Mbed TLS is now part of TrustedFirmware.org.

PolarSSL 1.2.7 released



With the recent new attack on RC4 ciphersuites, in combination with the existing BEAST and similar attacks, some applications benefit from having different ciphersuite preferences depending on the SSL / TLS protocol version used. This release adds the ability to specify the allowed ciphersuite per protocol version with ssl_set_ciphersuites_for_version().


The default keysize for the Cipher layer definitions of the Blowfish cipher has been changed to 128-bits. And if order to prevent compilation issues on the Raspberry Pi, the larger test suites have been chopped up into smaller subsets.

Bug fixes

A fix for the ARM assembly in the MPI module for specific compilers / arguments is included. The GCM module has been 'fixed' to allow sizes over 2^29 bytes in length.

Who should update

Our advice for users of the PolarSSL 1.2 branch is to update:

  • if your code runs on an ARM platform
  • if your application needs protocol version specific preferences for ciphersuites

Download links

Get your copy here: polarssl-1.2.7-gpl.tgz


The hashes for polarssl-1.2.7-gpl.tgz are:

SHA-1  : 7c3eb56312b3dcaa8edf08d10fcc5cb94f7f6606
SHA-256: d64c2d1247f93cdeb884bd3706dfddffc636634bbf81d3772af750d5b5191328

Like this?




Last updated:
Apr 13, 2013


Want to stay up to date?

To sign up for Mbed TLS news, log in to or create an Mbed account and update your marketing preferences.