|
@@ -79,128 +79,188 @@ single call hash function. Instead the name `WC_SHA`, `WC_SHA256`, `WC_SHA384` a
|
|
|
`WC_SHA512` should be used for the enum name.
|
|
|
|
|
|
|
|
|
-# wolfSSL Release 5.5.4 (Dec 21, 2022)
|
|
|
+# wolfSSL Release 5.6.0 (Mar 24, 2023)
|
|
|
|
|
|
-Release 5.5.4 of wolfSSL embedded TLS has bug fixes and new features including:
|
|
|
-
|
|
|
-Release 5.5.4 has been developed according to wolfSSL's development and QA process (see link below) and successfully passed the quality criteria.
|
|
|
+Release 5.6.0 has been developed according to wolfSSL's development and QA process (see link below) and successfully passed the quality criteria.
|
|
|
https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
|
|
|
|
|
|
-## New Feature Additions
|
|
|
+NOTE: * --enable-heapmath is being deprecated and will be removed by 2024
|
|
|
+ * This release makes ASN Template the default with ./configure, the previous ASN parsing can be built with --enable-asn=original
|
|
|
|
|
|
-* QUIC related changes for HAProxy integration and config option
|
|
|
-* Support for Analog Devices MAXQ1080 and MAXQ1065
|
|
|
-* Testing and build of wolfSSL with NuttX
|
|
|
-* New software based entropy gatherer with configure option --enable-entropy-memuse
|
|
|
-* NXP SE050 feature expansion and fixes, adding in RSA support and conditional compile of AES and CMAC
|
|
|
-* Support for multi-threaded sniffer
|
|
|
+Release 5.6.0 of wolfSSL embedded TLS has bug fixes and new features including:
|
|
|
|
|
|
-## Improvements / Optimizations
|
|
|
+## New Feature Additions
|
|
|
+
|
|
|
+* ASN template is now the default ASN parsing implementation when compiling with configure
|
|
|
+* Added in support for TLS v1.3 Encrypted Client Hello (ECH) and HPKE (Hybrid Public Key Encryption)
|
|
|
+* DTLS 1.3 stateless server ClientHello parsing support added
|
|
|
|
|
|
-### Benchmark and Tests
|
|
|
-* Add alternate test case for unsupported static memory API when testing mutex allocations
|
|
|
-* Additional unit test cases added for AES CCM 256-bit
|
|
|
-* Initialize and free AES object with benchmarking AES-OFB
|
|
|
-* Kyber with DTLS 1.3 tests added
|
|
|
-* Tidy up Espressif ESP32 test and benchmark examples
|
|
|
-* Rework to be able to run API tests individually and add display of time taken per test
|
|
|
-
|
|
|
-### Build and Port Improvements
|
|
|
-* Add check for 64-bit ABI on MIPS64 before declaring a 64-bit CPU
|
|
|
-* Add support to detect SIZEOF_LONG in armclang and diab
|
|
|
-* Added in a simple example working on Rx72n
|
|
|
-* Update azsphere support to prevent compilation of file included inline
|
|
|
-* --enable-brainpool configure option added and default to on when custom curves are also on
|
|
|
-* Add RSA PSS salt defines to engine builds if not FIPS v2
|
|
|
-
|
|
|
-### Post Quantum
|
|
|
-* Remove kyber-90s and route all Kyber through wolfcrypt
|
|
|
-* Purge older version of NTRU and SABER from wolfSSL
|
|
|
-
|
|
|
-### SP Math
|
|
|
-* Support static memory build with sp-math
|
|
|
-* SP C, SP int: improve performance
|
|
|
-* SP int: support mingw64 again
|
|
|
-* SP int: enhancements to guess 64-bit type and check on NO_64BIT macro set before using long long
|
|
|
-* SP int: check size required when using sp_int on stack
|
|
|
-* SP: --enable-sp-asm now enables SP by default if not set
|
|
|
-* SP: support aarch64 big endian
|
|
|
-
|
|
|
-### DTLS
|
|
|
-* Allow DTLS 1.3 to compile when FIPS is enabled
|
|
|
-* Allow for stateless DTLS client hello parsing
|
|
|
+### Ports
|
|
|
+* Add RX64/RX71 SHA hardware support
|
|
|
+* Port to RT1170 and expand NXP CAAM driver support
|
|
|
+* Add NuttX integration files for ease of use
|
|
|
+* Updated Stunnel support for version 5.67
|
|
|
+Compatibility Layer
|
|
|
+* Add in support for AES-CCM with EVP
|
|
|
+* BN compatibility API refactoring and separate API created
|
|
|
+* Expanding public key type cipher suite list strings support
|
|
|
|
|
|
### Misc.
|
|
|
-* Easier detection of DRBG health when using Intel’s RDRAND by updating the structures status value
|
|
|
-* Detection of duplicate known extensions with TLS
|
|
|
-* PKCS#11 handle a user PIN that is a NULL_PTR, compile time check in finding keys, add initialization API
|
|
|
-* Update max Cert Policy size based on RFC 5280
|
|
|
-* Add Android CA certs path for wolfSSL_CTX_load_system_CA_certs()
|
|
|
-* Improve logic for enabling system CA certs on Apple devices
|
|
|
-* Stub functions to allow for cpuid public functions with non-intel builds
|
|
|
-* Increase RNG_SECURITY_STRENGTH for FIPS
|
|
|
-* Improvements in OpenSSL Compat ERR Queue handling
|
|
|
-* Support ASN1/DER CRLs in LoadCertByIssuer
|
|
|
-* Expose more ECC math functions and improve async shared secret
|
|
|
-* Improvement for sniffer error messages
|
|
|
-* Warning added that renegotiation in TLS 1.3 requires session ticket
|
|
|
-* Adjustment for TLS 1.3 post auth support
|
|
|
-* Rework DH API and improve PEM read/write
|
|
|
+* Support pthread_rwlock and add enable option
|
|
|
+* Add wolfSSL_CertManagerLoadCABuffer_ex() that takes a user certificate chain flag and additional verify flag options
|
|
|
+* Docker build additions for wolfSSL library and wolfCLU application
|
|
|
+* Add favorite drink pilot attribute type to get it from the encoding
|
|
|
+* Added in support for indefinite length BER parsing with PKCS12
|
|
|
+* Add dynamic session cache which allocates sessions from the heap with macro SESSION_CACHE_DYNAMIC_MEM
|
|
|
+
|
|
|
+
|
|
|
+## Improvements / Optimizations
|
|
|
+
|
|
|
+### Tests
|
|
|
+* Additional CI (continuous integration) testing and leveraging of GitHub workflows
|
|
|
+* Add CI testing for wpa_supplicant, OpenWrt and OpenVPN using GitHub workflows
|
|
|
+* Add compilation of Espressif to GitHub workflows tests
|
|
|
+* Refactoring and improving error results with wolfCrypt unit test application
|
|
|
+* Minor warning fixes from Coverity static analysis scan
|
|
|
+* Add new SHA-512/224 and SHA-512/256 tests
|
|
|
+* Used codespell and fixed some minor typos
|
|
|
+
|
|
|
+### Ports
|
|
|
+* Improve TLS1.2 client authentication to use TSIP
|
|
|
+* Updated Kyber macro to be WOLFSSL_HAVE_KYBER and made changes that make Kyber work on STM32
|
|
|
+* AES-GCM Windows assembly additions
|
|
|
+* CRLF line endings, trailing spaces for C# Wrapper Projects
|
|
|
+Compatibility Layer
|
|
|
+* Update `PubKey` and `Key` PEM-to-DER APIs to support return of needed DER size
|
|
|
+* Allow reading ENC EC PRIVATE KEY as well via wolfSSL_PEM_read_bio_ECPrivateKey
|
|
|
+* Improve wolfSSL_EC_POINT_cmp to handle Jacobian ordinates
|
|
|
+* Fix issue with BIO_reset() and add BIO_FLAGS_MEM_RDONLY flag support for read only BIOs
|
|
|
+
|
|
|
+### SP
|
|
|
+* In SP math library rework mod 3 and use count leading zero instruction
|
|
|
+* Fix with SP ECC sign to reject the random k generated when r is 0
|
|
|
+* With SP math add better detection of when add won't work and double is needed with point_add_qz1 internal function
|
|
|
+* With SP int fail when buffer writing to is too small for number rather than discarding the extra values
|
|
|
+
|
|
|
+### Builds
|
|
|
+* Define WOLFSSL_SP_SMALL_STACK if wolfSSL is build with --enable-smallstack
|
|
|
+* Fix CMake to exclude libm when DH is not enabled
|
|
|
+* Allow building of SAKKE as external non-FIPS algorithm with wolfmikey product
|
|
|
+* Add option to add library suffix, --with-libsuffix
|
|
|
+* ASN template compile option WOLFSSL_ASN_INT_LEAD_0_ANY to allow leading zeros
|
|
|
+* Add user_settings.h template for wolfTPM to examples/configs/user_settings_wolftpm.h
|
|
|
+* Purge the AES variant of Dilithium
|
|
|
+* Expand WOLFSSL_NO_ASN_STRICT to allow parsing of explicit ECC public key
|
|
|
+* Remove relocatable text in ARMv7a AES assembly for use with FIPS builds
|
|
|
+* Expand checking for hardware that supports ARMv7a neon with autotools configure
|
|
|
+* Sanity check on allocation fails with DSA and FP_ECC build when zeroizing internal buffer
|
|
|
+* Additional TLS alerts sent when compiling with WOLFSSL_EXTRA_ALERTS macro defined
|
|
|
+
|
|
|
+### Benchmarking
|
|
|
+* Update wolfCrypt benchmark Windows build files to support x64 Platform
|
|
|
+* Add SHA512/224 and SHA512/256 benchmarks, fixed CVS macro and display sizes
|
|
|
+* Separate AES-GCM streaming runs when benchmarked
|
|
|
+* No longer call external implementation of Kyber from benchmark
|
|
|
+* Fix for benchmarking shake with custom block size
|
|
|
+* Fixes for benchmark help `-alg` list and block format
|
|
|
+Documentation/Examples
|
|
|
+* Document use of wc_AesFree() and update documentation of Ed25519 with Doxygen
|
|
|
+* Move the wolfSSL Configuration section higher in QUIC.md
|
|
|
+* Add Japanese Doxygen documentation for cmac.h, quic.h and remove incomplete Japanese doxygen in asn_public.h
|
|
|
+* Espressif examples run with local wolfSSL now with no additional setup needed
|
|
|
+* Added a fix for StartTLS use In the example client
|
|
|
+* Add a base-line user_settings.h for use with FIPS 140-3 in XCode example app
|
|
|
+
|
|
|
+### Optimizations
|
|
|
+* AES-NI usage added for AES modes ECB/CTR/XTS
|
|
|
+
|
|
|
+### Misc
|
|
|
+* Update AES-GCM stream decryption to allow long IVs
|
|
|
+* Internal refactor to use wolfSSL_Ref functions when incrementing or decrementing the structures reference count and fixes for static analysis reports
|
|
|
+* Cleanup function logging making adjustments to the debug log print outs
|
|
|
+* Remove realloc dependency in DtlsMsgCombineFragBuckets function
|
|
|
+* Refactor to use WOLFSSL_CTX’s cipher suite list when possible
|
|
|
+* Update internal padding of 0’s with DSA sign and additional tests with mp_to_unsigned_bin_len function
|
|
|
+* With DTLS SRTP use wolfSSL_export_keying_material instead of wc_PRF_TLS
|
|
|
+* Updated macro naming from HAVE_KYBER to be WOLFSSL_HAVE_KYBER
|
|
|
+* Update AES XTS encrypt to handle in-place encryption properly
|
|
|
+* With TLS 1.3 add option to require only PSK with DHE
|
|
|
|
|
|
## Fixes
|
|
|
|
|
|
-### Build Fixes
|
|
|
-* Fix --enable-devcrypto build error for sys without u_int8_t type
|
|
|
-* Fix casts in evp.c and build issue in ParseCRL
|
|
|
-* Fixes for compatibility layer building with heap hint and OSSL callbacks
|
|
|
-* fix compile error due to Werro=undef on gcc-4.8
|
|
|
-* Fix mingw-w64 build issues on windows
|
|
|
-* Xcode project fixes for different build settings
|
|
|
-* Initialize variable causing failures with gcc-11 and gcc-12 with a unique wolfSSL build configuration
|
|
|
-* Prevent WOLFSSL_NO_MALLOC from breaking RSA certificate verification
|
|
|
-* Fixes for various tests that do not properly handle `WC_PENDING_E` with async. builds
|
|
|
-* Fix for misc `HashObject` to be excluded for `WOLFCRYPT_ONLY`
|
|
|
-
|
|
|
-### OCSP Fixes
|
|
|
-* Correctly save next status with OCSP response verify
|
|
|
-* When the OCSP responder returns an unknown exception, continue through to checking the CRL
|
|
|
-
|
|
|
-### Math Fixes
|
|
|
-* Fix for implicit conversion with 32-bit in SP math
|
|
|
-* Fix for error checks when modulus is even with SP int build
|
|
|
-* Fix for checking of err in _sp_exptmod_nct with SP int build
|
|
|
-* ECC cofactor fix when checking scalar bits
|
|
|
-* ARM32 ASM: don't use ldrd on user data
|
|
|
-* SP int, fix when ECC specific size code included
|
|
|
-
|
|
|
-### Port Fixes
|
|
|
-* Fixes for STM32 PKA ECC (not 256-bit) and improvements for AES-GCM
|
|
|
-* Fix for cryptocell signature verification with ECC
|
|
|
-* Benchmark devid changes, CCM with SECO fix, set IV on AES import into SECO
|
|
|
-
|
|
|
-### Compat. Layer Fixes
|
|
|
-* Fix for handling DEFAULT:... cipher suite list
|
|
|
-* Fix memory leak in wolfSSL_X509_NAME_ENTRY_get_object
|
|
|
-* Set alt name type to V_ASN1_IA5STRING
|
|
|
-* Update name hash functions wolfSSL_X509_subject_name_hash and wolfSSL_X509_issuer_name_hash to hash the canonical form of subject
|
|
|
-* Fix wolfSSL_set_SSL_CTX() to be usable during handshake
|
|
|
-* Fix X509_get1_ocsp to set num of elements in stack
|
|
|
-* X509v3 EXT d2i: fix freeing of aia
|
|
|
-* Fix to remove recreation of certificate with wolfSSL_PEM_write_bio_X509()
|
|
|
-* Link newly created x509 store's certificate manager to self by default to assist with CRL verification
|
|
|
-* Fix for compatibility `EC_KEY_new_by_curve_name` to not create a key if the curve is not found
|
|
|
+### Ports
|
|
|
+* Fix for AES use with CAAM on imx8qxp with SECO builds
|
|
|
+* Fix for PIC32 crypto HW and unused `TLSX_SetResponse`
|
|
|
+* Fix warning if ltime is unsigned seen with QNX build
|
|
|
+* Updates and fix for Zephyr project support
|
|
|
+* Include sys/time.h for WOLFSSL_RIOT_OS
|
|
|
+* Move X509_V errors from enums to defines for use with HAProxy CLI
|
|
|
+* Fix IAR compiler warnings resolved
|
|
|
+* Fix for STM32 Hash peripherals (like on F437) with FIFO depth = 1
|
|
|
+* ESP32 fix for SHA384 init with hardware acceleration
|
|
|
+
|
|
|
+### Builds
|
|
|
+* Add WOLFSSL_IP_ALT_NAME macro define to --enable-curl
|
|
|
+* Fixes for building with C++17 and avoiding clashing with byte naming
|
|
|
+* Fixes SP math all build issue with small-stack and no hardening
|
|
|
+* Fix for building with ASN template with `NO_ASN_TIME` defined
|
|
|
+* Fix building FIPSv2 with WOLFSSL_ECDSA_SET_K defined
|
|
|
+* Don't allow aesgcm-stream option with kcapi
|
|
|
+* Fix DTLS test case for when able to read peers close notify alert on FreeBSD systems
|
|
|
+* Fix for "expression must have a constant value" in tls13.c with Green Hills compiler
|
|
|
+* Fixes for building KCAPI with opensslextra enabled
|
|
|
+* Fix warnings of shadows min and subscript with i486-netbsd-gcc compiler
|
|
|
+* Fix issue with async and `WOLFSSL_CHECK_ALERT_ON_ERR`
|
|
|
+* Fix for PKCS7 with asynchronous crypto enabled
|
|
|
+
|
|
|
+### Math Library
|
|
|
+* SP Aarch64 fix for conditional changed in asm needing "cc" and fix for ECC P256 mont reduce
|
|
|
+* In SP builds add sanity check with DH exp. to check the output length for minimum size
|
|
|
+* In SP math fix scalar length check with EC scalar multiply
|
|
|
+* With SP int fix handling negative character properly with read radix
|
|
|
+* Add error checks before setting variable err in SP int with the function sp_invmod_mont_ct
|
|
|
+* Fix to add sanity check for malloc of zero size in fastmath builds
|
|
|
+* In fastmath fix a possible overflow in fp_to_unsigned_bin_len length check
|
|
|
+* Heapmath fast mod. reduce fix
|
|
|
+
|
|
|
+### Compatibility Layer
|
|
|
+* Fixes for encoding/decoding ecc public keys and ensure i2d public key functions do not include any private key information
|
|
|
+* Fix for EVP_EncryptUpdate to update outl on empty input
|
|
|
+* Fix SE050 RSA public key loading and RSA/ECC SE050 TLS Compatibility
|
|
|
+* Rework EC API and validate point after setting it
|
|
|
+* Fix for X509 RSA PSS with compatibility layer functions
|
|
|
+* Fix size of structures used with SHA operations when built with opensslextra for Espressif hardware accelerated hashing
|
|
|
+* Added sanity check on key length with wolfSSL_CMAC_Init function
|
|
|
+* Fix for return value type conversion of bad mutex error in logging function
|
|
|
+* Fix NID conflict NID_givenName and NID_md5WithRSAEncryption
|
|
|
+* Fix unguarded XFPRINTF calls with opensslextra build
|
|
|
+* Fix wolfSSL_ASN1_INTEGER_to_BN for negative values
|
|
|
+* Fix for potential ASN1_STRING leak in wolfSSL_X509_NAME_ENTRY_create_by_txt and wolfSSL_X509_NAME_ENTRY_create_by_NID when memory allocation fails
|
|
|
|
|
|
### Misc.
|
|
|
-* Free potential signer malloc in a fail case
|
|
|
-* fix other name san parsing and add RID cert to test parsing
|
|
|
-* WOLFSSL_OP_NO_TICKET fix for TLSv1.2
|
|
|
-* fix ASN template parsing of X509 subject directory attribute
|
|
|
-* Fix the wrong IV size with the cipher suite TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256
|
|
|
-* Fix incorrect self signed error return when compiled with certreq and certgen.
|
|
|
-* Fix wrong function name in debug comment with wolfSSL_X509_get_name_oneline()
|
|
|
-* Fix for decryption after second handshake with async sniffer
|
|
|
-* Allow session tickets to properly resume when using PQ KEMs
|
|
|
-* Add sanity overflow check to DecodeAltNames input buffer access
|
|
|
+* Add sanity check to prevent an out of bounds read with OCSP response decoding
|
|
|
+* Sanity check to not allow 0 length with bit string and integer when parsing ASN1 syntax
|
|
|
+* Adjust RNG sanity checks and remove error prone first byte comparison
|
|
|
+* With PKCS7 add a fix for GetAsnTimeString() to correctly increment internal data pointer
|
|
|
+* PKCS7 addition of sequence around algo parameters with authenvelop
|
|
|
+* DSA fixes for clearing mp_int before re-reading data and avoid mp_clear without first calling mp_init
|
|
|
+* Fix for SRTP setting bitfield when it is encoded for the TLS extension
|
|
|
+* Fix for handling small http headers when doing CRL verification
|
|
|
+* Fix for ECCSI hash function to validate the output size and curve size
|
|
|
+* Fix for value of givenName and name being reversed with CSR generation
|
|
|
+* Fix for error type returned (OCSP_CERT_UNKNOWN) with OCSP verification
|
|
|
+* Fix for a potential memory leak with ProcessCSR when handling OCSP responses
|
|
|
+* Fix for VERIFY_SKIP_DATE flag not ignoring date errors when set
|
|
|
+* Fix for zlib decompression buffer issue with PKCS7
|
|
|
+* Fix for DTLS message pool send size used and DTLS server saving of the handshake sequence
|
|
|
+* Fix to propagate WOLFSSL_TICKET_RET_CREATE error return value from DoDecryptTicket()
|
|
|
+* Fix for handling long session IDs with TLS 1.3 session tickets
|
|
|
+* Fix for AES-GCM streaming when caching an IV
|
|
|
+* Fix for test case with older selftest that returns bad padding instead of salt len error
|
|
|
+* Add fix for siphash cache and added in additional tests
|
|
|
+* Fix potential out of bounds memset to 0 in error case with session export function used with --enable-sessionexport builds
|
|
|
+* Fix possible NULL dereference in TLSX_CSR_Parse with TLS 1.3
|
|
|
+* Fix for sanity check on RSA pad length with no padding using the build macro WC_RSA_NO_PADDING
|
|
|
|
|
|
For additional vulnerability information visit the vulnerability page at:
|
|
|
https://www.wolfssl.com/docs/security-vulnerabilities/
|