prepare for release 5.7.4
This commit is contained in:
parent
3f651a8dd0
commit
8604024b95
@ -34,7 +34,7 @@ if("${CMAKE_SOURCE_DIR}" STREQUAL "${CMAKE_BINARY_DIR}")
|
||||
You must delete them, or cmake will refuse to work.")
|
||||
endif()
|
||||
|
||||
project(wolfssl VERSION 5.7.2 LANGUAGES C ASM)
|
||||
project(wolfssl VERSION 5.7.4 LANGUAGES C ASM)
|
||||
|
||||
# Set WOLFSSL_ROOT if not already defined
|
||||
if ("${WOLFSSL_ROOT}" STREQUAL "")
|
||||
@ -53,7 +53,7 @@ set(WOLFSSL_LIBRARY_VERSION_FIRST 42)
|
||||
|
||||
# increment if interfaces have been added
|
||||
# set to zero if WOLFSSL_LIBRARY_VERSION_FIRST is incremented
|
||||
set(WOLFSSL_LIBRARY_VERSION_SECOND 2)
|
||||
set(WOLFSSL_LIBRARY_VERSION_SECOND 3)
|
||||
|
||||
# increment if source code has changed
|
||||
# set to zero if WOLFSSL_LIBRARY_VERSION_FIRST is incremented or
|
||||
|
193
ChangeLog.md
193
ChangeLog.md
@ -1,3 +1,196 @@
|
||||
# wolfSSL Release 5.7.4 (Oct 24, 2024)
|
||||
|
||||
Release 5.7.4 has been developed according to wolfSSL's development and QA
|
||||
process (see link below) and successfully passed the quality criteria.
|
||||
https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
|
||||
|
||||
NOTE: * --enable-heapmath is being deprecated and will be removed by end of 2024
|
||||
|
||||
PR stands for Pull Request, and PR <NUMBER> references a GitHub pull request
|
||||
number where the code change was added.
|
||||
|
||||
|
||||
## Vulnerabilities
|
||||
* [Low] When the OpenSSL compatibility layer is enabled, certificate
|
||||
verification behaved differently in wolfSSL than OpenSSL, in the
|
||||
X509_STORE_add_cert() and X509_STORE_load_locations() implementations.
|
||||
Previously, in cases where an application explicitly loaded an intermediate
|
||||
certificate, wolfSSL was verifying only up to that intermediate certificate,
|
||||
rather than verifying up to the root CA. This only affects use cases where the
|
||||
API is called directly, and does not affect TLS connections. Users that call
|
||||
the API X509_STORE_add_cert() or X509_STORE_load_locations() directly in their
|
||||
applications are recommended to update the version of wolfSSL used or to have
|
||||
additional sanity checks on certificates loaded into the X509_STORE when
|
||||
verifying a certificate. (https://github.com/wolfSSL/wolfssl/pull/8087)
|
||||
|
||||
|
||||
## PQC TLS Experimental Build Fix
|
||||
* When using TLS with post quantum algorithms enabled, the connection uses a
|
||||
smaller EC curve than agreed on. Users building with --enable-experimental and
|
||||
enabling PQC cipher suites with TLS connections are recommended to update the
|
||||
version of wolfSSL used. Thanks to Daniel Correa for the report.
|
||||
(https://github.com/wolfSSL/wolfssl/pull/8084)
|
||||
|
||||
|
||||
## New Feature Additions
|
||||
* RISC-V 64 new assembly optimizations added for SHA-256, SHA-512, ChaCha20,
|
||||
Poly1305, and SHA-3 (PR 7758,7833,7818,7873,7916)
|
||||
* Implement support for Connection ID (CID) with DTLS 1.2 (PR 7995)
|
||||
* Add support for (DevkitPro)libnds (PR 7990)
|
||||
* Add port for Mosquitto OSP (Open Source Project) (PR 6460)
|
||||
* Add port for init sssd (PR 7781)
|
||||
* Add port for eXosip2 (PR 7648)
|
||||
* Add support for STM32G4 (PR 7997)
|
||||
* Add support for MAX32665 and MAX32666 TPU HW and ARM ASM Crypto Callback
|
||||
Support (PR 7777)
|
||||
* Add support for building wolfSSL to be used in libspdm (PR 7869)
|
||||
* Add port for use with Nucleus Plus 2.3 (PR 7732)
|
||||
* Initial support for RFC5755 x509 attribute certificates (acerts). Enabled with
|
||||
--enable-acert (PR 7926)
|
||||
* PKCS#11 RSA Padding offload allows tokens to perform CKM_RSA_PKCS
|
||||
(sign/encrypt), CKM_RSA_PKCS_PSS (sign), and CKM_RSA_PKCS_OAEP (encrypt).
|
||||
(PR 7750)
|
||||
* Added “new” and “delete” style functions for heap/pool allocation and freeing
|
||||
of low level crypto structures (PR 3166 and 8089)
|
||||
|
||||
|
||||
## Enhancements and Optimizations
|
||||
* Increase default max alt. names from 128 to 1024 (PR 7762)
|
||||
* Added new constant time DH agree function wc_DhAgree_ct (PR 7802)
|
||||
* Expanded compatibility layer with the API EVP_PKEY_is_a (PR 7804)
|
||||
* Add option to disable cryptocb test software test using
|
||||
--disable-cryptocb-sw-test (PR 7862)
|
||||
* Add a call to certificate verify callback before checking certificate dates
|
||||
(PR 7895)
|
||||
* Expanded algorithms supported with the wolfCrypt CSharp wrapper. Adding
|
||||
support for RNG, ECC(ECIES and ECDHE), RSA, ED25519/Curve25519, AES-GCM, and
|
||||
Hashing (PR 3166)
|
||||
* Expand MMCAU support for use with DES ECB (PR 7960)
|
||||
* Update AES SIV to handle multiple associated data inputs (PR 7911)
|
||||
* Remove HAVE_NULL_CIPHER from --enable-openssh (PR 7811)
|
||||
* Removed duplicate if(NULL) checks when calling XFREE (macro does) (PR 7839)
|
||||
* Set RSA_MIN_SIZE default to 2048 bits (PR 7923)
|
||||
* Added support for wolfSSL to be used as the default TLS in the zephyr kernel
|
||||
(PR 7731)
|
||||
* Add enable provider build using --enable-wolfprovider with autotools (PR 7550)
|
||||
* Renesas RX TSIP ECDSA support (PR 7685)
|
||||
* Support DTLS1.3 downgrade when the server supports CID (PR 7841)
|
||||
* Server-side checks OCSP even if it uses v2 multi (PR 7828)
|
||||
* Add handling of absent hash params in PKCS7 bundle parsing and creation
|
||||
(PR 7845)
|
||||
* Add the use of w64wrapper for Poly1305, enabling Poly1305 to be used in
|
||||
environments that do not have a word64 type (PR 7759)
|
||||
* Update to the maxq10xx support (PR 7824)
|
||||
* Add support for parsing over optional PKCS8 attributes (PR 7944)
|
||||
* Add support for either side method with DTLS 1.3 (PR 8012)
|
||||
* Added PKCS7 PEM support for parsing PEM data with BEGIN/END PKCS7 (PR 7704)
|
||||
* Add CMake support for WOLFSSL_CUSTOM_CURVES (PR 7962)
|
||||
* Add left-most wildcard matching support to X509_check_host() (PR 7966)
|
||||
* Add option to set custom SKID with PKCS7 bundle creation (PR 7954)
|
||||
* Building wolfSSL as a library with Ada and corrections to Alire manifest
|
||||
(PR 7303,7940)
|
||||
* Renesas RX72N support updated (PR 7849)
|
||||
* New option WOLFSSL_COPY_KEY added to always copy the key to the SSL object
|
||||
(PR 8005)
|
||||
* Add the new option WOLFSSL_COPY_CERT to always copy the cert buffer for each
|
||||
SSL object (PR 7867)
|
||||
* Add an option to use AES-CBC with HMAC for default session ticket enc/dec.
|
||||
Defaults to AES-128-CBC with HMAC-SHA256 (PR 7703)
|
||||
* Memory usage improvements in wc_PRF, sha256 (for small code when many
|
||||
registers are available) and sp_int objects (PR 7901)
|
||||
* Change in the configure script to work around ">>" with no command. In older
|
||||
/bin/sh it can be ambiguous, as used in OS’s such as FreeBSD 9.2 (PR 7876)
|
||||
* Don't attempt to include system headers when not required (PR 7813)
|
||||
* Certificates: DER encoding of ECC signature algorithm parameter is now
|
||||
allowed to be NULL with a define (PR 7903)
|
||||
* SP x86_64 asm: check for AVX2 support for VMs (PR 7979)
|
||||
* Update rx64n support on gr-rose (PR 7889)
|
||||
* Update FSP version to v5.4.0 for RA6M4 (PR 7994)
|
||||
* Update TSIP driver version to v1.21 for RX65N RSK (PR 7993)
|
||||
* Add a new crypto callback for RSA with padding (PR 7907)
|
||||
* Replaced the use of pqm4 with wolfSSL implementations of Kyber/MLDSA
|
||||
(PR 7924)
|
||||
* Modernized memory fence support for C11 and clang (PR 7938)
|
||||
* Add a CRL error override callback (PR 7986)
|
||||
* Extend the X509 unknown extension callback for use with a user context
|
||||
(PR 7730)
|
||||
* Additional debug error tracing added with TLS (PR 7917)
|
||||
* Added runtime support for library call stack traces with
|
||||
–enable-debug-trace-errcodes=backtrace, using libbacktrace (PR 7846)
|
||||
* Expanded C89 conformance (PR 8077)
|
||||
* Expanded support for WOLFSSL_NO_MALLOC (PR 8065)
|
||||
* Added support for cross-compilation of Linux kernel module (PR 7746)
|
||||
* Updated Linux kernel module with support for kernel 6.11 and 6.12 (PR 7826)
|
||||
* Introduce WOLFSSL_ASN_ALLOW_0_SERIAL to allow parsing of certificates with a
|
||||
serial number of 0 (PR 7893)
|
||||
* Add conditional repository_owner to all wolfSSL GitHub workflows (PR 7871)
|
||||
|
||||
### Espressif / Arduino Updates
|
||||
* Update wolfcrypt settings.h for Espressif ESP-IDF, template update (PR 7953)
|
||||
* Update Espressif sha, util, mem, time helpers (PR 7955)
|
||||
* Espressif _thread_local_start and _thread_local_end fix (PR 8030)
|
||||
* Improve benchmark for Espressif devices (PR 8037)
|
||||
* Introduce Espressif common CONFIG_WOLFSSL_EXAMPLE_NAME, Kconfig (PR 7866)
|
||||
* Add wolfSSL esp-tls and Certificate Bundle Support for Espressif ESP-IDF
|
||||
(PR 7936)
|
||||
* Update wolfssl Release for Arduino (PR 7775)
|
||||
|
||||
### Post Quantum Crypto Updates
|
||||
* Dilithium: support fixed size arrays in dilithium_key (PR 7727)
|
||||
* Dilithium: add option to use precalc with small sign (PR 7744)
|
||||
* Allow Kyber to be built with FIPS (PR 7788)
|
||||
* Allow Kyber asm to be used in the Linux kernel module (PR 7872)
|
||||
* Dilithium, Kyber: Update to final specification (PR 7877)
|
||||
* Dilithium: Support FIPS 204 Draft and Final Draft (PR 7909,8016)
|
||||
|
||||
### ARM Assembly Optimizations
|
||||
* ARM32 assembly optimizations added for ChaCha20 and Poly1305 (PR 8020)
|
||||
* Poly1305 assembly optimizations improvements for Aarch64 (PR 7859)
|
||||
* Poly1305 assembly optimizations added for Thumb-2 (PR 7939)
|
||||
* Adding ARM ASM build option to STM32CubePack (PR 7747)
|
||||
* Add ARM64 to Visual Studio Project (PR 8010)
|
||||
* Kyber assembly optimizations for ARM32 and Aarch64 (PR 8040,7998)
|
||||
* Kyber assembly optimizations for ARMv7E-M/ARMv7-M (PR 7706)
|
||||
|
||||
|
||||
## Fixes
|
||||
* ECC key load: fixes for certificates with parameters that are not default for
|
||||
size (PR 7751)
|
||||
* Fixes for building x86 in Visual Studio for non-windows OS (PR 7884)
|
||||
* Fix for TLS v1.2 secret callback, incorrectly detecting bad master secret
|
||||
(PR 7812)
|
||||
* Fixes for PowerPC assembly use with Darwin and SP math all (PR 7931)
|
||||
* Fix for detecting older versions of Mac OS when trying to link with
|
||||
libdispatch (PR 7932)
|
||||
* Fix for DTLS1.3 downgrade to DTLS1.2 when the server sends multiple handshake
|
||||
packets combined into a single transmission. (PR 7840)
|
||||
* Fix for OCSP to save the request if it was stored in ssl->ctx->certOcspRequest
|
||||
(PR 7779)
|
||||
* Fix to OCSP for searching for CA by key hash instead of ext. key id (PR 7934)
|
||||
* Fix for staticmemory and singlethreaded build (PR 7737)
|
||||
* Fix to not allow Shake128/256 with Xilinx AFALG (PR 7708)
|
||||
* Fix to support PKCS11 without RSA key generation (PR 7738)
|
||||
* Fix not calling the signing callback when using PK callbacks + TLS 1.3
|
||||
(PR 7761)
|
||||
* Cortex-M/Thumb2 ASM fix label for IAR compiler (PR 7753)
|
||||
* Fix with PKCS11 to iterate correctly over slotId (PR 7736)
|
||||
* Stop stripping out the sequence header on the AltSigAlg extension (PR 7710)
|
||||
* Fix ParseCRL_AuthKeyIdExt with ASN template to set extAuthKeyIdSet value
|
||||
(PR 7742)
|
||||
* Use max key length for PSK encrypt buffer size (PR 7707)
|
||||
* DTLS 1.3 fix for size check to include headers and CID fixes (PR 7912,7951)
|
||||
* Fix STM32 Hash FIFO and add support for STM32U5A9xx (PR 7787)
|
||||
* Fix CMake build error for curl builds (PR 8021)
|
||||
* SP Maths: PowerPC ASM fix to use XOR instead of LI (PR 8038)
|
||||
* SSL loading of keys/certs: testing and fixes (PR 7789)
|
||||
* Misc. fixes for Dilithium and Kyber (PR 7721,7765,7803,8027,7904)
|
||||
* Fixes for building wolfBoot sources for PQ LMS/XMSS (PR 7868)
|
||||
* Fixes for building with Kyber enabled using CMake and zephyr port (PR 7773)
|
||||
* Fix for edge cases with session resumption with TLS 1.2 (PR 8097)
|
||||
* Fix issue with ARM ASM with AES CFB/OFB not initializing the "left" member
|
||||
(PR 8099)
|
||||
|
||||
|
||||
# wolfSSL Release 5.7.2 (July 08, 2024)
|
||||
|
||||
Release 5.7.2 has been developed according to wolfSSL's development and QA
|
||||
|
@ -51,8 +51,8 @@ END
|
||||
//
|
||||
|
||||
VS_VERSION_INFO VERSIONINFO
|
||||
FILEVERSION 5,7,2,0
|
||||
PRODUCTVERSION 5,7,2,0
|
||||
FILEVERSION 5,7,4,0
|
||||
PRODUCTVERSION 5,7,4,0
|
||||
FILEFLAGSMASK 0x3fL
|
||||
#ifdef _DEBUG
|
||||
FILEFLAGS 0x1L
|
||||
@ -69,12 +69,12 @@ BEGIN
|
||||
BEGIN
|
||||
VALUE "CompanyName", "wolfSSL Inc."
|
||||
VALUE "FileDescription", "The wolfSSL FIPS embedded SSL library is a lightweight, portable, C-language-based SSL/TLS library targeted at IoT, embedded, and RTOS environments primarily because of its size, speed, and feature set."
|
||||
VALUE "FileVersion", "5.7.2.0"
|
||||
VALUE "FileVersion", "5.7.4.0"
|
||||
VALUE "InternalName", "wolfssl-fips"
|
||||
VALUE "LegalCopyright", "Copyright (C) 2024"
|
||||
VALUE "OriginalFilename", "wolfssl-fips.dll"
|
||||
VALUE "ProductName", "wolfSSL FIPS"
|
||||
VALUE "ProductVersion", "5.7.2.0"
|
||||
VALUE "ProductVersion", "5.7.4.0"
|
||||
END
|
||||
END
|
||||
BLOCK "VarFileInfo"
|
||||
|
263
README
263
README
@ -70,112 +70,197 @@ should be used for the enum name.
|
||||
|
||||
*** end Notes ***
|
||||
|
||||
# wolfSSL Release 5.7.2 (July 08, 2024)
|
||||
# wolfSSL Release 5.7.4 (Oct 24, 2024)
|
||||
|
||||
Release 5.7.2 has been developed according to wolfSSL's development and QA
|
||||
Release 5.7.4 has been developed according to wolfSSL's development and QA
|
||||
process (see link below) and successfully passed the quality criteria.
|
||||
https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
|
||||
|
||||
NOTE: * --enable-heapmath is being deprecated and will be removed by end of 2024
|
||||
|
||||
PR stands for Pull Request, and PR <NUMBER> references a GitHub pull request
|
||||
number where the code change was added.
|
||||
|
||||
|
||||
## Vulnerabilities
|
||||
* [Medium] CVE-2024-1544
|
||||
Potential ECDSA nonce side channel attack in versions of wolfSSL before 5.6.6 with wc_ecc_sign_hash calls. Generating the ECDSA nonce k samples a random number r and then truncates this randomness with a modular reduction mod n where n is the order of the elliptic curve. Analyzing the division through a control-flow revealing side-channel reveals a bias in the most significant bits of k. Depending on the curve this is either a negligible bias or a significant bias large enough to reconstruct k with lattice reduction methods. Thanks to Luca Wilke, Florian Sieck and Thomas Eisenbarth (University of Lübeck) for reporting the vulnerability. Details will appear in the proceedings of CCS 24.
|
||||
Fixed https://github.com/wolfSSL/wolfssl/pull/7020
|
||||
* [Low] When the OpenSSL compatibility layer is enabled, certificate
|
||||
verification behaved differently in wolfSSL than OpenSSL, in the
|
||||
X509_STORE_add_cert() and X509_STORE_load_locations() implementations.
|
||||
Previously, in cases where an application explicitly loaded an intermediate
|
||||
certificate, wolfSSL was verifying only up to that intermediate certificate,
|
||||
rather than verifying up to the root CA. This only affects use cases where the
|
||||
API is called directly, and does not affect TLS connections. Users that call
|
||||
the API X509_STORE_add_cert() or X509_STORE_load_locations() directly in their
|
||||
applications are recommended to update the version of wolfSSL used or to have
|
||||
additional sanity checks on certificates loaded into the X509_STORE when
|
||||
verifying a certificate. (https://github.com/wolfSSL/wolfssl/pull/8087)
|
||||
|
||||
|
||||
* [Medium] CVE-2024-5288
|
||||
A private key blinding operation, enabled by defining the macro WOLFSSL_BLIND_PRIVATE_KEY, was added to mitigate a potential row hammer attack on ECC operations. If performing ECC private key operations in an environment where a malicious user could gain fine control over the device and perform row hammer style attacks it is recommended to update the version of wolfSSL used and to build with WOLFSSL_BLIND_PRIVATE_KEY defined. Thanks to Kemal Derya, M. Caner Tol, Berk Sunar for the report (Vernam Applied Cryptography and Cybersecurity Lab at Worcester Polytechnic Institute)
|
||||
Fixed in github pull request https://github.com/wolfSSL/wolfssl/pull/7416
|
||||
|
||||
|
||||
* [Low] When parsing a provided maliciously crafted certificate directly using wolfSSL API, outside of a TLS connection, a certificate with an excessively large number of extensions could lead to a potential DoS. There are existing sanity checks during a TLS handshake with wolfSSL which mitigate this issue. Thanks to Bing Shi for the report.
|
||||
Fixed in github pull request https://github.com/wolfSSL/wolfssl/pull/7597
|
||||
|
||||
* [Low] CVE-2024-5991
|
||||
In the function MatchDomainName(), input param str is treated as a NULL terminated string despite being user provided and unchecked. Specifically, the Openssl compatibility function X509_check_host() takes in a pointer and length to check against, with no requirements that it be NULL terminated. While calling without a NULL terminated string is very uncommon, it is still technically allowed. If a caller was attempting to do a name check on a non*NULL terminated buffer, the code would read beyond the bounds of the input array until it found a NULL terminator.
|
||||
Fixed in github pull request https://github.com/wolfSSL/wolfssl/pull/7604
|
||||
|
||||
* [Medium] CVE-2024-5814
|
||||
A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello when downgrading from TLS 1.3.
|
||||
Fixed in github pull request https://github.com/wolfSSL/wolfssl/pull/7619
|
||||
|
||||
* [Medium] OCSP stapling version 2 response verification bypass issue when a crafted response of length 0 is received. Found with internal testing.
|
||||
Fixed in github pull request https://github.com/wolfSSL/wolfssl/pull/7702
|
||||
|
||||
* [Medium] OCSP stapling version 2 revocation bypass with a retry of a TLS connection attempt. A revoked CA certificate could incorrectly be loaded into the trusted signers list and used in a repeat connection attempt. Found with internal testing.
|
||||
Fixed in github pull request https://github.com/wolfSSL/wolfssl/pull/7702
|
||||
## PQC TLS Experimental Build Fix
|
||||
* When using TLS with post quantum algorithms enabled, the connection uses a
|
||||
smaller EC curve than agreed on. Users building with --enable-experimental and
|
||||
enabling PQC cipher suites with TLS connections are recommended to update the
|
||||
version of wolfSSL used. Thanks to Daniel Correa for the report.
|
||||
(https://github.com/wolfSSL/wolfssl/pull/8084)
|
||||
|
||||
|
||||
## New Feature Additions
|
||||
* Added Dilithium/ML-DSA: Implementation of ML-DSA-44/65/87 (PR 7622)
|
||||
* AES RISC-V 64-bit ASM: ECB/CBC/CTR/GCM/CCM (PR 7569)
|
||||
* Added CUDA support for AES encryption (PR 7436)
|
||||
* Added support for gRPC (PR 7445)
|
||||
* Added function wc_RsaPrivateKeyDecodeRaw to import raw RSA private keys (PR 7608)
|
||||
* Added crypto callback for SHA-3 (PR 7670)
|
||||
* Support for Infineon Modus Toolbox with wolfSSL (PR 7369)
|
||||
* Allow user to send a user_canceled alert by calling wolfSSL_SendUserCanceled (PR 7590)
|
||||
* C# wrapper SNI support added (PR 7610)
|
||||
* Quantum-safe algorithm support added to the Linux kernel module (PR 7574)
|
||||
* Support for NIST 800-56C Option 1 KDF, using the macro WC_KDF_NIST_SP_800_56C added (PR 7589)
|
||||
* AES-XTS streaming mode added, along with hardware acceleration and kernel module use (PR 7522, 7560, 7424)
|
||||
* PlatformIO FreeRTOS with ESP build and addition of benchmark and test example applications (PR 7528, 7413, 7559, 7542)
|
||||
* RISC-V 64 new assembly optimizations added for SHA-256, SHA-512, ChaCha20,
|
||||
Poly1305, and SHA-3 (PR 7758,7833,7818,7873,7916)
|
||||
* Implement support for Connection ID (CID) with DTLS 1.2 (PR 7995)
|
||||
* Add support for (DevkitPro)libnds (PR 7990)
|
||||
* Add port for Mosquitto OSP (Open Source Project) (PR 6460)
|
||||
* Add port for init sssd (PR 7781)
|
||||
* Add port for eXosip2 (PR 7648)
|
||||
* Add support for STM32G4 (PR 7997)
|
||||
* Add support for MAX32665 and MAX32666 TPU HW and ARM ASM Crypto Callback
|
||||
Support (PR 7777)
|
||||
* Add support for building wolfSSL to be used in libspdm (PR 7869)
|
||||
* Add port for use with Nucleus Plus 2.3 (PR 7732)
|
||||
* Initial support for RFC5755 x509 attribute certificates (acerts). Enabled with
|
||||
--enable-acert (PR 7926)
|
||||
* PKCS#11 RSA Padding offload allows tokens to perform CKM_RSA_PKCS
|
||||
(sign/encrypt), CKM_RSA_PKCS_PSS (sign), and CKM_RSA_PKCS_OAEP (encrypt).
|
||||
(PR 7750)
|
||||
* Added “new” and “delete” style functions for heap/pool allocation and freeing
|
||||
of low level crypto structures (PR 3166 and 8089)
|
||||
|
||||
|
||||
## Enhancements and Optimizations
|
||||
* Expanded STM32 AES hardware acceleration support for use with STM32H5 (PR 7578)
|
||||
* Adjusted wc_xmss and wc_lms settings to support use with wolfBoot (PR 7393)
|
||||
* Added the --enable-rpk option to autotools build for using raw public key support (PR 7379)
|
||||
* SHA-3 Thumb2, ARM32 assembly implementation added (PR 7667)
|
||||
* Improvements to RSA padding to expose Pad/Unpad APIs (PR 7612)
|
||||
* Updates and API additions for supporting socat version 1.8.0.0 (PR 7594)
|
||||
* cmake build improvements, expanding build options with SINGLE_THREADED and post-quantum algorithms, adjusting the generation of options.h file and using “yes;no” boolean instead of strings (PR 7611, 7546, 7479, 7480, 7380)
|
||||
* Improvements for Renesas RZ support (PR 7474)
|
||||
* Improvements to dual algorithm certificates for post-quantum keys (PR 7286)
|
||||
* Added wolfSSL_SessionIsSetup so the user can check if a session ticket has been sent by the server (PR 7430)
|
||||
* hostap updates: Implement PACs for EAP-FAST and filter cipher list on TLS version change (PR 7446)
|
||||
* Changed subject name comparison to match different upper and lower cases (PR 7420)
|
||||
* Support for DTLS 1.3 downgrade when using PSK (PR 7367)
|
||||
* Update to static memory build for more generic memory pools used (PR 7418)
|
||||
* Improved performance of Kyber C implementation (PR 7654)
|
||||
* Support for ECC_CACHE_CURVE with no malloc (PR 7490)
|
||||
* Added the configure option --enable-debug-trace-errcodes (macro WOLFSSL_DEBUG_TRACE_ERROR_CODES) which enables more debug tracking of error code values (PR 7634)
|
||||
* Enhanced wc_MakeRsaKey and wc_RsaKeyToDer to work with WOLFSSL_NO_MALLOC (PR 7362)
|
||||
* Improvements to assembly implementations of ChaCha20 and Poly1305 ASM for use with MSVC (PR 7319)
|
||||
* Cortex-M inline assembly labels with unique number appended (PR 7649)
|
||||
* Added secret logging callback to TLS <= 1.2, enabled with the macro HAVE_SECRET_CALLBACK (PR 7372)
|
||||
* Made wc_RNG_DRBG_Reseed() a public wolfCrypt API (PR 7386)
|
||||
* Enabled DES3 support without the DES3 ciphers. To re-enable DES3 cipher suites, use the configure flag --enable-des3-tls-suites (PR 7315)
|
||||
* Added stubs required for latest nginx (1.25.5) (PR 7449)
|
||||
* Added option for using a custom salt with the function wc_ecc_ctx_set_own_salt (PR 7552)
|
||||
* Added PQ files for Windows (PR 7419)
|
||||
* Enhancements to static memory feature, adding the option for a global heap hint (PR 7478) and build options for a lean or debug setting, enabled with --enable-staticmemory=small or --enable-staticmemory=debug (PR 7597)
|
||||
* Updated --enable-jni to define SESSION_CERTS for wolfJSSE (PR 7557)
|
||||
* Exposed DTLS in Ada wrapper and updated examples (PR 7397)
|
||||
* Added additional minimum TLS extension size sanity checks (PR 7602)
|
||||
* ESP improvements: updating the examples and libraries, updates for Apple HomeKit SHA/SRP, and fix for endianness with SHA512 software fallback (PR 7607, 7392, 7505, 7535)
|
||||
* Made the wc_CheckCertSigPubKey API publicly available with the define of the macro WOLFSSL_SMALL_CERT_VERIFY (PR 7599)
|
||||
* Added an alpha/preview of additional FIPS 140-3 full submission, bringing additional algorithms such as SRTP-KDF, AES-XTS, GCM streaming, AES-CFB, ED25519, and ED448 into the FIPS module boundary (PR 7295)
|
||||
* XCODE support for v5.2.3 of the FIPS module (PR 7140)
|
||||
* Expanded OpenSSL compatibility layer and added EC_POINT_hex2point (PR 7191)
|
||||
* Increase default max alt. names from 128 to 1024 (PR 7762)
|
||||
* Added new constant time DH agree function wc_DhAgree_ct (PR 7802)
|
||||
* Expanded compatibility layer with the API EVP_PKEY_is_a (PR 7804)
|
||||
* Add option to disable cryptocb test software test using
|
||||
--disable-cryptocb-sw-test (PR 7862)
|
||||
* Add a call to certificate verify callback before checking certificate dates
|
||||
(PR 7895)
|
||||
* Expanded algorithms supported with the wolfCrypt CSharp wrapper. Adding
|
||||
support for RNG, ECC(ECIES and ECDHE), RSA, ED25519/Curve25519, AES-GCM, and
|
||||
Hashing (PR 3166)
|
||||
* Expand MMCAU support for use with DES ECB (PR 7960)
|
||||
* Update AES SIV to handle multiple associated data inputs (PR 7911)
|
||||
* Remove HAVE_NULL_CIPHER from --enable-openssh (PR 7811)
|
||||
* Removed duplicate if(NULL) checks when calling XFREE (macro does) (PR 7839)
|
||||
* Set RSA_MIN_SIZE default to 2048 bits (PR 7923)
|
||||
* Added support for wolfSSL to be used as the default TLS in the zephyr kernel
|
||||
(PR 7731)
|
||||
* Add enable provider build using --enable-wolfprovider with autotools (PR 7550)
|
||||
* Renesas RX TSIP ECDSA support (PR 7685)
|
||||
* Support DTLS1.3 downgrade when the server supports CID (PR 7841)
|
||||
* Server-side checks OCSP even if it uses v2 multi (PR 7828)
|
||||
* Add handling of absent hash params in PKCS7 bundle parsing and creation
|
||||
(PR 7845)
|
||||
* Add the use of w64wrapper for Poly1305, enabling Poly1305 to be used in
|
||||
environments that do not have a word64 type (PR 7759)
|
||||
* Update to the maxq10xx support (PR 7824)
|
||||
* Add support for parsing over optional PKCS8 attributes (PR 7944)
|
||||
* Add support for either side method with DTLS 1.3 (PR 8012)
|
||||
* Added PKCS7 PEM support for parsing PEM data with BEGIN/END PKCS7 (PR 7704)
|
||||
* Add CMake support for WOLFSSL_CUSTOM_CURVES (PR 7962)
|
||||
* Add left-most wildcard matching support to X509_check_host() (PR 7966)
|
||||
* Add option to set custom SKID with PKCS7 bundle creation (PR 7954)
|
||||
* Building wolfSSL as a library with Ada and corrections to Alire manifest
|
||||
(PR 7303,7940)
|
||||
* Renesas RX72N support updated (PR 7849)
|
||||
* New option WOLFSSL_COPY_KEY added to always copy the key to the SSL object
|
||||
(PR 8005)
|
||||
* Add the new option WOLFSSL_COPY_CERT to always copy the cert buffer for each
|
||||
SSL object (PR 7867)
|
||||
* Add an option to use AES-CBC with HMAC for default session ticket enc/dec.
|
||||
Defaults to AES-128-CBC with HMAC-SHA256 (PR 7703)
|
||||
* Memory usage improvements in wc_PRF, sha256 (for small code when many
|
||||
registers are available) and sp_int objects (PR 7901)
|
||||
* Change in the configure script to work around ">>" with no command. In older
|
||||
/bin/sh it can be ambiguous, as used in OS’s such as FreeBSD 9.2 (PR 7876)
|
||||
* Don't attempt to include system headers when not required (PR 7813)
|
||||
* Certificates: DER encoding of ECC signature algorithm parameter is now
|
||||
allowed to be NULL with a define (PR 7903)
|
||||
* SP x86_64 asm: check for AVX2 support for VMs (PR 7979)
|
||||
* Update rx64n support on gr-rose (PR 7889)
|
||||
* Update FSP version to v5.4.0 for RA6M4 (PR 7994)
|
||||
* Update TSIP driver version to v1.21 for RX65N RSK (PR 7993)
|
||||
* Add a new crypto callback for RSA with padding (PR 7907)
|
||||
* Replaced the use of pqm4 with wolfSSL implementations of Kyber/MLDSA
|
||||
(PR 7924)
|
||||
* Modernized memory fence support for C11 and clang (PR 7938)
|
||||
* Add a CRL error override callback (PR 7986)
|
||||
* Extend the X509 unknown extension callback for use with a user context
|
||||
(PR 7730)
|
||||
* Additional debug error tracing added with TLS (PR 7917)
|
||||
* Added runtime support for library call stack traces with
|
||||
–enable-debug-trace-errcodes=backtrace, using libbacktrace (PR 7846)
|
||||
* Expanded C89 conformance (PR 8077)
|
||||
* Expanded support for WOLFSSL_NO_MALLOC (PR 8065)
|
||||
* Added support for cross-compilation of Linux kernel module (PR 7746)
|
||||
* Updated Linux kernel module with support for kernel 6.11 and 6.12 (PR 7826)
|
||||
* Introduce WOLFSSL_ASN_ALLOW_0_SERIAL to allow parsing of certificates with a
|
||||
serial number of 0 (PR 7893)
|
||||
* Add conditional repository_owner to all wolfSSL GitHub workflows (PR 7871)
|
||||
|
||||
### Espressif / Arduino Updates
|
||||
* Update wolfcrypt settings.h for Espressif ESP-IDF, template update (PR 7953)
|
||||
* Update Espressif sha, util, mem, time helpers (PR 7955)
|
||||
* Espressif _thread_local_start and _thread_local_end fix (PR 8030)
|
||||
* Improve benchmark for Espressif devices (PR 8037)
|
||||
* Introduce Espressif common CONFIG_WOLFSSL_EXAMPLE_NAME, Kconfig (PR 7866)
|
||||
* Add wolfSSL esp-tls and Certificate Bundle Support for Espressif ESP-IDF
|
||||
(PR 7936)
|
||||
* Update wolfssl Release for Arduino (PR 7775)
|
||||
|
||||
### Post Quantum Crypto Updates
|
||||
* Dilithium: support fixed size arrays in dilithium_key (PR 7727)
|
||||
* Dilithium: add option to use precalc with small sign (PR 7744)
|
||||
* Allow Kyber to be built with FIPS (PR 7788)
|
||||
* Allow Kyber asm to be used in the Linux kernel module (PR 7872)
|
||||
* Dilithium, Kyber: Update to final specification (PR 7877)
|
||||
* Dilithium: Support FIPS 204 Draft and Final Draft (PR 7909,8016)
|
||||
|
||||
### ARM Assembly Optimizations
|
||||
* ARM32 assembly optimizations added for ChaCha20 and Poly1305 (PR 8020)
|
||||
* Poly1305 assembly optimizations improvements for Aarch64 (PR 7859)
|
||||
* Poly1305 assembly optimizations added for Thumb-2 (PR 7939)
|
||||
* Adding ARM ASM build option to STM32CubePack (PR 7747)
|
||||
* Add ARM64 to Visual Studio Project (PR 8010)
|
||||
* Kyber assembly optimizations for ARM32 and Aarch64 (PR 8040,7998)
|
||||
* Kyber assembly optimizations for ARMv7E-M/ARMv7-M (PR 7706)
|
||||
|
||||
|
||||
## Fixes
|
||||
* Fixed Kyber control-flow timing leak. Thanks to Antoon Purnal from PQShield for the report
|
||||
* Fixed the NXP MMCAU HW acceleration for SHA-256 (PR 7389)
|
||||
* Fixed AES-CFB1 encrypt/decrypt on size (8*x-1) bits (PR 7431)
|
||||
* Fixed use of %rip with SHA-256 x64 assembly (PR 7409)
|
||||
* Fixed OCSP response message build for DTLS (PR 7671)
|
||||
* Handled edge case in wc_ecc_mulmod() with zero (PR 7532)
|
||||
* Fixed RPK (Raw Public Key) to follow certificate use correctly (PR 7375)
|
||||
* Added sanity check on record header with QUIC use (PR 7638)
|
||||
* Added sanity check for empty directory strings in X.509 when parsing (PR 7669)
|
||||
* Added sanity check on non-conforming serial number of 0 in certificates being parsed (PR 7625)
|
||||
* Fixed wolfSSL_CTX_set1_sigalgs_list() to make the TLS connection conform to the selected sig hash algorithm (PR 7693)
|
||||
* Various fixes for dual algorithm certificates including small stack use and support for Certificate Signing Requests (PR 7577)
|
||||
* Added sanity check for critical policy extension when wolfSSL is built without policy extension support enabled (PR 7388)
|
||||
* Added sanity check that the ed25519 signature is smaller than the order (PR 7513)
|
||||
* Fixed Segger emNet to handle non-blocking want read/want write (PR 7581)
|
||||
* ECC key load: fixes for certificates with parameters that are not default for
|
||||
size (PR 7751)
|
||||
* Fixes for building x86 in Visual Studio for non-windows OS (PR 7884)
|
||||
* Fix for TLS v1.2 secret callback, incorrectly detecting bad master secret
|
||||
(PR 7812)
|
||||
* Fixes for PowerPC assembly use with Darwin and SP math all (PR 7931)
|
||||
* Fix for detecting older versions of Mac OS when trying to link with
|
||||
libdispatch (PR 7932)
|
||||
* Fix for DTLS1.3 downgrade to DTLS1.2 when the server sends multiple handshake
|
||||
packets combined into a single transmission. (PR 7840)
|
||||
* Fix for OCSP to save the request if it was stored in ssl->ctx->certOcspRequest
|
||||
(PR 7779)
|
||||
* Fix to OCSP for searching for CA by key hash instead of ext. key id (PR 7934)
|
||||
* Fix for staticmemory and singlethreaded build (PR 7737)
|
||||
* Fix to not allow Shake128/256 with Xilinx AFALG (PR 7708)
|
||||
* Fix to support PKCS11 without RSA key generation (PR 7738)
|
||||
* Fix not calling the signing callback when using PK callbacks + TLS 1.3
|
||||
(PR 7761)
|
||||
* Cortex-M/Thumb2 ASM fix label for IAR compiler (PR 7753)
|
||||
* Fix with PKCS11 to iterate correctly over slotId (PR 7736)
|
||||
* Stop stripping out the sequence header on the AltSigAlg extension (PR 7710)
|
||||
* Fix ParseCRL_AuthKeyIdExt with ASN template to set extAuthKeyIdSet value
|
||||
(PR 7742)
|
||||
* Use max key length for PSK encrypt buffer size (PR 7707)
|
||||
* DTLS 1.3 fix for size check to include headers and CID fixes (PR 7912,7951)
|
||||
* Fix STM32 Hash FIFO and add support for STM32U5A9xx (PR 7787)
|
||||
* Fix CMake build error for curl builds (PR 8021)
|
||||
* SP Maths: PowerPC ASM fix to use XOR instead of LI (PR 8038)
|
||||
* SSL loading of keys/certs: testing and fixes (PR 7789)
|
||||
* Misc. fixes for Dilithium and Kyber (PR 7721,7765,7803,8027,7904)
|
||||
* Fixes for building wolfBoot sources for PQ LMS/XMSS (PR 7868)
|
||||
* Fixes for building with Kyber enabled using CMake and zephyr port (PR 7773)
|
||||
* Fix for edge cases with session resumption with TLS 1.2 (PR 8097)
|
||||
* Fix issue with ARM ASM with AES CFB/OFB not initializing the "left" member
|
||||
(PR 8099)
|
||||
|
||||
|
||||
|
||||
|
263
README.md
263
README.md
@ -75,112 +75,197 @@ single call hash function. Instead the name `WC_SHA`, `WC_SHA256`, `WC_SHA384` a
|
||||
`WC_SHA512` should be used for the enum name.
|
||||
|
||||
|
||||
# wolfSSL Release 5.7.2 (July 08, 2024)
|
||||
# wolfSSL Release 5.7.4 (Oct 24, 2024)
|
||||
|
||||
Release 5.7.2 has been developed according to wolfSSL's development and QA
|
||||
Release 5.7.4 has been developed according to wolfSSL's development and QA
|
||||
process (see link below) and successfully passed the quality criteria.
|
||||
https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
|
||||
|
||||
NOTE: * --enable-heapmath is being deprecated and will be removed by end of 2024
|
||||
|
||||
PR stands for Pull Request, and PR <NUMBER> references a GitHub pull request
|
||||
number where the code change was added.
|
||||
|
||||
|
||||
## Vulnerabilities
|
||||
* [Medium] CVE-2024-1544
|
||||
Potential ECDSA nonce side channel attack in versions of wolfSSL before 5.6.6 with wc_ecc_sign_hash calls. Generating the ECDSA nonce k samples a random number r and then truncates this randomness with a modular reduction mod n where n is the order of the elliptic curve. Analyzing the division through a control-flow revealing side-channel reveals a bias in the most significant bits of k. Depending on the curve this is either a negligible bias or a significant bias large enough to reconstruct k with lattice reduction methods. Thanks to Luca Wilke, Florian Sieck and Thomas Eisenbarth (University of Lübeck) for reporting the vulnerability. Details will appear in the proceedings of CCS 24.
|
||||
Fixed https://github.com/wolfSSL/wolfssl/pull/7020
|
||||
* [Low] When the OpenSSL compatibility layer is enabled, certificate
|
||||
verification behaved differently in wolfSSL than OpenSSL, in the
|
||||
X509_STORE_add_cert() and X509_STORE_load_locations() implementations.
|
||||
Previously, in cases where an application explicitly loaded an intermediate
|
||||
certificate, wolfSSL was verifying only up to that intermediate certificate,
|
||||
rather than verifying up to the root CA. This only affects use cases where the
|
||||
API is called directly, and does not affect TLS connections. Users that call
|
||||
the API X509_STORE_add_cert() or X509_STORE_load_locations() directly in their
|
||||
applications are recommended to update the version of wolfSSL used or to have
|
||||
additional sanity checks on certificates loaded into the X509_STORE when
|
||||
verifying a certificate. (https://github.com/wolfSSL/wolfssl/pull/8087)
|
||||
|
||||
|
||||
* [Medium] CVE-2024-5288
|
||||
A private key blinding operation, enabled by defining the macro WOLFSSL_BLIND_PRIVATE_KEY, was added to mitigate a potential row hammer attack on ECC operations. If performing ECC private key operations in an environment where a malicious user could gain fine control over the device and perform row hammer style attacks it is recommended to update the version of wolfSSL used and to build with WOLFSSL_BLIND_PRIVATE_KEY defined. Thanks to Kemal Derya, M. Caner Tol, Berk Sunar for the report (Vernam Applied Cryptography and Cybersecurity Lab at Worcester Polytechnic Institute)
|
||||
Fixed in github pull request https://github.com/wolfSSL/wolfssl/pull/7416
|
||||
|
||||
|
||||
* [Low] When parsing a provided maliciously crafted certificate directly using wolfSSL API, outside of a TLS connection, a certificate with an excessively large number of extensions could lead to a potential DoS. There are existing sanity checks during a TLS handshake with wolfSSL which mitigate this issue. Thanks to Bing Shi for the report.
|
||||
Fixed in github pull request https://github.com/wolfSSL/wolfssl/pull/7597
|
||||
|
||||
* [Low] CVE-2024-5991
|
||||
In the function MatchDomainName(), input param str is treated as a NULL terminated string despite being user provided and unchecked. Specifically, the Openssl compatibility function X509_check_host() takes in a pointer and length to check against, with no requirements that it be NULL terminated. While calling without a NULL terminated string is very uncommon, it is still technically allowed. If a caller was attempting to do a name check on a non*NULL terminated buffer, the code would read beyond the bounds of the input array until it found a NULL terminator.
|
||||
Fixed in github pull request https://github.com/wolfSSL/wolfssl/pull/7604
|
||||
|
||||
* [Medium] CVE-2024-5814
|
||||
A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello when downgrading from TLS 1.3.
|
||||
Fixed in github pull request https://github.com/wolfSSL/wolfssl/pull/7619
|
||||
|
||||
* [Medium] OCSP stapling version 2 response verification bypass issue when a crafted response of length 0 is received. Found with internal testing.
|
||||
Fixed in github pull request https://github.com/wolfSSL/wolfssl/pull/7702
|
||||
|
||||
* [Medium] OCSP stapling version 2 revocation bypass with a retry of a TLS connection attempt. A revoked CA certificate could incorrectly be loaded into the trusted signers list and used in a repeat connection attempt. Found with internal testing.
|
||||
Fixed in github pull request https://github.com/wolfSSL/wolfssl/pull/7702
|
||||
## PQC TLS Experimental Build Fix
|
||||
* When using TLS with post quantum algorithms enabled, the connection uses a
|
||||
smaller EC curve than agreed on. Users building with --enable-experimental and
|
||||
enabling PQC cipher suites with TLS connections are recommended to update the
|
||||
version of wolfSSL used. Thanks to Daniel Correa for the report.
|
||||
(https://github.com/wolfSSL/wolfssl/pull/8084)
|
||||
|
||||
|
||||
## New Feature Additions
|
||||
* Added Dilithium/ML-DSA: Implementation of ML-DSA-44/65/87 (PR 7622)
|
||||
* AES RISC-V 64-bit ASM: ECB/CBC/CTR/GCM/CCM (PR 7569)
|
||||
* Added CUDA support for AES encryption (PR 7436)
|
||||
* Added support for gRPC (PR 7445)
|
||||
* Added function wc_RsaPrivateKeyDecodeRaw to import raw RSA private keys (PR 7608)
|
||||
* Added crypto callback for SHA-3 (PR 7670)
|
||||
* Support for Infineon Modus Toolbox with wolfSSL (PR 7369)
|
||||
* Allow user to send a user_canceled alert by calling wolfSSL_SendUserCanceled (PR 7590)
|
||||
* C# wrapper SNI support added (PR 7610)
|
||||
* Quantum-safe algorithm support added to the Linux kernel module (PR 7574)
|
||||
* Support for NIST 800-56C Option 1 KDF, using the macro WC_KDF_NIST_SP_800_56C added (PR 7589)
|
||||
* AES-XTS streaming mode added, along with hardware acceleration and kernel module use (PR 7522, 7560, 7424)
|
||||
* PlatformIO FreeRTOS with ESP build and addition of benchmark and test example applications (PR 7528, 7413, 7559, 7542)
|
||||
* RISC-V 64 new assembly optimizations added for SHA-256, SHA-512, ChaCha20,
|
||||
Poly1305, and SHA-3 (PR 7758,7833,7818,7873,7916)
|
||||
* Implement support for Connection ID (CID) with DTLS 1.2 (PR 7995)
|
||||
* Add support for (DevkitPro)libnds (PR 7990)
|
||||
* Add port for Mosquitto OSP (Open Source Project) (PR 6460)
|
||||
* Add port for init sssd (PR 7781)
|
||||
* Add port for eXosip2 (PR 7648)
|
||||
* Add support for STM32G4 (PR 7997)
|
||||
* Add support for MAX32665 and MAX32666 TPU HW and ARM ASM Crypto Callback
|
||||
Support (PR 7777)
|
||||
* Add support for building wolfSSL to be used in libspdm (PR 7869)
|
||||
* Add port for use with Nucleus Plus 2.3 (PR 7732)
|
||||
* Initial support for RFC5755 x509 attribute certificates (acerts). Enabled with
|
||||
--enable-acert (PR 7926)
|
||||
* PKCS#11 RSA Padding offload allows tokens to perform CKM_RSA_PKCS
|
||||
(sign/encrypt), CKM_RSA_PKCS_PSS (sign), and CKM_RSA_PKCS_OAEP (encrypt).
|
||||
(PR 7750)
|
||||
* Added “new” and “delete” style functions for heap/pool allocation and freeing
|
||||
of low level crypto structures (PR 3166 and 8089)
|
||||
|
||||
|
||||
## Enhancements and Optimizations
|
||||
* Expanded STM32 AES hardware acceleration support for use with STM32H5 (PR 7578)
|
||||
* Adjusted wc_xmss and wc_lms settings to support use with wolfBoot (PR 7393)
|
||||
* Added the --enable-rpk option to autotools build for using raw public key support (PR 7379)
|
||||
* SHA-3 Thumb2, ARM32 assembly implementation added (PR 7667)
|
||||
* Improvements to RSA padding to expose Pad/Unpad APIs (PR 7612)
|
||||
* Updates and API additions for supporting socat version 1.8.0.0 (PR 7594)
|
||||
* cmake build improvements, expanding build options with SINGLE_THREADED and post-quantum algorithms, adjusting the generation of options.h file and using “yes;no” boolean instead of strings (PR 7611, 7546, 7479, 7480, 7380)
|
||||
* Improvements for Renesas RZ support (PR 7474)
|
||||
* Improvements to dual algorithm certificates for post-quantum keys (PR 7286)
|
||||
* Added wolfSSL_SessionIsSetup so the user can check if a session ticket has been sent by the server (PR 7430)
|
||||
* hostap updates: Implement PACs for EAP-FAST and filter cipher list on TLS version change (PR 7446)
|
||||
* Changed subject name comparison to match different upper and lower cases (PR 7420)
|
||||
* Support for DTLS 1.3 downgrade when using PSK (PR 7367)
|
||||
* Update to static memory build for more generic memory pools used (PR 7418)
|
||||
* Improved performance of Kyber C implementation (PR 7654)
|
||||
* Support for ECC_CACHE_CURVE with no malloc (PR 7490)
|
||||
* Added the configure option --enable-debug-trace-errcodes (macro WOLFSSL_DEBUG_TRACE_ERROR_CODES) which enables more debug tracking of error code values (PR 7634)
|
||||
* Enhanced wc_MakeRsaKey and wc_RsaKeyToDer to work with WOLFSSL_NO_MALLOC (PR 7362)
|
||||
* Improvements to assembly implementations of ChaCha20 and Poly1305 ASM for use with MSVC (PR 7319)
|
||||
* Cortex-M inline assembly labels with unique number appended (PR 7649)
|
||||
* Added secret logging callback to TLS <= 1.2, enabled with the macro HAVE_SECRET_CALLBACK (PR 7372)
|
||||
* Made wc_RNG_DRBG_Reseed() a public wolfCrypt API (PR 7386)
|
||||
* Enabled DES3 support without the DES3 ciphers. To re-enable DES3 cipher suites, use the configure flag --enable-des3-tls-suites (PR 7315)
|
||||
* Added stubs required for latest nginx (1.25.5) (PR 7449)
|
||||
* Added option for using a custom salt with the function wc_ecc_ctx_set_own_salt (PR 7552)
|
||||
* Added PQ files for Windows (PR 7419)
|
||||
* Enhancements to static memory feature, adding the option for a global heap hint (PR 7478) and build options for a lean or debug setting, enabled with --enable-staticmemory=small or --enable-staticmemory=debug (PR 7597)
|
||||
* Updated --enable-jni to define SESSION_CERTS for wolfJSSE (PR 7557)
|
||||
* Exposed DTLS in Ada wrapper and updated examples (PR 7397)
|
||||
* Added additional minimum TLS extension size sanity checks (PR 7602)
|
||||
* ESP improvements: updating the examples and libraries, updates for Apple HomeKit SHA/SRP, and fix for endianness with SHA512 software fallback (PR 7607, 7392, 7505, 7535)
|
||||
* Made the wc_CheckCertSigPubKey API publicly available with the define of the macro WOLFSSL_SMALL_CERT_VERIFY (PR 7599)
|
||||
* Added an alpha/preview of additional FIPS 140-3 full submission, bringing additional algorithms such as SRTP-KDF, AES-XTS, GCM streaming, AES-CFB, ED25519, and ED448 into the FIPS module boundary (PR 7295)
|
||||
* XCODE support for v5.2.3 of the FIPS module (PR 7140)
|
||||
* Expanded OpenSSL compatibility layer and added EC_POINT_hex2point (PR 7191)
|
||||
* Increase default max alt. names from 128 to 1024 (PR 7762)
|
||||
* Added new constant time DH agree function wc_DhAgree_ct (PR 7802)
|
||||
* Expanded compatibility layer with the API EVP_PKEY_is_a (PR 7804)
|
||||
* Add option to disable cryptocb test software test using
|
||||
--disable-cryptocb-sw-test (PR 7862)
|
||||
* Add a call to certificate verify callback before checking certificate dates
|
||||
(PR 7895)
|
||||
* Expanded algorithms supported with the wolfCrypt CSharp wrapper. Adding
|
||||
support for RNG, ECC(ECIES and ECDHE), RSA, ED25519/Curve25519, AES-GCM, and
|
||||
Hashing (PR 3166)
|
||||
* Expand MMCAU support for use with DES ECB (PR 7960)
|
||||
* Update AES SIV to handle multiple associated data inputs (PR 7911)
|
||||
* Remove HAVE_NULL_CIPHER from --enable-openssh (PR 7811)
|
||||
* Removed duplicate if(NULL) checks when calling XFREE (macro does) (PR 7839)
|
||||
* Set RSA_MIN_SIZE default to 2048 bits (PR 7923)
|
||||
* Added support for wolfSSL to be used as the default TLS in the zephyr kernel
|
||||
(PR 7731)
|
||||
* Add enable provider build using --enable-wolfprovider with autotools (PR 7550)
|
||||
* Renesas RX TSIP ECDSA support (PR 7685)
|
||||
* Support DTLS1.3 downgrade when the server supports CID (PR 7841)
|
||||
* Server-side checks OCSP even if it uses v2 multi (PR 7828)
|
||||
* Add handling of absent hash params in PKCS7 bundle parsing and creation
|
||||
(PR 7845)
|
||||
* Add the use of w64wrapper for Poly1305, enabling Poly1305 to be used in
|
||||
environments that do not have a word64 type (PR 7759)
|
||||
* Update to the maxq10xx support (PR 7824)
|
||||
* Add support for parsing over optional PKCS8 attributes (PR 7944)
|
||||
* Add support for either side method with DTLS 1.3 (PR 8012)
|
||||
* Added PKCS7 PEM support for parsing PEM data with BEGIN/END PKCS7 (PR 7704)
|
||||
* Add CMake support for WOLFSSL_CUSTOM_CURVES (PR 7962)
|
||||
* Add left-most wildcard matching support to X509_check_host() (PR 7966)
|
||||
* Add option to set custom SKID with PKCS7 bundle creation (PR 7954)
|
||||
* Building wolfSSL as a library with Ada and corrections to Alire manifest
|
||||
(PR 7303,7940)
|
||||
* Renesas RX72N support updated (PR 7849)
|
||||
* New option WOLFSSL_COPY_KEY added to always copy the key to the SSL object
|
||||
(PR 8005)
|
||||
* Add the new option WOLFSSL_COPY_CERT to always copy the cert buffer for each
|
||||
SSL object (PR 7867)
|
||||
* Add an option to use AES-CBC with HMAC for default session ticket enc/dec.
|
||||
Defaults to AES-128-CBC with HMAC-SHA256 (PR 7703)
|
||||
* Memory usage improvements in wc_PRF, sha256 (for small code when many
|
||||
registers are available) and sp_int objects (PR 7901)
|
||||
* Change in the configure script to work around ">>" with no command. In older
|
||||
/bin/sh it can be ambiguous, as used in OS’s such as FreeBSD 9.2 (PR 7876)
|
||||
* Don't attempt to include system headers when not required (PR 7813)
|
||||
* Certificates: DER encoding of ECC signature algorithm parameter is now
|
||||
allowed to be NULL with a define (PR 7903)
|
||||
* SP x86_64 asm: check for AVX2 support for VMs (PR 7979)
|
||||
* Update rx64n support on gr-rose (PR 7889)
|
||||
* Update FSP version to v5.4.0 for RA6M4 (PR 7994)
|
||||
* Update TSIP driver version to v1.21 for RX65N RSK (PR 7993)
|
||||
* Add a new crypto callback for RSA with padding (PR 7907)
|
||||
* Replaced the use of pqm4 with wolfSSL implementations of Kyber/MLDSA
|
||||
(PR 7924)
|
||||
* Modernized memory fence support for C11 and clang (PR 7938)
|
||||
* Add a CRL error override callback (PR 7986)
|
||||
* Extend the X509 unknown extension callback for use with a user context
|
||||
(PR 7730)
|
||||
* Additional debug error tracing added with TLS (PR 7917)
|
||||
* Added runtime support for library call stack traces with
|
||||
–enable-debug-trace-errcodes=backtrace, using libbacktrace (PR 7846)
|
||||
* Expanded C89 conformance (PR 8077)
|
||||
* Expanded support for WOLFSSL_NO_MALLOC (PR 8065)
|
||||
* Added support for cross-compilation of Linux kernel module (PR 7746)
|
||||
* Updated Linux kernel module with support for kernel 6.11 and 6.12 (PR 7826)
|
||||
* Introduce WOLFSSL_ASN_ALLOW_0_SERIAL to allow parsing of certificates with a
|
||||
serial number of 0 (PR 7893)
|
||||
* Add conditional repository_owner to all wolfSSL GitHub workflows (PR 7871)
|
||||
|
||||
### Espressif / Arduino Updates
|
||||
* Update wolfcrypt settings.h for Espressif ESP-IDF, template update (PR 7953)
|
||||
* Update Espressif sha, util, mem, time helpers (PR 7955)
|
||||
* Espressif _thread_local_start and _thread_local_end fix (PR 8030)
|
||||
* Improve benchmark for Espressif devices (PR 8037)
|
||||
* Introduce Espressif common CONFIG_WOLFSSL_EXAMPLE_NAME, Kconfig (PR 7866)
|
||||
* Add wolfSSL esp-tls and Certificate Bundle Support for Espressif ESP-IDF
|
||||
(PR 7936)
|
||||
* Update wolfssl Release for Arduino (PR 7775)
|
||||
|
||||
### Post Quantum Crypto Updates
|
||||
* Dilithium: support fixed size arrays in dilithium_key (PR 7727)
|
||||
* Dilithium: add option to use precalc with small sign (PR 7744)
|
||||
* Allow Kyber to be built with FIPS (PR 7788)
|
||||
* Allow Kyber asm to be used in the Linux kernel module (PR 7872)
|
||||
* Dilithium, Kyber: Update to final specification (PR 7877)
|
||||
* Dilithium: Support FIPS 204 Draft and Final Draft (PR 7909,8016)
|
||||
|
||||
### ARM Assembly Optimizations
|
||||
* ARM32 assembly optimizations added for ChaCha20 and Poly1305 (PR 8020)
|
||||
* Poly1305 assembly optimizations improvements for Aarch64 (PR 7859)
|
||||
* Poly1305 assembly optimizations added for Thumb-2 (PR 7939)
|
||||
* Adding ARM ASM build option to STM32CubePack (PR 7747)
|
||||
* Add ARM64 to Visual Studio Project (PR 8010)
|
||||
* Kyber assembly optimizations for ARM32 and Aarch64 (PR 8040,7998)
|
||||
* Kyber assembly optimizations for ARMv7E-M/ARMv7-M (PR 7706)
|
||||
|
||||
|
||||
## Fixes
|
||||
* Fixed Kyber control-flow timing leak. Thanks to Antoon Purnal from PQShield for the report
|
||||
* Fixed the NXP MMCAU HW acceleration for SHA-256 (PR 7389)
|
||||
* Fixed AES-CFB1 encrypt/decrypt on size (8*x-1) bits (PR 7431)
|
||||
* Fixed use of %rip with SHA-256 x64 assembly (PR 7409)
|
||||
* Fixed OCSP response message build for DTLS (PR 7671)
|
||||
* Handled edge case in wc_ecc_mulmod() with zero (PR 7532)
|
||||
* Fixed RPK (Raw Public Key) to follow certificate use correctly (PR 7375)
|
||||
* Added sanity check on record header with QUIC use (PR 7638)
|
||||
* Added sanity check for empty directory strings in X.509 when parsing (PR 7669)
|
||||
* Added sanity check on non-conforming serial number of 0 in certificates being parsed (PR 7625)
|
||||
* Fixed wolfSSL_CTX_set1_sigalgs_list() to make the TLS connection conform to the selected sig hash algorithm (PR 7693)
|
||||
* Various fixes for dual algorithm certificates including small stack use and support for Certificate Signing Requests (PR 7577)
|
||||
* Added sanity check for critical policy extension when wolfSSL is built without policy extension support enabled (PR 7388)
|
||||
* Added sanity check that the ed25519 signature is smaller than the order (PR 7513)
|
||||
* Fixed Segger emNet to handle non-blocking want read/want write (PR 7581)
|
||||
* ECC key load: fixes for certificates with parameters that are not default for
|
||||
size (PR 7751)
|
||||
* Fixes for building x86 in Visual Studio for non-windows OS (PR 7884)
|
||||
* Fix for TLS v1.2 secret callback, incorrectly detecting bad master secret
|
||||
(PR 7812)
|
||||
* Fixes for PowerPC assembly use with Darwin and SP math all (PR 7931)
|
||||
* Fix for detecting older versions of Mac OS when trying to link with
|
||||
libdispatch (PR 7932)
|
||||
* Fix for DTLS1.3 downgrade to DTLS1.2 when the server sends multiple handshake
|
||||
packets combined into a single transmission. (PR 7840)
|
||||
* Fix for OCSP to save the request if it was stored in ssl->ctx->certOcspRequest
|
||||
(PR 7779)
|
||||
* Fix to OCSP for searching for CA by key hash instead of ext. key id (PR 7934)
|
||||
* Fix for staticmemory and singlethreaded build (PR 7737)
|
||||
* Fix to not allow Shake128/256 with Xilinx AFALG (PR 7708)
|
||||
* Fix to support PKCS11 without RSA key generation (PR 7738)
|
||||
* Fix not calling the signing callback when using PK callbacks + TLS 1.3
|
||||
(PR 7761)
|
||||
* Cortex-M/Thumb2 ASM fix label for IAR compiler (PR 7753)
|
||||
* Fix with PKCS11 to iterate correctly over slotId (PR 7736)
|
||||
* Stop stripping out the sequence header on the AltSigAlg extension (PR 7710)
|
||||
* Fix ParseCRL_AuthKeyIdExt with ASN template to set extAuthKeyIdSet value
|
||||
(PR 7742)
|
||||
* Use max key length for PSK encrypt buffer size (PR 7707)
|
||||
* DTLS 1.3 fix for size check to include headers and CID fixes (PR 7912,7951)
|
||||
* Fix STM32 Hash FIFO and add support for STM32U5A9xx (PR 7787)
|
||||
* Fix CMake build error for curl builds (PR 8021)
|
||||
* SP Maths: PowerPC ASM fix to use XOR instead of LI (PR 8038)
|
||||
* SSL loading of keys/certs: testing and fixes (PR 7789)
|
||||
* Misc. fixes for Dilithium and Kyber (PR 7721,7765,7803,8027,7904)
|
||||
* Fixes for building wolfBoot sources for PQ LMS/XMSS (PR 7868)
|
||||
* Fixes for building with Kyber enabled using CMake and zephyr port (PR 7773)
|
||||
* Fix for edge cases with session resumption with TLS 1.2 (PR 8097)
|
||||
* Fix issue with ARM ASM with AES CFB/OFB not initializing the "left" member
|
||||
(PR 8099)
|
||||
|
||||
For additional vulnerability information visit the vulnerability page at:
|
||||
https://www.wolfssl.com/docs/security-vulnerabilities/
|
||||
|
@ -7,7 +7,7 @@
|
||||
#
|
||||
AC_COPYRIGHT([Copyright (C) 2006-2024 wolfSSL Inc.])
|
||||
AC_PREREQ([2.69])
|
||||
AC_INIT([wolfssl],[5.7.2],[https://github.com/wolfssl/wolfssl/issues],[wolfssl],[https://www.wolfssl.com])
|
||||
AC_INIT([wolfssl],[5.7.4],[https://github.com/wolfssl/wolfssl/issues],[wolfssl],[https://www.wolfssl.com])
|
||||
AC_CONFIG_AUX_DIR([build-aux])
|
||||
|
||||
# The following sets CFLAGS to empty if unset on command line. We do not
|
||||
@ -51,7 +51,7 @@ WOLFSSL_LIBRARY_VERSION_FIRST=42
|
||||
|
||||
# increment if interfaces have been added
|
||||
# set to zero if WOLFSSL_LIBRARY_VERSION_FIRST is incremented
|
||||
WOLFSSL_LIBRARY_VERSION_SECOND=2
|
||||
WOLFSSL_LIBRARY_VERSION_SECOND=3
|
||||
|
||||
# increment if source code has changed
|
||||
# set to zero if WOLFSSL_LIBRARY_VERSION_FIRST is incremented or
|
||||
|
@ -28,8 +28,8 @@
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
#define LIBWOLFSSL_VERSION_STRING "5.7.2"
|
||||
#define LIBWOLFSSL_VERSION_HEX 0x05007002
|
||||
#define LIBWOLFSSL_VERSION_STRING "5.7.4"
|
||||
#define LIBWOLFSSL_VERSION_HEX 0x05007004
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user