wolfSSL 5.7.4 Release

    • wolfSSL release 5.7.4 is now available, with exciting optimizations for ARM devices and enhancements to post-quantum cryptography algorithms. If you’re using wolfSSL on RISC-V, we’ve also included new performance enhancements specifically for RISC-V devices. Alongside these optimizations and new features, several important fixes were made. One notable fix involves the behavior of X509_STORE_add_cert() and X509_STORE_load_locations() functions to better align with OpenSSL when the compatibility layer is enabled.

    Below are some of the key changes in this release. For a more comprehensive list, refer to the ChangeLog.

    New Features and Additions

    • RISC-V 64: Added new assembly optimizations for SHA-256, SHA-512, ChaCha20, Poly1305, and SHA-3 (PRs 7758, 7833, 7818, 7873, 7916).
    • DTLS 1.2 Connection ID: Implemented support for Connection ID (CID) (PR 7995).
    • DevkitPro Support: Added support for (DevkitPro)libnds (PR 7990).
    • Mosquitto: Added a port for Mosquitto OSP (Open Source Project) (PR 6460).
    • sssd: Added a port for init sssd (PR 7781).
    • eXosip2: Added support for eXosip2 (PR 7648).
    • STM32G4: Added support for STM32G4 (PR 7997).
    • MAX32665 and MAX32666: Added support for TPU hardware and ARM ASM crypto callback (PR 7777).
    • libspdm: Added support for building wolfSSL to be used in libspdm (PR 7869).
    • Nucleus Plus: Added support for use with Nucleus Plus 2.3 (PR 7732).
    • RFC5755 Attribute Certificates: Initial support for x509 attribute certificates (acerts) with --enable-acert (PR 7926).
    • PKCS#11 RSA Padding Offload: Allows tokens to perform CKM_RSA_PKCS (sign/encrypt), CKM_RSA_PKCS_PSS (sign), and CKM_RSA_PKCS_OAEP (encrypt) (PR 7750).
    • Heap/Pool Allocation: Added “new” and “delete” style functions for heap/pool allocation and freeing of low-level crypto structures (PRs 3166, 8089).

    Espressif / Arduino Updates

    • Updated wolfcrypt settings.h
    • Updated Espressif SHA, utility, memory, and time helpers (PR 7955).
    • Fixed _thread_local_start and _thread_local_end for Espressif (PR 8030).
    • Enhanced benchmarking for Espressif devices (PR 8037).
    • Introduced Espressif common CONFIG_WOLFSSL_EXAMPLE_NAME in Kconfig (PR 7866).
    • Added wolfSSL esp-tls
    • Updated wolfSSL release for Arduino (PR 7775).

    Post-Quantum Crypto Updates

    • Dilithium: Support for fixed-size arrays in dilithium_key (PR 7727).
    • Dilithium Precalc: Added option to use precalc with small sign (PR 7744).
    • Kyber FIPS: Allowed Kyber to be built with FIPS (PR 7788).
    • Kyber in Linux Kernel: Enabled Kyber ASM usage in Linux kernel module (PR 7872).
    • Dilithium, Kyber: Updated to final specifications (PR 7877).
    • Dilithium FIPS: Supported FIPS 204 Draft and Final Draft (PRs 7909, 8016).

    ARM Assembly Optimizations

    • ARM32: Added assembly optimizations for ChaCha20 and Poly1305 (PR 8020).
    • Poly1305 Aarch64: Improved Poly1305 assembly optimizations for Aarch64 (PR 7859).
    • Poly1305 Thumb-2: Added Poly1305 optimizations for Thumb-2 (PR 7939).
    • STM32CubePack: Added ARM ASM build option to STM32CubePack (PR 7747).
    • Visual Studio: Added ARM64 support to the Visual Studio project (PR 8010).
    • Kyber ARM Optimizations: Added assembly optimizations for ARM32, Aarch64, ARMv7E-M, and ARMv7-M (PRs 8040, 7998, 7706).

    If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

    Download wolfSSL Now