wolfSSL and Application Binary Compatibility

    • To help out with customers who want to update the wolfSSL library without needing to change their application, wolfSSL Inc is striving to maintain application binary compatibility with a subset of our API. As of wolfSSL v4.3.0, the following functions will be compatible across all releases of wolfSSL moving forward:

    wolfSSL_acceptwolfSSL_check_domain_name
    wolfSSL_CleanupwolfSSL_connect
    wolfSSL_CTX_freewolfSSL_CTX_GetDevId
    wolfSSL_CTX_load_verify_locationswolfSSL_CTX_new
    wolfSSL_CTX_SetDevIdwolfSSL_CTX_SetEccSignCb
    wolfSSL_CTX_SetMinVersionwolfSSL_CTX_set_session_cache_mode
    wolfSSL_CTX_set_timeout wolfSSL_CTX_set_verify
    wolfSSL_CTX_use_certificate_chain_filewolfSSL_CTX_use_certificate_file
    wolfSSL_CTX_use_PrivateKey_filewolfSSL_CTX_UseSNI
    wolfSSL_flush_sessionswolfSSL_free
    wolfSSL_get_errorwolfSSL_get_peer_certificate
    wolfSSL_GetRNGwolfSSL_get_session
    wolfSSL_get_sessionID wolfSSL_Init
    wolfSSL_newwolfSSL_pending
    wolfSSL_readwolfSSL_SetDevId
    wolfSSL_set_fdwolfSSL_set_session
    wolfSSL_set_timeoutwolfSSL_shutdown
    wolfSSL_UseALPNwolfSSL_UseSNI
    wolfSSL_use_certificate_chain_filewolfSSL_use_certificate_file
    wolfSSL_use_PrivateKey_filewolfSSL_write
    wolfSSL_X509_freewolfSSL_X509_get_next_altname
    wolfSSL_X509_get_issuer_namewolfSSL_X509_get_subject_name
    wolfSSL_X509_load_certificate_filewolfSSL_X509_NAME_oneline
    wolfSSL_X509_notAfterwolfSSL_X509_notBefore
    wolfTLSv1_2_client_methodwolfTLSv1_2_server_method
    wolfTLSv1_3_client_methodwolfTLSv1_3_server_method
    wolfCrypt_InitwolfCrypt_Cleanup
    wc_ecc_free wc_ecc_import_x963
    wc_ecc_init_exwc_ecc_key_free
    wc_ecc_key_newwc_ecc_make_key_ex
    wc_RNG_GenerateBlockwc_rng_new
    wc_ecc_sign_hashwc_rng_free
    wc_InitRng
    		wc_ecc_make_key
    wc_ecc_check_key
    		wc_ecc_init
    wc_ecc_fp_free
    		wc_ecc_shared_secret
    wc_ecc_size
    		wc_ecc_sig_size_calc
    wc_ecc_sig_size
    		wc_ecc_ctx_new
    wc_ecc_ctx_free
    		wc_ecc_ctx_reset
    wc_ecc_encrypt
    		wc_ecc_decrypt
    wc_ecc_sign_hash
    		wc_ecc_verify_hash
    wc_InitCert
    		wc_MakeSelfCert
    wc_MakeCert
    		wc_SignCert
    wc_MakeCertReq
    		wc_SetIssuer
    wc_SetSubject
    		wc_SetSubjectRaw
    wc_GetSubjectRaw
    		wc_SetAltNames
    wc_SetIssuerBuffer
    		wc_SetIssuerRaw
    wc_SetSubjectBuffer
    		wc_SetAltNamesBuffer
    wc_SetDatesBuffer
    		wc_SetCert_Free
    wc_DerToPem
    		wc_EccKeyToDer
    wc_EccPrivateKeyDecode
    		wc_EccPublicKeyDecode
    wc_EccPublicKeyToDer
    		wc_ecc_export_x963
    wc_ecc_export_x963_ex
    		wc_ecc_import_private_key
    wc_ecc_rs_to_sig
    		wc_ecc_import_raw
    wc_ecc_export_private_only
    		wc_GetErrorString
    wc_ChaCha20Poly1305_Decrypt
    		wc_ChaCha20Poly1305_Encrypt
    wc_CertNewwc_CertFree

    We have added some testing to our already extensive testing plan to verify these functions do not change.

    Given that the security landscape is an always changing surface, we want to make sure you are able to upgrade wolfSSL as easily as possible. There will always be some new attack on the protocol or a cipher and keeping wolfSSL up to date in your product is important to us, and for everyone.

    If you have any questions or run into any issues, contact us at facts@wolfssl.com, or call us at +1 425 245 8247.