PolarSSL 1.3.3 发布,SSL 加密库

发布于 2014年01月07日
收藏 9

轻量级SSL库PolarSSL发布1.3.3.2014-01-01。上个版本2013-11-07的1.3.2。遗留产品线1.2.10/1.1.8 越来越多重量级应用已支持PolarSSL如hiawatha,OpenVPN。



Our parting gift for the year 2013: PolarSSL 1.3.3!

We'd really like to thank everybody for the great year we had! Loads of new features, great feedback from our users and the energy to push even further in 2014!

This feature release adds a bunch of new features, improvements and fixes.


On the feature-front this release introduces support for:

  • new cryptographic constants, such as Curve25519, and the ECDH-RSA and ECDH-ECDSA key exchange methods and ciphersuites. optional optimizations for speeding up the NIST MODP elliptic curves.

  • AES-NI

Furthermore we've added support for EC key generation in the gen_key application.


Our ECP curves module now includes Curve25519, thus allowing you to perform operations with it.


Based on requests from our users we've added the non-ephemeral version of the ECDH key exchanges to our capabilities as well. The full list of supported ciphersuites and key exchanged can be seen in our (overview of supported ciphersuites).

AES-NI support

We've incorporated support for AES-NI in our AES and GCM modules.

As a result we had a major speedup of our AES-GCM performance numbers:

cipher          (1)     (2)
AES-GCM-128     22      13      cycles/byte
AES-GCM-192     23      14      cycles/byte
AES-GCM-256     25      15      cycles/byte

(1) is without AES-NI support at all
(2) is with full AES-NI support (AES + GCM tag)


Internally we introduced optimizations to speed up prime generation inmpi_gen_prime()and ECP multiplications in addition to reducing the memory used in the ECP module.

ECP memory optimizations

The operational memory used within the ECP module for storing the used curves and performing operations has been reduced. So the improvement on a 64-bit platform with 521-bit curves is:

1.3.2:    86k
1.3.2bis: 38k
1.3.3:    16k

1.3.2:    all default values
1.3.2bis: new default values for windows size and such in ECP module
1.3.3:    curve to ROM and memory optimizations

Also on 32-bits, here are the numbers for 256-bit curves, with default config and with minimal memory usage:

default: 4.7k
minimal: 1.8k

ECP Multiplication speed-up

In this version we introduce a time-memory trade-off for ECP multiplications, which speeds up ECDSA and ECDH(E).

Our before and after:

ECDSA-secp521r1 : 192 ->  566 sign/s
ECDSA-secp521r1 :  92 ->  135 verify/s
ECDSA-secp384r1 : 287 ->  837 sign/s
ECDSA-secp384r1 : 138 ->  198 verify/s
ECDSA-secp256r1 : 445 -> 1126 sign/s
ECDSA-secp256r1 : 210 ->  293 verify/s

ECDHE-secp521r1 :  93 ->  141 handshake/s
ECDH-secp521r1  : 171 ->  183 handshake/s
ECDHE-secp384r1 : 136 ->  210 handshake/s
ECDH-secp384r1  : 250 ->  267 handshake/s
ECDHE-secp256r1 : 211 ->  305 handshake/s
ECDH-secp256r1  : 382 ->  407 handshake/s

Bug fixes

Fixes include:

  • Potential memory leaks in corner cases

  • Fixed x509_crt_parse_path() bug on Windows platforms

  • Fixed bug in mpi_set_bit() on platforms where t_uint is wider than int

  • Fixed X.509 hostname comparison (with non-regular characters)

  • SSL now gracefully handles missing RNG

  • crypt_and_hash app checks MAC before final decryption


A possible remotely-triggered out-of-bounds memory access was fixed as well. This issue was found by the great team at TrustInSoft!

Who should update

We advise users of PolarSSL to update if they:

  • want to have faster ECP / ECDSA / ECDHE / AES / AES-GCM

  • want to use less memory in the ECP modules

  • want to play with Curve25519

  • need to support EDCH-RSA or ECDH-ECDSA ciphersuites


转载请注明:文章转载自 OSCHINA 社区 [http://www.oschina.net]
本文标题:PolarSSL 1.3.3 发布,SSL 加密库