[botan-devel] New TLS implementation

Jack Lloyd lloyd at randombit.net
Fri Jan 27 22:33:58 EST 2012

I've been spending a bit of time working on botan's TLS implementation
in a branch. It seems like the higher level APIs have settled in at
this point, though there are number of new features I still want to
add and a lot of refactoring before I'd consider it stable. But at
this point it adds (vs the version in 1.10.1):

* Event driven I/O. A TLS server using ASIO and a select-driven TLS
  client are included in the examples. The interface is a bit unusual;
  I think it works well, but I'd love some feedback.

* Client certificate authentication

* Renegotiation support (including the secure renegotiation extension)

* TLS 1.2 including SHA-256/SHA-384 ciphersuites and SHA-2 signing

* ECDH key exchange

* Session resumption for clients and servers. Currently the only
  implemented session manager is one that stores in-memory but a
  version using flat files or sqlite would be easy to write and plug in.

* PSK key exchange (including DHE_PSK and ECDHE_PSK)

* About half of SRP key exchange (not working yet but will be there soon)

* Support for multiple certificates in servers (application can choose
  based on hostname or other logic)

* Maximum fragment length extension

* Next protocol negotiation extension

You can find the work in the net.randombit.botan.tls-state-machine branch.
I've put up a tarball of a recent version at

Be warned that all APIs in this release are subject to change in
future versions.

Comments/bug reports most welcome.


More information about the botan-devel mailing list