Release Notes: Full support for the recently published TLS Renegotiation Indication Extension (RFC 5746). MatrixSSL enabled clients and servers now support the "renegotiation_info" extension and the TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling cipher suite to prevent any possibility of the "plaintext injection attack" that was disclosed November 2009 and described in CVE-2009-3555. Support for adding extensions to CLIENT_HELLO messages (RFC 3546) is now included in the open source version of MatrixSSL.
Release Notes: Client certificate authentication was enabled in the GPL release. Certificate Revocation List (CRL) support was added. Assembly language optimizations were made for x86, x86_64, ARM, and MIPS. Countermeasures were provided for the Lucky Thirteen CBC padding attack. Maximum Fragment Length extension support was added. There were additional minor enhancements and fixes.
Release Notes: This release throttles TLS re-handshakes on the server side to minimize the effect of potential denial of service due to repeated requests, rebrands the documentation and source code to reflect the AuthenTec acquisition of MatrixSSL, and adds Chrome False Start support to the example Web server application.
Release Notes: This release adds TLS 1.1 security protocol support for the client and server to enhance block cipher security using a per-record explicit IV. It adds PKCS#8 parsing for newer format public key certificates. Library users can parameterize incoming and outgoing buffer sizes and are notified of zero-length SSL records. A new matrixSslEncodeToOutdata() API to encode directly into an existing TCP/IP buffer for low footprint memory usage.
Release Notes: iPhone OS support and a sample Xcode project were added. Server support was added for Google Chrome False Start additions to the TLS protocol for increased handshake performance. Size/speed tradeoffs are now configurable during compile time. Active cipher suites can now be modified at runtime via a new API. The code was updated to support Luminary Micro/TI Stellaris ARM Cortex-M3 secure Web server examples.
Release Notes: A server-side configuration option was added to decrease binary executable size with simpler X.509 parsing. The Yarrow PRNG algorithm is included for strong entropy processing. Non-ASCII X.509 attributes are supported in certificates. Project files for Windows were updated to VS Express 2010. The return code was clarified for the matrixSslReceivedData() API.