All Versions
80
Latest Version
Avg Release Cycle
46 days
Latest Release
925 days ago

Changelog History
Page 5

  • v1.2.8 Changes

    June 19, 2013

    πŸ”‹ Features

    • Parsing of PKCS#8 encrypted private key files
    • PKCS#12 PBE and derivation functions
    • Centralized module option values in config.h to allow user-defined settings without editing header files by using POLARSSL_CONFIG_OPTIONS

    πŸ”„ Changes

    • HAVEGE random generator disabled by default
    • Internally split up x509parse_key() into a (PEM) handler function and specific DER parser functions for the PKCS#1 and unencrypted PKCS#8 private key formats
    • Added mechanism to provide alternative implementations for all symmetric cipher and hash algorithms (e.g. POLARSSL_AES_ALT in config.h)
    • PKCS#5 module added. Moved PBKDF2 functionality inside and deprecated old PBKDF2 module

    πŸ›  Bugfix

    • Secure renegotiation extension should only be sent in case client supports secure renegotiation
    • Fixed offset for cert_type list in ssl_parse_certificate_request()
    • Fixed const correctness issues that have no impact on the ABI
    • x509parse_crt() now better handles PEM error situations
    • ssl_parse_certificate() now calls x509parse_crt_der() directly instead of the x509parse_crt() wrapper that can also parse PEM certificates
    • x509parse_crtpath() is now reentrant and uses more portable stat()
    • Fixed bignum.c and bn_mul.h to support Thumb2 and LLVM compiler
    • Fixed values for 2-key Triple DES in cipher layer
    • ssl_write_certificate_request() can handle empty ca_chain

    πŸ”’ Security

    • A possible DoS during the SSL Handshake, due to faulty parsing of PEM-encoded certificates has been fixed (found by Jack Lloyd)
  • v1.2.7 Changes

    April 13, 2013

    πŸ”‹ Features

    • Ability to specify allowed ciphersuites based on the protocol version.

    πŸ”„ Changes

    • Default Blowfish keysize is now 128-bits
    • Test suites made smaller to accommodate Raspberry Pi

    πŸ›  Bugfix

    • Fix for MPI assembly for ARM
    • GCM adapted to support sizes > 229
  • v1.2.6 Changes

    March 11, 2013

    πŸ›  Bugfix

    • Fixed memory leak in ssl_free() and ssl_reset() for active session
    • Corrected GCM counter incrementation to use only 32-bits instead of 128-bits (found by Yawning Angel)
    • Fixes for 64-bit compilation with MS Visual Studio
    • Fixed net_bind() for specified IP addresses on little endian systems
    • Fixed assembly code for ARM (Thumb and regular) for some compilers

    πŸ”„ Changes

    • Internally split up rsa_pkcs1_encrypt(), rsa_pkcs1_decrypt(), rsa_pkcs1_sign() and rsa_pkcs1_verify() to separate PKCS#1 v1.5 and PKCS#1 v2.1 functions
    • Added support for custom labels when using rsa_rsaes_oaep_encrypt() or rsa_rsaes_oaep_decrypt()
    • Re-added handling for SSLv2 Client Hello when the define POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO is set
    • The SSL session cache module (ssl_cache) now also retains peer_cert information (not the entire chain)

    πŸ”’ Security

    • Removed further timing differences during SSL message decryption in ssl_decrypt_buf()
    • Removed timing differences due to bad padding from rsa_rsaes_pkcs1_v15_decrypt() and rsa_pkcs1_decrypt() for PKCS#1 v1.5 operations
  • v1.2.5 Changes

    February 02, 2013

    πŸ”„ Changes

    • Allow enabling of dummy error_strerror() to support some use-cases
    • Debug messages about padding errors during SSL message decryption are disabled by default and can be enabled with POLARSSL_SSL_DEBUG_ALL
    • Sending of security-relevant alert messages that do not break interoperability can be switched on/off with the flag POLARSSL_SSL_ALL_ALERT_MESSAGES

    πŸ”’ Security

    • Removed timing differences during SSL message decryption in ssl_decrypt_buf() due to badly formatted padding
  • v1.2.4 Changes

    January 25, 2013

    πŸ”„ Changes

    • More advanced SSL ciphersuite representation and moved to more dynamic SSL core
    • Added ssl_handshake_step() to allow single stepping the handshake process

    πŸ›  Bugfix

    • Memory leak when using RSA_PKCS_V21 operations fixed
    • Handle future version properly in ssl_write_certificate_request()
    • Correctly handle CertificateRequest message in client for <= TLS 1.1 without DN list
  • v1.2.3 Changes

    November 26, 2012

    πŸ›  Bugfix

    • Server not always sending correct CertificateRequest message
  • v1.2.2 Changes

    November 24, 2012

    πŸ”„ Changes

    • Added p_hw_data to ssl_context for context specific hardware acceleration data
    • During verify trust-CA is only checked for expiration and CRL presence

    πŸ›  Bugfixes

    • Fixed client authentication compatibility
    • Fixed dependency on POLARSSL_SHA4_C in SSL modules
  • v1.2.1 Changes

    November 20, 2012

    πŸ”„ Changes

    • Depth that the certificate verify callback receives is now numbered bottom-up (Peer cert depth is 0)

    πŸ›  Bugfixes

    • Fixes for MSVC6
    • Moved mpi_inv_mod() outside POLARSSL_GENPRIME
    • Allow R and A to point to same mpi in mpi_div_mpi (found by Manuel PΓ©gouriΓ©-Gonnard)
    • Fixed possible segfault in mpi_shift_r() (found by Manuel PΓ©gouriΓ©-Gonnard)
    • Added max length check for rsa_pkcs1_sign with PKCS#1 v2.1
  • v1.2.0 Changes

    October 31, 2012

    πŸ”‹ Features

    • Added support for NULL cipher (POLARSSL_CIPHER_NULL_CIPHER) and weak ciphersuites (POLARSSL_ENABLE_WEAK_CIPHERSUITES). They are disabled by default!
    • Added support for wildcard certificates
    • Added support for multi-domain certificates through the X509 Subject Alternative Name extension
    • Added preliminary ASN.1 buffer writing support
    • Added preliminary X509 Certificate Request writing support
    • Added key_app_writer example application
    • Added cert_req example application
    • Added base Galois Counter Mode (GCM) for AES
    • Added TLS 1.2 support (RFC 5246)
    • Added GCM suites to TLS 1.2 (RFC 5288)
    • Added commandline error code convertor (util/strerror)
    • Added support for Hardware Acceleration hooking in SSL/TLS
    • Added OpenSSL / PolarSSL compatibility script (tests/compat.sh) and example application (programs/ssl/o_p_test) (requires OpenSSL)
    • Added X509 CA Path support
    • Added Thumb assembly optimizations
    • Added DEFLATE compression support as per RFC3749 (requires zlib)
    • Added blowfish algorithm (Generic and cipher layer)
    • Added PKCS#5 PBKDF2 key derivation function
    • Added Secure Renegotiation (RFC 5746)
    • Added predefined DHM groups from RFC 5114
    • Added simple SSL session cache implementation
    • Added ServerName extension parsing (SNI) at server side
    • Added option to add minimum accepted SSL/TLS protocol version

    πŸ”„ Changes

    • Removed redundant POLARSSL_DEBUG_MSG define
    • AES code only check for Padlock once
    • Fixed const-correctness mpi_get_bit()
    • Documentation for mpi_lsb() and mpi_msb()
    • Moved out_msg to out_hdr + 32 to support hardware acceleration
    • Changed certificate verify behaviour to comply with RFC 6125 section 6.3 to not match CN if subjectAltName extension is present (Closes ticket #56)
    • Cipher layer cipher_mode_t POLARSSL_MODE_CFB128 is renamed to POLARSSL_MODE_CFB, to also handle different block size CFB modes.
    • Removed handling for SSLv2 Client Hello (as per RFC 5246 recommendation)
    • Revamped session resumption handling
    • Generalized external private key implementation handling (like PKCS#11) in SSL/TLS
    • Revamped x509_verify() and the SSL f_vrfy callback implementations
    • Moved from unsigned long to fixed width uint32_t types throughout code
    • Renamed ciphersuites naming scheme to IANA reserved names

    πŸ›  Bugfix

    • Fixed handling error in mpi_cmp_mpi() on longer B values (found by Hui Dong)
    • Fixed potential heap corruption in x509_name allocation
    • Fixed single RSA test that failed on Big Endian systems (Closes ticket #54)
    • mpi_exp_mod() now correctly handles negative base numbers (Closes ticket #52)
    • Handle encryption with private key and decryption with public key as per RFC 2313
    • Handle empty certificate subject names
    • Prevent reading over buffer boundaries on X509 certificate parsing
    • mpi_add_abs() now correctly handles adding short numbers to long numbers with carry rollover (found by Ruslan Yushchenko)
    • Handle existence of OpenSSL Trust Extensions at end of X.509 DER blob
    • Fixed MPI assembly for SPARC64 platform

    πŸ”’ Security

    • Fixed potential memory zeroization on miscrafted RSA key (found by Eloi Vanderbeken)
  • v1.1.8 Changes

    October 01, 2013

    πŸ›  Bugfix

    • Fixed potential memory leak when failing to resume a session
    • Fixed potential file descriptor leaks

    πŸ”’ Security

    • Potential buffer-overflow for ssl_read_record() (independently found by both TrustInSoft and Paul Brodeur of Leviathan Security Group)
    • Potential negative value misinterpretation in load_file()
    • Potential heap buffer overflow on large hostname setting