MatrixSSL is an embedded SSL and TLS implementation designed for small footprint devices and applications requiring low overhead per connection. The library is less than 50Kb on disk with cipher suites. It includes client and server support through TLS 1.2, mutual authentication, session resumption, and implementations of RSA, ECC, AES, 3DES, ARC4, SHA2, SHA1, and MD5. The source is well documented and contains portability layers for additional operating systems, cipher suites, and cryptography providers.
The CyaSSL embedded SSL library is a lightweight SSL library written in ANSI C and targeted for embedded and RTOS environments, primarily because of its small size, speed, and feature set. It is commonly used in standard operating environments and cloud services as well because of its royalty-free pricing and excellent cross platform support. CyaSSL supports industry standards up to the current TLS 1.2 and DTLS 1.2 levels, is up to 20 times smaller than OpenSSL, and offers progressive ciphers such as HC-128, RABBIT, and NTRU.
NXWEB is ultra-fast and super-lightweight web server for applications written in C. It can serve thousands of concurrent requests with a small memory footprint using an event-driven and multi-threaded model that is designed to scale. It features an exceptionally light code base, a simple API, decent HTTP protocol handling, keep-alive connections, SSL support (via GNUTLS), HTTP proxy (with keep-alive connection pooling), non-blocking sendfile support (with configurable small file memory cache), cacheable gzip content encoding, cacheable image thumbnails with watermarks (via ImageMagick), a modular design for developers, and the ability to run as a daemon.
SSLsplit is a tool that performs man-in-the-middle attacks against SSL/TLS encrypted network connections for network forensics and penetration testing. It terminates SSL/TLS and initiates a new connection to the original destination, logging all data transmitted. It supports plain TCP and SSL, HTTP and HTTPS, and IPv4 and IPv6. For SSL and HTTPS, it generates and signs forged X509v3 certificates on-the-fly using the original certificate's subject DN and subjectAltName extension. It supports Server Name Indication, RSA, DSA, and ECDSA keys, and DHE and ECDHE cipher suites. It can also use existing certificates if the private key is available.
cqueues is a comprehensive event and networking library for Lua 5.2 and LuaJIT using modern Unix O(1) polling facilities. It includes libraries for buffered socket I/O, SSL/TLS sockets, DNS querying, signal handling, threading, file change notification, and X.509 key management. It natively supports Linux, *BSD, OS X, and Solaris systems without third-party dependencies, and is interoperable with any event loop that accepts plain descriptors, or is usable standalone.