« iControl Perl get_member_v2 Example | Main | OpenSSL Version Matrix Updated - June 2014 Edition »

06/02/2014

CryptoNark 0.5 Released

It has been a while since the last release but here's new version 0.5 of CryptoNark. New features and changes in this release include the following (but are mainly centered on certificate validation):

  • Modifed DHE- cipher strings to note that they also support Forward Secrecy
  • Added more OpenSSL version strings. This is now current to the most recent OpenSSL version
  • CryptoNark will check to see if you are running 0.9.8l or less and warn that your version doesn't support secure client renegotation.
  • The cert_info() subroutine has been modified to use the AES265-SHA cipher from RC4-SHA. This is purely just to support the eventual phasing out of RC4 ciphers
  • The cert_info() subroutine now displays the expiration date of the peer certificate
  • Finally, a behavior change, which works around a problem reported when running against a server using a self-signed certificate. A server using a self-signed certificate no longer fails certificate validation. This might seem counter to what you're seeing when you connect with a web browser to a web site using a self-signed certificate but keep in mind that if your browser trusts that self-signed certificate, then data and channel encryption isn't much different. The reason behind this change is to workaround an issue that is ultimately going to require a rewrite to how I am doing certificate validation today. Previous versions of CryptoNark would fail certificate validation when using a self-signed certificate but when run with the --insecure switch, some platforms would incorrectly report the bit length of the private key and then croak with a segmentation fault. This version worksaround that issue.

A big thank you to all who have downloaded this over the years and emailed issues to me. As always, downloads are available off of the CryptoNark page.

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a01156fbc6fe6970c01a73dcfe512970d

Listed below are links to weblogs that reference CryptoNark 0.5 Released:

Comments