Dropbear's SSL

Adam D. Moss adam at gimp.org
Wed Aug 24 22:01:53 WST 2005


Hi All!

Dropbear's size as an SSH client (and server) is very impressive,
and I was wondering how extractable its SSL layer is from the
SSH-y parts.  I thumbed through the codebase a few months ago
but couldn't grok where SSL ended and SSH started, so maybe
Dropbear just doesn't conceptually work like that.

My main interest is in providing an embeddable and slim (i.e. not
OpenSSL!) implementation of SSL (mainly for HTTPS) for libcurl which
doesn't clobber the libcurl license (i.e. not MatrixSSL).

I was wondering if anyone had any thoughts on the reusability of
Dropbear's SSL layer, or whether it'd be simpler to build bottom-up
from libTomCrypt again.  (I'm not a crypto person myself so I feel
more confident about peeling off some existing code than building
up something secure from the pieces!)

Thanks,
--Adam
-- 
Adam D. Moss   -   adam at gimp.org



More information about the Dropbear mailing list