diff --git a/ChangeLog.md b/ChangeLog.md index 31b3a3ab4..25af93316 100644 --- a/ChangeLog.md +++ b/ChangeLog.md @@ -106,7 +106,8 @@ in a specific use case, 1 fix for DTLS. wolfSSL, and are doing private key operations on the system (such as signing with a private key) are recommended to regenerate private keys and update to the most recent version of wolfSSL. CVE-2020-15309 is reserved for this - issue. Thanks to Ida Bruhns from Universität zu Lübeck for the report. + issue. Thanks to Ida Bruhns from Universität zu Lübeck and Samira Briongos + from NEC Laboratories Europe for the report. * When using SGX with EC scalar multiplication the possibility of side-channel attacks are present. To mitigate the risk of side channel attacks wolfSSL’s single precision EC operations should be used instead. Release 4.5.0 turns @@ -335,13 +336,13 @@ Release 4.3.0 of wolfSSL embedded TLS has bug fixes and new features including: * Update to allow compiling for pwdbased/PBKDF2 with having NO_ASN defined * Modify KeyShare and PreSharedKey TLS 1.3 extension linked list advancement to be easier for compilers to handle * Optimization to parsing certificate extension name strings -* Adjustment to example server -x runtime behavior when encountering an unrecoverable error case +* Adjustment to example server -x runtime behavior when encountering an unrecoverable error case * Remove Blake2b support from HMAC * Adds new hash wrapper init wc_HashInit_ex and Adds new PBKDF2 API wc_PBKDF2_ex for using heap hints for custom memory pools * Adding script to cleanup generated test files, scripts/cleanup_testfiles.sh * Support 20-byte serial numbers and disallow 0 * sp_div improved to handle when a has less digits than d (--enable-sp-math build) -* When decoding a policy OID and turning it into a human readable string use snprintf() +* When decoding a policy OID and turning it into a human readable string use snprintf() * set the IV length of EVP AES GCM to 96-bits by default * Allow adding CAs for root CA's over the wire that do not have the extended key usage cert_sign set * Added logging messages for SendAlert call and update to send alert after verify certificate callback @@ -405,13 +406,13 @@ Release 4.2.0 of wolfSSL embedded TLS has bug fixes and new features including: * Addition to configure.ac for FIPS wolfRand builds * Adding the flag WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY for ignoring certificate date checks with the functions wolfSSL_CTX_load_verify_buffer_ex and wolfSSL_CTX_load_verify_locations_ex * Support for PKCS8 keys added to the function wolfSSL_CTX_use_PrivateKey_buffer -* Support for KECCAK hashing. Build with macro WOLFSSL_HASH_FLAGS and call wc_Sha3_SetFlags(&sha, WC_HASH_SHA3_KECCAK256) before the first SHA3 update +* Support for KECCAK hashing. Build with macro WOLFSSL_HASH_FLAGS and call wc_Sha3_SetFlags(&sha, WC_HASH_SHA3_KECCAK256) before the first SHA3 update * Addition of setting secure renegotiation at CTX level * Addition of KDS (NXP Kinetis Design Studio) example project to directory IDE/KDS/ * Support for Encrypt-Then-MAC to TLS 1.2 and below -* Added a new build option for a TITAN session cache that can hold just over 2 million session entries (--enable-titancache) +* Added a new build option for a TITAN session cache that can hold just over 2 million session entries (--enable-titancache) * Synchronous Quick Assist Support for Sniffer -* Added Support for SiFive HiFive Unleashed board +* Added Support for SiFive HiFive Unleashed board * Support for Google WebRTC added in to compatibility layer build * Additional Sniffer features; IPv6 sniffer support, Fragment chain input, Data store callback, Various statistics tweaks and other Sniffer fixes @@ -446,7 +447,7 @@ Release 4.2.0 of wolfSSL embedded TLS has bug fixes and new features including: * Optimization to SP math, changing variables to const where possible. Thanks to Yair Poleg (yair.poleg@ayyeka.com) of Ayyeka for proposing static declaration of global constant variables in SP code * Additional fuzz testing and fixes for TLS 1.3 use, including additional TLS 1.3 alert messages (PR#2440 for more information) * Additional sanity check that ciphersuite from client hello is used in server hello response (check can be removed with the macro WOLFSSL_NO_STRICT_CIPHER_SUITE) -* Improved MMCAU performance: SHA-1 by 35%, SHA-256 by 20% and MD5 by 78% +* Improved MMCAU performance: SHA-1 by 35%, SHA-256 by 20% and MD5 by 78% * By default, disallow SHA-2 cipher suites from being used in TLS 1.0 and 1.1 handshakes (can be ignored with macro WOLFSSL_OLDTLS_SHA2_CIPHERSUITES) * Optimization of export session buffer size with enable option --enable-sessionexport=nopeer * Spelling fixes in comments and some cast warnings resolved @@ -986,7 +987,7 @@ This release includes many performance improvements with Intel ASM (AVX/AVX2) an * Fixes to allow custom serial number during certificate generation * Add method to get WOLFSSL_CTX certificate manager * Improvement to `wolfSSL_SetOCSP_Cb` to allow context per WOLFSSL object -* Alternate certificate chain support `WOLFSSL_ALT_CERT_CHAINS`. Enables checking cert against multiple CA's. +* Alternate certificate chain support `WOLFSSL_ALT_CERT_CHAINS`. Enables checking cert against multiple CA's. * Added new `--disable-oldnames` option to allow for using openssl along-side wolfssl headers (without OPENSSL_EXTRA). * Refactor SSL_ and hashing types to use wolf specific prefix (WOLFSSL and WC_) to allow openssl coexistence. * Fixes for HAVE_INTEL_MULX @@ -1106,7 +1107,7 @@ More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html - Added support for HAproxy load balancer - Added option to allow SHA1 with TLS 1.2 for IIS compatibility (WOLFSSL_ALLOW_TLS_SHA1) - Added Curve25519 51-bit Implementation, increasing performance on systems that have 128 bit types -- Fix to not send session ID on server side if session cache is off unless we're echoing +- Fix to not send session ID on server side if session cache is off unless we're echoing session ID as part of session tickets - Fixes for ensuring all default ciphers are setup correctly (see PR #830) - Added NXP Hexiwear example in `IDE/HEXIWEAR`. @@ -1114,7 +1115,7 @@ session ID as part of session tickets - Fixes for TLS elliptic curve selection on private key import. - Fixes for RNG with Intel rdrand and rdseed speedups. - Improved performance with Intel rdrand to use full 64-bit output -- Added new --enable-intelrand option to indicate use of RDRAND preference for RNG source +- Added new --enable-intelrand option to indicate use of RDRAND preference for RNG source - Removed RNG ARC4 support - Added ECC helpers to get size and id from curve name. - Added ECC Cofactor DH (ECC-CDH) support @@ -1737,7 +1738,7 @@ and comments about the new features please check the manual. handling and reduce memory fragmentation on I/O large sizes The CyaSSL manual is available at: -http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions +http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions and comments about the new features please check the manual. @@ -1748,7 +1749,7 @@ and comments about the new features please check the manual. - Freescale Kinetis mmCAU support - TLS Hello extensions - ECC - - Secure Renegotiation (null) + - Secure Renegotiation (null) - Truncated HMAC - SCEP support - PKCS #7 Enveloped data and signed data @@ -1795,7 +1796,7 @@ http://cache.freescale.com/files/32bit/doc/user_guide/CAUAPIUG.pdf The CyaSSL manual is available at: -http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions +http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions and comments about the new features please check the manual. @@ -1821,7 +1822,7 @@ and comments about the new features please check the manual. When compiling with Mingw, libtool may give the following warning due to path conversion errors: - + ``` libtool: link: Could not determine host file name corresponding to ** libtool: link: Continuing, but uninstalled executables may not work. @@ -1831,7 +1832,7 @@ If so, examples and testsuite will have problems when run, showing an error while loading shared libraries. To resolve, please run "make install". The CyaSSL manual is available at: -http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions +http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions and comments about the new features please check the manual. @@ -1853,7 +1854,7 @@ and comments about the new features please check the manual. 13 bytes DTLS headers, but every effort is now made to align with the CYASSL_GENERAL_ALIGNMENT flag which sets desired alignment requirement - NO_64BIT flag to turn off 64bit data type accumulators in public key code - * Note, some systems are faster with 32bit accumulators + * Note, some systems are faster with 32bit accumulators - --enable-stacksize for example client/server stack use * Note, modern desktop Operating Systems may add bytes to each stack frame - Updated compression/decompression with direct crypto access @@ -1874,19 +1875,19 @@ and comments about the new features please check the manual. * dh * dsa * md5 - * sha + * sha * arc4 * null (allow NULL ciphers) * oldtls (only use TLS 1.2) * asn (no certs or public keys allowed) -- ./configure generates cyassl/options.h which allows a header the user can +- ./configure generates cyassl/options.h which allows a header the user can include in their app to make sure the same options are set at the app and CyaSSL level. - autoconf no longer needs serial-tests which lowers version requirements of automake to 1.11 and autoconf to 2.63 The CyaSSL manual is available at: -http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions +http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions and comments about the new features please check the manual. @@ -1904,7 +1905,7 @@ and comments about the new features please check the manual. - Camellia crypto and cipher suites - Bumped minimum autoconf version to 2.65, automake version to 1.12 - Addition of OCSP callbacks -- STM32F2 support with hardware crypto and RNG +- STM32F2 support with hardware crypto and RNG - Cavium NITROX support CTaoCrypt now has support for the Microchip PIC32 and has been tested with @@ -1917,7 +1918,7 @@ To add Cavium NITROX support do: ./configure --with-cavium=/home/user/cavium/software pointing to your licensed cavium/software directory. Since Cavium doesn't -build a library we pull in the cavium_common.o file which gives a libtool +build a library we pull in the cavium_common.o file which gives a libtool warning about the portability of this. Also, if you're using the github source tree you'll need to remove the -Wredundant-decls warning from the generated Makefile because the cavium headers don't conform to this warning. Currently @@ -1930,11 +1931,11 @@ test and benchmark. Please see the HAVE_CAVIUM define. CyaSSL is able to use the STM32F2 hardware-based cryptography and random number generator through the STM32F2 Standard Peripheral Library. For necessary defines, see the CYASSL_STM32F2 define in settings.h. Documentation for the -STM32F2 Standard Peripheral Library can be found in the following document: +STM32F2 Standard Peripheral Library can be found in the following document: http://www.st.com/internet/com/TECHNICAL_RESOURCES/TECHNICAL_LITERATURE/USER_MANUAL/DM00023896.pdf The CyaSSL manual is available at: -http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions +http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions and comments about the new features please check the manual. @@ -1962,7 +1963,7 @@ K70 Sub-Family Reference Manual: http://cache.freescale.com/files/microcontrollers/doc/ref_manual/K70P256M150SF3RM.pdf The CyaSSL manual is available at: -http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions +http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions and comments about the new features please check the manual. @@ -1974,7 +1975,7 @@ and comments about the new features please check the manual. - Updated build process The CyaSSL manual is available at: -http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions +http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions and comments about the new features please check the manual. @@ -1993,7 +1994,7 @@ and comments about the new features please check the manual. - DTLS Cookie support, reliability coming soon The CyaSSL manual is available at: -http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions +http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions and comments about the new features please check the manual. @@ -2006,13 +2007,13 @@ and comments about the new features please check the manual. - Add static ECDH suites - SHA-384 support - ECC client certificate support -- Add medium session cache size (1055 sessions) +- Add medium session cache size (1055 sessions) - Updated unit tests - Protection against mutex reinitialization The CyaSSL manual is available at: -http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions +http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions and comments about the new features please check the manual. @@ -2029,7 +2030,7 @@ and comments about the new features please check the manual. The CyaSSL manual is available at: -http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions +http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions and comments about the new features please check the manual. @@ -2048,7 +2049,7 @@ and comments about the new features please check the manual. - Export Base64_Encode for general use The CyaSSL manual is available at: -http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions +http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions and comments about the new features please check the manual. @@ -2065,7 +2066,7 @@ and comments about the new features please check the manual. - Microchip pic32 support The CyaSSL manual is available at: -http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions +http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions and comments about the new features please check the manual. @@ -2089,7 +2090,7 @@ changes are required. Special Thanks to Brian Aker for his autoconf, install, and header patches. The CyaSSL manual is available at: -http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions +http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions and comments about the new features please check the manual. # CyaSSL Release 2.0.0rc2 (6/6/2011) @@ -2108,21 +2109,21 @@ This is the 2nd and perhaps final release candidate for version 2. Please send any comments or questions to support@yassl.com. The CyaSSL manual is available at: -http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions +http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions and comments about the new features please check the manual. # CyaSSL Release 2.0.0rc1 (5/2/2011) #### Release 2.0.0rc1 for CyaSSL has many new features including: - bug fixes -- SHA-256 cipher suites -- Root Certificate Verification (instead of needing all certs in the chain) -- PKCS #8 private key encryption (supports PKCS #5 v1-v2 and PKCS #12) -- Serial number retrieval for x509 -- PBKDF2 and PKCS #12 PBKDF -- UID parsing for x509 -- SHA-256 certificate signatures -- Client and server can send chains (SSL_CTX_use_certificate_chain_file) +- SHA-256 cipher suites +- Root Certificate Verification (instead of needing all certs in the chain) +- PKCS #8 private key encryption (supports PKCS #5 v1-v2 and PKCS #12) +- Serial number retrieval for x509 +- PBKDF2 and PKCS #12 PBKDF +- UID parsing for x509 +- SHA-256 certificate signatures +- Client and server can send chains (SSL_CTX_use_certificate_chain_file) - CA loading can now parse multiple certificates per file - Dynamic memory runtime hooks - Runtime hooks for logging @@ -2141,7 +2142,7 @@ options that CyaSSL allows, there may be some configuration fixes needed. Please send any comments or questions to support@yassl.com. The CyaSSL manual is available at: -http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions +http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions and comments about the new features please check the manual. # CyaSSL Release 1.9.0 (3/2/2011) @@ -2169,13 +2170,13 @@ build instructions and comments about the new features please check the manual. Please send any comments or questions to support@yassl.com. Happy Holidays. - + # CyaSSL Release 1.6.5 (9/9/2010) Release 1.6.5 for CyaSSL adds bug fixes and x509 v3 self signed certificate generation. - + For general build instructions see doc/Building_CyaSSL.pdf. To enable certificate generation support add this option to ./configure @@ -2188,7 +2189,7 @@ in doc/CyaSSL_Extensions_Reference.pdf item 11. Release 1.6.0 for CyaSSL adds bug fixes, RIPEMD-160, SHA-512, and RSA key generation. - + For general build instructions see doc/Building_CyaSSL.pdf. To add RIPEMD-160 support add this option to ./configure @@ -2211,7 +2212,7 @@ CyaSSL. Release 1.5.6 for CyaSSL adds bug fixes, compatibility for our JSSE provider, and a fix for GCC builds on some systems. - + For general build instructions see doc/Building_CyaSSL.pdf. To add AES-NI support add this option to ./configure @@ -2221,9 +2222,9 @@ You'll need GCC 4.4.3 or later to make use of the assembly. # CyaSSL Release 1.5.4 (7/7/2010) -Release 1.5.4 for CyaSSL adds bug fixes, support for AES-NI, SHA1 speed +Release 1.5.4 for CyaSSL adds bug fixes, support for AES-NI, SHA1 speed improvements from loop unrolling, and support for the Mongoose Web Server. - + For general build instructions see doc/Building_CyaSSL.pdf. To add AES-NI support add this option to ./configure @@ -2255,7 +2256,7 @@ please send questions or comments to support@yassl.com. When doing load testing with CyaSSL, on the echoserver example say, the client machine may run out of tcp ephemeral ports, they will end up in the TIME_WAIT queue, and can't be reused by default. There are generally two ways to fix -this. +this. 1. Reduce the length sockets remain on the TIME_WAIT queue OR 2. Allow items on the TIME_WAIT queue to be reused. @@ -2313,7 +2314,7 @@ SSL_METHOD *TLSv1_2_server_method(void); SSL_METHOD *TLSv1_2_client_method(void); ``` -CyaSSL was tested against lighttpd 1.4.23. To build CyaSSL for use with +CyaSSL was tested against lighttpd 1.4.23. To build CyaSSL for use with lighttpd use the following commands from the CyaSSL install dir : ``` @@ -2498,7 +2499,7 @@ This gives warnings for some symbols but seems to work. ./configure make - from the ./testsuite/ directory run ./testsuite + from the ./testsuite/ directory run ./testsuite #### To make a debug build: @@ -2517,7 +2518,7 @@ Run the testsuite program -# CyaSSL version 0.9.9 (7/25/2008) +# CyaSSL version 0.9.9 (7/25/2008) This release of CyaSSL adds bug fixes, Pre-Shared Keys, over-rideable memory handling, and optionally TomsFastMath. Thanks to Moisés Guimarães for the @@ -2537,7 +2538,7 @@ yet use -m64 because of GCCs inability to do 128bit division. See notes below (0.2.0) for complete build instructions. -# CyaSSL version 0.9.8 (5/7/2008) +# CyaSSL version 0.9.8 (5/7/2008) This release of CyaSSL adds bug fixes, client side Diffie-Hellman, and better socket handling. @@ -2545,7 +2546,7 @@ socket handling. See notes below (0.2.0) for complete build instructions. -# CyaSSL version 0.9.6 (1/31/2008) +# CyaSSL version 0.9.6 (1/31/2008) This release of CyaSSL adds bug fixes, increased session management, and a fix for gnutls. @@ -2553,15 +2554,15 @@ for gnutls. See notes below (0.2.0) for complete build instructions. -# CyaSSL version 0.9.0 (10/15/2007) +# CyaSSL version 0.9.0 (10/15/2007) -This release of CyaSSL adds bug fixes, MSVC 2005 support, GCC 4.2 support, +This release of CyaSSL adds bug fixes, MSVC 2005 support, GCC 4.2 support, IPV6 support and test, and new test certificates. See notes below (0.2.0) for complete build instructions. -# CyaSSL version 0.8.0 (1/10/2007) +# CyaSSL version 0.8.0 (1/10/2007) This release of CyaSSL adds increased socket support, for non-blocking writes, connects, and interrupted system calls. @@ -2569,7 +2570,7 @@ connects, and interrupted system calls. See notes below (0.2.0) for complete build instructions. -# CyaSSL version 0.6.3 (10/30/2006) +# CyaSSL version 0.6.3 (10/30/2006) This release of CyaSSL adds debug logging to stderr to aid in the debugging of CyaSSL on systems that may not provide the best support. @@ -2587,19 +2588,19 @@ To turn logging back off call CyaSSL_Debugging_OFF() See notes below (0.2.0) for complete build instructions. -# CyaSSL version 0.6.2 (10/29/2006) +# CyaSSL version 0.6.2 (10/29/2006) This release of CyaSSL adds TLS 1.1. Note that CyaSSL has certificate verification on by default, unlike OpenSSL. To emulate OpenSSL behavior, you must call SSL_CTX_set_verify() with -SSL_VERIFY_NONE. In order to have full security you should never do this, +SSL_VERIFY_NONE. In order to have full security you should never do this, provide CyaSSL with the proper certificates to eliminate impostors and call CyaSSL_check_domain_name() to prevent man in the middle attacks. See notes below (0.2.0) for build instructions. -# CyaSSL version 0.6.0 (10/25/2006) +# CyaSSL version 0.6.0 (10/25/2006) This release of CyaSSL adds more SSL functions, better autoconf, nonblocking I/O for accept, connect, and read. There is now an --enable-small configure @@ -2609,7 +2610,7 @@ for the defines. Note that TLS requires HMAC and AES requires TLS. See notes below (0.2.0) for build instructions. -# CyaSSL version 0.5.5 (09/27/2006) +# CyaSSL version 0.5.5 (09/27/2006) This mini release of CyaSSL adds better input processing through buffered input and big message support. Added SSL_pending() and some sanity checks on user @@ -2618,23 +2619,23 @@ settings. See notes below (0.2.0) for build instructions. -# CyaSSL version 0.5.0 (03/27/2006) +# CyaSSL version 0.5.0 (03/27/2006) -This release of CyaSSL adds AES support and minor bug fixes. +This release of CyaSSL adds AES support and minor bug fixes. See notes below (0.2.0) for build instructions. # CyaSSL version 0.4.0 (03/15/2006) -This release of CyaSSL adds TLSv1 client/server support and libtool. +This release of CyaSSL adds TLSv1 client/server support and libtool. See notes below for build instructions. # CyaSSL version 0.3.0 (02/26/2006) -This release of CyaSSL adds SSLv3 server support and session resumption. +This release of CyaSSL adds SSLv3 server support and session resumption. See notes below for build instructions. @@ -2660,7 +2661,7 @@ with support for SHA-1 and MD5 digests. Ciphers include 3DES and RC4. ./configure make - from the ./testsuite/ directory run ./testsuite + from the ./testsuite/ directory run ./testsuite #### to make a debug build: