APPLICATION BINARY COMPATIBILITY

To help out with customers who want to update the wolfSSL library without needing to change their application, wolfSSL Inc is striving to maintain application binary compatibility with a subset of our API. As of wolfSSL v5.5.4, the following functions will be compatible across all releases of wolfSSL moving forward:

wolfSSL_accept	wolfSSL_check_domain_name
wolfSSL_Cleanup	wolfSSL_connect
wolfSSL_CTX_free	wolfSSL_CTX_GetDevId
wolfSSL_CTX_load_verify_locations	wolfSSL_CTX_new
wolfSSL_CTX_SetDevId	wolfSSL_CTX_SetEccSignCb
wolfSSL_CTX_SetMinVersion	wolfSSL_CTX_set_session_cache_mode
wolfSSL_CTX_set_timeout	wolfSSL_CTX_set_verify
wolfSSL_CTX_use_certificate_chain_file	wolfSSL_CTX_use_certificate_file
wolfSSL_CTX_use_PrivateKey_file	wolfSSL_CTX_UseSNI
wolfSSL_flush_sessions	wolfSSL_free
wolfSSL_get_error	wolfSSL_get_peer_certificate
wolfSSL_GetRNG	wolfSSL_get_session
wolfSSL_get_sessionID	wolfSSL_Init
wolfSSL_new	wolfSSL_pending
wolfSSL_read	wolfSSL_SetDevId
wolfSSL_set_fd	wolfSSL_set_session
wolfSSL_set_timeout	wolfSSL_shutdown
wolfSSL_UseALPN	wolfSSL_UseSNI
wolfSSL_use_certificate_chain_file	wolfSSL_use_certificate_file
wolfSSL_use_PrivateKey_file	wolfSSL_write
wolfSSL_X509_free	wolfSSL_X509_get_next_altname
wolfSSL_X509_get_issuer_name	wolfSSL_X509_get_subject_name
wolfSSL_X509_load_certificate_file	wolfSSL_X509_NAME_oneline
wolfSSL_X509_notAfter	wolfSSL_X509_notBefore
wolfTLSv1_2_client_method	wolfTLSv1_2_server_method
wolfTLSv1_3_client_method	wolfTLSv1_3_server_method
wolfCrypt_Init	wolfCrypt_Cleanup
wc_ecc_free	wc_ecc_import_x963
wc_ecc_init_ex	wc_ecc_key_free
wc_ecc_key_new	wc_ecc_make_key_ex
wc_RNG_GenerateBlock	wc_rng_new
wc_ecc_sign_hash	wc_rng_free
wc_InitRng	wc_ecc_make_key
wc_ecc_check_key	wc_ecc_init
wc_ecc_fp_free	wc_ecc_shared_secret
wc_ecc_size	wc_ecc_sig_size_calc
wc_ecc_sig_size	wc_ecc_ctx_new
wc_ecc_ctx_free	wc_ecc_ctx_reset
wc_ecc_encrypt	wc_ecc_decrypt
wc_ecc_sign_hash	wc_ecc_verify_hash
wc_InitCert	wc_MakeSelfCert
wc_MakeCert	wc_SignCert
wc_MakeCertReq	wc_SetIssuer
wc_SetSubject	wc_SetSubjectRaw
wc_GetSubjectRaw	wc_SetAltNames
wc_SetIssuerBuffer	wc_SetIssuerRaw
wc_SetSubjectBuffer	wc_SetAltNamesBuffer
wc_SetDatesBuffer	wc_SetCert_Free
wc_DerToPem	wc_EccKeyToDer
wc_EccPrivateKeyDecode	wc_EccPublicKeyDecode
wc_EccPublicKeyToDer	wc_ecc_export_x963
wc_ecc_export_x963_ex	wc_ecc_import_private_key
wc_ecc_rs_to_sig	wc_ecc_import_raw
wc_ecc_export_private_only	wc_GetErrorString
wc_ChaCha20Poly1305_Decrypt	wc_ChaCha20Poly1305_Encrypt
wc_CertNew	wc_CertFree

We have added some testing to our already extensive testing plan to verify these functions do not change.

Given that the security landscape is an always changing surface, we want to make sure you are able to upgrade wolfSSL as easily as possible. There will always be some new attack on the protocol or a cipher and keeping wolfSSL up to date in your product is important to us, and for everyone. If you have questions about wolfSSL’s ABI compatibility, please email us at facts@wolfssl.com.