PolarSSL is now part of ARM Official announcement and rebranded as mbed TLS.

PolarSSL 1.3.2 released

Description

This is a small release adds a few new features but mostly increases support for different platforms and interoperability with other libraries.

On the feature-front this release introduces optional optimizations for speeding up the NIST MODP elliptic curves. This feature can be enabled/disabled with POLARSSL_ECP_NIST_OPTIM.

Furthermore we've added support for Camellia GCM mode and the known ciphersuites that use Camellia in GCM mode (overview of supported ciphersuites).

Changes

More of the internal checks, such as padding checks in the cipher layer and value comparisons in the SSL layer, have been made constant-time. Although these specific instances are not known to be vulnerable for remote attacks in the way they are used in the current library, we wanted to pre-empt possible future issues.

Certificate parsing now also supports usage of serialNumber, postalAddress and postalCode in the issues / subject of a certificate.

SSL renegotiation on the server has been refactored.

Bug fixes

Fixes include:

  • better support for the UEFI environment under Microsoft Visual Studio
  • reduction of compiler warnings
  • SSL Server does not send out extensions not advertised by client
  • Fix for a ECDSA corner case: missing reduction mod N (found by DualTachyon)

Who should update

We advise users of PolarSSL to update if they:

  • want to have faster NIST curves
  • want to use Camellia-GCM ciphersuites
  • depend on SSL renegotiation

Download links

Get your copy here: polarssl-1.3.2-gpl.tgz

Hashes

The hashes for polarssl-1.3.2-gpl.tgz are:

SHA-1  : 2e671bb1bc60ce00db2352be63c4ea38ad2c8b03
SHA-256: 7e939228034460b202b4d355b003d905245f4e78e8221b36d9aa6fa94fbabd10

Like this?

Section:
Releases

Author:


Published:


Last updated:
Nov 5, 2013

Sharing:


Want to stay up to date?