XySSL is a cryptographic library written in C. It
currently features several ciphers (AES,
Triple-DES, and ARC4), hash functions (MD{2,4,5},
SHA-1, and SHA-256), and RSA and X.509 reading
support. It also implements the Secure Sockets
Layer version 3 protocol (SSLv3), as well as the
Transport Layer Security version 1 protocol.
License: GNU General Public License (GPL)
Changes:
This releases includes two major security bugfixs:
the SSL/TLS server code was vulnerable to Daniel
Bleichenbacher attack on PKCS#1 v1.5 padding,
which could lead to the disclosure of the server's
private RSA key. Version 0.9 also corrects a
critical bug in the x509 certificate verification
code, which would cause an infinite loop if the
peer provides a certificate with an invalid RSA
signature.
