Topic: CyaSSL 3.3.0 Released
We're happy to announce the release of CyaSSL version 3.3.0. CyaSSL version 3.3.0 offers:
Secure countermeasures for Handshake message duplicates, CHANGE CIPHER without FINISHED, and fast forward attempts added to our source code. Thanks to Karthikeyan Bhargavan from the Prosecco team at INRIA Paris-Rocquencourt for the report. This is an important fix and all users should update!
Complete testing for FIPS 140-2 version submitted to NIST. FIPS 140-2 source code now available.
Removes SSLv2 Client Hello processing for enhanced security, can be enabled with OLD_HELLO_ALLOWED
Protocol level control: User can now control TLS protocol down-cycling to a minimum downgrade version with CyaSSL_SetMinVersion(). For example, you could reject handshakes at a protocol level less than TLS 1.1.
Small stack improvements at TLS/SSL layer, to benefit environments with limited available stack.
TLS Master Secret generation and Key Expansion are now exposed at the API level
Adds client side Secure Renegotiation, * not recommended, ever! *
Client side session ticket support. This feature is not fully tested with Secure Renegotiation, so don’t use Secure Renegotiation.
Allows up to 4096-bit DHE at TLS Key Exchange layer
Handles non standard SessionID sizes in Hello Messages
PicoTCP Support added
TLS Sniffer now supports SNI Virtual Hosts
TLS Sniffer now handles non HTTPS protocols using STARTTLS
TLS Sniffer can now parse records with multiple messages
TI-RTOS updates or enhances support
Fix for ColdFire optimized fp_digit read only in explicit 32bit case
Added ADH Cipher Suite ADH-AES128-SHA for EAP-FAST
Stay up to date with what is happening with wolfSSL, you can follow our blog at http://www.wolfssl.com/yaSSL/Blog/Blog.html
If you have any questions please feel free to contact us anytime at info@wolfSSL.com or (425)245-8247.
We look forward to hearing from you!
CyaSSL 3.3.0 can be downloaded from the wolfSSL download page: