Transport Layer Security Protocol
TargetTCP™ has been extended with SSL 3.0/TLS 1.0 and TLS 1.1 security protocol support with TargetTLS™, a connection based commerce grade network security solution. FTP over TLS, Telnet over TLS and HTTPS support are included and TLS security can be applied to any stream (TCP) socket with a single API call. There is no separate application interface for using TLS as it is handled transparently to the application. The Berkeley Sockets and Zero Copy APIs continue to use plain text while behind the scenes and over the network travel encrypted TLS packets. This is the only TLS product that allows application protocols to be secured with no change to any legacy network application.
- Supports server and client side Secure Sockets Layer (SSL) version 3.0, Transport Layer Security (TLS) versions 1.0 and 1.1.
- a) Netscape SSL specification 3.0, RFC 6101
- b) TLS specification 1.0, RFC 2246
- c) TLS specification 1.1, RFC 4346
- d) PKCS #1: RSA Encryption Version 2.1, RFC 3447
- d) Certificate Store including X.509 certificate parser, RFC 5280
- TargetTLS is integrated directly into TargetTCP's internals. One Ioctl call any time after socket creation activates SSL/TLS on a TCP socket regardless of whether Berkeley Socket API or Zero Copy API is being using.
- IPPROTO_TCP socket option TCP_TLS_SERVER toggles TLS server on and off
- IPPROTO_TCP socket option TCP_TLS_CLIENT toggles TLS client on and off
- IPPROTO_TCP socket option TCP_TLS_PEERCRT toggles TLS peer certificate requirement on and off
- Includes support for the following public key, encryption and authentication groups:
- a) TLS_RSA_WITH_AES_256_CBC_SHA
- b) TLS_RSA_WITH_3DES_EDE_CBC_SHA
- c) TLS_RSA_WITH_AES_128_CBC_SHA
- d) TLS_RSA_WITH_RC4_128_SHA
- e) TLS_RSA_WITH_RC4_128_MD5
- f) TLS_RSA_WITH_DES_CBC_SHA
- e) TLS_RSA_WITH_NULL_SHA
- Integrated for turnkey solutions
- a) upgrade TargetWeb for secure HTTPS
- b) FTP server for secure transfers with FTP over TLS
- c) Telnet server for secure shell with Telnet over TLS
- a) Designed for TargetTCP-IPv4 and TargetTCP-IPv6
Interoperable with OpenSSL, Windows SSL and other SSL/TLS compliant solutions.
Daemon or polled integration options require one semaphore and one or no tasks.
- Developed using TargetOS™, Blunk Microsystems' real-time operating system, the source code is 100% ANSI C and is easily ported to both other real-time kernels and to polling environments that do not use a kernel.
- Integrated with CrossStep™, Blunk's IDE for embedded development that includes an integrated project builder, kernel-aware source code debugger, on-chip debug connections for board bring-up and Ethernet debug connections for fast application development.
- Royalty-free. Includes source code, sample applications, and one year of technical support.