| 释义 |
- Cryptography libraries
- Key operations Key generation and exchange Elliptic curve cryptography (ECC) support Public key cryptography standards
- Hash functions
- MAC algorithms
- Block ciphers Block cipher algorithms Cipher modes
- Stream ciphers
- Hardware-assisted support Smartcard, SIM and HSM protocol support General purpose CPU / platform acceleration support Microcontrollers' cryptographic accelerator support
- Code size and code to comment ratio
- Portability
- References
The tables below compare cryptography libraries that deal with cryptography algorithms and have API function calls to each of the supported features. Cryptography libraries | Implementation | Company | Development Language | Open Source | Software License | FIPS 140 validated[1] | FIPS 140-2 mode | Latest Update |
|---|
| Botan | Jack Lloyd | C++ | {{Yes}} | Simplified BSD | {{No}} | {{No}} | {{Latest stable software release/Botan}} | | Bouncy Castle | Legion of the Bouncy Castle Inc. | Java, C# | {{Yes}} | MIT License | {{Yes}} | {{Yes}} | {{Latest stable software release/Bouncy Castle}} | | cryptlib | Peter Gutmann | C | {{Yes}} | Sleepycat License or commercial license | {{No}} | {{Yes}} | {{Latest stable software release/cryptlib}} | | Crypto++ | The Crypto++ project | C++ | {{Yes}} | Boost Software License (all individual files are public domain) | {{No}} | {{No}} | Feb 22, 2019 (8.1.0) | | GnuTLS | Nikos Mavrogiannopoulos, Simon Josefsson | C | {{Yes}} | GNU LGPL v2.1+ | {{Yes}} | {{Yes}} | {{Latest stable software release/GnuTLS}} | | Libgcrypt | GnuPG community and g10code | C | {{Yes}} | GNU LGPL v2.1+ | {{Yes}} | {{Yes}} | {{Latest stable software release/Libgcrypt}} | | libsodium | Frank Denis | C | {{Yes}} | ISC license | {{No}} | {{No}} | December 13, 2017 (1.0.16) | | NaCl | Daniel J. Bernstein, Tanja Lange, Peter Schwabe | C | {{Yes}} | Public domain | {{No}} | {{No}} | February 21, 2011[2] | | Nettle | C | {{Yes}} | GNU GPL v2+ or GNU LGPL v3 | {{No}} | {{No}} | {{Latest stable software release/Nettle}} | | Network Security Services (NSS) | Mozilla | C | {{Yes}} | MPL 2.0 | {{Yes}}[3] | {{Yes}} | {{Latest stable software release/Network Security Services}} | | OpenSSL | The OpenSSL Project | C | {{Yes}} | Apache Licence 1.0 and 4-Clause BSD Licence | {{Yes}} | {{Yes}} | {{Latest stable software release/OpenSSL}} | | wolfCrypt | wolfSSL, Inc. | C | {{Yes}} | GPL v2 or commercial license | {{Yes}} | {{Yes}} | {{Latest stable software release/wolfSSL}} | |
1. ^Validated FIPS 140 Cryptographic Modules, NIST.gov, retrieved 2015-12-22
2. ^[https://nacl.cr.yp.to/install.html Downloading and installing NaCl], Bernstein, Lange, Schwabe, retrieved 2017-05-22
3. ^{{cite web |url=https://www.mozilla.org/projects/security/pki/nss/fips/ |title=FIPS |publisher=Mozilla Foundation |date=2012-02-01 |deadurl=yes |archiveurl=https://web.archive.org/web/20130502054951/https://www.mozilla.org/projects/security/pki/nss/fips/ |archivedate=2013-05-02 |accessdate=2013-05-17 }}
4. ^By using the lower level interface.
5. ^The library offers X.509 and PKCS #8 encoding without PEM by default. For PEM encoding of public and private keys the [https://www.cryptopp.com/wiki/PEM_Pack PEM Pack] is needed.
6. ^These Public Key Cryptographic Standards (PKCS) are supported by accompanying libraries and tools, which are also part of the [https://gnupg.org/download/ GnuPG framework], although not by the actual libgcrypt library.
7. ^[https://www.bouncycastle.org/specifications.html Bouncy Castle Specifications], bouncycastle.org, retrieved 2018-04-10
8. ^[https://www.cs.auckland.ac.nz/~pgut001/cryptlib/ cryptlib Encryption Toolkit], Peter Gutmann, retrieved 2015-11-28
9. ^Crypto++ provides the 64-bit version of GOST from the 1990s. The library does not provide the 128-bit version of GOST from 2015.
10. ^libsodium provides AES-256 only. It does not offer AES-128 or AES-192.
11. ^With Scute, scute.org
12. ^With GnuPG's [https://www.gnupg.org/documentation/manuals/gnupg/Scdaemon-Options.html SCdaemon] & gpg-agent, gnupg.org
13. ^With GnuPG's [https://www.gnupg.org/documentation/manuals/gnupg/Scdaemon-Options.html SCdaemon] & gpg-agent, gnupg.org
14. ^With an [https://github.com/OpenSC/libp11 libp11] engine
15. ^In conjunction with the PKCS#11 provider, or through the implementation of operator interfaces providing access to basic operations.
16. ^[https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=blob;f=src/hwfeatures.c;hb=HEAD hwfeatures.c], git.gnupg.org
17. ^https://www.wolfssl.com/wolfSSL/Blog/Entries/2017/1/18_wolfSSL_Asynchronous_Intel_QuickAssist_Support.html
18. ^https://www.wolfssl.com/wolfSSL/Blog/Entries/2016/10/13_wolfSSL_ARMv8_Support.html
19. ^AltiVec includes POWER4 through POWER8 SIMD processing. POWER8 added in-core crypto, which provides accelerated AES, SHA and PMUL similar to SSE and ARMv8.1.
20. ^Crypto++ provides access to the Padlock random number generator. Other functions, like AES acceleration, is not provided.
21. ^OpenSSL RDRAND support is provided through the ENGINE interface. The RDRAND generator is not used by default.
22. ^https://www.wolfssl.com/wolfSSL/wolfssl-atmel.html
23. ^http://processors.wiki.ti.com/index.php/Using_wolfSSL_with_TI-RTOS
24. ^1 [https://www.openhub.net/p/botan/analyses/latest/languages_summary Language Analysis of Botan], OpenHub.net, retrieved 2018-07-18
25. ^1 [https://www.openhub.net/p/5523/analyses/latest/languages_summary Language Analysis of Bouncy Castle], OpenHub.net, retrieved 2015-12-23
26. ^1 [https://www.openhub.net/p/3522/analyses/latest/languages_summary Language Analysis of Crypto++], OpenHub.net, retrieved 2018-07-18
27. ^1 [https://www.openhub.net/p/libgcrypt/analyses/latest/languages_summary Language Analysis of Libgcrypt], OpenHub.net, retrieved 2015-12-23
28. ^1 [https://www.openhub.net/p/libsodium/analyses/latest/languages_summary Language Analysis of libsodium], OpenHub.net, retrieved 2017-05-07
29. ^1 [https://www.openhub.net/p/nettle/analyses/latest/languages_summary Language Analysis of Nettle], OpenHub.net, retrieved 2015-12-23
30. ^1 [https://www.openhub.net/p/openssl/analyses/latest/languages_summary Language Analysis of OpenSSL], OpenHub.net, retrieved 2017-05-07
31. ^[https://gnupg.org/documentation/manuals/gcrypt-devel/Overview.html GnuPG documentation: Libgcrypt overview - thread safety], GnuPG.org, retrieved 2016-04-16
32. ^Crypto++ is thread safe at the object level, i.e. there is no shared data among instances. If two different threads access the same object then the user is responsible for locking.
Key operations Key operations include key generation algorithms, key exchange agreements and public key cryptography standards. Key generation and exchange | Implementation | ECDH | DH | DSA | RSA | ElGamal | NTRU | DSS |
|---|
| Botan | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | {{Yes}} | | Bouncy Castle | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | | cryptlib | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | {{Yes}} | | Crypto++ | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | {{Yes}} | | Libgcrypt | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | {{Yes}} | | libsodium | {{No}} | {{Yes}} | {{Yes}} | {{No}} | {{No}} | {{No}} | {{No}} | | Nettle | {{No}} | {{No}} | {{Yes}} | {{Yes}} | {{No}} | {{No}} | {{No}} | | OpenSSL | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | {{No}} | {{No}} | | wolfCrypt | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | {{Yes}} | {{Yes}} | |
{{Reflist|group=lower-alpha|refs=[4]
}} Elliptic curve cryptography (ECC) support | Implementation | NIST | SECG | ECC Brainpool | ECDSA | ECDH | Curve25519 | EdDSA | GOST R [https://tools.ietf.org/html/rfc7091 34.10] |
|---|
| Botan | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | | Bouncy Castle | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | | cryptlib | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | {{No}} | {{No}} | | Crypto++ | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | {{No}} | | Libgcrypt | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | | libsodium | {{Yes}} | {{No}} | {{No}} | {{No}} | {{No}} | {{Yes}} | {{Yes}} | {{No}} | | Nettle | {{Yes}} | {{No}} | {{No}} | {{No}} | {{No}} | {{No}} | {{No}} | {{No}} | | OpenSSL | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | | wolfCrypt | {{Yes}} | {{No}} | {{No}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | |
Public key cryptography standards | Implementation | PKCS#1 | PKCS#5 | PKCS#8 | PKCS#12 | IEEE P1363 | ASN.1 |
|---|
| Botan | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | {{Yes}} | {{Yes}} | | Bouncy Castle | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | | cryptlib | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | {{Yes}} | | Crypto++ | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | {{Yes}} | {{Yes}} | | Libgcrypt | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | | libsodium | {{No}} | {{No}} | {{No}} | {{No}} | {{No}} | {{No}} | | Nettle | {{Yes}} | {{Yes}} | {{No}} | {{No}} | {{No}} | {{No}} | | OpenSSL | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | {{Yes}} | | wolfCrypt | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | {{Yes}} | |
{{Reflist|group=lower-alpha|refs=[5][6]}} Hash functions Comparison of supported cryptographic hash functions. At the moment this section also includes ciphers that are used for producing a MAC tag for a message. Here hash functions are defined as taking an arbitrary length message and producing a fixed size output that is virtually impossible to use for recreating the original message. | Implementation | MD5 | SHA-1 | SHA-2 | SHA-3 | RIPEMD-160 | Tiger | Whirlpool | GOST | Stribog | BLAKE2 |
|---|
| Botan | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | | Bouncy Castle | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | | cryptlib | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | {{Yes}} | {{No}} | {{No}} | {{No}} | | Crypto++ | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | {{Yes}} | | Libgcrypt | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | | libsodium | {{No}} | {{No}} | {{Yes}} | {{No}} | {{No}} | {{No}} | {{No}} | {{No}} | {{No}} | {{Yes}} | | Nettle | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | {{No}} | {{Yes}} | {{No}} | {{No}} | | OpenSSL | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | {{Yes}} | | wolfCrypt | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | {{No}} | {{No}} | {{No}} | {{Yes}} | |
MAC algorithms Comparison of implementations of message authentication code (MAC) algorithms. A MAC is a short piece of information used to authenticate a message—in other words, to confirm that the message came from the stated sender (its authenticity) and has not been changed in transit (its integrity). | Implementation | HMAC-MD5 | HMAC-SHA1 | HMAC-SHA2 | Poly1305-AES | BLAKE2-MAC |
|---|
| Botan | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | | Bouncy Castle | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | | cryptlib | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | {{No}} | | Crypto++ | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | | Libgcrypt | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | | libsodium | {{No}} | {{No}} | {{Yes}} | {{Yes}} | {{Yes}} | | Nettle | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | | OpenSSL | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | | wolfCrypt | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | |
Block ciphers Table compares implementations of block ciphers. Block ciphers are defined as being deterministic and operating on a set number of bits (termed a block) using a symmetric key. Each block cipher can be broken up into the possible key sizes and block cipher modes it can be run with. Block cipher algorithms | Implementation | AES | Camellia | 3DES | Blowfish | Twofish | CAST5 | IDEA | GOST 28147-89 | ARIA |
|---|
| Botan | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | | Bouncy Castle[7] | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | | cryptlib[8] | {{Yes}} | {{No}} | {{Yes}} | {{Yes}} | {{-}} | {{Yes}} | {{Yes}} | {{-}} | {{-}} | | Crypto++ | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | | Libgcrypt | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{-}} | | libsodium | {{Yes}} | {{No}} | {{No}} | {{No}} | {{No}} | {{No}} | {{No}} | {{No}} | {{No}} | | Nettle | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{-}} | {{-}} | {{-}} | {{-}} | {{-}} | | OpenSSL | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | | wolfCrypt | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | {{No}} | {{No}} | {{Yes}} | {{No}} | {{No}} | |
{{Reflist|group=lower-alpha|refs=[9][10]}} Cipher modes | Implementation | ECB | CBC | OFB | CFB | CTR | CCM | GCM | OCB | XTS | [https://tools.ietf.org/html/rfc3394 AES-Wrap] | Stream |
|---|
| Botan | {{No}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | | Bouncy Castle | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{-}} | {{Yes}} | {{Yes}} | | cryptlib | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{-}} | {{No}} | {{Yes}} | {{-}} | {{-}} | {{-}} | {{-}} | | Crypto++ | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | {{No}} | {{No}} | {{Yes}} | | Libgcrypt | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | | libsodium | {{No}} | {{No}} | {{No}} | {{No}} | {{Yes}} | {{No}} | {{Yes}} | {{No}} | {{No}} | {{No}} | {{No}} | | Nettle | {{Yes}} | {{Yes}} | {{No}} | {{No}} | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | {{No}} | {{No}} | {{No}} | | OpenSSL | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | | wolfCrypt | {{Yes}} | {{Yes}} | {{No}} | {{No}} | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | {{No}} | {{No}} | {{No}} | |
Stream ciphers Table compares implementations of the various stream ciphers. Stream ciphers are defined as using plain text digits that are combined with a pseudorandom cipher digit stream. Stream ciphers are typically faster than block ciphers and may have lower hardware complexity, but may be more susceptible to attacks. | Implementation | RC4 | HC-256 | Rabbit | Salsa20 | ChaCha | SEAL | Panama | WAKE | Grain | VMPC | ISAAC |
|---|
| Botan | {{Yes}} | {{No}} | {{No}} | {{Yes}} | {{Yes}} | {{No}} | {{No}} | {{No}} | {{No}} | {{No}} | {{No}} | | Bouncy Castle | {{Yes}} | {{Yes}} | {{No}} | {{Yes}} | {{Yes}} | {{No}} | {{No}} | {{No}} | {{Yes}} | {{Yes}} | {{Yes}} | | cryptlib | {{Yes}} | {{No}} | {{No}} | {{No}} | {{No}} | {{No}} | {{No}} | {{No}} | {{No}} | {{No}} | {{No}} | | Crypto++ | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | {{No}} | {{No}} | | Libgcrypt | {{Yes}} | {{No}} | {{No}} | {{Yes}} | {{Yes}} | {{No}} | {{No}} | {{No}} | {{No}} | {{No}} | {{No}} | | libsodium | {{No}} | {{No}} | {{No}} | {{Yes}} | {{Yes}} | {{No}} | {{No}} | {{No}} | {{No}} | {{No}} | {{No}} | | Nettle | {{Yes}} | {{No}} | {{No}} | {{Yes}} | {{Yes}} | {{No}} | {{No}} | {{No}} | {{No}} | {{No}} | {{No}} | | OpenSSL | {{Yes}} | {{No}} | {{No}} | {{No}} | {{Yes}} | {{No}} | {{No}} | {{No}} | {{No}} | {{No}} | {{No}} | | wolfCrypt | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | {{No}} | {{No}} | {{No}} | {{No}} | {{No}} | |
Hardware-assisted support Table compares the ability to utilize hardware enhanced cryptography. With using the assistance of specific hardware the library can achieve greater speeds and / or improved security than otherwise. Smartcard, SIM and HSM protocol support | Implementation | PKCS #11 | PC/SC | CCID |
|---|
| Botan | {{Yes}} | {{No}} | {{No}} | | Bouncy Castle | {{Yes}} | {{No}} | {{No}} | | cryptlib | {{Yes}} | {{No}} | {{No}} | | Crypto++ | {{No}} | {{No}} | {{No}} | | Libgcrypt | {{Yes}} [11] | {{Yes}} [12] | {{Yes}} [13] | | libsodium | {{No}} | {{No}} | {{No}} | | OpenSSL | {{Yes}} [14] | {{No}} | {{No}} | | wolfCrypt | {{Yes}} | {{No}} | {{No}} | |
{{Reflist|group=lower-alpha|refs=[15]}} General purpose CPU / platform acceleration support | Implementation | AES-NI | SSSE3 / SSE4.1 | AVX / AVX2 | RdRand | VIA PadLock | Intel QuickAssist | AltiVec | ARMv7-A NEON | ARMv8-A |
|---|
| Botan | {{yes}} | {{yes}} | {{yes}} | {{yes}} | {{no}} | {{no}} | {{yes}} | {{yes}} | {{yes}} | | cryptlib | {{yes}} | {{yes}} | {{yes}} | {{yes}} | {{yes}} | {{no}} | {{no}} | {{no}} | {{no}} | | Crypto++ | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | {{Yes}} | {{Yes}} | {{Yes}} | | Libgcrypt[16] | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | {{No}} | {{Yes}} | {{Yes}} | | libsodium | {{yes}} | {{yes}} | {{yes}} | {{no}} | {{no}} | {{no}} | {{no}} | {{no}} | {{no}} | | OpenSSL | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{No}} | {{Yes}} | {{Yes}} | {{Yes}} | | wolfCrypt | {{Yes}} | {{No}} | {{Yes}} | {{Yes}} | {{No}} | {{Yes}}[17] | {{No}} | {{No}} | {{Yes}}[18] | |
{{Reflist|group=lower-alpha|refs=[19][20][21]}} Microcontrollers' cryptographic accelerator support | Implementation | STM32F2 | STM32F4 | Cavium NITROX | Freescale CAU/mmCAU | [https://www.microchip.com/pagehandler/en-us/technology/embeddedsecurity/technology/hardwarecryptoengine.html Microchip PIC32MZ] | Atmel ATECC508A | TI TivaC Series | CubeMX | Nordic nRF51 |
|---|
| wolfCrypt | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}} | {{Yes}}[22] | {{Yes}}[23] | {{Yes}} | {{Yes}} | |
Code size and code to comment ratio | Implementation | Source Code Size
(kSLOC = 1000 lines of source code) | Code Lines to Comment Lines Ratio |
|---|
| Botan | 133[24] | 4.55[24] | | Bouncy Castle | 1359[25] | 5.26[25] | | cryptlib | 241 | 2.66 | | Crypto++ | 115[26] | 5.74[26] | | Libgcrypt | 216[27] | 6.27[27] | | libsodium | 44[28] | 21.92[28] | | Nettle | 111[29] | 4.08[29] | | OpenSSL | 472[30] | 4.41[30] | | wolfCrypt | 39 | 5.69 | |
Portability | Implementation | Supported Operating System | Thread safe |
|---|
| Botan | Linux, Windows, macOS, Android, iOS, FreeBSD, NetBSD, OpenBSD, DragonflyBSD, AIX, QNX, Haiku, IncludeOS | {{Yes}} | | Bouncy Castle | General Java API: J2ME, Java Runtime Environment 1.1+, Android. Java FIPS API: Java Runtime 1.5+, Android. C# API (General & FIPS): CLR 4. | | | cryptlib | AMX, ARINC 653, BeOS, ChorusOS, CMSIS-RTOS/mbed-rtos, DOS, DOS32, eCOS, embOS, FreeRTOS/OpenRTOS, uItron, MQX, MVS, Nucleus, OS/2, Palm OS, QNX Neutrino, RTEMS, SMX, Tandem NonStop, Telit, ThreadX, uC/OS II, Unix (AIX, FreeBSD, HP-UX, Linux, macOS, Solaris, etc.), VDK, VM/CMS, VxWorks, Win16, Win32, Win64, WinCE/PocketPC/etc, XMK | {{Yes}} | | Crypto++ | Unix (AIX, OpenBSD, Linux, MacOS, Solaris, etc.), Win32, Win64, Android, iOS, ARM | {{Yes}} | | Libgcrypt | All 32 and 64 bit Unix Systems (GNU/Linux, FreeBSD, NetBSD, macOS etc.), Win32, Win64, WinCE and more | {{Yes}}[31] | | libsodium | macOS, Linux, OpenBSD, NetBSD, FreeBSD, DragonflyBSD, Android, iOS, 32 and 64-bit Windows (Visual Studio, MinGW, C++ Builder), NativeClient, QNX, JavaScript, AIX, MINIX, Solaris | {{Yes}} | | OpenSSL | Solaris, IRIX, HP-UX, MPE/iX, Tru64, Linux, Android, BSD (OpenBSD, NetBSD, FreeBSD, DragonflyBSD), NextSTEP, QNX, UnixWare, SCO, AIX, 32 and 64-bit Windows (Visual Studio, MinGW, UWIN, CygWin), UEFI, macOS (Darwin), iOS, HURD, VxWorks, uClinux, VMS, DJGPP (DOS), Haiku | {{Yes}} | | wolfCrypt | Win32/64, Linux, macOS, Solaris, ThreadX, VxWorks, FreeBSD, NetBSD, OpenBSD, embedded Linux, WinCE, Haiku, OpenWRT, iPhone (iOS), Android, Nintendo Wii and Gamecube through DevKitPro, QNX, MontaVista, NonStop, TRON/ITRON/µITRON, Micrium's µC/OS, FreeRTOS, SafeRTOS, Freescale MQX, Nucleus, TinyOS, HP-UX | {{Yes}} | |
{{Reflist|group=lower-alpha|refs=[32]}} References {{reflist}}{{DEFAULTSORT:Cryptography library comparison}} 3 : Computer libraries|Cryptography lists and comparisons|Security software comparisons |