wolfSSL 5.7.4 Release

wolfSSL release 5.7.4 is now available, with exciting optimizations for ARM devices and enhancements to post-quantum cryptography algorithms. If you’re using wolfSSL on RISC-V, we’ve also included new performance enhancements specifically for RISC-V devices. Alongside these optimizations and new features, several important fixes were made. One notable fix involves the behavior of X509_STORE_add_cert() and X509_STORE_load_locations() functions to better align with OpenSSL when the compatibility layer is enabled.

Below are some of the key changes in this release. For a more comprehensive list, refer to the ChangeLog.

New Features and Additions

  • RISC-V 64: Added new assembly optimizations for SHA-256, SHA-512, ChaCha20, Poly1305, and SHA-3 (PRs 7758, 7833, 7818, 7873, 7916).
  • DTLS 1.2 Connection ID: Implemented support for Connection ID (CID) (PR 7995).
  • DevkitPro Support: Added support for (DevkitPro)libnds (PR 7990).
  • Mosquitto: Added a port for Mosquitto OSP (Open Source Project) (PR 6460).
  • sssd: Added a port for init sssd (PR 7781).
  • eXosip2: Added support for eXosip2 (PR 7648).
  • STM32G4: Added support for STM32G4 (PR 7997).
  • MAX32665 and MAX32666: Added support for TPU hardware and ARM ASM crypto callback (PR 7777).
  • libspdm: Added support for building wolfSSL to be used in libspdm (PR 7869).
  • Nucleus Plus: Added support for use with Nucleus Plus 2.3 (PR 7732).
  • RFC5755 Attribute Certificates: Initial support for x509 attribute certificates (acerts) with --enable-acert (PR 7926).
  • PKCS#11 RSA Padding Offload: Allows tokens to perform CKM_RSA_PKCS (sign/encrypt), CKM_RSA_PKCS_PSS (sign), and CKM_RSA_PKCS_OAEP (encrypt) (PR 7750).
  • Heap/Pool Allocation: Added “new” and “delete” style functions for heap/pool allocation and freeing of low-level crypto structures (PRs 3166, 8089).

Espressif / Arduino Updates

  • Updated wolfcrypt settings.h
  • Updated Espressif SHA, utility, memory, and time helpers (PR 7955).
  • Fixed _thread_local_start and _thread_local_end for Espressif (PR 8030).
  • Enhanced benchmarking for Espressif devices (PR 8037).
  • Introduced Espressif common CONFIG_WOLFSSL_EXAMPLE_NAME in Kconfig (PR 7866).
  • Added wolfSSL esp-tls
  • Updated wolfSSL release for Arduino (PR 7775).

Post-Quantum Crypto Updates

  • Dilithium: Support for fixed-size arrays in dilithium_key (PR 7727).
  • Dilithium Precalc: Added option to use precalc with small sign (PR 7744).
  • Kyber FIPS: Allowed Kyber to be built with FIPS (PR 7788).
  • Kyber in Linux Kernel: Enabled Kyber ASM usage in Linux kernel module (PR 7872).
  • Dilithium, Kyber: Updated to final specifications (PR 7877).
  • Dilithium FIPS: Supported FIPS 204 Draft and Final Draft (PRs 7909, 8016).

ARM Assembly Optimizations

  • ARM32: Added assembly optimizations for ChaCha20 and Poly1305 (PR 8020).
  • Poly1305 Aarch64: Improved Poly1305 assembly optimizations for Aarch64 (PR 7859).
  • Poly1305 Thumb-2: Added Poly1305 optimizations for Thumb-2 (PR 7939).
  • STM32CubePack: Added ARM ASM build option to STM32CubePack (PR 7747).
  • Visual Studio: Added ARM64 support to the Visual Studio project (PR 8010).
  • Kyber ARM Optimizations: Added assembly optimizations for ARM32, Aarch64, ARMv7E-M, and ARMv7-M (PRs 8040, 7998, 7706).

If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now