wolfSSL 3.13.0 is now available for download!
Fixes for TLS 1.3, support for Draft 21
TLS 1.0 disabled by default, addition of "-enable-tls10" configure option
Performance and Size Optimizations:
New option to reduce SHA-256 code size at expense of performance (USE_SLOW_SHA256)
AES-GCM performance improvements on AVX1 (IvyBridge) and AVX2
SHA-256 and SHA-512 performance improvements using AVX1/2 ASM
SHA-3 size and performance optimizations
Fixes for Intel AVX2 builds on Mac/OSX
Intel assembly for Curve25519 and Ed25519 performance optimizations
Allow adjusting static I/O buffer size with WOLFMEM_IO_SZ
Build Option Updates:
New option to force 32-bit mode with "-enable-32bit"
New option to disable all inline assembly with "-disable-asm"
Ability to override maximum signature algorithms using WOLFSSL_MAX_SIGALGO
Removes 3DES and SHA1 dependencies from PKCS#7
Adds ability to disable PKCS#7 EncryptedData type (NO_PKCS7_ENCRYPTED_DATA)
Add ability to get client-side SNI
Expanded OpenSSL compatibility layer
Adds static memory support to the wolfSSL example client
Adds option to wolfCrypt benchmark to benchmark individual algorithms
Adds option to wolfCrypt benchmark to display benchmarks in powers of 10 (-base10)
Updated Project Files:
Updated Visual Studio for ARM builds (for ECC supported curves and SHA-384)
Updated Texas Instruments TI-RTOS build
Updated STM32 CubeMX build with fixes for SHA
Updated IAR EWARM project files
Updated Apple Xcode projects with the addition of a benchmark example project
Build and Feature Fixes:
Fixes for handling of unsupported TLS extensions.
Fixes for compiling AES-GCM code with GCC 4.8.*
Fixes for building without a filesystem
Fix for logging file names with OpenSSL compatibility layer enabled, with WOLFSSL_MAX_ERROR_SZ user-overridable
Fixes for sniffer to use TLS 1.2 client method
This release of wolfSSL fixes 1 security vulnerability
wolfSSL is cited in the recent ROBOT Attack by Böck, Somorovsky and Young. The paper notes that wolfSSL only gives a weak oracle without a practical attack but this is still a flaw. This release contains a fix for this report. Please note that wolfSSL has static RSA cipher suites disabled by default as of version 3.6.6 because of the lack of perfect forward secrecy. Only users who have explicitly enabled static RSA cipher suites with WOLFSSL_STATIC_RSA and use those suites on a host are affected. More information will be available at https://wolfssl.com/wolfSSL/security/vulnerabilities.php
Find more about wolfSSL at https://www.wolfssl.com/wolfSSL/Products-wolfssl.html
wolfSSL, founded in 2004, is an Open Source Internet security company with products including the wolfSSL embedded SSL/TLS library, wolfCrypt crypto engine, SSL Inspection, and wolfMQTT. Primary users are programmers building security functionality into applications, devices, and cloud services. wolfSSL employs the dual licensing model, offering products under both the GPLv2 as well as a standard commercial license.
wolfSSL's products are designed to offer optimal embedded performance, rapid integration into existing applications and platforms, the ability to leverage a wide range of hardware crypto solutions, and support for the most current standards. All products are designed for ease-of-use with clean APIs, and are backed by a dedicated and responsive support and development team.
United States of America Edmonds 10016 Edmonds Way
Larry Stefonic email@example.com
This release was published on openPR.
Permanent link to this press release:
Please set a link in the press area of your homepage to this press release on openPR. openPR disclaims liability for any content contained in this release.
You can edit or delete your press release wolfSSL 3.13.0 is now available for download! here
News-ID: 930556 • Views: 361
More Releases from wolfSSL
wolfSSL Announces Qt Framework Support/Integration
wolfSSL, a leading provider of TLS cryptography and the world’s first commercial release of TLS 1.3 announces support for the Qt Framework. Qt is a GUI development framework that traditionally uses OpenSSL in its network layer for security. wolfSSL has expanded its OpenSSL compatibility layer to compile Qt with wolfSSL instead of OpenSSL. There are several reasons that users switch from OpenSSL to wolfSSL, including memory usage, portability, algorithm support,
Implement Security by Design with an Embedded SSL Library
Software and hardware developers are under constant pressure to make their technologies secure by design, rather than only thinking about security as something that gets tacked on later after everything else is complete. Some of the most vulnerable devices end up being embedded systems, such as IoT smart devices, which often have a single purpose but still handle sensitive data. As such, TLS security is something that every device that
More Releases for SSL
The SSL Store is Now Offering a Trio of New Wildcard SSL/TLS Certificates
The world’s biggest SSL/TLS reseller’s product portfolio has increased to include three new premium wildcard options St. Petersburg, FL – March 22, 2016 – The SSL Store™, the world’s largest SSL/TLS reseller, is excited to announce three new Wildcard SSL offerings along with the Comodo Personal Authentication Certificate (CPAC), which are now available to its valued resellers or for purchase directly. Given the popularity of Wildcard SSL certificates in the SSL/TLS
Danish SSL Provider Chooses GlobalSign's Partner Program
GlobalSign (globalsign.com), one of the longest established European Certification Authorities (CA) and specialists in SSL Partner Programs, today announced that FairSSL (FairSSL.dk), a dedicated Danish SSL provider has joined the GlobalSign Partner Program, enabling them to provide GlobalSign’s full SSL Certificate product portfolio to their existing customer base. The partnership will allow FairSSL’s customers to secure their websites, online transactions, web mail and other next generation online services using highly
Professional SSL certificate management with SSL Manager 2.0 from InterNetX
(REGENSBURG, January 26, 2011) – The Internet Service Provider InterNetX has released innovative software for efficient SSL certificate management with their launch of the new SSL Manager 2.0. The SSL management software now enables users to order certificates and renew validity periods directly via the web interface. SSL Manager 2.0 is designed to simplify handling and ordering processes for SSL certificates. The progressive software includes a broad range of functions, e.g.
HostGee Chooses GlobalSign''s SSL Partner Program
Leading web hosting company, HostGee.Com chooses GlobalSign to offer customers reliable security and cost effective SSL Certificates. GlobalSign, one of the longest established Certification Authorities (CA) and specialists in SSL Partner Programs, today announced a new partnership with HostGee, a leading provider of premium web hosting products and data center infrastructure. The newly formed partnership will allow customers to purchase SSL Certificates in conjunction with their current web hosting solutions,
Italian Vulcanology Institute Selects Comodo SSL
Experts at the Italian National Institute of Geophysics and Vulcanology (INGV) faced controversy when they decided to relocate the July, 2009, G8 Summit to l'Aquila, Italy. Deciding on an SSL certificate to protect their website was much easier. L'Aquila had been battered by a 5.6 Richter earthquake three months beforehand. The temblor had demolished buildings and ruined antiques. Upon the recommendation of the INGV, the summit moved to the battered city. Another
Miva Merchant Selects Comodo SSL Certificates
JERSEY CITY, NJ January 23, 2008 - Comodo, a leading Certification Authority and Internet security company announced today that Miva Merchant (mivamerchant.com), has partnered with Comodo to offer SSL certificates to Miva Merchant's large and growing eMerchant customer base. Miva Merchant's customers will benefit from Comodo's industry leading SSL certificate solutions to establish trust during online transactions. Since its launch, Miva Merchant has quickly evolved from a technical eCommerce infrastructure provider