wolfSSL 2.0.0 Release Candidate 1 is now available for download on our website. The release is chunk full of new features including:
– SHA-256 cipher suites
– Root Certificate Verification (instead of needing all certs in the chain)
– PKCS #8 private key encryption (supports PKCS #5 v1-v2 and PKCS #12)
– Serial number retrieval for x509
– PBKDF2 and PKCS #12 PBKDF
– UID parsing for x509
– SHA-256 certificate signatures
– Client and server can send chains (SSL_CTX_use_certificate_chain_file)
– CA loading can now parse multiple certificates per file
– Dynamic memory runtime hooks
– Runtime hooks for logging
– EDH on server side
– More informative error codes
– More informative logging messages
– Version downgrade more robust (use SSL_v23*)
– Shared build only by default through ./configure
– Compiler visibility is now used, internal functions not polluting namespace
– Single Makefile, no recursion, for faster and simpler building
– Turn on all warnings possible build option, warning fixes
Stay tuned for a few posts this week giving more details about all the new features.
Because of all the new features and the multiple OS, compiler, feature-set options that wolfSSL allows, there may be some configuration fixes needed. Please send any comments or questions to support@yassl.com.