• Registered: 2024-07-25
  • Posts: 27

Topic: wolfSSL 5.8.0

We are excited to announce that wolfSSL version 5.8.0 is now available. This release brings several important new features and improvements. Below are the key new additions:

New Features

  • Implemented various fixes to support building for Open Watcom, including OS/2 support and Open Watcom 1.9 compatibility (PR 8505, 8484).

  • Added support for STM32H7S (tested on NUCLEO-H7S3L8) (PR 8488).

  • Added support for STM32WBA (PR 8550).

  • Added Extended Master Secret Generation Callback to the –enable-pkcallbacks build (PR 8303).

  • Implemented AES-CTS (–enable-aescts) in wolfCrypt (PR 8594).

  • Added support for libimobiledevice commit 860ffb (PR 8373).

  • Initial ASCON hash256 and AEAD128 support based on NIST SP 800-232 IPD (PR 8307).

  • Added blinding option when using a Curve25519 private key by defining the macro WOLFSSL_CURVE25519_BLINDING (PR 8392).

ML-DSA and Post-Quantum Cryptography Enhancements
In line with NIST’s latest documentation, wolfSSL has updated its Kyber implementation to ML-DSA (Multi-Lattice Digital Signature Algorithm), which is fully supported in this release. Additionally, the release includes updates to further optimize ML-DSA and LMS (Lattice-based Signature) schemes, reducing memory usage and improving performance.

Linux Kernel Module (linuxkm) Updates
wolfSSL 5.8.0 expands support for the Linux Kernel Module (linuxkm), with several important enhancements to improve kernel-level cryptographic integration. This includes extended LKCAPI registration support for rfc4106(gcm(aes)), ctr(aes), ofb(aes), ecb(aes), and the legacy one-shot AES-GCM backend. Compatibility improvements have been added for newer kernels (?6.8), and calls to scatterwalk_map() and scatterwalk_unmap() have been updated for Linux 6.15. The release also registers ECDSA, ECDH, and RSA algorithms with the kernel crypto API and introduces safeguards for key handling, including forced zeroing of shared secrets. These changes make it possible to use more wolfSSL functionality in the kernel space.

For a full list of fixes and optimizations check out the ChangeLog.md bundled with wolfSSL. Download the latest release from the download page. If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now
wolfSSL is the best tested TLS

Share