]		AES CCM
[121]		AES CBCCamellia GCM
[122]		Camellia CBC
[123]		ARIA GCM
[124]		ARIA CBC
[124]		SEED CBC
[125]		3DES EDE CBC
(insecure)[126]		GOST 28147-89 CNT
(proposed)
[84][n 1]		ChaCha20-Poly1305
[127]		Null
(insecure)
[n 2]
Notes

Obsolete algorithms

ImplementationBlock cipher with mode of operationStream cipher
IDEA CBC
[n 1](insecure)[147]		DES CBC
(insecure)
[n 1]		DES-40 CBC
(EXPORT, insecure)
[n 2]		RC2-40 CBC
(EXPORT, insecure)
[n 2]		RC4-128
(insecure)
[n 3]		RC4-40
(EXPORT, insecure)
[n 4][n 2]
BotanNoNoNoNoNo[148]No
BoringSSLNoNoNoNoDisabled by default at compile timeNo
BSAFE SSL-JNoDisabled by defaultDisabled by defaultNoDisabled by defaultDisabled by default
cryptlibNoDisabled by default at compile timeNoNoDisabled by default at compile timeNo
GnuTLSNoNoNoNoDisabled by default[39]No
JSSENoDisabled by defaultDisabled by defaultNoDisabled by defaultDisabled by default [149]
LibreSSLYesYesNo[43]No[43]YesNo[43]
MatrixSSLYesNoNoNoDisabled by defaultNo
Mbed TLSNoDisabled by default at compile timeNoNoDisabled by default at compile time[48]No
NSSYesDisabled by defaultDisabled by defaultDisabled by defaultLowest priority[150][151]Disabled by default
OpenSSLDisabled by default[54]Disabled by defaultNo[54]No[54]Disabled by defaultNo[54]
Schannel XP/2003NoYesYesYesYesYes
Schannel Vista/2008NoDisabled by defaultDisabled by defaultDisabled by defaultYesDisabled by default
Schannel 7/2008R2NoDisabled by defaultDisabled by defaultDisabled by defaultLowest priority
will be disabled soon[152]		Disabled by default
Schannel 8/2012NoDisabled by defaultDisabled by defaultDisabled by defaultOnly as fallbackDisabled by default
Schannel 8.1/2012R2NoDisabled by defaultDisabled by defaultDisabled by defaultDisabled by default[152]Disabled by default
Schannel 10[145]NoDisabled by defaultDisabled by defaultDisabled by defaultDisabled by default[152]Disabled by default
Secure Transport OS X 10.6YesYesYesYesYesYes
Secure Transport OS X 10.7YesUn­knownUn­knownUn­knownYesUn­known
Secure Transport OS X 10.8-10.9YesDisabled by defaultDisabled by defaultDisabled by defaultYesDisabled by default
Secure Transport OS X 10.10-10.11YesDisabled by defaultDisabled by defaultDisabled by defaultLowest priorityDisabled by default
Secure Transport macOS 10.12YesDisabled by defaultDisabled by defaultDisabled by defaultDisabled by defaultDisabled by default
wolfSSLDisabled by default[153]NoNoNoDisabled by defaultNo
Erlang/OTP SSL applicationnoDisabled by defaultnonoDisabled by defaultno
ImplementationBlock cipher with mode of operationStream cipher
IDEA CBC
[n 1](insecure)[147]		DES CBC
(insecure)
[n 1]		DES-40 CBC
(EXPORT, insecure)
[n 2]		RC2-40 CBC
(EXPORT, insecure)
[n 2]		RC4-128
(insecure)
[n 3]		RC4-40
(EXPORT, insecure)
[n 4][n 2]
Notes

Supported elliptic curves

This section lists the supported elliptic curves by each implementation.

Defined curves in RFC 8446 (for TLS 1.3) and RFC 8422, 7027 (for TLS 1.2 and earlier)

applicable TLS versionTLS 1.3 and earlierTLS 1.2 and earlier
Implementationsecp256r1
prime256v1
NIST P-256
(0x0017,[154] 23[155])		secp384r1
NIST P-384
(0x0018,[154] 24[155])		secp521r1
NIST P-521
(0x0019,[154] 25[155])		X25519
(0x001D,[154] 29[155])		X448
(0x001E,[154] 30[155])		brainpoolP256r1
(26)[156]		brainpoolP384r1
(27)[156]		brainpoolP512r1
(28)[156]
BotanYesYesYesYes[128]NoYes[157]Yes[157]Yes[157]
BoringSSLYesYesYes (disabled by default)YesNoNoNoNo
BSAFEYesYesYesNoNoNoNoNo
GnuTLSYesYesYesYes[158]Yes[159]NoNoNo
JSSEYesYesYesYes
x25519: JDK 13+[160]
Ed25519:JDK 15+[161]		Yes
x448: JDK 13+[160]
Ed448: JDK 15+[161]		NoNoNo
LibreSSLYesYesYesYes[162]NoYes[43]Yes[43]Yes[43]
MatrixSSLYesYesYesTLS 1.3 only[163]NoYesYesYes
Mbed TLSYesYesYesPrimitive only[164]Primitive only[165]Yes[166]Yes[166]Yes[166]
NSSYesYesYesYes[167]No[168][169]No[170]No[170]No[170]
OpenSSLYesYesYesYes[171][172]Yes[173][174]Yes[56]Yes[56]Yes[56]
Schannel Vista/2008, 7/2008R2, 8/2012, 8.1/2012R2, 10YesYesYesNoNoNoNoNo
Secure TransportYesYesYesNoNoNoNoNo
wolfSSLYesYesYesYes[175]Yes[176]YesYesYes
Erlang/OTP SSL applicationYesYesYesNoNoYesYesYes
Implementationsecp256r1
prime256v1
NIST P-256
(0x0017, 23)		secp384r1
NIST P-384
(0x0018, 24)		secp521r1
NIST P-521
(0x0019, 25)		X25519
(0x001D, 29)		X448
(0x001E, 30)		brainpoolP256r1
(26)		brainpoolP384r1
(27)		brainpoolP512r1
(28)

Proposed curves

ImplementationM221
Curve2213
[177]		E222
[177]		Curve1174
[177]		E382
[177]		M383
[177]		Curve383187
[177]		Curve41417
Curve3617
[177]		M511
Curve511187
[177]		E521
[177]
BotanNoNoNoNoNoNoNoNoNo
BoringSSLNoNoNoNoNoNoNoNoNo
BSAFENoNoNoNoNoNoNoNoNo
GnuTLSNoNoNoNoNoNoNoNoNo
JSSENoNoNoNoNoNoNoNoNo
LibreSSLNoNoNoNoNoNoNoNoNo
MatrixSSLNoNoNoNoNoNoNoNoNo
Mbed TLSNoNoNoNoNoNoNoNoNo
NSSNoNoNoNoNoNoNoNoNo
OpenSSLNoNoNoNoNoNoNoNoNo
Schannel Vista/2008, 7/2008R2, 8/2012, 8.1/2012R2, 10NoNoNoNoNoNoNoNoNo
Secure TransportNoNoNoNoNoNoNoNoNo
wolfSSLNoNoNoNoNoNoNoNoNo
Erlang/OTP SSL applicationNoNoNoNoNoNoNoNoNo
ImplementationM221
Curve2213		E222Curve1174E382M383Curve383187Curve41417
Curve3617		M511
Curve511187		E521

Deprecated curves in RFC 8422

Implementationsect163k1
NIST K-163
(1)[83]		sect163r1
(2)[83]		sect163r2
NIST B-163
(3)[83]		sect193r1
(4)[83]		sect193r2
(5)[83]		sect233k1
NIST K-233
(6)[83]		sect233r1
NIST B-233
(7)[83]		sect239k1
(8)[83]		sect283k1
NIST K-283
(9)[83]		sect283r1
NIST B-283
(10)[83]		sect409k1
NIST K-409
(11)[83]		sect409r1
NIST B-409
(12)[83]		sect571k1
NIST K-571
(13)[83]		sect571r1
NIST B-571
(14)[83]
BotanNoNoNoNoNoNoNoNoNoNoNoNoNoNo
BoringSSLNoNoNoNoNoNoNoNoNoNoNoNoNoNo
BSAFEYesNoYesNoNoYesYesNoYesYesYesYesYesYes
GnuTLSNoNoNoNoNoNoNoNoNoNoNoNoNoNo
JSSENotes[a][b]Notes[a][b]Notes[a][b]Notes[a][b]Notes[a][b]Notes[a][b]Notes[a][b]Notes[a][b]Notes[a][b]Notes[a][b]Notes[a][b]Notes[a][b]Notes[a][b]Notes[a][b]
LibreSSLYesYesYesYesYesYesYesYesYesYesYesYesYesYes
MatrixSSLNoNoNoNoNoNoNoNoNoNoNoNoNoNo
Mbed TLSNoNoNoNoNoNoNoNoNoNoNoNoNoNo
NSSYesYesYesYesYesYesYesYesYesYesYesYesYesYes
OpenSSLYesYesYesYesYesYesYesYesYesYesYesYesYesYes
Schannel Vista/2008, 7/2008R2, 8/2012, 8.1/2012R2, 10NoNoNoNoNoNoNoNoNoNoNoNoNoNo
Secure TransportNoNoNoNoNoNoNoNoNoNoNoNoNoNo
wolfSSLNoNoNoNoNoNoNoNoNoNoNoNoNoNo
Erlang/OTP SSL applicationYesYesYesYesYesYesYesYesYesYesYesYesYesYes
Implementationsect163k1
NIST K-163
(1)		sect163r1
(2)		sect163r2
NIST B-163
(3)		sect193r1
(4)		sect193r2
(5)		sect233k1
NIST K-233
(6)		sect233r1
NIST B-233
(7)		sect239k1
(8)		sect283k1
NIST K-283
(9)		sect283r1
NIST B-283
(10)		sect409k1
NIST K-409
(11)		sect409r1
NIST B-409
(12)		sect571k1
NIST K-571
(13)		sect571r1
NIST B-571
(14)
Implementationsecp160k1
(15)[83]		secp160r1
(16)[83]		secp160r2
(17)[83]		secp192k1
(18)[83]		secp192r1
prime192v1
NIST P-192
(19)[83]		secp224k1
(20)[83]		secp224r1
NIST P-244
(21)[83]		secp256k1
(22)[83]		arbitrary prime curves
(0xFF01)[83][180]		arbitrary char2 curves
(0xFF02)[83][180]
BotanNoNoNoNoNoNoNoNoNoNo
BoringSSLNoNoNoNoNoNoYesNoNoNo
BSAFENoNoNoNoYesNoYesNoNoNo
GnuTLSNoNoNoNoYesNoYesNoNoNo
JSSENotes[a][b]Notes[a][b]Notes[a][b]Notes[a][b]Notes[a][b]Notes[a][b]Notes[a][b]Notes[a][b]NoNo
LibreSSLYesYesYesYesYesYesYesYesNoNo
MatrixSSLNoNoNoNoYesNoYesNoNoNo
Mbed TLSNoNoNoYesYesYesYesYesNoNo
NSSYesYesYesYesYesYesYesYesNoNo
OpenSSLYesYesYesYesYesYesYesYesNoNo
Schannel Vista/2008, 7/2008R2, 8/2012, 8.1/2012R2, 10NoNoNoNoNoNoNoNoNoNo
Secure TransportNoNoNoNoYesNoNoNoNoNo
wolfSSLYesYesYesYesYesYesYesYesNoNo
Erlang/OTP SSL applicationYesYesYesYesYesYesYesYesNoNo
Implementationsecp160k1
(15)		secp160r1
(16)		secp160r2
(17)		secp192k1
(18)		secp192r1
prime192v1
NIST P-192
(19)		secp224k1
(20)		secp224r1
NIST P-244
(21)		secp256k1
(22)		arbitrary prime curves
(0xFF01)		arbitrary char2 curves
(0xFF02)
Notes

Data integrity

ImplementationHMAC-MD5HMAC-SHA1HMAC-SHA256/384AEADGOST 28147-89 IMIT[84]GOST R 34.11-94[84]
BotanNoYesYesYesNoNo
BSAFEYesYesYesYesNoNo
cryptlibYesYesYesYesNoNo
GnuTLSYesYesYesYesNoNo
JSSEDisabled by DefaultYesYesYesNoNo
LibreSSLYesYesYesYesYes[85]Yes[85]
MatrixSSLYesYesYesYesNoNo
Mbed TLSYesYesYesYesNoNo
NSSYesYesYesYesNo[87][88]No[87][88]
OpenSSLYesYesYesYesYes[89]Yes[89]
Schannel XP/2003, Vista/2008YesYesXP SP3, 2003 SP2 via hotfix[181]NoNo[90]No[90]
Schannel 7/2008R2, 8/2012, 8.1/2012R2YesYesYesexcept ECDHE_RSA[92][93][94]No[90]No[90]
Schannel 10YesYesYesYes[145]No[90]No[90]
Secure TransportYesYesYesYesNoNo
wolfSSLYesYesYesYesNoNo
Erlang/OTP SSL applicationYesYesYesYesNoNo
ImplementationHMAC-MD5HMAC-SHA1HMAC-SHA256/384AEADGOST 28147-89 IMITGOST R 34.11-94

Compression

Note the CRIME security exploit takes advantage of TLS compression, so conservative implementations do not enable compression at the TLS level. HTTP compression is unrelated and unaffected by this exploit, but is exploited by the related BREACH attack.

ImplementationDEFLATE[182]
(insecure)
BotanNo
BSAFE[38]No
cryptlibNo
GnuTLSDisabled by default
JSSENo
LibreSSLNo[43]
MatrixSSLDisabled by default
Mbed TLSDisabled by default
NSSDisabled by default
OpenSSLDisabled by default
SchannelNo
Secure TransportNo
wolfSSLDisabled by default
Erlang/OTP SSL applicationNo
ImplementationDEFLATE

Extensions

In this section the extensions each implementation supports are listed. Note that the Secure Renegotiation extension is critical for HTTPS client security [citation needed]. TLS clients not implementing it are vulnerable to attacks, irrespective of whether the client implements TLS renegotiation.

ImplementationSecure Renegotiation
[183]		Server Name Indication
[184]		ALPN
[185]		Certificate Status Request
[184]		OpenPGP
[186]		Supplemental Data
[187]		Session Ticket
[188]		Keying Material Exporter
[189]		Maximum Fragment Length
[184]		Truncated HMAC
[184]		Encrypt-then-MAC
[190]		TLS Fallback SCSV
[191]		Extended Master Secret
[192]		ClientHello Padding
[193]		Raw Public Keys
[194]
BotanYesYesYes[195]NoNoNoYesYesYesNoYesYes[196]Yes[197]NoUn­known
BSAFE SSL-JYesYesNoYesNoNoNoNoYesNoNoNoYesNoNo
cryptlibYesYesNoNoNoYesNoNoNo[198]NoYesYesYesNoUn­known
GnuTLSYesYesYes[199]YesNo[200]YesYesYesYesNoYes[39]Yes[201]Yes[39]Yes[202]Yes[203]
JSSEYesYes[68]Yes[68]YesNoNoYesNoYesNoNoNoYesNoNo
LibreSSLYesYesYes[204]YesNoNo?YesYes?NoNoNoServer side only[205]NoYesNo
MatrixSSLYesYesYes[206]Yes[133]NoNoYesNoYesYesNoYes[133]Yes[133]NoUn­known
Mbed TLSYesYesYes[207]NoNoNoYesNoYesDisabled by default[48]Yes[208]Yes[208]Yes[208]NoNo
NSSYesYesYes[209]YesNo[210]NoYesYesNoNoNo[211]Yes[212]Yes[213]Yes[209]Un­known
OpenSSLYesYesYes[56]YesNoNo?YesYesYesNoYesYes[214]Yes[54]Yes[215]Yes[216]
Schannel XP/2003NoNoNoNoNoYesNoNoNoNoNoNoNoNoUn­known
Schannel Vista/2008YesYesNoNoNoYesNoNoNoNoNoNoYes[217]NoUn­known
Schannel 7/2008R2YesYesNoYesNoYesNoNoNoNoNoNoYes[217]NoUn­known
Schannel 8/2012YesYesNoYesNoYesClient side only[218]NoNoNoNoNoYes[217]NoUn­known
Schannel 8.1/2012R2, 10YesYesYesYesNoYesYes[218]NoNoNoNoNoYes[217]NoUn­known
Secure TransportYesYesUn­knownNoNoYesNoNoNoNoNoNoNoNoUn­known
wolfSSLYesYesYes[153]YesNoNoYesNoYesYesYes[219]NoYesNoUn­known
Erlang/OTP SSL applicationYesYesYesNoNoNoNoNoNoNoNoYesNoNoUn­known
ImplementationSecure RenegotiationServer Name IndicationALPNCertificate Status RequestOpenPGPSupplemental DataSession TicketKeying Material ExporterMaximum Fragment LengthTruncated HMACEncrypt-then-MACTLS Fallback SCSVExtended Master SecretClientHello PaddingRaw Public Keys

Assisted cryptography

This section lists the known ability of an implementation to take advantage of CPU instruction sets that optimize encryption, or utilize system specific devices that allow access to underlying cryptographic hardware for acceleration or for data separation.

ImplementationPKCS #11 deviceIntel AES-NIVIA PadLockARMv8-AIntel SGXIntel QATIntel SHANXP CAAM
BotanYes[220]YesNoYesNoNoNo
BSAFE SSL-J [a][b]YesYesNoYesNoNoYesNo
cryptlibYesYesYesNoNo
Crypto++YesNoYes
GnuTLSYesYesYesYes[223]NoNoYes
JSSEYesYes[224]NoNoNoNo
LibreSSLNoYesYesNoNo
MatrixSSLYesYesNoYesNoNo
Mbed TLSYesYes[225]YesNoNoNo
NSSYes[226]Yes[227]No[228]NoNoNo
OpenSSLYes[229]YesYesYes[230]NoYesPartial
SchannelNoYesNoNoNoNo
Secure TransportNoYes[231][232]NoYesNoNo
wolfSSLYesYesNoYesYesYes[233]Yes[234]
ImplementationPKCS #11 deviceIntel AES-NIVIA PadLockARMv8-AIntel SGXIntel QATIntel SHANXP CAAM

System-specific backends

This section lists the ability of an implementation to take advantage of the available operating system specific backends, or even the backends provided by another implementation.

Implementation/dev/cryptoaf_algWindows CSPCommonCryptoOpenSSL engine
BotanNoNoNoNoPartial
BSAFENoNoNoNoNo
cryptlibNoNoNoNoNo
GnuTLSYesYesNoNoNo
JSSENoNoYesNoNo
LibreSSLNoNoNoNoNo[235]
MatrixSSLNoNoNoYesYes
Mbed TLSNoNoNoNoNo
NSSNoNoNoNoNo
OpenSSLYesYesNoNoYes
SchannelNoNoYesNoNo
Secure TransportNoNoNoYesNo
wolfSSLYesYesPartialNoYes[236]
Erlang/OTP SSL applicationNoNoNoNoYes
Implementation/dev/cryptoaf_algWindows CSPCommonCryptoOpenSSL engine

Cryptographic module/token support

ImplementationTPM supportHardware token supportObjects identified via
BotanPartial[197]PKCS #11
BSAFE SSL-JNoNo
cryptlibNoPKCS #11User-defined label
GnuTLSYesPKCS #11RFC 7512 PKCS #11 URLs[237]
JSSENoPKCS11 Java Cryptography Architecture,
Java Cryptography Extension
LibreSSLYesPKCS #11 (via 3rd party module)Custom method
MatrixSSLNoPKCS #11
Mbed TLSNoPKCS #11 (via libpkcs11-helper) or standard hooksCustom method
NSSNoPKCS #11
OpenSSLYesPKCS #11 (via 3rd party module)[238]RFC 7512 PKCS #11 URLs[237]
SchannelNoMicrosoft CryptoAPIUUID, User-defined label
Secure Transport
wolfSSLYesPKCS #11
ImplementationTPM supportHardware token supportObjects identified via

Code dependencies

ImplementationDependenciesOptional dependencies
BotanC++20SQLite
zlib (compression)
bzip2 (compression)
liblzma (compression)
boost
trousers (TPM)
GnuTLSlibc
nettle
gmp		zlib (compression)
p11-kit (PKCS #11)
trousers (TPM)
libunbound (DANE)
JSSEJava
MatrixSSLnonezlib (compression)
MatrixSSL-openlibc or newlib
Mbed TLSlibclibpkcs11-helper (PKCS #11)
zlib (compression)
NSSlibc
libnspr4
libsoftokn3
libplc4
libplds4		zlib (compression)
OpenSSLlibczlib (compression)
brotli (compression)
zstd (compression)
wolfSSLNonelibc
zlib (compression)
Erlang/OTP SSL applicationlibcrypto (from OpenSSL), Erlang/OTP and its public_key, crypto and asn1 applicationsErlang/OTP -inets (http fetching of CRLs)
ImplementationDependenciesOptional dependencies

Development environment

ImplementationNamespaceBuild toolsAPI manualCrypto back-endOpenSSL compatibility Layer[clarify]
BotanBotan::TLSMakefileSphinxIncluded (pluggable)No
Bouncy Castleorg.bouncycastleJava Development EnvironmentProgrammers reference manual (PDF)Included (pluggable)No
BSAFE SSL-Jcom.rsa.asn1[a]

com.rsa.certj[b]
com.rsa.jcp[c]
com.rsa.jsafe[d]
com.rsa.ssl[e]
com.rsa.jsse[f]

Java classloaderJavadoc, Developer's guide (HTML)IncludedNo
cryptlibcrypt*makefile, MSVC project workspacesProgrammers reference manual (PDF), architecture design manual (PDF)Included (monolithic)No
GnuTLSgnutls_*Autoconf, automake, libtoolManual and API reference (HTML, PDF)External, libnettleYes (limited)
JSSEjavax.net.ssl

sun.security.ssl

MakefileAPI Reference (HTML) +

JSSE Reference Guide

Java Cryptography Architecture,
Java Cryptography Extension		No
MatrixSSLmatrixSsl_*

ps*

Makefile, MSVC project workspaces, Xcode projects for OS X and iOSAPI Reference (PDF), Integration GuideIncluded (pluggable)Yes (Subset: SSL_read, SSL_write, etc.)
Mbed TLSmbedtls_ssl_*

mbedtls_sha1_*
mbedtls_md5_*
mbedtls_x509*
...

Makefile, CMake, MSVC project workspaces, yottaAPI Reference + High Level and Module Level Documentation (HTML)Included (monolithic)No
NSSCERT_*

SEC_*
SECKEY_*
NSS_*
PK11_*
SSL_*
...

MakefileManual (HTML)Included, PKCS#11 based[239]Yes (separate package called nss_compat_ossl[240])
OpenSSLSSL_*

SHA1_*
MD5_*
EVP_*
...

MakefileMan pagesIncluded (monolithic)
wolfSSLwolfSSL_*

CyaSSL_*
SSL_*

Autoconf, automake, libtool, MSVC project workspaces, XCode projects, CodeWarrior projects, MPLAB X projects, Keil, IAR, Clang, GCC, e2StudioManual and API Reference (HTML, PDF)Included (monolithic)Yes (about 60% of API)
ImplementationNamespaceBuild toolsAPI manualCrypto back-endOpenSSL compatibility layer

Portability concerns

ImplementationPlatform requirementsNetwork requirementsThread safetyRandom seedAble to cross-compileNo OS (bare metal)Supported operating systems
BotanC++11NoneThread-safePlatform-dependentYesWindows, Linux, macOS, Android, iOS, FreeBSD, OpenBSD, Solaris, AIX, HP-UX, QNX, BeOS, IncludeOS
BSAFE SSL-JJavaJava SE network componentsThread-safeDepends on java.security.SecureRandomYesNoFreeBSD, Linux, macOS, Microsoft Windows, Android, AIX, Solaris
cryptlibC89POSIX send() and recv(). API to supply your own replacementThread-safePlatform-dependent, including hardware sourcesYesYesAMX, BeOS, ChorusOS, DOS, eCos, FreeRTOS/OpenRTOS, uItron, MVS, OS/2, Palm OS, QNX Neutrino, RTEMS, Tandem NonStop, ThreadX, uC/OS II, Unix (AIX, FreeBSD, HPUX, Linux, macOS, Solaris, etc.), VDK, VM/CMS, VxWorks, Win16, Win32, Win64, WinCE/PocketPC/etc, XMK
GnuTLSC89POSIX send() and recv(). API to supply your own replacement.Thread-safe, needs custom mutex hooks if neither POSIX nor Windows threads are available.Platform dependentYesNoGenerally any POSIX platforms or Windows, commonly tested platforms include Linux, Win32/64, macOS, Solaris, OpenWRT, FreeBSD, NetBSD, OpenBSD.
JSSEJavaJava SE network componentsThread-safeDepends on java.security.SecureRandomYesJava based, platform-independent
MatrixSSLC89NoneThread-safePlatform dependentYesYesAll
Mbed TLSC89POSIX read() and write(). API to supply your own replacement.Threading layer available (POSIX or own hooks)Random seed set through entropy poolYesYesKnown to work on: Win32/64, Linux, macOS, Solaris, FreeBSD, NetBSD, OpenBSD, OpenWRT, iPhone (iOS), Xbox, Android, eCos, SeggerOS, RISC OS
NSSC89, NSPR[241]NSPR[241] PR_Send() and PR_Recv(). API to supply your own replacement.Thread-safePlatform dependent[242]Yes (but cumbersome)NoAIX, Android, FreeBSD, NetBSD, OpenBSD, BeOS, HP-UX, IRIX, Linux, macOS, OS/2, Solaris, OpenVMS, Amiga DE, Windows, WinCE, Sony PlayStation
OpenSSLC89NoneThread-safePlatform dependentYesNoUnix-like, DOS (with djgpp), Windows, OpenVMS, NetWare, eCos
wolfSSLC89POSIX send() and recv(). API to supply your own replacement.Thread-safeRandom seed set through wolfCryptYesYesWin32/64, Linux, macOS, Solaris, ThreadX, VxWorks, FreeBSD, NetBSD, OpenBSD, embedded Linux, Yocto Project, OpenEmbedded, WinCE, Haiku, OpenWRT, iPhone (iOS), Android, Nintendo Wii and Gamecube through DevKitPro, QNX, MontaVista, NonStop, TRON/ITRON/μITRON, eCos, Micrium μC/OS-III, FreeRTOS, SafeRTOS, NXP/Freescale MQX, Nucleus, TinyOS, HP/UX, AIX, ARC MQX, Keil RTX, TI-RTOS, uTasker, embOS, INtime, Mbed, uT-Kernel, RIOT, CMSIS-RTOS, FROSTED, Green Hills INTEGRITY, TOPPERS, PetaLinux, Apache mynewt
ImplementationPlatform requirementsNetwork requirementsThread safetyRandom seedAble to cross-compileNo OS (bare metal)Supported operating systems

See also

  • SCTP — with DTLS support
  • DCCP — with DTLS support
  • SRTP — with DTLS support (DTLS-SRTP) and Secure Real-Time Transport Control Protocol (SRTCP)

References

Retrieved from "https:https://www.search.com.vn/wiki/index.php?lang=en&q=Comparison_of_TLS_implementations&oldid=1223052605"
🔥 Top keywords: Main PageSpecial:SearchWikipedia:Featured picturesYasukeHarrison ButkerRobert FicoBridgertonCleopatraDeaths in 2024Joyce VincentXXXTentacionHank AdamsIt Ends with UsYouTubeNew Caledonia2024 Indian general electionHeeramandiDarren DutchyshenSlovakiaKingdom of the Planet of the ApesAttempted assassination of Robert FicoLawrence WongBaby ReindeerXXX: Return of Xander CageThelma HoustonFuriosa: A Mad Max SagaMegalopolis (film)Richard GaddKepler's SupernovaWicked (musical)Sunil ChhetriXXX (2002 film)Ashley MadisonAnya Taylor-JoyPlanet of the ApesNava MauYoung SheldonPortal:Current eventsX-Men '97