* \[Low\] Hang with DSA signature creation when a specific q value is used in a maliciously crafted key. If a DSA key with an invalid q value of either 1 or 0 was decoded and used for creating a signature, it would result in a hang in wolfSSL. Users that are creating signatures with DSA and are using keys supplied from an outside source are affected.
* \[Low\] Issue with incorrectly validating a certificate that has multiple subject alternative names when given a name constraint. In the case where more than one subject alternative name is used in the certificate, previous versions of wolfSSL could incorrectly validate the certificate. Users verifying certificates with multiple alternative names and name constraints, are recommended to either use the certificate verify callback to check for this case or update the version of wolfSSL used. Thanks to Luiz Angelo Daros de Luca for the report.
* KCAPI: add support for using libkcapi for crypto (Linux Kernel)
* Configure option for --with-max-rsa-bits= and --with-max-ecc-bits=
* SP ARM Thumb support for Keil and performance improvements
* Add support for WOLFSSL_VERIFY_POST_HANDSHAKE verify mode
* PKCS #11: support static linking with PKCS #11 library --enable-pkcs11=static LIBS=-l
* Add build option --enable-wolfclu for use with wolfCLU product
* Add support for X9.42 header i.e “BEGIN X9.42 DH PARAMETERS”
* Add --enable-altcertchains for configuring wolfSSL with alternate certificate chains feature enabled
* Add public API wc_RsaKeyToPublicDer_ex to allow getting RSA public key without ASN.1 header (can return only seq + n + e)
* Add SNI and TLSx options to CMake build
### Fixes
###### PORT Fixes
* Add return value checking for FREESCALE_RNGA
* Fix MMCAU_SHA256 type warnings
* Fixes for building with Microchip XC32 and ATECC
###### Math Library Fixes
* TFM check that the modulus length is valid for fixed data array size
* TFM fp_submod_ct fix check for greater
* Check return value of mp_grow in mp_mod_2d
* Fix for ECC point multiply to error out on large multipliers
* SP ECC error on multiplier larger than curve order
###### TLS 1.3
* TLS1.3 sanity check for cases where a private key is larger than the configured maximum
* Fix early data max size handling in TLS v1.3
* Fixes for PK callbacks with TLS v1.3
* Check min downgrade when no extensions are sent with the ServerHello
###### Misc.
* Previously wolfSSL enum values were used as NID’s. Now only the compatibility layer NID enums are the NID values:
- CTC_SHAwDSA -> NID_dsaWithSHA1
- CTC_SHA256wDSA -> NID_dsa_with_SHA256
- CTC_MD2wRSA -> NID_md2WithRSAEncryption
- CTC_MD5wRSA -> NID_md5WithRSAEncryption
- CTC_SHAwRSA -> NID_sha1WithRSAEncryption
- CTC_SHA224wRSA -> NID_sha224WithRSAEncryption
- CTC_SHA256wRSA -> NID_sha256WithRSAEncryption
- CTC_SHA384wRSA -> NID_sha384WithRSAEncryption
- CTC_SHA512wRSA -> NID_sha512WithRSAEncryption
- CTC_SHA3_224wRSA -> NID_RSA_SHA3_224
- CTC_SHA3_256wRSA -> NID_RSA_SHA3_256
- CTC_SHA3_384wRSA -> NID_RSA_SHA3_384
- CTC_SHA3_512wRSA -> NID_RSA_SHA3_512
- CTC_SHAwECDSA -> NID_ecdsa_with_SHA1
- CTC_SHA224wECDSA -> NID_ecdsa_with_SHA224
- CTC_SHA256wECDSA -> NID_ecdsa_with_SHA256
- CTC_SHA384wECDSA -> NID_ecdsa_with_SHA384
- CTC_SHA512wECDSA -> NID_ecdsa_with_SHA512
- CTC_SHA3_224wECDSA -> NID_ecdsa_with_SHA3_224
- CTC_SHA3_256wECDSA -> NID_ecdsa_with_SHA3_256
- CTC_SHA3_384wECDSA -> NID_ecdsa_with_SHA3_384
- CTC_SHA3_512wECDSA -> NID_ecdsa_with_SHA3_512
- DSAk -> NID_dsa
- RSAk -> NID_rsaEncryption
- ECDSAk -> NID_X9_62_id_ecPublicKey
- BASIC_CA_OID -> NID_basic_constraints
- ALT_NAMES_OID -> NID_subject_alt_name
- CRL_DIST_OID -> NID_crl_distribution_points
- AUTH_INFO_OID -> NID_info_access
- AUTH_KEY_OID -> NID_authority_key_identifier
- SUBJ_KEY_OID -> NID_subject_key_identifier
- INHIBIT_ANY_OID -> NID_inhibit_any_policy
* Fix for DES IV size used with FIPSv2
* Fix signed comparison issue with serialSz
* Fix missing CBIOSend and properly guard hmac in DupSSL()
* Fix calculation of length of encoding in ssl.c
* Fix encoding to check proper length in asn.c
* Fix for wc_ecc_ctx_free and heap hint
* Fix for debug messages with AF_ALG build
* Fix for static memory with bucket size matching.
* Fixes for SRP with heap hint.
* Fixes for CAAM build macros and spelling for Keil build
* Sniffer fix for possible math issue around 64-bit pointer and 32-bit unsigned int
* Fix for sniffer TCP sequence rollover
* wolfSSL_PEM_write_bio_PUBKEY to write only the public part
* Fix for sending only supported groups in TLS extension
* Fix for sniffer to better handle spurious retransmission edge case
* SSL_set_alpn_protos and SSL_CTX_set_alpn_protos now returns 0 on successFixes issue with SSL_CTX_set1_curves_list and SSL_set1_curves_list not checking the last character of the names variable provided, non-0 on failure to better match expected return values
* Fixes and improvements for crypto callbacks with TLS (mutual auth)
* Fix for bad memory_mutex lock on static memory cleanup
* Zero terminate name constraints strings when parsing certificates
* Fix for verifying a certificate when multiple permitted name constraints are used
* Fix typo in ifdef for HAVE_ED448
* Fix typos in comments in SHA512
* Add sanity check on buffer size with ED25519 key decode
* Sanity check on PKCS7 stream amount read
* PKCS7 fix for double free on error case and sanity check on set serial number
* Sanity check on PKCS7 input size wc_PKCS7_ParseSignerInfo
* Forgive a DTLS session trying to send too much at once
### Improvements/Optimizations
###### Build Options and Warnings
* Rework of RC4 disable by default and depreciation
* wolfSSL as a Zephyr module (without setup.sh)
* Add include config.h to bio.c
* Support for PKCS7 without AES CBC.
* Fixes for building without AES CBC
* Added WOLFSSL_DH_EXTRA to --enable-all and --enable-sniffer
* Add a CMake option to build wolfcrypt test and bench code as libraries
* GCC makefile: allow overriding and provide more flexibility
###### Math Libraries
* Improve performance of fp_submod_ct() and fp_addmod_ct()
* Improve performance of sp_submod_ct() and sp_addmod_ct()
* SP int, handle even modulus with exponentiation
###### Misc.
* Cleanups for Arduino examples and memory documentation
* Refactor hex char to byte conversions
* Added GCC-ARM TLS server example
* Improvements to session locking to allow per-row
* Improved sniffer statistics and documentation
* EVP key support for heap hint and crypto callbacks
* Reduced stack size for dh_generation_test and Curve ASN functions