Minimal client

[Michael Forney]

On 2020-07-01, Phil Leblanc <philanc at gmail.com> wrote:
> --- BearSSL
>   - very nice code. An impressive feat for a one-man project (Thomas
> Pornin)
>   - not yet at TLS-1.3. The code looks maintained but I don't know if
> it is actively developed. I saw no sign of ed25519 cert signing, but
> may be wrong here.
>   - code size: the whole libbearssl.a is ~ 860KB, basic client and
> server examples are in the 150KB range, which is very nice.

Have you looked at the TLS 1.3 page (https://bearssl.org/tls13.html)?
It suggests that support for TLS 1.3 is planned, but there are some
obstacles with Ed25519 that require more memory usage (buffering the
complete certificate) and code size increase. I think it is a little
out of date since RSA/PSS is now implemented in BearSSL, but you're
right that there hasn't been much development for TLS 1.3 in a while.
I'm hopeful that it will eventually be implemented.

So if Ed25519 is what gemini servers are settling on for their
certificates, then BearSSL is probably not a good option until support
is available. Though, ECDSA uses comparable key/signature sizes and I
believe it is fairly widely supported, so I think BearSSL would work
quite well for that.

I'm not sure if there are any existing gemini clients using libtls,
but if there are, you might be interested in
https://git.sr.ht/~mcf/libtls-bearssl. You could get a much smaller
statically linked binary by just linking against libtls-bearssl
instead of libtls from LibreSSL.

-Michael