Messages

If DISE is stuck trying to update, run this command in Command Prompt.

Wednesday, February 20, 2013

DISE will be powered by CyaSSL

While I continue (slowly but surely) working to finish the new auto-updating system for DISE, the next version will provide more security for you all. DISE will use secure, encrypted connections to the server, using CyaSSL.

What is CyaSSL?

A feature-packed embedded, lightweight SSL library written in ANSI C, for developers to use in their applications. Actively developed by wolfSSL (previously yaSSL).

CyaSSL supports current industry standards, has a great feature set while still ~20 times smaller than OpenSSL, can boast a dramatic performance gain compared to OpenSSL, and more.

Check out their product page for more a more complete list of features.

What do I like about it?

Big in features, small in size

Perfect when our precious bytes matter. Less bloat, meaning faster downloads for you, more bandwidth/money saved for me, and small enough for embedded systems.

Portability

Official support for a load of different operating systems, including, but not limited to: Windows, Linux, Mac OS X, iOS and Android. While most of us probably care about only some of these at the moment, the list has actually just barely begun.

I suggest checking out their product page for a more complete list of officially supported operating systems.

Performance

It's important for embedded systems and other low-performance systems, and even real-time networking applications such as online games. Not very important for DISE, but I have no reason to reject extra "oomph".

OpenSSL compatibility layer

In short, OpenSSL is another SSL/crypto library. I tried it and my application gained ~2 MB of fat. CyaSSL doesn't contain fat.

The compatibility layer aims to help migrating existing applications from OpenSSL to CyaSSL. It does this by mapping a subset of the most commonly-used OpenSSL functions to CyaSSL's native ones. Even if you use 3rd party networking libraries that were made with OpenSSL in mind, chances are that you can simply replace OpenSSL with CyaSSL, without changing much code.

The company

I've talked to them and they are nice people. My impression is that they are serious, and they really care about their products and their users. I think that those are great traits.