Ajisai 0.4.0 review
DownloadAjisai is a SSL/TLS implementation written entirely from scratch in C++
|
|
Ajisai is a SSL/TLS implementation written entirely from scratch in C++. It uses Botan for performing the cryptography and X.509 handling.
This is an alpha release, it is virtually certain that incompatible API changes will be made in the future. Suggestions on weak points in the API are most welcome. As of now, Ajisai is somewhat fragile, and does not make available many of the features TLS offers.
Currently only SSLv3 and TLS 1.0 are supported; TLS 1.1 and DLTS will be supported in future releases. At this point is can be built only on Unix and Unix-like systems, but that will change eventually.
TODO:
Bugs:
We assume one recordone handshake message, this is not true for IIS/IE, probably lots of other stuff.
No support for client authentication on either end (currently some code for it, but disabled as it's completely broken).
Protocol:
TLS 1.1
TLS extensions
DTLS
Reading a SSLv2 client hello
Session caching
Compression support
Anonymous Diffie-Hellman, maybe. It's useful in some contexts.
OpenPGP key support
Server:
We want to be able to multiplex multiple Server objects at once (multiple clients). This will probably be based on a Socket* select(2) wrapper, but I might end up leaving it to the application.
Sockets:
IPv6 support
IPv4 + IPv6 UDP sockets (for DTLS)
Write a select() wrapper
Support Win32 sockets (IPv4/IPv6)
Ajisai 0.4.0 keywords