Changeset 372 for asp3_tinet_ecnl_arm/trunk/wolfssl-3.12.2/README
- Timestamp:
- Feb 7, 2019, 8:36:33 AM (5 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
asp3_tinet_ecnl_arm/trunk/wolfssl-3.12.2/README
r352 r372 1 *** Description *** 2 3 The wolfSSL embedded SSL library (formerly CyaSSL) is a lightweight SSL/TLS 4 library written in ANSI C and targeted for embedded, RTOS, and 5 resource-constrained environments - primarily because of its small size, speed, 6 and feature set. It is commonly used in standard operating environments as well 7 because of its royalty-free pricing and excellent cross platform support. 8 wolfSSL supports industry standards up to the current TLS 1.3 and DTLS 1.3 9 levels, is up to 20 times smaller than OpenSSL, and offers progressive ciphers 10 such as ChaCha20, Curve25519, NTRU, and Blake2b. User benchmarking and feedback 11 reports dramatically better performance when using wolfSSL over OpenSSL. 12 13 wolfSSL is powered by the wolfCrypt library. A version of the wolfCrypt 14 cryptography library has been FIPS 140-2 validated (Certificate #2425). For 15 additional information, visit the wolfCrypt FIPS FAQ 16 (https://www.wolfssl.com/license/fips/) or contact fips@wolfssl.com 17 18 *** Why choose wolfSSL? *** 19 20 There are many reasons to choose wolfSSL as your embedded SSL solution. Some of 21 the top reasons include size (typical footprint sizes range from 20-100 kB), 22 support for the newest standards (SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3, 23 DTLS 1.0, and DTLS 1.2), current and progressive cipher support (including 24 stream ciphers), multi-platform, royalty free, and an OpenSSL compatibility API 25 to ease porting into existing applications which have previously used the 26 OpenSSL package. For a complete feature list, see chapter 4 of the wolfSSL 27 manual. (https://www.wolfssl.com/docs/wolfssl-manual/ch4/) 28 1 29 *** Notes, Please read *** 2 30 3 31 Note 1) 4 wolfSSL as of 3.6.6 no longer enables SSLv3 by default. wolfSSL also no 5 longer supports static key cipher suites with PSK, RSA, or ECDH. This means 6 if you plan to use TLS cipher suites you must enable DH (DH is on by default), 7 or enable ECC (ECC is on by default on 64bit systems), or you must enable static 8 key cipher suites with 32 wolfSSL as of 3.6.6 no longer enables SSLv3 by default. wolfSSL also no longer 33 supports static key cipher suites with PSK, RSA, or ECDH. This means if you 34 plan to use TLS cipher suites you must enable DH (DH is on by default), or 35 enable ECC (ECC is on by default), or you must enable static key cipher suites 36 with 37 9 38 WOLFSSL_STATIC_DH 10 39 WOLFSSL_STATIC_RSA 11 or40 or 12 41 WOLFSSL_STATIC_PSK 13 42 … … 17 46 used in order to build with NTRU suites. 18 47 19 When compiling ssl.c, wolfSSL will now issue a compiler error if no cipher suites 20 are available. You can remove this error by defining WOLFSSL_ALLOW_NO_SUITES 21 in the event that you desire that, i.e., you're not using TLS cipher suites. 48 When compiling ssl.c, wolfSSL will now issue a compiler error if no cipher 49 suites are available. You can remove this error by defining 50 WOLFSSL_ALLOW_NO_SUITES in the event that you desire that, i.e., you're not 51 using TLS cipher suites. 22 52 23 53 Note 2) 24 54 wolfSSL takes a different approach to certificate verification than OpenSSL 25 does. 55 does. The default policy for the client is to verify the server, this means 26 56 that if you don't load CAs to verify the server you'll get a connect error, 27 57 no signer error to confirm failure (-188). 58 28 59 If you want to mimic OpenSSL behavior of having SSL_connect succeed even if 29 60 verifying the server fails and reducing security you can do this by calling: 30 61 31 wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);62 wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0); 32 63 33 before calling wolfSSL_new(); Though it's not recommended. 64 before calling wolfSSL_new();. Though it's not recommended. 65 66 Note 3) 67 The enum values SHA, SHA256, SHA384, SHA512 are no longer available when 68 wolfSSL is built with --enable-opensslextra (OPENSSL_EXTRA) or with the macro 69 NO_OLD_SHA_NAMES. These names get mapped to the OpenSSL API for a single call 70 hash function. Instead the name WC_SHA, WC_SHA256, WC_SHA384 and WC_SHA512 71 should be used for the enum name. 34 72 35 73 *** end Notes *** 36 74 37 75 38 ********* wolfSSL (Formerly CyaSSL) Release 3.12.2 (10/23/2017)76 ********* wolfSSL Release 3.15.7 (12/26/2018) 39 77 40 Release 3.1 2.2 of wolfSSLhas bug fixes and new features including:78 Release 3.15.7 of wolfSSL embedded TLS has bug fixes and new features including: 41 79 42 This release includes many performance improvements with Intel ASM (AVX/AVX2) and AES-NI. New single precision math option to speedup RSA, DH and ECC. Embedded hardware support has been expanded for STM32, PIC32MZ and ATECC508A. AES now supports XTS mode for disk encryption. Certificate improvements for setting serial number, key usage and extended key usage. Refactor of SSL_ and hash types to allow openssl coexistence. Improvements for TLS 1.3. Fixes for OCSP stapling to allow disable and WOLFSSL specific user context for callbacks. Fixes for openssl and MySQL compatibility. Updated Micrium port. Fixes for asynchronous modes. 43 44 - Added TLS extension for Supported Point Formats (ec_point_formats) 45 - Fix to not send OCSP stapling extensions in client_hello when not enabled 46 - Added new API's for disabling OCSP stapling 47 - Add check for SIZEOF_LONG with sun and LP64 48 - Fixes for various TLS 1.3 disable options (RSA, ECC and ED/Curve 25519). 49 - Fix to disallow upgrading to TLS v1.3 50 - Fixes for wolfSSL_EVP_CipherFinal() when message size is a round multiple of a block size. 51 - Add HMAC benchmark and expanded AES key size benchmarks 52 - Added simple GCC ARM Makefile example 53 - Add tests for 3072-bit RSA and DH. 54 - Fixed DRAFT_18 define and fixed downgrading with TLS v1.3 55 - Fixes to allow custom serial number during certificate generation 56 - Add method to get WOLFSSL_CTX certificate manager 57 - Improvement to `wolfSSL_SetOCSP_Cb` to allow context per WOLFSSL object 58 - Alternate certificate chain support `WOLFSSL_ALT_CERT_CHAINS`. Enables checking cert against multiple CA's. 59 - Added new `--disable-oldnames` option to allow for using openssl along-side wolfssl headers (without OPENSSL_EXTRA). 60 - Refactor SSL_ and hashing types to use wolf specific prefix (WOLFSSL and WC_) to allow openssl coexistence. 61 - Fixes for HAVE_INTEL_MULX 62 - Cleanup include paths for MySQL cmake build 63 - Added configure option for building library for wolfSSH (--enable-wolfssh) 64 - Openssl compatibility layer improvements 65 - Expanded API unit tests 66 - Fixes for STM32 crypto hardware acceleration 67 - Added AES XTS mode (--enable-xts) 68 - Added ASN Extended Key Usage Support (see wc_SetExtKeyUsage). 69 - Math updates and added TFM_MIPS speedup. 70 - Fix for creation of the KeyUsage BitString 71 - Fix for 8k keys with MySQL compatibility 72 - Fixes for ATECC508A. 73 - Fixes for PIC32MZ hashing. 74 - Fixes and improvements to asynchronous modes for Intel QuickAssist and Cavium Nitrox V. 75 - Update HASH_DRBG Reseed mechanism and add test case 76 - Rename the file io.h/io.c to wolfio.h/wolfio.c 77 - Cleanup the wolfIO_Send function. 78 - OpenSSL Compatibility Additions and Fixes 79 - Improvements to Visual Studio DLL project/solution. 80 - Added function to generate public ECC key from private key 81 - Added async blocking support for sniffer tool. 82 - Added wolfCrypt hash tests for empty string and large data. 83 - Added ability to use of wolf implementation of `strtok` using `USE_WOLF_STRTOK`. 84 - Updated Micrium uC/OS-III Port 85 - Updated root certs for OCSP scripts 86 - New Single Precision math option for RSA, DH and ECC (off by default). See `--enable-sp`. 87 - Speedups for AES GCM with AESNI (--enable-aesni) 88 - Speedups for SHA2, ChaCha20/Poly1035 using AVX/AVX2 89 90 91 ********* wolfSSL (Formerly CyaSSL) Release 3.12.0 (8/04/2017) 92 93 Release 3.12.0 of wolfSSL has bug fixes and new features including: 94 95 - TLS 1.3 with Nginx! TLS 1.3 with ARMv8! TLS 1.3 with Async Crypto! (--enable-tls13) 96 - TLS 1.3 0RTT feature added 97 - Added port for using Intel SGX with Linux 98 - Update and fix PIC32MZ port 99 - Additional unit testing for MD5, SHA, SHA224, SHA256, SHA384, SHA512, RipeMd, HMAC, 3DES, IDEA, ChaCha20, ChaCha20Poly1305 AEAD, Camellia, Rabbit, ARC4, AES, RSA, Hc128 100 - AVX and AVX2 assembly for improved ChaCha20 performance 101 - Intel QAT fixes for when using --disable-fastmath 102 - Update how DTLS handles decryption and MAC failures 103 - Update DTLS session export version number for --enable-sessionexport feature 104 - Add additional input argument sanity checks to ARMv8 assembly port 105 - Fix for making PKCS12 dynamic types match 106 - Fixes for potential memory leaks when using --enable-fast-rsa 107 - Fix for when using custom ECC curves and add BRAINPOOLP256R1 test 108 - Update TI-RTOS port for dependency on new wolfSSL source files 109 - DTLS multicast feature added, --enable-mcast 110 - Fix for Async crypto with GCC 7.1 and HMAC when not using Intel QuickAssist 111 - Improvements and enhancements to Intel QuickAssist support 112 - Added Xilinx port 113 - Added SHA3 Keccak feature, --enable-sha3 114 - Expand wolfSSL Python wrapper to now include a client side implementation 115 - Adjust example servers to not treat a peer closed error as a hard error 116 - Added more sanity checks to fp_read_unsigned_bin function 117 - Add SHA224 and AES key wrap to ARMv8 port 118 - Update MQX classics and mmCAU ports 119 - Fix for potential buffer over read with wolfSSL_CertPemToDer 120 - Add PKCS7/CMS decode support for KARI with IssuerAndSerialNumber 121 - Fix ThreadX/NetX warning 122 - Fixes for OCSP and CRL non blocking sockets and for incomplete cert chain with OCSP 123 - Added RSA PSS sign and verify 124 - Fix for STM32F4 AES-GCM 125 - Added enable all feature (--enable-all) 126 - Added trackmemory feature (--enable-trackmemory) 127 - Fixes for AES key wrap and PKCS7 on Windows VS 128 - Added benchmark block size argument 129 - Support use of staticmemory with PKCS7 130 - Fix for Blake2b build with GCC 5.4 131 - Fixes for compiling wolfSSL with GCC version 7, most dealing with switch statement fall through warnings. 132 - Added warning when compiling without hardened math operations 133 134 135 Note: 136 There is a known issue with using ChaCha20 AVX assembly on versions of GCC earlier than 5.2. This is encountered with using the wolfSSL enable options --enable-intelasm and --enable-chacha. To avoid this issue ChaCha20 can be enabled with --enable-chacha=noasm. 137 If using --enable-intelasm and also using --enable-sha224 or --enable-sha256 there is a known issue with trying to use -fsanitize=address. 138 139 This release of wolfSSL fixes 1 low level security vulnerability. 140 141 Low level fix for a potential DoS attack on a wolfSSL client. Previously a client would accept many warning alert messages without a limit. This fix puts a limit to the number of warning alert messages received and if this limit is reached a fatal error ALERT_COUNT_E is returned. The max number of warning alerts by default is set to 5 and can be adjusted with the macro WOLFSSL_ALERT_COUNT_MAX. Thanks for the report from Tarun Yadav and Koustav Sadhukhan from Defence Research and Development Organization, INDIA. 142 143 144 See INSTALL file for build instructions. 145 More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html 146 147 148 ********* wolfSSL (Formerly CyaSSL) Release 3.11.1 (5/11/2017) 149 150 Release 3.11.1 of wolfSSL is a TLS 1.3 BETA release, which includes: 151 152 - TLS 1.3 client and server support for TLS 1.3 with Draft 18 support 153 154 This is strictly a BETA release, and designed for testing and user feedback. 155 Please send any comments, testing results, or feedback to wolfSSL at 156 support@wolfssl.com. 157 158 See INSTALL file for build instructions. 159 More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html 160 161 162 ********* wolfSSL (Formerly CyaSSL) Release 3.11.0 (5/04/2017) 163 164 Release 3.11.0 of wolfSSL has bug fixes and new features including: 165 166 - Code updates for warnings reported by Coverity scans 167 - Testing and warning fixes for FreeBSD on PowerPC 168 - Updates and refactoring done to ASN1 parsing functions 169 - Change max PSK identity buffer to account for an identity length of 128 characters 170 - Update Arduino script to handle recent files and additions 171 - Added support for PKCS#7 Signed Data with ECDSA 172 - Fix for interoperability with ChaCha20-Poly1305 suites using older draft versions 173 - DTLS update to allow multiple handshake messages in one DTLS record. Thanks to Eric Samsel over at Welch Allyn for reporting this bug. 174 - Intel QuickAssist asynchronous support (PR #715 - https://www.wolfssl.com/wolfSSL/Blog/Entries/2017/1/18_wolfSSL_Asynchronous_Intel_QuickAssist_Support.html) 175 - Added support for HAproxy load balancer 176 - Added option to allow SHA1 with TLS 1.2 for IIS compatibility (WOLFSSL_ALLOW_TLS_SHA1) 177 - Added Curve25519 51-bit Implementation, increasing performance on systems that have 128 bit types 178 - Fix to not send session ID on server side if session cache is off unless we're echoing 179 session ID as part of session tickets 180 - Fixes for ensuring all default ciphers are setup correctly (see PR #830) 181 - Added NXP Hexiwear example in `IDE/HEXIWEAR`. 182 - Added wolfSSL_write_dup() to create write only WOLFSSL object for concurrent access 183 - Fixes for TLS elliptic curve selection on private key import. 184 - Fixes for RNG with Intel rdrand and rdseed speedups. 185 - Improved performance with Intel rdrand to use full 64-bit output 186 - Added new --enable-intelrand option to indicate use of RDRAND preference for RNG source 187 - Removed RNG ARC4 support 188 - Added ECC helpers to get size and id from curve name. 189 - Added ECC Cofactor DH (ECC-CDH) support 190 - Added ECC private key only import / export functions. 191 - Added PKCS8 create function 192 - Improvements to TLS layer CTX handling for switching keys / certs. 193 - Added check for duplicate certificate policy OID in certificates. 194 - Normal math speed-up to not allocate on mp_int and defer until mp_grow 195 - Reduce heap usage with fast math when not using ALT_ECC_SIZE 196 - Fixes for building CRL with Windows 197 - Added support for inline CRL lookup when HAVE_CRL_IO is defined 198 - Added port for tenAsys INtime RTOS 199 - Improvements to uTKernel port (WOLFSSL_uTKERNEL2) 200 - Updated WPA Supplicant support 201 - Added support for Nginx 202 - Update stunnel port for version 5.40 203 - Fixes for STM32 hardware crypto acceleration 204 - Extended test code coverage in bundled test.c 205 - Added a sanity check for minimum authentication tag size with AES-GCM. Thanks to Yueh-Hsun Lin and Peng Li at KNOX Security at Samsung Research America for suggesting this. 206 - Added a sanity check that subject key identifier is marked as non-critical and a check that no policy OIDS appear more than once in the cert policies extension. Thanks to the report from Professor Zhenhua Duan, Professor Cong Tian, and Ph.D candidate Chu Chen from Institute of Computing Theory and Technology (ICTT) of Xidian University, China. Profs. Zhenhua Duan and Cong Tian are supervisors of Ph.D candidate Chu Chen. 207 208 209 This release of wolfSSL fixes 5 low and 1 medium level security vulnerability. 210 211 3 Low level fixes reported by Yueh-Hsun Lin and Peng Li from KNOX Security, Samsung Research America. 212 - Fix for out of bounds memory access in wc_DhParamsLoad() when GetLength() returns a zero. Before this fix there is a case where wolfSSL would read out of bounds memory in the function wc_DhParamsLoad. 213 - Fix for DH key accepted by wc_DhAgree when the key was malformed. 214 - Fix for a double free case when adding CA cert into X509_store. 215 216 Low level fix for memory management with static memory feature enabled. By default static memory is disabled. Thanks to GitHub user hajjihraf for reporting this. 217 218 Low level fix for out of bounds write in the function wolfSSL_X509_NAME_get_text_by_NID. This function is not used by TLS or crypto operations but could result in a buffer out of bounds write by one if called explicitly in an application. Discovered by Aleksandar Nikolic of Cisco Talos. http://talosintelligence.com/vulnerability-reports/ 219 220 Medium level fix for check on certificate signature. There is a case in release versions 3.9.10, 3.10.0 and 3.10.2 where a corrupted signature on a peer certificate would not be properly flagged. Thanks to Wens Lo, James Tsai, Kenny Chang, and Oscar Yang at Castles Technology. 221 222 223 See INSTALL file for build instructions. 224 More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html 225 226 227 ********* wolfSSL (Formerly CyaSSL) Release 3.10.2 (2/10/2017) 228 229 Release 3.10.2 of wolfSSL has bug fixes and new features including: 230 231 - Poly1305 Windows macros fix. Thanks to GitHub user Jay Satiro 232 - Compatibility layer expanded with multiple functions added 233 - Improve fp_copy performance with ALT_ECC_SIZE 234 - OCSP updates and improvements 235 - Fixes for IAR EWARM 8 compiler warnings 236 - Reduce stack usage with ECC_CACHE_CURVE disabled 237 - Added ECC export raw for public and private key 238 - Fix for NO_ASN_TIME build 239 - Supported curves extensions now populated by default 240 - Add DTLS build without big integer math 241 - Fix for static memory feature with wc_ecc_verify_hash_ex and not SHAMIR 242 - Added PSK interoperability testing to script bundled with wolfSSL 243 - Fix for Python wrapper random number generation. Compiler optimizations with Python could place the random number in same buffer location each time. Thanks to GitHub user Erik Bray (embray) 244 - Fix for tests on unaligned memory with static memory feature 245 - Add macro WOLFSSL_NO_OCSP_OPTIONAL_CERTS to skip optional OCSP certificates 246 - Sanity checks on NULL arguments added to wolfSSL_set_fd and wolfSSL_DTLS_SetCookieSecret 247 - mp_jacobi stack use reduced, thanks to Szabi Tolnai for providing a solution to reduce stack usage 248 249 250 This release of wolfSSL fixes 2 low and 1 medium level security vulnerability. 251 252 Low level fix of buffer overflow for when loading in a malformed temporary DH file. Thanks to Yueh-Hsun Lin and Peng Li from KNOX Security, Samsung Research America for the report. 253 254 Medium level fix for processing of OCSP response. If using OCSP without hard faults enforced and no alternate revocation checks like OCSP stapling then it is recommended to update. 255 256 Low level fix for potential cache attack on RSA operations. If using wolfSSL RSA on a server that other users can have access to monitor the cache, then it is recommended to update wolfSSL. Thanks to Andreas Zankl, Johann Heyszl and Georg Sigl at Fraunhofer AISEC for the initial report. 257 258 See INSTALL file for build instructions. 259 More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html 260 261 ********* wolfSSL (Formerly CyaSSL) Release 3.10.0 (12/21/2016) 262 263 Release 3.10.0 of wolfSSL has bug fixes and new features including: 264 265 - Added support for SHA224 266 - Added scrypt feature 267 - Build for Intel SGX use, added in directory IDE/WIN-SGX 268 - Fix for ChaCha20-Poly1305 ECDSA certificate type request 269 - Enhance PKCS#7 with ECC enveloped data and AES key wrap support 270 - Added support for RIOT OS 271 - Add support for parsing PKCS#12 files 272 - ECC performance increased with custom curves 273 - ARMv8 expanded to AArch32 and performance increased 274 - Added ANSI-X9.63-KDF support 275 - Port to STM32 F2/F4 CubeMX 276 - Port to Atmel ATECC508A board 277 - Removed fPIE by default when wolfSSL library is compiled 278 - Update to Python wrapper, dropping DES and adding wc_RSASetRNG 279 - Added support for NXP K82 hardware acceleration 280 - Added SCR client and server verify check 281 - Added a disable rng option with autoconf 282 - Added more tests vectors to test.c with AES-CTR 283 - Updated DTLS session export version number 284 - Updated DTLS for 64 bit sequence numbers 285 - Fix for memory management with TI and WOLFSSL_SMALL_STACK 286 - Hardening RSA CRT to be constant time 287 - Fix uninitialized warning with IAR compiler 288 - Fix for C# wrapper example IO hang on unexpected connection termination 289 290 291 This release of wolfSSL fixes a low level security vulnerability. The vulnerability reported was a potential cache attack on RSA operations. If using wolfSSL RSA on a server that other users can have access to monitor the cache, then it is recommended to update wolfSSL. Thanks to Andreas Zankl, Johann Heyszl and Georg Sigl at Fraunhofer AISEC for the report. More information will be available on our site: 292 293 https://wolfssl.com/wolfSSL/security/vulnerabilities.php 294 295 See INSTALL file for build instructions. 296 More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html 297 298 ********* wolfSSL (Formerly CyaSSL) Release 3.9.10 (9/23/2016) 299 300 Release 3.9.10 of wolfSSL has bug fixes and new features including: 301 302 - Default configure option changes: 303 1. DES3 disabled by default 304 2. ECC Supported Curves Extension enabled by default 305 3. New option Extended Master Secret enabled by default 306 - Added checking CA certificate path length, and new test certs 307 - Fix to DSA pre padding and sanity check on R/S values 308 - Added CTX level RNG for single-threaded builds 309 - Intel RDSEED enhancements 310 - ARMv8 hardware acceleration support for AES-CBC/CTR/GCM, SHA-256 311 - Arduino support updates 312 - Added the Extended Master Secret TLS extension 313 1. Enabled by default in configure options, API to disable 314 2. Added support for Extended Master Secret to sniffer 315 - OCSP fix with issuer key hash, lookup refactor 316 - Added support for Frosted OS 317 - Added support for DTLS over SCTP 318 - Added support for static memory with wolfCrypt 319 - Fix to ECC Custom Curve support 320 - Support for asynchronous wolfCrypt RSA and TLS client 321 - Added distribution build configure option 322 - Update the test certificates 323 324 This release of wolfSSL fixes medium level security vulnerabilities. Fixes for 325 potential AES, RSA, and ECC side channel leaks is included that a local user 326 monitoring the same CPU core cache could exploit. VM users, hyper-threading 327 users, and users where potential attackers have access to the CPU cache will 328 need to update if they utilize AES, RSA private keys, or ECC private keys. 329 Thanks to Gorka Irazoqui Apecechea and Xiaofei Guo from Intel Corporation for 330 the report. More information will be available on our site: 331 332 https://wolfssl.com/wolfSSL/security/vulnerabilities.php 333 334 See INSTALL file for build instructions. 335 More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html 336 337 ********* wolfSSL (Formerly CyaSSL) Release 3.9.8 (7/29/2016) 338 339 Release 3.9.8 of wolfSSL has bug fixes and new features including: 340 341 - Add support for custom ECC curves. 342 - Add cipher suite ECDHE-ECDSA-AES128-CCM. 343 - Add compkey enable option. This option is for compressed ECC keys. 344 - Add in the option to use test.h without gettimeofday function using the macro 345 WOLFSSL_USER_CURRTIME. 346 - Add RSA blinding for private key operations. Enable option of harden which is 347 on by default. This negates timing attacks. 348 - Add ECC and TLS support for all SECP, Koblitz and Brainpool curves. 349 - Add helper functions for static memory option to allow getting optimum buffer 350 sizes. 351 - Update DTLS behavior on bad MAC. DTLS silently drops packets with bad MACs now. 352 - Update fp_isprime function from libtom enchancement/cleanup repository. 353 - Update sanity checks on inputs and return values for AES-CMAC. 354 - Update wolfSSL for use with MYSQL v5.6.30. 355 - Update LPCXpresso eclipse project to not include misc.c when not needed. 356 - Fix retransmit of last DTLS flight with timeout notification. The last flight 357 is no longer retransmitted on timeout. 358 - Fixes to some code in math sections for compressed ECC keys. This includes 359 edge cases for buffer size on allocation and adjustments for compressed curves 360 build. The code and full list can be found on github with pull request #456. 361 - Fix function argument mismatch for build with secure renegotiation. 362 - X.509 bug fixes for reading in malformed certificates, reported by researchers 363 at Columbia University 364 - Fix GCC version 6 warning about hard tabs in poly1305.c. This was a warning 365 produced by GCC 6 trying to determine the intent of code. 366 - Fixes for static memory option. Including avoid potential race conditions with 367 counters, decrement handshake counter correctly. 368 - Fix anonymous cipher with Diffie Hellman on the server side. Was an issue of a 369 possible buffer corruption. For information and code see pull request #481. 370 371 372 - One high level security fix that requires an update for use with static RSA 373 cipher suites was submitted. This fix was the addition of RSA blinding for 374 private RSA operations. We recommend servers who allow static RSA cipher 375 suites to also generate new private RSA keys. Static RSA cipher suites are 376 turned off by default. 377 378 See INSTALL file for build instructions. 379 More info can be found on-line at //http://wolfssl.com/wolfSSL/Docs.html 380 381 ********* wolfSSL (Formerly CyaSSL) Release 3.9.6 (6/14/2016) 382 383 Release 3.9.6 of wolfSSL has bug fixes and new features including: 384 385 - Add staticmemory feature 386 - Add public wc_GetTime API with base64encode feature 387 - Add AES CMAC algorithm 388 - Add DTLS sessionexport feature 389 - Add python wolfCrypt wrapper 390 - Add ECC encrypt/decrypt benchmarks 391 - Add dynamic session tickets 392 - Add eccshamir option 393 - Add Whitewood netRandom support --with-wnr 394 - Add embOS port 395 - Add minimum key size checks for RSA and ECC 396 - Add STARTTLS support to examples 397 - Add uTasker port 398 - Add asynchronous crypto and wolf event support 399 - Add compile check for misc.c with inline 400 - Add RNG benchmark 401 - Add reduction to stack usage with hash-based RNG 402 - Update STM32F2_CRYPTO port with additional algorithms supported 403 - Update MDK5 projects 404 - Update AES-NI 405 - Fix for STM32 with STM32F2_HASH defined 406 - Fix for building with MinGw 407 - Fix ECC math bugs with ALT_ECC_SIZE and key sizes over 256 bit (1) 408 - Fix certificate buffers github issue #422 409 - Fix decrypt max size with RSA OAEP 410 - Fix DTLS sanity check with DTLS timeout notification 411 - Fix free of WOLFSSL_METHOD on failure to create CTX 412 - Fix memory leak in failure case with wc_RsaFunction (2) 413 414 - No high level security fixes that requires an update though we always 415 recommend updating to the latest 416 - (1) Code changes for ECC fix can be found at pull requests #411, #416, and #428 417 - (2) Builds using RSA with using normal math and not RSA_LOW_MEM should update 418 - Tag 3.9.6w is for a Windows example echoserver fix 419 420 See INSTALL file for build instructions. 421 More info can be found on-line at //http://wolfssl.com/wolfSSL/Docs.html 422 423 ********* wolfSSL (Formerly CyaSSL) Release 3.9.0 (3/18/2016) 424 425 Release 3.9.0 of wolfSSL has bug fixes and new features including: 426 427 - Add new leantls configuration 428 - Add RSA OAEP padding at wolfCrypt level 429 - Add Arduino port and example client 430 - Add fixed point DH operation 431 - Add CUSTOM_RAND_GENRATE_SEED_OS and CUSTOM_RAND_GENERATE_BLOCK 432 - Add ECDHE-PSK cipher suites 433 - Add PSK ChaCha20-Poly1305 cipher suites 434 - Add option for fail on no peer cert except PSK suites 435 - Add port for Nordic nRF51 436 - Add additional ECC NIST test vectors for 256, 384 and 521 437 - Add more granular ECC, Ed25519/Curve25519 and AES configs 438 - Update to ChaCha20-Poly1305 439 - Update support for Freescale KSDK 1.3.0 440 - Update DER buffer handling code, refactoring and reducing memory 441 - Fix to AESNI 192 bit key expansion 442 - Fix to C# wrapper character encoding 443 - Fix sequence number issue with DTLS epoch 0 messages 444 - Fix RNGA with K64 build 445 - Fix ASN.1 X509 V3 certificate policy extension parsing 446 - Fix potential free of uninitialized RSA key in asn.c 447 - Fix potential underflow when using ECC build with FP_ECC 448 - Fixes for warnings in Visual Studio 2015 build 449 450 - No high level security fixes that requires an update though we always 451 recommend updating to the latest 452 - FP_ECC is off by default, users with it enabled should update for the zero 453 sized hash fix 454 455 See INSTALL file for build instructions. 456 More info can be found on-line at //http://wolfssl.com/yaSSL/Docs.html 457 458 ********* wolfSSL (Formerly CyaSSL) Release 3.8.0 (12/30/2015) 459 460 Release 3.8.0 of wolfSSL has bug fixes and new features including: 461 462 - Example client/server with VxWorks 463 - AESNI use with AES-GCM 464 - Stunnel compatibility enhancements 465 - Single shot hash and signature/verify API added 466 - Update cavium nitrox port 467 - LPCXpresso IDE support added 468 - C# wrapper to support wolfSSL use by a C# program 469 - (BETA version)OCSP stapling added 470 - Update OpenSSH compatibility 471 - Improve DTLS handshake when retransmitting finished message 472 - fix idea_mult() for 16 and 32bit systems 473 - fix LowResTimer on Microchip ports 474 475 - No high level security fixes that requires an update though we always 476 recommend updating to the latest 477 478 See INSTALL file for build instructions. 479 More info can be found on-line at //http://wolfssl.com/yaSSL/Docs.html 480 481 ********* wolfSSL (Formerly CyaSSL) Release 3.7.0 (10/26/2015) 482 483 Release 3.7.0 of wolfSSL has bug fixes and new features including: 484 485 - ALPN extension support added for HTTP2 connections with --enable-alpn 486 - Change of example/client/client max fragment flag -L -> -F 487 - Throughput benchmarking, added scripts/benchmark.test 488 - Sniffer API ssl_FreeDecodeBuffer added 489 - Addition of AES_GCM to Sniffer 490 - Sniffer change to handle unlimited decrypt buffer size 491 - New option for the sniffer where it will try to pick up decoding after a 492 sequence number acknowldgement fault. Also includes some additional stats. 493 - JNI API setter and getter function for jobject added 494 - User RSA crypto plugin abstraction. An example placed in wolfcrypt/user-crypto 495 - fix to asn configuration bug 496 - AES-GCM/CCM fixes. 497 - Port for Rowley added 498 - Rowley Crossworks bare metal examples added 499 - MDK5-ARM project update 500 - FreeRTOS support updates. 501 - VXWorks support updates. 502 - Added the IDEA cipher and support in wolfSSL. 503 - Update wolfSSL website CA. 504 - CFLAGS is usable when configuring source. 505 506 - No high level security fixes that requires an update though we always 507 recommend updating to the latest 508 509 See INSTALL file for build instructions. 510 More info can be found on-line at //http://wolfssl.com/yaSSL/Docs.html 511 512 ********* wolfSSL (Formerly CyaSSL) Release 3.6.8 (09/17/2015) 513 514 Release 3.6.8 of wolfSSL fixes two high severity vulnerabilities. It also 515 includes bug fixes and new features including: 516 517 - Two High level security fixes, all users SHOULD update. 518 a) If using wolfSSL for DTLS on the server side of a publicly accessible 519 machine you MUST update. 520 b) If using wolfSSL for TLS on the server side with private RSA keys allowing 521 ephemeral key exchange without low memory optimizations you MUST update and 522 regenerate the private RSA keys. 523 524 Please see https://www.wolfssl.com/wolfSSL/Blog/Blog.html for more details 525 526 - No filesystem build fixes for various configurations 527 - Certificate generation now supports several extensions including KeyUsage, 528 SKID, AKID, and Certificate Policies 529 - CRLs can be loaded from buffers as well as files now 530 - SHA-512 Certificate Signing generation 531 - Fixes for sniffer reassembly processing 532 533 See INSTALL file for build instructions. 534 More info can be found on-line at //http://wolfssl.com/yaSSL/Docs.html 535 536 ********* wolfSSL (Formerly CyaSSL) Release 3.6.6 (08/20/2015) 537 538 Release 3.6.6 of wolfSSL has bug fixes and new features including: 539 540 - OpenSSH compatibility with --enable-openssh 541 - stunnel compatibility with --enable-stunnel 542 - lighttpd compatibility with --enable-lighty 543 - SSLv3 is now disabled by default, can be enabled with --enable-sslv3 544 - Ephemeral key cipher suites only are now supported by default 545 To enable static ECDH cipher suites define WOLFSSL_STATIC_DH 546 To enable static RSA cipher suites define WOLFSSL_STATIC_RSA 547 To enable static PSK cipher suites define WOLFSSL_STATIC_PSK 548 - Added QSH (quantum-safe handshake) extension with --enable-ntru 549 - SRP is now part of wolfCrypt, enable with --enabe-srp 550 - Certificate handshake messages can now be sent fragmented if the record 551 size is smaller than the total message size, no user action required. 552 - DTLS duplicate message fixes 553 - Visual Studio project files now support DLL and static builds for 32/64bit. 554 - Support for new Freescale I/O 555 - FreeRTOS FIPS support 556 557 - No high level security fixes that requires an update though we always 558 recommend updating to the latest 559 560 See INSTALL file for build instructions. 561 More information can be found on-line at //http://wolfssl.com/yaSSL/Docs.html 562 563 **************** wolfSSL (Formerly CyaSSL) Release 3.6.0 (06/19/2015) 564 565 Release 3.6.0 of wolfSSL has bug fixes and new features including: 566 567 - Max Strength build that only allows TLSv1.2, AEAD ciphers, and PFS (Perfect 568 Forward Secrecy). With --enable-maxstrength 569 - Server side session ticket support, the example server and echoserver use the 570 example callback myTicketEncCb(), see wolfSSL_CTX_set_TicketEncCb() 571 - FIPS version submitted for iOS. 572 - TI Crypto Hardware Acceleration 573 - DTLS fragmentation fixes 574 - ECC key check validation with wc_ecc_check_key() 575 - 32bit code options to reduce memory for Curve25519 and Ed25519 576 - wolfSSL JNI build switch with --enable-jni 577 - PicoTCP support improvements 578 - DH min ephemeral key size enforcement with wolfSSL_CTX_SetMinDhKey_Sz() 579 - KEEP_PEER_CERT and AltNames can now be used together 580 - ChaCha20 big endian fix 581 - SHA-512 signature algorithm support for key exchange and verify messages 582 - ECC make key crash fix on RNG failure, ECC users must update. 583 - Improvements to usage of time code. 584 - Improvements to VS solution files. 585 - GNU Binutils 2.24 (and late 2.23) ld has problems with some debug builds, 586 to fix an ld error add C_EXTRA_FLAGS="-fdebug-types-section -g1". 587 588 - No high level security fixes that requires an update though we always 589 recommend updating to the latest (except note 14, ecc RNG failure) 590 591 See INSTALL file for build instructions. 592 More info can be found on-line at //http://wolfssl.com/yaSSL/Docs.html 593 594 595 *****************wolfSSL (Formerly CyaSSL) Release 3.4.6 (03/30/2015) 596 597 Release 3.4.6 of wolfSSL has bug fixes and new features including: 598 599 - Intel Assembly Speedups using instructions rdrand, rdseed, aesni, avx1/2, 600 rorx, mulx, adox, adcx . They can be enabled with --enable-intelasm. 601 These speedup the use of RNG, SHA2, and public key algorithms. 602 - Ed25519 support at the crypto level. Turn on with --enable-ed25519. Examples 603 in wolcrypt/test/test.c ed25519_test(). 604 - Post Handshake Memory reductions. wolfSSL can now hold less than 1,000 bytes 605 of memory per secure connection including cipher state. 606 - wolfSSL API and wolfCrypt API fixes, you can still include the cyassl and 607 ctaocrypt headers which will enable the compatibility APIs for the 608 foreseeable future 609 - INSTALL file to help direct users to build instructions for their environment 610 - For ECC users with the normal math library a fix that prevents a crash when 611 verify signature fails. Users of 3.4.0 with ECC and the normal math library 612 must update 613 - RC4 is now disabled by default in autoconf mode 614 - AES-GCM and ChaCha20/Poly1305 are now enabled by default to make AEAD ciphers 615 available without a switch 616 - External ChaCha-Poly AEAD API, thanks to Andrew Burks for the contribution 617 - DHE-PSK cipher suites can now be built without ASN or Cert support 618 - Fix some NO MD5 build issues with optional features 619 - Freescale CodeWarrior project updates 620 - ECC curves can be individually turned on/off at build time. 621 - Sniffer handles Cert Status message and other minor fixes 622 - SetMinVersion() at the wolfSSL Context level instead of just SSL session level 623 to allow minimum protocol version allowed at runtime 624 - RNG failure resource cleanup fix 625 626 - No high level security fixes that requires an update though we always 627 recommend updating to the latest (except note 6 use case of ecc/normal math) 628 629 See INSTALL file for build instructions. 630 More info can be found on-line at //http://wolfssl.com/yaSSL/Docs.html 631 632 633 *****************wolfSSL (Formerly CyaSSL) Release 3.4.0 (02/23/2015) 634 635 Release 3.4.0 wolfSSL has bug fixes and new features including: 636 637 - wolfSSL API and wolfCrypt API, you can still include the cyassl and ctaocrypt 638 headers which will enable the compatibility APIs for the foreseeable future 639 - Example use of the wolfCrypt API can be found in wolfcrypt/test/test.c 640 - Example use of the wolfSSL API can be found in examples/client/client.c 641 - Curve25519 now supported at the wolfCrypt level, wolfSSL layer coming soon 642 - Improvements in the build configuration under AIX 643 - Microchip Pic32 MZ updates 644 - TIRTOS updates 645 - PowerPC updates 646 - Xcode project update 647 - Bidirectional shutdown examples in client/server with -w (wait for full 648 shutdown) option 649 - Cycle counts on benchmarks for x86_64, more coming soon 650 - ALT_ECC_SIZE for reducing ecc heap use with fastmath when also using large RSA 651 keys 652 - Various compile warnings 653 - Scan-build warning fixes 654 - Changed a memcpy to memmove in the sniffer (if using sniffer please update) 655 - No high level security fixes that requires an update though we always 656 recommend updating to the latest 657 658 659 ***********CyaSSL Release 3.3.0 (12/05/2014) 660 661 - Countermeasuers for Handshake message duplicates, CHANGE CIPHER without 662 FINISHED, and fast forward attempts. Thanks to Karthikeyan Bhargavan from 663 the Prosecco team at INRIA Paris-Rocquencourt for the report. 664 - FIPS version submitted 665 - Removes SSLv2 Client Hello processing, can be enabled with OLD_HELLO_ALLOWED 666 - User can set minimum downgrade version with CyaSSL_SetMinVersion() 667 - Small stack improvements at TLS/SSL layer 668 - TLS Master Secret generation and Key Expansion are now exposed 669 - Adds client side Secure Renegotiation, * not recommended * 670 - Client side session ticket support, not fully tested with Secure Renegotiation 671 - Allows up to 4096bit DHE at TLS Key Exchange layer 672 - Handles non standard SessionID sizes in Hello Messages 673 - PicoTCP Support 674 - Sniffer now supports SNI Virtual Hosts 675 - Sniffer now handles non HTTPS protocols using STARTTLS 676 - Sniffer can now parse records with multiple messages 677 - TI-RTOS updates 678 - Fix for ColdFire optimized fp_digit read only in explicit 32bit case 679 - ADH Cipher Suite ADH-AES128-SHA for EAP-FAST 680 681 The CyaSSL manual is available at: 682 http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf. For build instructions 683 and comments about the new features please check the manual. 684 685 686 ***********CyaSSL Release 3.2.0 (09/10/2014) 687 688 Release 3.2.0 CyaSSL has bug fixes and new features including: 689 690 - ChaCha20 and Poly1305 crypto and suites 691 - Small stack improvements for OCSP, CRL, TLS, DTLS 692 - NTRU Encrypt and Decrypt benchmarks 693 - Updated Visual Studio project files 694 - Updated Keil MDK5 project files 695 - Fix for DTLS sequence numbers with GCM/CCM 696 - Updated HashDRBG with more secure struct declaration 697 - TI-RTOS support and example Code Composer Studio project files 698 - Ability to get enabled cipher suites, CyaSSL_get_ciphers() 699 - AES-GCM/CCM/Direct support for Freescale mmCAU and CAU 700 - Sniffer improvement checking for decrypt key setup 701 - Support for raw ECC key import 702 - Ability to convert ecc_key to DER, EccKeyToDer() 703 - Security fix for RSA Padding check vulnerability reported by Intel Security 704 Advanced Threat Research team 705 706 The CyaSSL manual is available at: 707 http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf. For build instructions 708 and comments about the new features please check the manual. 709 710 711 ************ CyaSSL Release 3.1.0 (07/14/2014) 712 713 Release 3.1.0 CyaSSL has bug fixes and new features including: 714 715 - Fix for older versions of icc without 128-bit type 716 - Intel ASM syntax for AES-NI 717 - Updated NTRU support, keygen benchmark 718 - FIPS check for minimum required HMAC key length 719 - Small stack (--enable-smallstack) improvements for PKCS#7, ASN 720 - TLS extension support for DTLS 721 - Default I/O callbacks external to user 722 - Updated example client with bad clock test 723 - Ability to set optional ECC context info 724 - Ability to enable/disable DH separate from opensslextra 725 - Additional test key/cert buffers for CA and server 726 - Updated example certificates 727 728 The CyaSSL manual is available at: 729 http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf. For build instructions 730 and comments about the new features please check the manual. 731 732 733 ************ CyaSSL Release 3.0.2 (05/30/2014) 734 735 Release 3.0.2 CyaSSL has bug fixes and new features including: 736 737 - Added the following cipher suites: 738 * TLS_PSK_WITH_AES_128_GCM_SHA256 739 * TLS_PSK_WITH_AES_256_GCM_SHA384 740 * TLS_PSK_WITH_AES_256_CBC_SHA384 741 * TLS_PSK_WITH_NULL_SHA384 742 * TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 743 * TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 744 * TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 745 * TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 746 * TLS_DHE_PSK_WITH_NULL_SHA256 747 * TLS_DHE_PSK_WITH_NULL_SHA384 748 * TLS_DHE_PSK_WITH_AES_128_CCM 749 * TLS_DHE_PSK_WITH_AES_256_CCM 750 - Added AES-NI support for Microsoft Visual Studio builds. 751 - Changed small stack build to be disabled by default. 752 - Updated the Hash DRBG and provided a configure option to enable. 753 754 The CyaSSL manual is available at: 755 http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf. For build instructions 756 and comments about the new features please check the manual. 757 758 759 ************ CyaSSL Release 3.0.0 (04/29/2014) 760 761 Release 3.0.0 CyaSSL has bug fixes and new features including: 762 763 - FIPS release candidate 764 - X.509 improvements that address items reported by Suman Jana with security 765 researchers at UT Austin and UC Davis 766 - Small stack size improvements, --enable-smallstack. Offloads large local 767 variables to the heap. (Note this is not complete.) 768 - Updated AES-CCM-8 cipher suites to use approved suite numbers. 769 770 The CyaSSL manual is available at: 771 http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf. For build instructions 772 and comments about the new features please check the manual. 773 774 775 ************ CyaSSL Release 2.9.4 (04/09/2014) 776 777 Release 2.9.4 CyaSSL has bug fixes and new features including: 778 779 - Security fixes that address items reported by Ivan Fratric of the Google 780 Security Team 781 - X.509 Unknown critical extensions treated as errors, report by Suman Jana with 782 security researchers at UT Austin and UC Davis 783 - Sniffer fixes for corrupted packet length and Jumbo frames 784 - ARM thumb mode assembly fixes 785 - Xcode 5.1 support including new clang 786 - PIC32 MZ hardware support 787 - CyaSSL Object has enough room to read the Record Header now w/o allocs 788 - FIPS wrappers for AES, 3DES, SHA1, SHA256, SHA384, HMAC, and RSA. 789 - A sample I/O pool is demonstrated with --enable-iopool to overtake memory 790 handling and reduce memory fragmentation on I/O large sizes 791 792 The CyaSSL manual is available at: 793 http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf. For build instructions 794 and comments about the new features please check the manual. 795 796 797 ************ CyaSSL Release 2.9.0 (02/07/2014) 798 799 Release 2.9.0 CyaSSL has bug fixes and new features including: 800 - Freescale Kinetis RNGB support 801 - Freescale Kinetis mmCAU support 802 - TLS Hello extensions 803 - ECC 804 - Secure Renegotiation (null) 805 - Truncated HMAC 806 - SCEP support 807 - PKCS #7 Enveloped data and signed data 808 - PKCS #10 Certificate Signing Request generation 809 - DTLS sliding window 810 - OCSP Improvements 811 - API change to integrate into Certificate Manager 812 - IPv4/IPv6 agnostic 813 - example client/server support for OCSP 814 - OCSP nonces are optional 815 - GMAC hashing 816 - Windows build additions 817 - Windows CYGWIN build fixes 818 - Updated test certificates 819 - Microchip MPLAB Harmony support 820 - Update autoconf scripts 821 - Additional X.509 inspection functions 822 - ECC encrypt/decrypt primitives 823 - ECC Certificate generation 824 825 The Freescale Kinetis K53 RNGB documentation can be found in Chapter 33 of the 826 K53 Sub-Family Reference Manual: 827 http://cache.freescale.com/files/32bit/doc/ref_manual/K53P144M100SF2RM.pdf 828 829 Freescale Kinetis K60 mmCAU (AES, DES, 3DES, MD5, SHA, SHA256) documentation 830 can be found in the "ColdFire/ColdFire+ CAU and Kinetis mmCAU Software Library 831 User Guide": 832 http://cache.freescale.com/files/32bit/doc/user_guide/CAUAPIUG.pdf 833 834 835 *****************CyaSSL Release 2.8.0 (8/30/2013) 836 837 Release 2.8.0 CyaSSL has bug fixes and new features including: 838 - AES-GCM and AES-CCM use AES-NI 839 - NetX default IO callback handlers 840 - IPv6 fixes for DTLS Hello Cookies 841 - The ability to unload Certs/Keys after the handshake, CyaSSL_UnloadCertsKeys() 842 - SEP certificate extensions 843 - Callback getters for easier resource freeing 844 - External CYASSL_MAX_ERROR_SZ for correct error buffer sizing 845 - MacEncrypt and DecryptVerify Callbacks for User Atomic Record Layer Processing 846 - Public Key Callbacks for ECC and RSA 847 - Client now sends blank cert upon request if doesn't have one with TLS <= 1.2 848 849 850 The CyaSSL manual is available at: 851 http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf. For build instructions 852 and comments about the new features please check the manual. 853 854 855 *****************CyaSSL Release 2.7.0 (6/17/2013) 856 857 Release 2.7.0 CyaSSL has bug fixes and new features including: 858 - SNI support for client and server 859 - KEIL MDK-ARM projects 860 - Wildcard check to domain name match, and Subject altnames are checked too 861 - Better error messages for certificate verification errors 862 - Ability to discard session during handshake verify 863 - More consistent error returns across all APIs 864 - Ability to unload CAs at the CTX or CertManager level 865 - Authority subject id support for Certificate matching 866 - Persistent session cache functionality 867 - Persistent CA cache functionality 868 - Client session table lookups to push serverID table to library level 869 - Camellia support to sniffer 870 - User controllable settings for DTLS timeout values 871 - Sniffer fixes for caching long lived sessions 872 - DTLS reliability enhancements for the handshake 873 - Better ThreadX support 874 875 When compiling with Mingw, libtool may give the following warning due to 876 path conversion errors: 877 878 libtool: link: Could not determine host file name corresponding to ** 879 libtool: link: Continuing, but uninstalled executables may not work. 880 881 If so, examples and testsuite will have problems when run, showing an 882 error while loading shared libraries. To resolve, please run "make install". 883 884 The CyaSSL manual is available at: 885 http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf. For build instructions 886 and comments about the new features please check the manual. 887 888 889 ************** CyaSSL Release 2.6.0 (04/15/2013) 890 891 Release 2.6.0 CyaSSL has bug fixes and new features including: 892 - DTLS 1.2 support including AEAD ciphers 893 - SHA-3 finalist Blake2 support, it's fast and uses little resources 894 - SHA-384 cipher suites including ECC ones 895 - HMAC now supports SHA-512 896 - Track memory use for example client/server with -t option 897 - Better IPv6 examples with --enable-ipv6, before if ipv6 examples/tests were 898 turned on, localhost only was used. Now link-local (with scope ids) and ipv6 899 hosts can be used as well. 900 - Xcode v4.6 project for iOS v6.1 update 901 - settings.h is now checked in all *.c files for true one file setting detection 902 - Better alignment at SSL layer for hardware crypto alignment needs 903 * Note, SSL itself isn't friendly to alignment with 5 byte TLS headers and 904 13 bytes DTLS headers, but every effort is now made to align with the 905 CYASSL_GENERAL_ALIGNMENT flag which sets desired alignment requirement 906 - NO_64BIT flag to turn off 64bit data type accumulators in public key code 907 * Note, some systems are faster with 32bit accumulators 908 - --enable-stacksize for example client/server stack use 909 * Note, modern desktop Operating Systems may add bytes to each stack frame 910 - Updated compression/decompression with direct crypto access 911 - All ./configure options are now lowercase only for consistency 912 - ./configure builds default to fastmath option 913 * Note, if on ia32 and building in shared mode this may produce a problem 914 with a missing register being available because of PIC, there are at least 915 6 solutions to this: 916 1) --disable-fastmath , don't use fastmath 917 2) --disable-shared, don't build a shared library 918 3) C_EXTRA_FLAGS=-DTFM_NO_ASM , turn off assembly use 919 4) use clang, it just seems to work 920 5) play around with no PIC options to force all registers being open, 921 e.g, --without-pic 922 6) if static lib is still a problem try removing fPIE 923 - Many new ./configure switches for option enable/disable for example 924 * rsa 925 * dh 926 * dsa 927 * md5 928 * sha 929 * arc4 930 * null (allow NULL ciphers) 931 * oldtls (only use TLS 1.2) 932 * asn (no certs or public keys allowed) 933 - ./configure generates cyassl/options.h which allows a header the user can 934 include in their app to make sure the same options are set at the app and 935 CyaSSL level. 936 - autoconf no longer needs serial-tests which lowers version requirements of 937 automake to 1.11 and autoconf to 2.63 938 939 The CyaSSL manual is available at: 940 http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf. For build instructions 941 and comments about the new features please check the manual. 80 - Support for Espressif ESP-IDF development framework 81 - Fix for XCode build with iPhone simulator on i386 82 - PKCS7 support for generating and verify bundles using a detached signature 83 - Fix for build disabling AES-CBC and enabling opensslextra compatibility layer 84 - Updates to sniffer for showing session information and handling split messages across records 85 - Port update for Micrium uC/OS-III 86 - Feature to adjust max fragment size post handshake when compiled with the macro WOLFSSL_ALLOW_MAX_FRAGMENT_ADJUST 87 - Adding the macro NO_MULTIBYTE_PRINT for compiling out special characters that embedded devices may have problems with 88 - Updates for Doxygen documentation, including PKCS #11 API and more 89 - Adding Intel QuickAssist v1.7 driver support for asynchronous crypto 90 - Adding Intel QuickAssist RSA key generation and SHA-3 support 91 - RSA verify only (--enable-rsavfy) and RSA public only (--enable-rsapub) builds added 92 - Enhancements to test cases for increased code coverage 93 - Updates to VxWorks port for use with Mongoose, including updates to the OpenSSL compatibility layer 94 - Yocto Project ease of use improvements along with many updates and build instructions added to the INSTALL file 95 - Maximum ticket nonce size was increased to 8 96 - Updating --enable-armasm build for ease of use with autotools 97 - Updates to internal code checking TLS 1.3 version with a connection 98 - Removing unnecessary extended master secret from ServerHello if using TLS 1.3 99 - Fix for TLS v1.3 HelloRetryRequest to be sent immediately and not grouped 942 100 943 101 944 102 945 ************** CyaSSL Release 2.5.0 (02/04/2013) 103 This release of wolfSSL includes a fix for 1 security vulnerability. 946 104 947 Release 2.5.0 CyaSSL has bug fixes and new features including: 948 - Fix for TLS CBC padding timing attack identified by Nadhem Alfardan and 949 Kenny Paterson: http://www.isg.rhul.ac.uk/tls/ 950 - Microchip PIC32 (MIPS16, MIPS32) support 951 - Microchip MPLAB X example projects for PIC32 Ethernet Starter Kit 952 - Updated CTaoCrypt benchmark app for embedded systems 953 - 1024-bit test certs/keys and cert/key buffers 954 - AES-CCM-8 crypto and cipher suites 955 - Camellia crypto and cipher suites 956 - Bumped minimum autoconf version to 2.65, automake version to 1.12 957 - Addition of OCSP callbacks 958 - STM32F2 support with hardware crypto and RNG 959 - Cavium NITROX support 105 Medium level fix for potential cache attack with a variant of Bleichenbacherâs attack. Earlier versions of wolfSSL leaked PKCS #1 v1.5 padding information during private key decryption that could lead to a potential padding oracle attack. It is recommended that users update to the latest version of wolfSSL if they have RSA cipher suites enabled and have the potential for malicious software to be ran on the same system that is performing RSA operations. Users that have only ECC cipher suites enabled and are not performing RSA PKCS #1 v1.5 Decryption operations are not vulnerable. Also users with TLS 1.3 only connections are not vulnerable to this attack. Thanks to Eyal Ronen (Weizmann Institute), Robert Gillham (University of Adelaide), Daniel Genkin (University of Michigan), Adi Shamir (Weizmann Institute), David Wong (NCC Group), and Yuval Yarom (University of Adelaide and Data61) for the report. 960 106 961 CTaoCrypt now has support for the Microchip PIC32 and has been tested with 962 the Microchip PIC32 Ethernet Starter Kit, the XC32 compiler and 963 MPLAB X IDE in both MIPS16 and MIPS32 instruction set modes. See the README 964 located under the <cyassl_root>/mplabx directory for more details. 965 966 To add Cavium NITROX support do: 967 968 ./configure --with-cavium=/home/user/cavium/software 969 970 pointing to your licensed cavium/software directory. Since Cavium doesn't 971 build a library we pull in the cavium_common.o file which gives a libtool 972 warning about the portability of this. Also, if you're using the github source 973 tree you'll need to remove the -Wredundant-decls warning from the generated 974 Makefile because the cavium headers don't conform to this warning. Currently 975 CyaSSL supports Cavium RNG, AES, 3DES, RC4, HMAC, and RSA directly at the crypto 976 layer. Support at the SSL level is partial and currently just does AES, 3DES, 977 and RC4. RSA and HMAC are slower until the Cavium calls can be utilized in non 978 blocking mode. The example client turns on cavium support as does the crypto 979 test and benchmark. Please see the HAVE_CAVIUM define. 980 981 CyaSSL is able to use the STM32F2 hardware-based cryptography and random number 982 generator through the STM32F2 Standard Peripheral Library. For necessary 983 defines, see the CYASSL_STM32F2 define in settings.h. Documentation for the 984 STM32F2 Standard Peripheral Library can be found in the following document: 985 http://www.st.com/internet/com/TECHNICAL_RESOURCES/TECHNICAL_LITERATURE/USER_MANUAL/DM00023896.pdf 986 987 The CyaSSL manual is available at: 988 http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf. For build instructions 989 and comments about the new features please check the manual. 107 The paper for further reading on the attack details can be found at http://cat.eyalro.net/cat.pdf. 990 108 991 109 992 993 *************** CyaSSL Release 2.4.6 (12/20/2012) 994 995 Release 2.4.6 CyaSSL has bug fixes and a few new features including: 996 - ECC into main version 997 - Lean PSK build (reduced code size, RAM usage, and stack usage) 998 - FreeBSD CRL monitor support 999 - CyaSSL_peek() 1000 - CyaSSL_send() and CyaSSL_recv() for I/O flag setting 1001 - CodeWarrior Support 1002 - MQX Support 1003 - Freescale Kinetis support including Hardware RNG 1004 - autoconf builds use jobserver 1005 - cyassl-config 1006 - Sniffer memory reductions 1007 1008 Thanks to Brian Aker for the improved autoconf system, make rpm, cyassl-config, 1009 warning system, and general good ideas for improving CyaSSL! 1010 1011 The Freescale Kinetis K70 RNGA documentation can be found in Chapter 37 of the 1012 K70 Sub-Family Reference Manual: 1013 http://cache.freescale.com/files/microcontrollers/doc/ref_manual/K70P256M150SF3RM.pdf 1014 1015 The CyaSSL manual is available at: 1016 http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf. For build instructions 1017 and comments about the new features please check the manual. 110 *** Resources *** 1018 111 1019 112 1020 *************** CyaSSL Release 2.4.0 (10/10/2012)113 [wolfSSL Website](https://www.wolfssl.com/) 1021 114 1022 Release 2.4.0 CyaSSL has bug fixes and a few new features including: 1023 - DTLS reliability 1024 - Reduced memory usage after handshake 1025 - Updated build process 115 [wolfSSL Wiki](https://github.com/wolfSSL/wolfssl/wiki) 1026 116 1027 The CyaSSL manual is available at: 1028 http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf. For build instructions 1029 and comments about the new features please check the manual. 117 [FIPS FAQ](https://www.wolfssl.com/wolfSSL/fips.html) 1030 118 119 [wolfSSL Manual](https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-toc.html) 1031 120 121 [wolfSSL API Reference] 122 (https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-17-wolfssl-api-reference.html) 1032 123 1033 *************** CyaSSL Release 2.3.0 (8/10/2012) 124 [wolfCrypt API Reference] 125 (https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-18-wolfcrypt-api-reference.html) 1034 126 1035 Release 2.3.0 CyaSSL has bug fixes and a few new features including: 1036 - AES-GCM crypto and cipher suites 1037 - make test cipher suite checks 1038 - Subject AltName processing 1039 - Command line support for client/server examples 1040 - Sniffer SessionTicket support 1041 - SHA-384 cipher suites 1042 - Verify cipher suite validity when user overrides 1043 - CRL dir monitoring 1044 - DTLS Cookie support, reliability coming soon 1045 1046 The CyaSSL manual is available at: 1047 http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf. For build instructions 1048 and comments about the new features please check the manual. 1049 1050 1051 1052 ***************CyaSSL Release 2.2.0 (5/18/2012) 1053 1054 Release 2.2.0 CyaSSL has bug fixes and a few new features including: 1055 - Initial CRL support (--enable-crl) 1056 - Initial OCSP support (--enable-ocsp) 1057 - Add static ECDH suites 1058 - SHA-384 support 1059 - ECC client certificate support 1060 - Add medium session cache size (1055 sessions) 1061 - Updated unit tests 1062 - Protection against mutex reinitialization 1063 1064 1065 The CyaSSL manual is available at: 1066 http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf. For build instructions 1067 and comments about the new features please check the manual. 1068 1069 1070 1071 ***************CyaSSL Release 2.0.8 (2/24/2012) 1072 1073 Release 2.0.8 CyaSSL has bug fixes and a few new features including: 1074 - A fix for malicious certificates pointed out by Remi Gacogne (thanks) 1075 resulting in NULL pointer use. 1076 - Respond to renegotiation attempt with no_renegoatation alert 1077 - Add basic path support for load_verify_locations() 1078 - Add set Temp EC-DHE key size 1079 - Extra checks on rsa test when porting into 1080 1081 1082 The CyaSSL manual is available at: 1083 http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf. For build instructions 1084 and comments about the new features please check the manual. 1085 1086 1087 1088 ************* CyaSSL Release 2.0.6 (1/27/2012) 1089 1090 Release 2.0.6 CyaSSL has bug fixes and a few new features including: 1091 - Fixes for CA basis constraint check 1092 - CTX reference counting 1093 - Initial unit test additions 1094 - Lean and Mean Windows fix 1095 - ECC benchmarking 1096 - SSMTP build support 1097 - Ability to group handshake messages with set_group_messages(ctx/ssl) 1098 - CA cache addition callback 1099 - Export Base64_Encode for general use 1100 1101 The CyaSSL manual is available at: 1102 http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf. For build instructions 1103 and comments about the new features please check the manual. 1104 1105 1106 1107 ************* CyaSSL Release 2.0.2 (12/05/2011) 1108 1109 Release 2.0.2 CyaSSL has bug fixes and a few new features including: 1110 - CTaoCrypt Runtime library detection settings when directly using the crypto 1111 library 1112 - Default certificate generation now uses SHAwRSA and adds SHA256wRSA generation 1113 - All test certificates now use 2048bit and SHA-1 for better modern browser 1114 support 1115 - Direct AES block access and AES-CTR (counter) mode 1116 - Microchip pic32 support 1117 1118 The CyaSSL manual is available at: 1119 http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf. For build instructions 1120 and comments about the new features please check the manual. 1121 1122 1123 1124 ************* CyaSSL Release 2.0.0rc3 (9/28/2011) 1125 1126 Release 2.0.0rc3 for CyaSSL has bug fixes and a few new features including: 1127 - updated autoconf support 1128 - better make install and uninstall (uses system directories) 1129 - make test / make check 1130 - CyaSSL headers now in <cyassl/*.h> 1131 - CTaocrypt headers now in <cyassl/ctaocrypt/*.h> 1132 - OpenSSL compatibility headers now in <cyassl/openssl/*.h> 1133 - examples and tests all run from home directory so can use certs in ./certs 1134 (see note 1) 1135 1136 So previous applications that used the OpenSSL compatibility header 1137 <openssl/ssl.h> now need to include <cyassl/openssl/ssl.h> instead, no other 1138 changes are required. 1139 1140 Special Thanks to Brian Aker for his autoconf, install, and header patches. 1141 1142 The CyaSSL manual is available at: 1143 http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf. For build instructions 1144 and comments about the new features please check the manual. 1145 1146 ************CyaSSL Release 2.0.0rc2 (6/6/2011) 1147 1148 Release 2.0.0rc2 for CyaSSL has bug fixes and a few new features including: 1149 - bug fixes (Alerts, DTLS with DHE) 1150 - FreeRTOS support 1151 - lwIP support 1152 - Wshadow warnings removed 1153 - asn public header 1154 - CTaoCrypt public headers now all have ctc_ prefix (the manual is still being 1155 updated to reflect this change) 1156 - and more. 1157 1158 This is the 2nd and perhaps final release candidate for version 2. 1159 Please send any comments or questions to support@wolfssl.com. 1160 1161 The CyaSSL manual is available at: 1162 http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf. For build instructions 1163 and comments about the new features please check the manual. 1164 1165 ***********CyaSSL Release 2.0.0rc1 (5/2/2011) 1166 1167 Release 2.0.0rc1 for CyaSSL has many new features including: 1168 - bug fixes 1169 - SHA-256 cipher suites 1170 - Root Certificate Verification (instead of needing all certs in the chain) 1171 - PKCS #8 private key encryption (supports PKCS #5 v1-v2 and PKCS #12) 1172 - Serial number retrieval for x509 1173 - PBKDF2 and PKCS #12 PBKDF 1174 - UID parsing for x509 1175 - SHA-256 certificate signatures 1176 - Client and server can send chains (SSL_CTX_use_certificate_chain_file) 1177 - CA loading can now parse multiple certificates per file 1178 - Dynamic memory runtime hooks 1179 - Runtime hooks for logging 1180 - EDH on server side 1181 - More informative error codes 1182 - More informative logging messages 1183 - Version downgrade more robust (use SSL_v23*) 1184 - Shared build only by default through ./configure 1185 - Compiler visibility is now used, internal functions not polluting namespace 1186 - Single Makefile, no recursion, for faster and simpler building 1187 - Turn on all warnings possible build option, warning fixes 1188 - and more. 1189 1190 Because of all the new features and the multiple OS, compiler, feature-set 1191 options that CyaSSL allows, there may be some configuration fixes needed. 1192 Please send any comments or questions to support@wolfssl.com. 1193 1194 The CyaSSL manual is available at: 1195 http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf. For build instructions 1196 and comments about the new features please check the manual. 1197 1198 ****************** CyaSSL Release 1.9.0 (3/2/2011) 1199 1200 Release 1.9.0 for CyaSSL adds bug fixes, improved TLSv1.2 through testing and 1201 better hash/sig algo ids, --enable-webServer for the yaSSL embedded web server, 1202 improper AES key setup detection, user cert verify callback improvements, and 1203 more. 1204 1205 The CyaSSL manual offering is included in the doc/ directory. For build 1206 instructions and comments about the new features please check the manual. 1207 1208 Please send any comments or questions to support@wolfssl.com. 1209 1210 ****************** CyaSSL Release 1.8.0 (12/23/2010) 1211 1212 Release 1.8.0 for CyaSSL adds bug fixes, x509 v3 CA signed certificate 1213 generation, a C standard library abstraction layer, lower memory use, increased 1214 portability through the os_settings.h file, and the ability to use NTRU cipher 1215 suites when used in conjunction with an NTRU license and library. 1216 1217 The initial CyaSSL manual offering is included in the doc/ directory. For 1218 build instructions and comments about the new features please check the manual. 1219 1220 Please send any comments or questions to support@wolfssl.com. 1221 1222 Happy Holidays. 1223 1224 1225 ********************* CyaSSL Release 1.6.5 (9/9/2010) 1226 1227 Release 1.6.5 for CyaSSL adds bug fixes and x509 v3 self signed certificate 1228 generation. 1229 1230 For general build instructions see doc/Building_CyaSSL.pdf. 1231 1232 To enable certificate generation support add this option to ./configure 1233 ./configure --enable-certgen 1234 1235 An example is included in ctaocrypt/test/test.c and documentation is provided 1236 in doc/CyaSSL_Extensions_Reference.pdf item 11. 1237 1238 ********************** CyaSSL Release 1.6.0 (8/27/2010) 1239 1240 Release 1.6.0 for CyaSSL adds bug fixes, RIPEMD-160, SHA-512, and RSA key 1241 generation. 1242 1243 For general build instructions see doc/Building_CyaSSL.pdf. 1244 1245 To add RIPEMD-160 support add this option to ./configure 1246 ./configure --enable-ripemd 1247 1248 To add SHA-512 support add this option to ./configure 1249 ./configure --enable-sha512 1250 1251 To add RSA key generation support add this option to ./configure 1252 ./configure --enable-keygen 1253 1254 Please see ctaocrypt/test/test.c for examples and usage. 1255 1256 For Windows, RIPEMD-160 and SHA-512 are enabled by default but key generation is 1257 off by default. To turn key generation on add the define CYASSL_KEY_GEN to 1258 CyaSSL. 1259 1260 1261 ************* CyaSSL Release 1.5.6 (7/28/2010) 1262 1263 Release 1.5.6 for CyaSSL adds bug fixes, compatibility for our JSSE provider, 1264 and a fix for GCC builds on some systems. 1265 1266 For general build instructions see doc/Building_CyaSSL.pdf. 1267 1268 To add AES-NI support add this option to ./configure 1269 ./configure --enable-aesni 1270 1271 You'll need GCC 4.4.3 or later to make use of the assembly. 1272 1273 ************** CyaSSL Release 1.5.4 (7/7/2010) 1274 1275 Release 1.5.4 for CyaSSL adds bug fixes, support for AES-NI, SHA1 speed 1276 improvements from loop unrolling, and support for the Mongoose Web Server. 1277 1278 For general build instructions see doc/Building_CyaSSL.pdf. 1279 1280 To add AES-NI support add this option to ./configure 1281 ./configure --enable-aesni 1282 1283 You'll need GCC 4.4.3 or later to make use of the assembly. 1284 1285 *************** CyaSSL Release 1.5.0 (5/11/2010) 1286 1287 Release 1.5.0 for CyaSSL adds bug fixes, GoAhead WebServer support, sniffer 1288 support, and initial swig interface support. 1289 1290 For general build instructions see doc/Building_CyaSSL.pdf. 1291 1292 To add support for GoAhead WebServer either --enable-opensslExtra or if you 1293 don't want all the features of opensslExtra you can just define GOAHEAD_WS 1294 instead. GOAHEAD_WS can be added to ./configure with CFLAGS=-DGOAHEAD_WS or 1295 you can define it yourself. 1296 1297 To look at the sniffer support please see the sniffertest app in 1298 sslSniffer/sslSnifferTest. Build with --enable-sniffer on *nix or use the 1299 vcproj files on windows. You'll need to have pcap installed on *nix and 1300 WinPcap on windows. 1301 1302 A swig interface file is now located in the swig directory for using Python, 1303 Java, Perl, and others with CyaSSL. This is initial support and experimental, 1304 please send questions or comments to support@wolfssl.com. 1305 1306 When doing load testing with CyaSSL, on the echoserver example say, the client 1307 machine may run out of tcp ephemeral ports, they will end up in the TIME_WAIT 1308 queue, and can't be reused by default. There are generally two ways to fix 1309 this. 1) Reduce the length sockets remain on the TIME_WAIT queue or 2) Allow 1310 items on the TIME_WAIT queue to be reused. 1311 1312 1313 To reduce the TIME_WAIT length in OS X to 3 seconds (3000 milliseconds) 1314 1315 sudo sysctl -w net.inet.tcp.msl=3000 1316 1317 In Linux 1318 1319 sudo sysctl -w net.ipv4.tcp_tw_reuse=1 1320 1321 allows reuse of sockets in TIME_WAIT 1322 1323 sudo sysctl -w net.ipv4.tcp_tw_recycle=1 1324 1325 works but seems to remove sockets from TIME_WAIT entirely? 1326 1327 sudo sysctl -w net.ipv4.tcp_fin_timeout=1 1328 1329 doen't control TIME_WAIT, it controls FIN_WAIT(2) contrary to some posts 1330 1331 1332 ******************** CyaSSL Release 1.4.0 (2/18/2010) 1333 1334 Release 1.3.0 for CyaSSL adds bug fixes, better multi TLS/SSL version support 1335 through SSLv23_server_method(), and improved documentation in the doc/ folder. 1336 1337 For general build instructions doc/Building_CyaSSL.pdf. 1338 1339 ******************** CyaSSL Release 1.3.0 (1/21/2010) 1340 1341 Release 1.3.0 for CyaSSL adds bug fixes, a potential security problem fix, 1342 better porting support, removal of assert()s, and a complete THREADX port. 1343 1344 For general build instructions see rc1 below. 1345 1346 ******************** CyaSSL Release 1.2.0 (11/2/2009) 1347 1348 Release 1.2.0 for CyaSSL adds bug fixes and session negotiation if first use is 1349 read or write. 1350 1351 For general build instructions see rc1 below. 1352 1353 ******************** CyaSSL Release 1.1.0 (9/2/2009) 1354 1355 Release 1.1.0 for CyaSSL adds bug fixes, a check against malicious session 1356 cache use, support for lighttpd, and TLS 1.2. 1357 1358 To get TLS 1.2 support please use the client and server functions: 1359 1360 SSL_METHOD *TLSv1_2_server_method(void); 1361 SSL_METHOD *TLSv1_2_client_method(void); 1362 1363 CyaSSL was tested against lighttpd 1.4.23. To build CyaSSL for use with 1364 lighttpd use the following commands from the CyaSSL install dir <CyaSSLDir>: 1365 1366 ./configure --disable-shared --enable-opensslExtra --enable-fastmath --without-zlib 1367 1368 make 1369 make openssl-links 1370 1371 Then to build lighttpd with CyaSSL use the following commands from the 1372 lighttpd install dir: 1373 1374 ./configure --with-openssl --with-openssl-includes=<CyaSSLDir>/include --with-openssl-libs=<CyaSSLDir>/lib LDFLAGS=-lm 1375 1376 make 1377 1378 On some systems you may get a linker error about a duplicate symbol for 1379 MD5_Init or other MD5 calls. This seems to be caused by the lighttpd src file 1380 md5.c, which defines MD5_Init(), and is included in liblightcomp_la-md5.o. 1381 When liblightcomp is linked with the SSL_LIBs the linker may complain about 1382 the duplicate symbol. This can be fixed by editing the lighttpd src file md5.c 1383 and adding this line to the beginning of the file: 1384 1385 #if 0 1386 1387 and this line to the end of the file 1388 1389 #endif 1390 1391 Then from the lighttpd src dir do a: 1392 1393 make clean 1394 make 1395 1396 1397 If you get link errors about undefined symbols more than likely the actual 1398 OpenSSL libraries are found by the linker before the CyaSSL openssl-links that 1399 point to the CyaSSL library, causing the linker confusion. This can be fixed 1400 by editing the Makefile in the lighttpd src directory and changing the line: 1401 1402 SSL_LIB = -lssl -lcrypto 1403 1404 to 1405 1406 SSL_LIB = -lcyassl 1407 1408 Then from the lighttpd src dir do a: 1409 1410 make clean 1411 make 1412 1413 This should remove any confusion the linker may be having with missing symbols. 1414 1415 For any questions or concerns please contact support@wolfssl.com . 1416 1417 For general build instructions see rc1 below. 1418 1419 ******************CyaSSL Release 1.0.6 (8/03/2009) 1420 1421 Release 1.0.6 for CyaSSL adds bug fixes, an improved session cache, and faster 1422 math with a huge code option. 1423 1424 The session cache now defaults to a client mode, also good for embedded servers. 1425 For servers not under heavy load (less than 200 new sessions per minute), define 1426 BIG_SESSION_CACHE. If the server will be under heavy load, define 1427 HUGE_SESSION_CACHE. 1428 1429 There is now a fasthugemath option for configure. This enables fastmath plus 1430 even faster math by greatly increasing the code size of the math library. Use 1431 the benchmark utility to compare public key operations. 1432 1433 1434 For general build instructions see rc1 below. 1435 1436 ******************CyaSSL Release 1.0.3 (5/10/2009) 1437 1438 Release 1.0.3 for CyaSSL adds bug fixes and add increased support for OpenSSL 1439 compatibility when building other applications. 1440 1441 Release 1.0.3 includes an alpha release of DTLS for both client and servers. 1442 This is only for testing purposes at this time. Rebroadcast and reordering 1443 aren't fully implemented at this time but will be for the next release. 1444 1445 For general build instructions see rc1 below. 1446 1447 ******************CyaSSL Release 1.0.2 (4/3/2009) 1448 1449 Release 1.0.2 for CyaSSL adds bug fixes for a couple I/O issues. Some systems 1450 will send a SIGPIPE on socket recv() at any time and this should be handled by 1451 the application by turning off SIGPIPE through setsockopt() or returning from 1452 the handler. 1453 1454 Release 1.0.2 includes an alpha release of DTLS for both client and servers. 1455 This is only for testing purposes at this time. Rebroadcast and reordering 1456 aren't fully implemented at this time but will be for the next release. 1457 1458 For general build instructions see rc1 below. 1459 1460 *****************CyaSSL Release Candidate 3 rc3-1.0.0 (2/25/2009) 1461 1462 1463 Release Candidate 3 for CyaSSL 1.0.0 adds bug fixes and adds a project file for 1464 iPhone development with Xcode. cyassl-iphone.xcodeproj is located in the root 1465 directory. This release also includes a fix for supporting other 1466 implementations that bundle multiple messages at the record layer, this was 1467 lost when cyassl i/o was re-implemented but is now fixed. 1468 1469 For general build instructions see rc1 below. 1470 1471 *****************CyaSSL Release Candidate 2 rc2-1.0.0 (1/21/2009) 1472 1473 1474 Release Candidate 2 for CyaSSL 1.0.0 adds bug fixes and adds two new stream 1475 ciphers along with their respective cipher suites. CyaSSL adds support for 1476 HC-128 and RABBIT stream ciphers. The new suites are: 1477 1478 TLS_RSA_WITH_HC_128_SHA 1479 TLS_RSA_WITH_RABBIT_SHA 1480 1481 And the corresponding cipher names are 1482 1483 HC128-SHA 1484 RABBIT-SHA 1485 1486 CyaSSL also adds support for building with devkitPro for PPC by changing the 1487 library proper to use libogc. The examples haven't been changed yet but if 1488 there's interest they can be. Here's an example ./configure to build CyaSSL 1489 for devkitPro: 1490 1491 ./configure --disable-shared CC=/pathTo/devkitpro/devkitPPC/bin/powerpc-gekko-gcc --host=ppc --without-zlib --enable-singleThreaded RANLIB=/pathTo/devkitpro/devkitPPC/bin/powerpc-gekko-ranlib CFLAGS="-DDEVKITPRO -DGEKKO" 1492 1493 For linking purposes you'll need 1494 1495 LDFLAGS="-g -mrvl -mcpu=750 -meabi -mhard-float -Wl,-Map,$(notdir $@).map" 1496 1497 For general build instructions see rc1 below. 1498 1499 1500 ********************CyaSSL Release Candidate 1 rc1-1.0.0 (12/17/2008) 1501 1502 1503 Release Candidate 1 for CyaSSL 1.0.0 contains major internal changes. Several 1504 areas have optimization improvements, less dynamic memory use, and the I/O 1505 strategy has been refactored to allow alternate I/O handling or Library use. 1506 Many thanks to Thierry Fournier for providing these ideas and most of the work. 1507 1508 Because of these changes, this release is only a candidate since some problems 1509 are probably inevitable on some platform with some I/O use. Please report any 1510 problems and we'll try to resolve them as soon as possible. You can contact us 1511 at support@wolfssl.com or todd@wolfssl.com. 1512 1513 Using TomsFastMath by passing --enable-fastmath to ./configure now uses assembly 1514 on some platforms. This is new so please report any problems as every compiler, 1515 mode, OS combination hasn't been tested. On ia32 all of the registers need to 1516 be available so be sure to pass these options to CFLAGS: 1517 1518 CFLAGS="-O3 -fomit-frame-pointer" 1519 1520 OS X will also need -mdynamic-no-pic added to CFLAGS 1521 1522 Also if you're building in shared mode for ia32 you'll need to pass options to 1523 LDFLAGS as well on OS X: 1524 1525 LDFLAGS=-Wl,-read_only_relocs,warning 1526 1527 This gives warnings for some symbols but seems to work. 1528 1529 1530 --To build on Linux, Solaris, *BSD, Mac OS X, or Cygwin: 1531 1532 ./configure 1533 make 1534 1535 from the ./testsuite/ directory run ./testsuite 1536 1537 to make a debug build: 1538 1539 ./configure --enable-debug --disable-shared 1540 make 1541 1542 1543 1544 --To build on Win32 1545 1546 Choose (Re)Build All from the project workspace 1547 1548 Run the testsuite program 1549 1550 1551 1552 1553 1554 *************************CyaSSL version 0.9.9 (7/25/2008) 1555 1556 This release of CyaSSL adds bug fixes, Pre-Shared Keys, over-rideable memory 1557 handling, and optionally TomsFastMath. Thanks to Mois辿s Guimarées for the 1558 work on TomsFastMath. 1559 1560 To optionally use TomsFastMath pass --enable-fastmath to ./configure 1561 Or define USE_FAST_MATH in each project from CyaSSL for MSVC. 1562 1563 Please use the benchmark routine before and after to see the performance 1564 difference, on some platforms the gains will be little but RSA encryption 1565 always seems to be faster. On x86-64 machines with GCC the normal math library 1566 may outperform the fast one when using CFLAGS=-m64 because TomsFastMath can't 1567 yet use -m64 because of GCCs inability to do 128bit division. 1568 1569 **** UPDATE GCC 4.2.1 can now do 128bit division *** 1570 1571 See notes below (0.2.0) for complete build instructions. 1572 1573 1574 ****************CyaSSL version 0.9.8 (5/7/2008) 1575 1576 This release of CyaSSL adds bug fixes, client side Diffie-Hellman, and better 1577 socket handling. 1578 1579 See notes below (0.2.0) for complete build instructions. 1580 1581 1582 ****************CyaSSL version 0.9.6 (1/31/2008) 1583 1584 This release of CyaSSL adds bug fixes, increased session management, and a fix 1585 for gnutls. 1586 1587 See notes below (0.2.0) for complete build instructions. 1588 1589 1590 ****************CyaSSL version 0.9.0 (10/15/2007) 1591 1592 This release of CyaSSL adds bug fixes, MSVC 2005 support, GCC 4.2 support, 1593 IPV6 support and test, and new test certificates. 1594 1595 See notes below (0.2.0) for complete build instructions. 1596 1597 1598 ****************CyaSSL version 0.8.0 (1/10/2007) 1599 1600 This release of CyaSSL adds increased socket support, for non-blocking writes, 1601 connects, and interrupted system calls. 1602 1603 See notes below (0.2.0) for complete build instructions. 1604 1605 1606 ****************CyaSSL version 0.6.3 (10/30/2006) 1607 1608 This release of CyaSSL adds debug logging to stderr to aid in the debugging of 1609 CyaSSL on systems that may not provide the best support. 1610 1611 If CyaSSL is built with debugging support then you need to call 1612 CyaSSL_Debugging_ON() to turn logging on. 1613 1614 On Unix use ./configure --enable-debug 1615 1616 On Windows define DEBUG_CYASSL when building CyaSSL 1617 1618 1619 To turn logging back off call CyaSSL_Debugging_OFF() 1620 1621 See notes below (0.2.0) for complete build instructions. 1622 1623 1624 *****************CyaSSL version 0.6.2 (10/29/2006) 1625 1626 This release of CyaSSL adds TLS 1.1. 1627 1628 Note that CyaSSL has certificate verification on by default, unlike OpenSSL. 1629 To emulate OpenSSL behavior, you must call SSL_CTX_set_verify() with 1630 SSL_VERIFY_NONE. In order to have full security you should never do this, 1631 provide CyaSSL with the proper certificates to eliminate impostors and call 1632 CyaSSL_check_domain_name() to prevent man in the middle attacks. 1633 1634 See notes below (0.2.0) for build instructions. 1635 1636 *****************CyaSSL version 0.6.0 (10/25/2006) 1637 1638 This release of CyaSSL adds more SSL functions, better autoconf, nonblocking 1639 I/O for accept, connect, and read. There is now an --enable-small configure 1640 option that turns off TLS, AES, DES3, HMAC, and ERROR_STRINGS, see configure.in 1641 for the defines. Note that TLS requires HMAC and AES requires TLS. 1642 1643 See notes below (0.2.0) for build instructions. 1644 1645 1646 *****************CyaSSL version 0.5.5 (09/27/2006) 1647 1648 This mini release of CyaSSL adds better input processing through buffered input 1649 and big message support. Added SSL_pending() and some sanity checks on user 1650 settings. 1651 1652 See notes below (0.2.0) for build instructions. 1653 1654 1655 *****************CyaSSL version 0.5.0 (03/27/2006) 1656 1657 This release of CyaSSL adds AES support and minor bug fixes. 1658 1659 See notes below (0.2.0) for build instructions. 1660 1661 1662 *****************CyaSSL version 0.4.0 (03/15/2006) 1663 1664 This release of CyaSSL adds TLSv1 client/server support and libtool. 1665 1666 See notes below for build instructions. 1667 1668 1669 *****************CyaSSL version 0.3.0 (02/26/2006) 1670 1671 This release of CyaSSL adds SSLv3 server support and session resumption. 1672 1673 See notes below for build instructions. 1674 1675 1676 *****************CyaSSL version 0.2.0 (02/19/2006) 1677 1678 1679 This is the first release of CyaSSL and its crypt brother, CTaoCrypt. CyaSSL 1680 is written in ANSI C with the idea of a small code size, footprint, and memory 1681 usage in mind. CTaoCrypt can be as small as 32K, and the current client 1682 version of CyaSSL can be as small as 12K. 1683 1684 1685 The first release of CTaoCrypt supports MD5, SHA-1, 3DES, ARC4, Big Integer 1686 Support, RSA, ASN parsing, and basic x509 (en/de)coding. 1687 1688 The first release of CyaSSL supports normal client RSA mode SSLv3 connections 1689 with support for SHA-1 and MD5 digests. Ciphers include 3DES and RC4. 1690 1691 1692 --To build on Linux, Solaris, *BSD, Mac OS X, or Cygwin: 1693 1694 ./configure 1695 make 1696 1697 from the ./testsuite/ directory run ./testsuite 1698 1699 to make a debug build: 1700 1701 ./configure --enable-debug --disable-shared 1702 make 1703 1704 1705 1706 --To build on Win32 1707 1708 Choose (Re)Build All from the project workspace 1709 1710 Run the testsuite program 1711 1712 1713 1714 *** The next release of CyaSSL will support a server and more OpenSSL 1715 compatibility functions. 1716 1717 1718 Please send questions or comments to todd@wolfssl.com 1719 127 [TLS 1.3](https://www.wolfssl.com/docs/tls13/)
Note:
See TracChangeset
for help on using the changeset viewer.