|
Name |
|
Date |
Size |
#Lines |
LOC |
| .. | | 03-May-2022 | - |
| .github/workflows/ | H | 10-Feb-2022 | - | 95 | 73 |
| IDE/ | H | 10-Feb-2022 | - | 135,553 | 117,401 |
| IPP/ | H | 07-May-2022 | - | | |
| certs/ | H | 03-May-2022 | - | 23,176 | 21,487 |
| cmake/ | H | 10-Feb-2022 | - | 977 | 826 |
| ctaocrypt/ | H | 10-Feb-2022 | - | 531 | 412 |
| cyassl/ | H | 10-Feb-2022 | - | 4,187 | 1,985 |
| doc/ | H | 03-May-2022 | - | 41,277 | 8,899 |
| examples/ | H | 10-Feb-2022 | - | 15,524 | 12,809 |
| lib/ | H | 10-Feb-2022 | - | 3 | 1 |
| linuxkm/ | H | 10-Feb-2022 | - | 1,366 | 1,044 |
| m4/ | H | 10-Feb-2022 | - | 2,803 | 2,578 |
| mcapi/ | H | 10-Feb-2022 | - | 4,575 | 3,258 |
| mplabx/ | H | 10-Feb-2022 | - | 1,866 | 1,281 |
| mqx/ | H | 10-Feb-2022 | - | 8,721 | 8,291 |
| rpm/ | H | 10-Feb-2022 | - | 409 | 382 |
| scripts/ | H | 03-May-2022 | - | 4,560 | 3,515 |
| src/ | H | 10-Feb-2022 | - | 137,039 | 107,046 |
| sslSniffer/ | H | 10-Feb-2022 | - | 1,971 | 1,577 |
| support/ | H | 10-Feb-2022 | - | 20 | 15 |
| tests/ | H | 03-May-2022 | - | 72,468 | 55,509 |
| testsuite/ | H | 10-Feb-2022 | - | 1,231 | 1,022 |
| tirtos/ | H | 10-Feb-2022 | - | 818 | 642 |
| wolfcrypt/ | H | 10-Feb-2022 | - | 1,070,985 | 927,833 |
| wolfssl/ | H | 10-Feb-2022 | - | 58,070 | 43,403 |
| wrapper/ | H | 10-Feb-2022 | - | 10,653 | 6,765 |
| zephyr/ | H | 03-May-2022 | - | 2,133 | 1,486 |
| .gitignore | H A D | 10-Feb-2022 | 9.6 KiB | 392 | 366 |
| COPYING | H A D | 10-Feb-2022 | 17.7 KiB | 340 | 281 |
| ChangeLog.md | H A D | 10-Feb-2022 | 174 KiB | 3,446 | 2,787 |
| INSTALL | H A D | 10-Feb-2022 | 9.1 KiB | 237 | 173 |
| LICENSING | H A D | 10-Feb-2022 | 469 | 15 | 9 |
| LPCExpresso.cproject | H A D | 10-Feb-2022 | 25.1 KiB | 267 | 266 |
| LPCExpresso.project | H A D | 10-Feb-2022 | 845 | 29 | 28 |
| Makefile.am | H A D | 10-Feb-2022 | 10.7 KiB | 310 | 270 |
| README | H A D | 10-Feb-2022 | 11.2 KiB | 213 | 166 |
| README.md | H A D | 10-Feb-2022 | 11.6 KiB | 217 | 172 |
| SCRIPTS-LIST | H A D | 10-Feb-2022 | 1.8 KiB | 44 | 33 |
| Vagrantfile | H A D | 10-Feb-2022 | 1.2 KiB | 44 | 28 |
| async-check.sh | H A D | 10-Feb-2022 | 2.9 KiB | 81 | 48 |
| autogen.sh | H A D | 10-Feb-2022 | 1.7 KiB | 63 | 48 |
| commit-tests.sh | H A D | 10-Feb-2022 | 1.1 KiB | 35 | 19 |
| configure.ac | H A D | 10-Feb-2022 | 246 KiB | 7,802 | 6,716 |
| fips-check.sh | H A D | 10-Feb-2022 | 12.7 KiB | 450 | 372 |
| fips-hash.sh | H A D | 10-Feb-2022 | 488 | 22 | 16 |
| gencertbuf.pl | H A D | 10-Feb-2022 | 10.3 KiB | 309 | 214 |
| input | H A D | 10-Feb-2022 | 1.8 KiB | 90 | 62 |
| pre-commit.sh | H A D | 10-Feb-2022 | 1,017 | 46 | 27 |
| pre-push.sh | H A D | 10-Feb-2022 | 337 | 20 | 11 |
| pull_to_vagrant.sh | H A D | 10-Feb-2022 | 435 | 15 | 9 |
| quit | H A D | 10-Feb-2022 | 6 | 3 | 1 |
| resource.h | H A D | 10-Feb-2022 | 386 | 15 | 8 |
| valgrind-bash.supp | H A D | 10-Feb-2022 | 108 | 9 | 8 |
| valgrind-error.sh | H A D | 10-Feb-2022 | 289 | 25 | 10 |
| wnr-example.conf | H A D | 10-Feb-2022 | 676 | 41 | 31 |
| wolfssl.sln | H A D | 10-Feb-2022 | 4.5 KiB | 75 | 73 |
| wolfssl.vcproj | H A D | 10-Feb-2022 | 7.9 KiB | 415 | 414 |
| wolfssl.vcxproj | H A D | 10-Feb-2022 | 22.5 KiB | 394 | 393 |
| wolfssl64.sln | H A D | 10-Feb-2022 | 10 KiB | 143 | 141 |
README
1*** Description ***
2
3The wolfSSL embedded SSL library (formerly CyaSSL) is a lightweight SSL/TLS
4library written in ANSI C and targeted for embedded, RTOS, and
5resource-constrained environments - primarily because of its small size, speed,
6and feature set. It is commonly used in standard operating environments as well
7because of its royalty-free pricing and excellent cross platform support.
8wolfSSL supports industry standards up to the current TLS 1.3 and DTLS 1.2
9levels, is up to 20 times smaller than OpenSSL, and offers progressive ciphers
10such as ChaCha20, Curve25519, and Blake2b. User benchmarking and feedback
11reports dramatically better performance when using wolfSSL over OpenSSL.
12
13wolfSSL is powered by the wolfCrypt library. Two versions of the wolfCrypt
14cryptography library have been FIPS 140-2 validated (Certificate #2425 and
15certificate #3389). For additional information, visit the wolfCrypt FIPS FAQ
16(https://www.wolfssl.com/license/fips/) or contact fips@wolfssl.com
17
18*** Why choose wolfSSL? ***
19
20There are many reasons to choose wolfSSL as your embedded SSL solution. Some of
21the top reasons include size (typical footprint sizes range from 20-100 kB),
22support for the newest standards (SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3,
23DTLS 1.0, and DTLS 1.2), current and progressive cipher support (including
24stream ciphers), multi-platform, royalty free, and an OpenSSL compatibility API
25to ease porting into existing applications which have previously used the
26OpenSSL package. For a complete feature list, see chapter 4 of the wolfSSL
27manual. (https://www.wolfssl.com/docs/wolfssl-manual/ch4/)
28
29*** Notes, Please read ***
30
31Note 1)
32wolfSSL as of 3.6.6 no longer enables SSLv3 by default. wolfSSL also no longer
33supports static key cipher suites with PSK, RSA, or ECDH. This means if you
34plan to use TLS cipher suites you must enable DH (DH is on by default), or
35enable ECC (ECC is on by default), or you must enable static key cipher suites
36with
37
38 WOLFSSL_STATIC_DH
39 WOLFSSL_STATIC_RSA
40 or
41 WOLFSSL_STATIC_PSK
42
43though static key cipher suites are deprecated and will be removed from future
44versions of TLS. They also lower your security by removing PFS.
45
46When compiling ssl.c, wolfSSL will now issue a compiler error if no cipher
47suites are available. You can remove this error by defining
48WOLFSSL_ALLOW_NO_SUITES in the event that you desire that, i.e., you're not
49using TLS cipher suites.
50
51Note 2)
52wolfSSL takes a different approach to certificate verification than OpenSSL
53does. The default policy for the client is to verify the server, this means
54that if you don't load CAs to verify the server you'll get a connect error,
55no signer error to confirm failure (-188).
56
57If you want to mimic OpenSSL behavior of having SSL_connect succeed even if
58verifying the server fails and reducing security you can do this by calling:
59
60 wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
61
62before calling wolfSSL_new();. Though it's not recommended.
63
64Note 3)
65The enum values SHA, SHA256, SHA384, SHA512 are no longer available when
66wolfSSL is built with --enable-opensslextra (OPENSSL_EXTRA) or with the macro
67NO_OLD_SHA_NAMES. These names get mapped to the OpenSSL API for a single call
68hash function. Instead the name WC_SHA, WC_SHA256, WC_SHA384 and WC_SHA512
69should be used for the enum name.
70
71*** end Notes ***
72
73
74For additional vulnerability information visit the vulnerability page at
75https://www.wolfssl.com/docs/security-vulnerabilities/
76
77See INSTALL file for build instructions.
78More info can be found on-line at https://wolfssl.com/wolfSSL/Docs.html
79
80# wolfSSL Release 5.1.1 (Jan 3rd, 2021)
81Release 5.1.1 of wolfSSL embedded TLS has a high vulnerability fix:
82
83### Vulnerabilities
84* \[High\] In connections using AES-CBC or DES3 with TLS/DTLS 1.2 or 1.1 the IV being used is not random. Users using wolfSSL version 5.0.0 or 5.1.0 doing TLS/DTLS 1.2 or 1.1 connections, without AEAD only, should update the version of wolfSSL used.
85
86# wolfSSL Release 5.1.0 (Dec 27, 2021)
87Release 5.1.0 of wolfSSL embedded TLS has bug fixes and new features including:
88
89### Vulnerabilities
90* \[Low\] Potential for DoS attack on a wolfSSL client due to processing hello packets of the incorrect side. This affects only connections using TLS v1.2 or less that have also been compromised by a man in the middle attack. Thanks to James Henderson, Mathy Vanhoef, Chris M. Stone, Sam L. Thomas, Nicolas Bailleut, and Tom Chothia (University of Birmingham, KU Leuven, ENS Rennes for the report.
91* \[Low\] Client side session resumption issue once the session resumption cache has been filled up. The hijacking of a session resumption has been demonstrated so far with only non verified peer connections. That is where the client is not verifying the server’s CA that it is connecting to. There is the potential though for other cases involving proxies that are verifying the server to be at risk, if using wolfSSL in a case involving proxies use wolfSSL_get1_session and then wolfSSL_SESSION_free when done where possible. If not adding in the session get/free function calls we recommend that users of wolfSSL that are resuming sessions update to the latest version (wolfSSL version 5.1.0 or later). Thanks to the UK's National Cyber Security Centre (NCSC) for the report.
92
93### New Feature Additions
94###### Ports
95* Curve25519 support with NXP SE050 added
96* Renesas RA6M4 support with SCE Protected Mode and FSP 3.5.0
97* Renesas TSIP 1.14 support for RX65N/RX72N
98
99###### Post Quantum
100* Post quantum resistant algorithms used with Apache port
101* NIST round 3 FALCON Signature Scheme support added to TLS 1.3 connections
102* FALCON added to the benchmarking application
103* Testing of cURL with wolfSSL post quantum resistant build
104
105###### Compatibility Layer Additions
106* Updated NGINX port to NGINX version 1.21.4
107* Updated Apache port to Apache version 2.4.51
108* Add support for SSL_OP_NO_TLSv1_2 flag with wolfSSL_CTX_set_options function
109* Support added for the functions
110 - SSL_CTX_get_max_early_data
111 - SSL_CTX_set_max_early_data
112 - SSL_set_max_early_data
113 - SSL_get_max_early_data
114 - SSL_CTX_clear_mode
115 - SSL_CONF_cmd_value_type
116 - SSL_read_early_data
117 - SSL_write_early_data
118
119###### Misc.
120* Crypto callback support for AES-CCM added. A callback function can be registered and used instead of the default AES-CCM implementation in wolfSSL.
121* Added AES-OFB to the FIPS boundary for future FIPS validations.
122* Add support for custom OIDs used with CSR (certificate signing request) generation using the macro WOLFSSL_CUSTOM_OID
123* Added HKDF extract callback function for use with TLS 1.3
124* Add variant from RFC6979 of deterministic ECC signing that can be enabled using the macro WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT
125* Added the function wc_GetPubKeyDerFromCert to get the public key from a DecodedCert structure
126* Added the functions wc_InitDecodedCert, wc_ParseCert and wc_FreeDecodedCert for access to decoding a certificate into a DecodedCert structure
127* Added the macro WOLFSSL_ECC_NO_SMALL_STACK for hybrid builds where the numerous malloc/free with ECC is undesired but small stack use is desired throughout the rest of the library
128* Added the function wc_d2i_PKCS12_fp for reading a PKCS12 file and parsing it
129
130### Fixes
131###### PORT Fixes
132* Building with Android wpa_supplicant and KeyStore
133* Setting initial value of CA certificate with TSIP enabled
134* Cryptocell ECC build fix and fix with RSA disabled
135* IoT-SAFE improvement for Key/File slot ID size, fix for C++ compile, and fixes for retrieving the public key after key generation
136
137###### Math Library Fixes
138* Check return values on TFM library montgomery function in case the system runs out of memory. This resolves an edge case of invalid ECC signatures being created.
139* SP math library sanity check on size of values passed to sp_gcd.
140* SP math library sanity check on exponentiation by 0 with mod_exp
141* Update base ECC mp_sqrtmod_prime function to handle an edge case of zero
142* TFM math library with Intel MULX multiply fix for carry in assembly code
143
144###### Misc.
145* Fix for potential heap buffer overflow with compatibility layer PEM parsing
146* Fix for edge memory leak case with an error encountered during TLS resumption
147* Fix for length on inner sequence created with wc_DhKeyToDer when handling small DH keys
148* Fix for sanity check on input argument to DSA sign and verify
149* Fix for setting of the return value with ASN1 integer get on an i386 device
150* Fix for BER to DER size checks with PKCS7 decryption
151* Fix for memory leak with PrintPubKeyEC function in compatibility layer
152* Edge case with deterministic ECC key generation when the private key has leading 0’s
153* Fix for build with OPENSSL_EXTRA and NO_WOLFSSL_STUB both defined
154* Use page aligned memory with ECDSA signing and KCAPI
155* Skip expired sessions for TLS 1.3 rather than turning off the resume behavior
156* Fix for DTLS handling dropped or retransmitted messages
157
158### Improvements/Optimizations
159###### Build Options and Warnings
160* Bugfix: could not build with liboqs and without DH enabled
161* Build with macro NO_ECC_KEY_EXPORT fixed
162* Fix for building with the macro HAVE_ENCRYPT_THEN_MAC when session export is enabled
163* Building with wolfSentry and HAVE_EX_DATA macro set
164
165###### Math Libraries
166* Improvement for performance with SP C implementation of montgomery reduction for ECC (P256 and P384) and SP ARM64 implementation for ECC (P384)
167* With SP math handle case of dividing by length of dividend
168* SP math improvement for lo/hi register names to be used with older GCC compilers
169
170###### Misc.
171* ASN name constraints checking code refactor for better efficiency and readability
172* Refactor of compatibility layer stack free’ing calls to simplify and reduce code
173* Scrubbed code for trailing spaces, hard tabs, and any control characters
174* Explicit check that leaf certificate's public key type match cipher suite signature algorithm
175* Additional NULL sanity checks on WOLFSSL struct internally and improve switch statement fallthrough
176* Retain OCSP error value when CRL is enabled with certificate parsing
177* Update to NATIVE LwIP support for TCP use
178* Sanity check on PEM size when parsing a PEM with OpenSSL compatibility layer API.
179* SWIG wrapper was removed from the codebase in favor of dedicated Java and Python wrappers.
180* Updates to bundled example client for when to load the CA, handling print out of IP alt names, and printing out the peers certificate in PEM format
181* Handling BER encoded inner content type with PKCS7 verify
182* Checking for SOCKET_EPIPE errors from low level socket
183* Improvements to cleanup in the case that wolfSSL_Init fails
184* Update test and example certificates expiration dates
185
186
187
188*** Resources ***
189
190
191[wolfSSL Website](https://www.wolfssl.com/)
192
193[wolfSSL Wiki](https://github.com/wolfSSL/wolfssl/wiki)
194
195[FIPS FAQ](https://wolfssl.com/license/fips)
196
197[wolfSSL Documents](https://wolfssl.com/wolfSSL/Docs.html)
198
199[wolfSSL Manual](https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-toc.html)
200
201[wolfSSL API Reference]
202(https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-17-wolfssl-api-reference.html)
203
204[wolfCrypt API Reference]
205(https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-18-wolfcrypt-api-reference.html)
206
207[TLS 1.3](https://www.wolfssl.com/docs/tls13/)
208
209[wolfSSL Vulnerabilities]
210(https://www.wolfssl.com/docs/security-vulnerabilities/)
211
212Additional wolfSSL Examples](https://github.com/wolfssl/wolfssl-examples)
213
README.md
1<a href="https://repology.org/project/wolfssl/versions">
2 <img src="https://repology.org/badge/vertical-allrepos/wolfssl.svg" alt="Packaging status" align="right">
3</a>
4
5# wolfSSL Embedded SSL/TLS Library
6
7The [wolfSSL embedded SSL library](https://www.wolfssl.com/products/wolfssl/)
8(formerly CyaSSL) is a lightweight SSL/TLS library written in ANSI C and
9targeted for embedded, RTOS, and resource-constrained environments - primarily
10because of its small size, speed, and feature set. It is commonly used in
11standard operating environments as well because of its royalty-free pricing
12and excellent cross platform support. wolfSSL supports industry standards up
13to the current [TLS 1.3](https://www.wolfssl.com/tls13) and DTLS 1.2, is up to
1420 times smaller than OpenSSL, and offers progressive ciphers such as ChaCha20,
15Curve25519, Blake2b and Post-Quantum TLS 1.3 groups. User benchmarking and
16feedback reports dramatically better performance when using wolfSSL over
17OpenSSL.
18
19wolfSSL is powered by the wolfCrypt cryptography library. Two versions of
20wolfCrypt have been FIPS 140-2 validated (Certificate #2425 and
21certificate #3389). FIPS 140-3 validation is in progress. For additional
22information, visit the [wolfCrypt FIPS FAQ](https://www.wolfssl.com/license/fips/)
23or contact fips@wolfssl.com.
24
25## Why Choose wolfSSL?
26
27There are many reasons to choose wolfSSL as your embedded, desktop, mobile, or
28enterprise SSL/TLS solution. Some of the top reasons include size (typical
29footprint sizes range from 20-100 kB), support for the newest standards
30(SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3, DTLS 1.0, and DTLS 1.2), current
31and progressive cipher support (including stream ciphers), multi-platform,
32royalty free, and an OpenSSL compatibility API to ease porting into existing
33applications which have previously used the OpenSSL package. For a complete
34feature list, see [Chapter 4](https://www.wolfssl.com/docs/wolfssl-manual/ch4/)
35of the wolfSSL manual.
36
37## Notes, Please Read
38
39### Note 1
40wolfSSL as of 3.6.6 no longer enables SSLv3 by default. wolfSSL also no longer
41supports static key cipher suites with PSK, RSA, or ECDH. This means if you
42plan to use TLS cipher suites you must enable DH (DH is on by default), or
43enable ECC (ECC is on by default), or you must enable static key cipher suites
44with one or more of the following defines:
45
46```
47WOLFSSL_STATIC_DH
48WOLFSSL_STATIC_RSA
49WOLFSSL_STATIC_PSK
50```
51Though static key cipher suites are deprecated and will be removed from future
52versions of TLS. They also lower your security by removing PFS.
53
54When compiling `ssl.c`, wolfSSL will now issue a compiler error if no cipher
55suites are available. You can remove this error by defining
56`WOLFSSL_ALLOW_NO_SUITES` in the event that you desire that, i.e., you're
57not using TLS cipher suites.
58
59### Note 2
60wolfSSL takes a different approach to certificate verification than OpenSSL
61does. The default policy for the client is to verify the server, this means
62that if you don't load CAs to verify the server you'll get a connect error,
63no signer error to confirm failure (-188).
64
65If you want to mimic OpenSSL behavior of having `SSL_connect` succeed even if
66verifying the server fails and reducing security you can do this by calling:
67
68```c
69wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, NULL);
70```
71
72before calling `wolfSSL_new();`. Though it's not recommended.
73
74### Note 3
75The enum values SHA, SHA256, SHA384, SHA512 are no longer available when
76wolfSSL is built with `--enable-opensslextra` (`OPENSSL_EXTRA`) or with the
77macro `NO_OLD_SHA_NAMES`. These names get mapped to the OpenSSL API for a
78single call hash function. Instead the name `WC_SHA`, `WC_SHA256`, `WC_SHA384` and
79`WC_SHA512` should be used for the enum name.
80
81# wolfSSL Release 5.1.1 (Jan 3rd, 2021)
82Release 5.1.1 of wolfSSL embedded TLS has a high vulnerability fix:
83
84### Vulnerabilities
85* \[High\] In connections using AES-CBC or DES3 with TLS/DTLS 1.2 or 1.1 the IV being used is not random. Users using wolfSSL version 5.0.0 or 5.1.0 doing TLS/DTLS 1.2 or 1.1 connections, without AEAD only, should update the version of wolfSSL used.
86
87# wolfSSL Release 5.1.0 (Dec 27, 2021)
88Release 5.1.0 of wolfSSL embedded TLS has bug fixes and new features including:
89
90### Vulnerabilities
91* \[Low\] Potential for DoS attack on a wolfSSL client due to processing hello packets of the incorrect side. This affects only connections using TLS v1.2 or less that have also been compromised by a man in the middle attack. Thanks to James Henderson, Mathy Vanhoef, Chris M. Stone, Sam L. Thomas, Nicolas Bailleut, and Tom Chothia (University of Birmingham, KU Leuven, ENS Rennes for the report.
92* \[Low\] Client side session resumption issue once the session resumption cache has been filled up. The hijacking of a session resumption has been demonstrated so far with only non verified peer connections. That is where the client is not verifying the server’s CA that it is connecting to. There is the potential though for other cases involving proxies that are verifying the server to be at risk, if using wolfSSL in a case involving proxies use wolfSSL_get1_session and then wolfSSL_SESSION_free when done where possible. If not adding in the session get/free function calls we recommend that users of wolfSSL that are resuming sessions update to the latest version (wolfSSL version 5.1.0 or later). Thanks to the UK's National Cyber Security Centre (NCSC) for the report.
93
94### New Feature Additions
95###### Ports
96* Curve25519 support with NXP SE050 added
97* Renesas RA6M4 support with SCE Protected Mode and FSP 3.5.0
98* Renesas TSIP 1.14 support for RX65N/RX72N
99
100###### Post Quantum
101* Post quantum resistant algorithms used with Apache port
102* NIST round 3 FALCON Signature Scheme support added to TLS 1.3 connections
103* FALCON added to the benchmarking application
104* Testing of cURL with wolfSSL post quantum resistant build
105
106###### Compatibility Layer Additions
107* Updated NGINX port to NGINX version 1.21.4
108* Updated Apache port to Apache version 2.4.51
109* Add support for SSL_OP_NO_TLSv1_2 flag with wolfSSL_CTX_set_options function
110* Support added for the functions
111 - SSL_CTX_get_max_early_data
112 - SSL_CTX_set_max_early_data
113 - SSL_set_max_early_data
114 - SSL_get_max_early_data
115 - SSL_CTX_clear_mode
116 - SSL_CONF_cmd_value_type
117 - SSL_read_early_data
118 - SSL_write_early_data
119
120###### Misc.
121* Crypto callback support for AES-CCM added. A callback function can be registered and used instead of the default AES-CCM implementation in wolfSSL.
122* Added AES-OFB to the FIPS boundary for future FIPS validations.
123* Add support for custom OIDs used with CSR (certificate signing request) generation using the macro WOLFSSL_CUSTOM_OID
124* Added HKDF extract callback function for use with TLS 1.3
125* Add variant from RFC6979 of deterministic ECC signing that can be enabled using the macro WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT
126* Added the function wc_GetPubKeyDerFromCert to get the public key from a DecodedCert structure
127* Added the functions wc_InitDecodedCert, wc_ParseCert and wc_FreeDecodedCert for access to decoding a certificate into a DecodedCert structure
128* Added the macro WOLFSSL_ECC_NO_SMALL_STACK for hybrid builds where the numerous malloc/free with ECC is undesired but small stack use is desired throughout the rest of the library
129* Added the function wc_d2i_PKCS12_fp for reading a PKCS12 file and parsing it
130
131### Fixes
132###### PORT Fixes
133* Building with Android wpa_supplicant and KeyStore
134* Setting initial value of CA certificate with TSIP enabled
135* Cryptocell ECC build fix and fix with RSA disabled
136* IoT-SAFE improvement for Key/File slot ID size, fix for C++ compile, and fixes for retrieving the public key after key generation
137
138###### Math Library Fixes
139* Check return values on TFM library montgomery function in case the system runs out of memory. This resolves an edge case of invalid ECC signatures being created.
140* SP math library sanity check on size of values passed to sp_gcd.
141* SP math library sanity check on exponentiation by 0 with mod_exp
142* Update base ECC mp_sqrtmod_prime function to handle an edge case of zero
143* TFM math library with Intel MULX multiply fix for carry in assembly code
144
145###### Misc.
146* Fix for potential heap buffer overflow with compatibility layer PEM parsing
147* Fix for edge memory leak case with an error encountered during TLS resumption
148* Fix for length on inner sequence created with wc_DhKeyToDer when handling small DH keys
149* Fix for sanity check on input argument to DSA sign and verify
150* Fix for setting of the return value with ASN1 integer get on an i386 device
151* Fix for BER to DER size checks with PKCS7 decryption
152* Fix for memory leak with PrintPubKeyEC function in compatibility layer
153* Edge case with deterministic ECC key generation when the private key has leading 0’s
154* Fix for build with OPENSSL_EXTRA and NO_WOLFSSL_STUB both defined
155* Use page aligned memory with ECDSA signing and KCAPI
156* Skip expired sessions for TLS 1.3 rather than turning off the resume behavior
157* Fix for DTLS handling dropped or retransmitted messages
158
159### Improvements/Optimizations
160###### Build Options and Warnings
161* Bugfix: could not build with liboqs and without DH enabled
162* Build with macro NO_ECC_KEY_EXPORT fixed
163* Fix for building with the macro HAVE_ENCRYPT_THEN_MAC when session export is enabled
164* Building with wolfSentry and HAVE_EX_DATA macro set
165
166###### Math Libraries
167* Improvement for performance with SP C implementation of montgomery reduction for ECC (P256 and P384) and SP ARM64 implementation for ECC (P384)
168* With SP math handle case of dividing by length of dividend
169* SP math improvement for lo/hi register names to be used with older GCC compilers
170
171###### Misc.
172* ASN name constraints checking code refactor for better efficiency and readability
173* Refactor of compatibility layer stack free’ing calls to simplify and reduce code
174* Scrubbed code for trailing spaces, hard tabs, and any control characters
175* Explicit check that leaf certificate's public key type match cipher suite signature algorithm
176* Additional NULL sanity checks on WOLFSSL struct internally and improve switch statement fallthrough
177* Retain OCSP error value when CRL is enabled with certificate parsing
178* Update to NATIVE LwIP support for TCP use
179* Sanity check on PEM size when parsing a PEM with OpenSSL compatibility layer API.
180* SWIG wrapper was removed from the codebase in favor of dedicated Java and Python wrappers.
181* Updates to bundled example client for when to load the CA, handling print out of IP alt names, and printing out the peers certificate in PEM format
182* Handling BER encoded inner content type with PKCS7 verify
183* Checking for SOCKET_EPIPE errors from low level socket
184* Improvements to cleanup in the case that wolfSSL_Init fails
185* Update test and example certificates expiration dates
186
187
188For additional vulnerability information visit the vulnerability page at:
189https://www.wolfssl.com/docs/security-vulnerabilities/
190
191See INSTALL file for build instructions.
192More info can be found on-line at: https://wolfssl.com/wolfSSL/Docs.html
193
194
195
196# Resources
197
198[wolfSSL Website](https://www.wolfssl.com/)
199
200[wolfSSL Wiki](https://github.com/wolfSSL/wolfssl/wiki)
201
202[FIPS 140-2/140-3 FAQ](https://wolfssl.com/license/fips)
203
204[wolfSSL Documentation](https://wolfssl.com/wolfSSL/Docs.html)
205
206[wolfSSL Manual](https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-toc.html)
207
208[wolfSSL API Reference](https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-17-wolfssl-api-reference.html)
209
210[wolfCrypt API Reference](https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-18-wolfcrypt-api-reference.html)
211
212[TLS 1.3](https://www.wolfssl.com/docs/tls13/)
213
214[wolfSSL Vulnerabilities](https://www.wolfssl.com/docs/security-vulnerabilities/)
215
216[Additional wolfSSL Examples](https://github.com/wolfssl/wolfssl-examples)
217