• Explicit API support for processing multi-record data buffers - The 3.1.1 API set did not include a documented mechanism for processing buffers in which multiple application data records are concatenated in a single ‘recv’ buffer. This is not an uncommon scenario and users are strongly encouraged to update to this latest MatrixSSL version and implement the new matrixSslProcessedData function in their applications. Details can be found in the updated API documentation included in this package.
• MatrixSSL version defines added - A version.h file has been added that includes defines for the MatrixSSL major, minor, and patch build version. The new header is included by matrixsslApi.h and defines the full version and the individual components. For example:

  #define MATRIXSSL_VERSION       “3.1.2-OPEN” 
  #define MATRIXSSL_VERSION_MAJOR	3 
  #define MATRIXSSL_VERSION_MINOR	1 
  #define MATRIXSSL_VERSION_PATCH	2
  #define MATRIXSSL_VERSION_CODE	“OPEN”

• The sslTest application includes a timing mode - The sslTest application can now be built to measure the connection speeds for clients and servers for the various cipher suites.
• Improvements to HTTP parsing in example application code - The server and client example applications now identify partial and multi-record HTTP records.

Public API Changes

• New matrixSslProcessedData prototype and return codes - To support the processing of multi-record data buffers, the matrixSslProcessedData function prototype and return codes have changed. The new function has two additional parameters that are used to return the next decoded record in the buffer. The return codes for this function have been expanded to inform the user how that second record should be handled.

  Please see the API documentation and code examples for detailed information.

Bug Fixes

• Fixed return codes where unsigned data types were assigned negative values - The functions psRsaDecryptPriv, psRsaDecryptPub, and matrixSslDecode are now consistent in their use of unsigned vs. signed data types.

• Secure Renegotiations - Turn re-handshaking support back on, MatrixSSL users! Beginning in version 3.1.1 support for the recently published TLS Renegotiation Indication Extension (RFC 5746 ) is included. SSL/TLS renegotiations enable servers to fine tune the security parameters or access controls for individual clients without having to reconnect. MatrixSSL enabled clients and servers now support the "renegotiation_info" extension and the TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling cipher suite to prevent any possibility of the "plaintext injection attack" that was disclosed November 2009 and described in CVE-2009-3555.
• CLIENT_HELLO extension support - Support for adding extensions to CLIENT_HELLO messages is now included in the open source version of MatrixSSL. More information on hello extensions can be found in RFC 3546.
• Client cipher suites on re-handshakes - Clients will now resend the full list of supported cipher suites on server-initiated re-handshakes. In previous versions, upon receiving a HELLO_REQUEST from a connected server, the client would only supply the cipher suite that was currently negotiated in the CLIENT_HELLO.
• Makefile auto detects 32 and 64 bit platforms - The top level Makefile now detects whether 32 or 64 bit Linux or Mac OS X is running, and sets some defines appropriately to optimize performance for 64 bit platforms.
• New documents - Migration to 3.1 and OS Porting Guide

Public API Changes

• New matrixSslNewClientSession prototype - An additional parameter has been added to this routine to improve hello extension support. Clients can now register a callback that will be invoked during the SSL handshakes to parse any SERVER_HELLO extensions that might be sent by the server.
• USE_INT64 renamed to HAVE_NATIVE_INT64 - This define in coreConfig.h has been renamed for clarity.

Bug Fixes

• Changing Cipher Suites on Re-handshake - A handshaking failure was discovered during re-handshake testing in some cases where the underlying cipher suite was changing, resulting in an invalid SSL Alert and connection close. This has been fixed as part of the overall handshake protocol change.
• Default size for pstm_digit - The default 32-bit platform now explicitly sets the psmt_digit type as a 32-bit unsigned integer rather than an unsigned long. This fixes a compile issue witbh running with 32-bit math on a 64-bit platform.

• Celebrating 8 years of MatrixSSL! - New 3.x version of Open Source matches Commercial versioning.
• TLS 1.0 Protocol Support - Beginning in MatrixSSL 3.1 the TLS 1.0 protocol and AES cipher are now available in open source releases.
• Improved API - It is now easier than ever to integrate SSL into your application. MatrixSSL has always provided SSL integration to applications at a data buffer level to guarantee support for any given transport mechanism. Previous versions, however, left the management of these data buffers in the hands of the integrator. The new MatrixSSL 3.1 API incorporates size-optimized buffer management so the user is left only with the task of determining when data needs to be read or written, while still maintaing a transport-neutral, zero buffer copy API.
• Faster and Smaller RSA Cryptography - The public key cryptography operations required for RSA mathematics are the primary contributors to high water memory and CPU resources during the SSL handshake. MatrixSSL 3.1 includes specific optimizations that have resulted in major improvements to both speed and memory usage during public cryptography. These substantial memory savings and performance improvements allow MatrixSSL to be used on an even larger number of embedded platforms. The entire SSL handshake, including network buffers can now be completed in as little as 10KB of RAM, with a post-handshake dynamic memory footprint of less than 3KB.
• File and Functional Reorganization - The MatrixSSL 3.1 source code package has been organized to better reflect the individual functional areas. The core and crypto modules are now clear building blocks on which MatrixSSL relies and each module has an API and Configuration header to manage optional features and functionality.
• New Supported Client and Server Applications - New client and server examples are now provided as a starting off point for customer integration or new application development. The client application is an example of a simple, blocking sockets API HTTPS client that prints the response to a HTTP GET request. The server example demonstrates a non-blocking HTTPS server that handles multiple connections and session timeouts. The MatrixSSL API usage for both applications is very similar, and should help clarify how to integrate MatrixSSL with other applications.
• New Test Application - A SSL/TLS protocol test application is now included in the package so that new ports of MatrixSSL can quickly be verified and functionally tested, even before integration with a sockets layer. The application creates virtual SSL connections within a single process using memory buffers as the transport layer. Each supported cipher suite and handshake mode are validated.
• Additional Project File Formats - Project files for the MatrixSSL library, example and test applications are now provided for Microsoft Visual Studio Express Edition, Apple Xcode and standard GNU make. Projects for the Eclipse IDE can be directly imported from GNU Makefile.

• A security exploit around SSL re-negotiation has been discovered. This is a protocol level flaw, and affects all SSL and TLS implementations. The protocol sitting above SSL may or may not be affected. For example, HTTPS with keep-alive support on authenticated connections IS affected. MatrixSSL disables re-negotiation for server side SSL in this release, protecting secure servers from attack. When using MatrixSSL for client connections, care should be taken to only connect to SSL servers that have re-negotiation disabled.
• More information: HTTPS/SSL Attack Vector Discovered

• Windows project files for library and example application builds are now based on the freely available Microsoft Visual Studio C++ 2008 Express Edition

• The USE_MULTITHREADING define in matrixConfig.h is now off by default so that POSIX platforms will not require pthreads by default.

• Fixed the size calculations for SSL_FULL conditions when encoding the FINISHED flight of handshake messages
• Additional checks and proper error handling for the following types of malformed X.509 certificates as tested by Orange Labs. These do not constitute a remote attack vector for the Open Source release.
  • Testing for Serial Number encodings that use bad length specifications
  • Testing for Distinguished Name extension encodings that use bad length specifications
  • Error handling for Subject Alternate Name extensions that use bad length specifications

• The matrixRsaParsePubKey routine has added support for X.509 SubjectPublicKeyInfo formatted keys
• Full parsing support of the subjectAltName extension in certificates

• Allowing clients to send multiple compression parameters in the CLIENT_HELLO message
• The matrixX509ReadCert routine supports additional PEM file header and footer formats

• Corrected filename misspelling in httpsReflector.c for loading example CAcertCln.der certificate

• Internal API change to accommodate MatrixSSH users.

• Ignore TLS extensions sent with SSL 3.0 ClientHello. Thunderbird sends these extensions if negotiating down from a TLS connection, even though they are meaningless.
• Enhanced the parsing of the Key Usage certificate extension.

• Assure file reads into memory are NULL terminated. This was an issue flagged by Valgrind that doesn't present a problem in practice.
• 2008 copyright update.

• MatrixSSL 1.8.4 was not a public release.

• ‘const’ qualifiers added to literal string parameters for matrixRsaReadPrivKey, matrixRsaReadKeys, matrixRsaReadKeysEx and matrixX509ReadPubKey.

• Additional error reporting in RSA public decryption routine.

• Improved the enforcement of maximum certificate chain length.
• Added the –fPIC compile option to default POSIX builds.
• Fixed one time memory leak on error conditional during certificate parsing.
• 2007 copyright update.

• None

• New "leaky bucket" algorithm for empty message denial-of-service countermeasure. Previously, the count of empty messages was continually being incremented by the MatrixSSL library regardless of any interleaving valid messages. This could potentially cause the connection to be closed if a peer was sending many blank SSL messages. The count will now decrement on valid messages. This change is most relevant to use-cases that involve an OpenSSL client communicating with a MatrixSSL server, as these clients tend to periodically send a blank record.

• None

• None

• Cleaner POSIX cross platform compiles for newer versions of Linux.
• Build support for Intel Macs (tested on OS X 10.4 CoreDuo).

• Minor compile warnings fixed.
• Graceful handling when MAX_CHAIN_LEN limit is exceeded in certificate parsing.
• Added ASN.1 BMPSTRING format support to certificate parsing.
• Fixed matrixSslReadKeysMem so that private key parameter is optional.
• Fixed one time memory leak for client initialization issues that include non-parsable certificates.

• Addition of two new server APIs that allow the user to add a custom flag value to client sessions. Servers may now assign persistant custom data to connected sessions that can be later retrieved from a session that was established with a session resumption handshake. See the API documentation for matrixSslSetResumptionFlag and matrixSslGetResumptionFlag for more details.

• Ability to put multiple certificates in a single PEM file.
• The handshake will now fail on an un-authenticated cert if no user validation callback has been defined with matrixSslSetCertValidator. It is still encouraged that a callback be registered.
• Users can now reply to a closure alert with a closure alert of their own using matrixSslEncodeClosureAlert. Previously, the SSL_CLOSED flag prevented this. Now only error cases will prevent the closure alert from being created.

• Numerous compile warnings fixed. Especially in the area of unsigned char / char type mismatches.
• Added explicit ‘void’ types to empty parameter functions.
• Fixed a bad shift operation in cipherSuite.c (no functional change).
• Fixed possible memory leak of pre-master secret if deleteSession called on some corner failure cases.
• Fixed compile and link issues when USE_FILE_SYSTEM was turned off in matrixConfig.h.
• Fix for unknown X.509 certificate extension parsing in which the extensions did not provide explicit data lengths in the encoding.
• Fixed parse issue with an empty AuthorityKeyIdentifier certificate extension.
• Created new sample certificates with updated dates.

• Fixed issue with certificate extension parsing causing a cert with some unrecognized extensions to fail validation.
• Fixed requirement when USE_CLIENT_SIDE is enabled with ReadKeysMem - CA is no longer required.

• Fixed packaging issue causing a build error on Windows and Linux. No functional change from 1.7.1

• Fixed certificate chain parsing bug where a valid certificate chain was marked as invalid under certain circumstances. The result of the fix is that more cert chain configurations are supported.
• Added support for cert validation when the server sends the Root CA cert in addition to the lower levels of the chain. Typically the Root CA cert is loaded into the client, and not sent by the server. We have encountered some deployments where the server does send the root CA as well, and now successfully validate this chain.
• Relaxed parsing of the CertificateSerialNumber field within AuthorityKeyIdentifier. Although officially defined as an ASN.1 INTEGER type, some certificate generators use a non-integer value. Parser now supports these technically incorrect datatypes.

• Explicit support for anonymous RSA handshaking
• New APIs to support anonymous handshaking and re-handshaking over existing connections with new key material

• Version updated from 1.2.5 to 1.7 to mirror commercial MatrixSSL versioning
• Directory and file reorganization

• Significantly accelerated RSA handshake speeds
• Additional parsing of X.509 certificate extensions