I have looked around for good SSL/TLS libraries that support TLS 1.2
I also want to use this library on an embedded platform so it should be small, easy, secure and free. It should be a c/c++ library.
So far i have come across Cyassl, Polarssl Matrixssl a lot so i think that one of these should be a good choice (Openssl is way too big).
Now i would like to know why people use one over the other.
Thanks
Ok.. Just for starters they all do the same. All three can run on embedded platforms. The difference is where their focus is.
From my personal experience:
PolarSSL has loads of documentation, an understandable API, examples, and gives you the ability to actually delve into the code and understand what is happening. In my experience this is a great plus in case you need to debug a specific issue. They only provide Makefile / CMake / MSVC project files, so the task to include it in your embedded environment is yours.
Cyassl's code is harder to understand and tweak. But they have more pre-made Makefiles for specific development platforms. Depending on your environment this might weigh in (for me it rarely does). In a number of comparisons I did as a subcontractor, they are pricier than PolarSSL though.
Pick MatrixSSL if you don't have budget constraints ;) Definitely the priciest of all and I found no specific reasons to actually use it though in comparison to the alternatives..
With the whole NSA / PRISM thing around: If you want something specifically built in the US, then Cyassl is the best choice. If you want something non-US, PolarSSL is the only sane choice.
So if by free you mean: I'm going to use it in an Open Source project, then price does not matter. The verdict from the community: PolarSSL has good adoption in OpenVPN, Cyassl in MySQL.
