Topic: CyaSSL 3.3.0 Released

We're happy to announce the release of CyaSSL version 3.3.0. CyaSSL version 3.3.0 offers:

  • Secure countermeasures for Handshake message duplicates, CHANGE CIPHER without FINISHED, and fast forward attempts added to our source code.  Thanks to Karthikeyan Bhargavan from the Prosecco team at INRIA Paris-Rocquencourt for the report.  This is an important fix and all users should update!

  • Complete testing for FIPS 140-2 version submitted to NIST.  FIPS 140-2 source code now available.

  • Removes SSLv2 Client Hello processing for enhanced security, can be enabled with OLD_HELLO_ALLOWED

  • Protocol level control:  User can now control TLS protocol down-cycling to a minimum downgrade version with CyaSSL_SetMinVersion().  For example, you could reject handshakes at a protocol level less than TLS 1.1.

  • Small stack improvements at TLS/SSL layer, to benefit environments with limited available stack.

  • TLS Master Secret generation and Key Expansion are now exposed at the API level

  • Adds client side Secure Renegotiation, * not recommended, ever! *

  • Client side session ticket support.  This feature is not fully tested with Secure Renegotiation, so don’t use Secure Renegotiation.

  • Allows up to 4096-bit DHE at TLS Key Exchange layer

  • Handles non standard SessionID sizes in Hello Messages

  • PicoTCP Support added

  • TLS Sniffer now supports SNI Virtual Hosts

  • TLS Sniffer now handles non HTTPS protocols using STARTTLS

  • TLS Sniffer can now parse records with multiple messages

  • TI-RTOS updates or enhances support

  • Fix for ColdFire optimized fp_digit read only in explicit 32bit case

  • Added ADH Cipher Suite ADH-AES128-SHA for EAP-FAST

Stay up to date with what is happening with wolfSSL, you can follow our blog at http://www.wolfssl.com/yaSSL/Blog/Blog.html

If you have any questions please feel free to contact us anytime at info@wolfSSL.com or (425)245-8247.
We look forward to hearing from you!

CyaSSL 3.3.0 can be downloaded from the wolfSSL download page:
http://yassl.com/yaSSL/download/downloadForm.php

Thank You!
wolfSSL