Skip to content
Tags give the ability to mark specific points in history as being important
  • v4.1.0-stable
    wolfSSL Release 4.1.0 (07/23/2019)
  • wolfRand-RC1
    894a57d2 · wolfRand ·
  • v4.0.0-stable
    wolfSSL Release 4.0.0 (03/20/2019)
    
  • WCv4-rng-stable
    The RNG was updated after we tagged the stable WCv4. The RNG must be
    checked out separately, as before. This is the tag for that.
  • v3.15.8
  • v3.15.7-stable
    wolfSSL Release 3.15.7 (12/26/2018)
  • v3.15.6
    v3.15.6 VxWorks and Mongoose with TLSv1.3 updates
  • v3.15.5a
    intermediate dev release
  • v3.15.5-stable
    wolfSSL Release 3.15.5 (11/07/2018)
  • WCv4.0-RC9
    951bd5a0 · FIPSv2: RNG Update ·
  • WCv4.0-RC8
    8972867a · FIPSv2: RNG Update ·
  • WCv4.0-RC7
    3e287e84 · FIPSv2: RNG Update ·
  • v3.15.3-stable
    wolfSSL Release 3.15.3 (06/20/2018)
  • l
  • WCv4-stable
    wolfCrypt v4.0 release
    
  • v3.15.0-stable
    b63d3173 · update change log (#1597) ·
    wolfSSL Release 3.15.0 (05/05/2018)
    
    Release 3.15.0 of wolfSSL embedded TLS has bug fixes and new features including:
    
    * Support for TLS 1.3 Draft versions 23, 26 and 28.
    * Add FIPS SGX support!
    * Single Precision assembly code added for ARM and 64-bit ARM to enhance performance.
    * Improved performance for Single Precision maths on 32-bit.
    * Improved downgrade support for the TLS 1.3 handshake.
    * Improved TLS 1.3 support from interoperability testing.
    * Added option to allow TLS 1.2 to be compiled out to reduce size and enhance security.
    * Added option to support Ed25519 in TLS 1.2 and 1.3.
    * Update wolfSSL_HMAC_Final() so the length parameter is optional.
    * Various fixes for Coverity static analysis reports.
    * Add define to use internal struct timeval (USE_WOLF_TIMEVAL_T).
    * Switch LowResTimer() to call XTIME instead of time(0) for better portability.
    * Expanded OpenSSL compatibility layer with a bevy of new functions.
    * Added Renesas CS+ project files.
    * Align DH support with NIST SP 800-56A, add wc_DhSetKey_ex() for q parameter.
    * Add build option for CAVP self test build (--enable-selftest).
    * Expose mp_toradix() when WOLFSSL_PUBLIC_MP is defined.
    * Example certificate expiration dates and generation script updated.
    * Additional optimizations to trim out unused strings depending on build options.
    * Fix for DN tag strings to have “=” when returning the string value to users.
    * Fix for wolfSSL_ERR_get_error_line_data return value if no more errors are in the queue.
    * Fix for AES-CBC IV value with PIC32 hardware acceleration.
    * Fix for wolfSSL_X509_print with ECC certificates.
    * Fix for strict checking on URI absolute vs relative path.
    * Added crypto device framework to handle PK RSA/ECC operations using callbacks, which adds new build option `./configure --enable-cryptodev` or `WOLF_CRYPTO_DEV`.
    * Added devId support to ECC and PKCS7 for hardware based private key.
    * Fixes in PKCS7 for handling possible memory leak in some error cases.
    * Added test for invalid cert common name when set with `wolfSSL_check_domain_name`.
    * Refactor of the cipher suite names to use single array, which contains internal name, IANA name and cipher suite bytes.
    * Added new function `wolfSSL_get_cipher_name_from_suite` for getting IANA cipher suite name using bytes.
    * Fixes for fsanitize reports.
    * Fix for openssl compatibility function `wolfSSL_RSA_verify` to check returned size.
    * Fixes and improvements for FreeRTOS AWS.
    * Fixes for building openssl compatibility with FreeRTOS.
    * Fix and new test for handling match on domain name that may have a null terminator inside.
    * Cleanup of the socket close code used for examples, CRL/OCSP and BIO to use single macro `CloseSocket`.
    * Refactor of the TLSX code to support returning error codes.
    * Added new signature wrapper functions `wc_SignatureVerifyHash` and `wc_SignatureGenerateHash` to allow direct use of hash.
    * Improvement to GCC-ARM IDE example.
    * Enhancements and cleanups for the ASN date/time code including new API's `wc_GetDateInfo`, `wc_GetCertDates` and `wc_GetDateAsCalendarTime`.
    * Fixes to resolve issues with C99 compliance. Added build option `WOLF_C99` to force C99.
    * Added a new `--enable-opensslall` option to enable all openssl compatibility features.
    * Added new `--enable-webclient` option for enabling a few HTTP API's.
    * Added new `wc_OidGetHash` API for getting the hash type from a hash OID.
    * Moved `wolfSSL_CertPemToDer`, `wolfSSL_KeyPemToDer`, `wolfSSL_PubKeyPemToDer` to asn.c and renamed to `wc_`. Added backwards compatibility macro for old function names.
    * Added new `WC_MAX_SYM_KEY_SIZE` macro for helping determine max key size.
    * Added `--enable-enckeys` or (`WOLFSSL_ENCRYPTED_KEYS`) to enable support for encrypted PEM private keys using password callback without having to use opensslextra.
    * Added ForceZero on the password buffer after done using it.
    * Refactor unique hash types to use same internal values (ex WC_MD5 == WC_HASH_TYPE_MD5).
    * Refactor the Sha3 types to use `wc_` naming, while retaining old names for compatibility.
    * Improvements to `wc_PBKDF1` to support more hash types and the non-standard extra data option.
    * Fix TLS 1.3 with ECC disabled and CURVE25519 enabled.
    * Added new define `NO_DEV_URANDOM` to disable the use of `/dev/urandom`.
    * Added `WC_RNG_BLOCKING` to indicate block w/sleep(0) is okay.
    * Fix for `HAVE_EXT_CACHE` callbacks not being available without `OPENSSL_EXTRA` defined.
    * Fix for ECC max bits `MAX_ECC_BITS` not always calculating correctly due to macro order.
    * Added support for building and using PKCS7 without RSA (assuming ECC is enabled).
    * Fixes and additions for Cavium Nitrox V to support ECC, AES-GCM and HMAC (SHA-224 and SHA3).
    * Enabled ECC, AES-GCM and SHA-512/384 by default in (Linux and Windows)
    * Added `./configure --enable-base16` and `WOLFSSL_BASE16` configuration option to enable Base16 API's.
    * Improvements to ATECC508A support for building without `WOLFSSL_ATMEL` defined.
    * Refactor IO callback function names to use `_CTX_` to eliminate confusion about the first parameter.
    * Added support for not loading a private key for server or client when `HAVE_PK_CALLBACK` is defined and the private PK callback is set.
    * Added new ECC API `wc_ecc_sig_size_calc` to return max signature size for a key size.
    * Cleanup ECC point import/export code and added new API `wc_ecc_import_unsigned`.
    * Fixes for handling OCSP with non-blocking.
    * Added new PK (Primary Key) callbacks for the VerifyRsaSign. The new callbacks API's are `wolfSSL_CTX_SetRsaVerifySignCb` and `wolfSSL_CTX_SetRsaPssVerifySignCb`.
    * Added new ECC API `wc_ecc_rs_raw_to_sig` to take raw unsigned R and S and encodes them into ECDSA signature format.
    * Added support for `WOLFSSL_STM32F1`.
    * Cleanup of the ASN X509 header/footer and XSTRNCPY logic.
    * Add copyright notice to autoconf files. (Thanks Brian Aker!)
    * Updated the M4 files for autotools. (Thanks Brian Aker!)
    * Add support for the cipher suite TLS_DH_anon_WITH_AES256_GCM_SHA384 with test cases. (Thanks Thivya Ashok!)
    * Add the TLS alert message unknown_psk_identity (115) from RFC 4279, section 2. (Thanks Thivya Ashok!)
    * Fix the case when using TCP with timeouts with TLS. wolfSSL shall be agnostic to network socket behavior for TLS. (DTLS is another matter.) The functions `wolfSSL_set_using_nonblock()` and `wolfSSL_get_using_nonblock()` are deprecated.
    * Hush the AR warning when building the static library with autotools.
    * Hush the “-pthread” warning when building in some environments.
    * Added a dist-hook target to the Makefile to reset the default options.h file.
    * Removed the need for the darwin-clang.m4 file with the updates provided by Brian A.
    * Renamed the AES assembly file so GCC on the Mac will build it using the preprocessor.
    * Add a disable option (--disable-optflags) to turn off the default optimization flags so user may supply their own custom flags.
    * Correctly touch the dummy fips.h header.
    
    If you have questions on any of this, then email us at info@wolfssl.com.
    See INSTALL file for build instructions.
    More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html
    
  • v3.14.5
  • WCv4.0-RC6
  • WCv4.0-RC5
  • WCv4.0-RC4
    723474e9 · Test Fixes ·