wolfSSL 3.15.7 Now Available

Happy Holidays! wolfSSL release 3.15.7 is now available!

The holiday release of the wolfSSL embedded SSL/TLS library contains many feature additions, bug fixes, and improvements. Some of these changes include improved API documentation, RSA-verify-only and RSA-public-key-operations-only builds, and several new port additions. More details about what is included with the new version of wolfSSL are listed below.

  • New Feature Additions And Ports:
  • Support for Espressif ESP-IDF development framework
  • PKCS#7 support for generating and verify bundles using a detached signature.
  • Port update for Micrium uC/OS-III
  • Feature to adjust max fragment size post handshake when compiled with the macro WOLFSSL_ALLOW_MAX_FRAGMENT_ADJUST
  • The addition of multiple languages in wolfSSL’s bundled examples can cause problems for embedded devices that can not handle the special characters. Having NO_MULTIBYTE_PRINT defined compiles out code used for printing the special characters.
  • RSA verify only (--enable-rsavfy) and RSA public only (--enable-rsapub) builds added. These are builds that can be used with --enable-cryptonly that compile out portions of RSA code. Giving the option for an even smaller build of wolfSSL in the case that only RSA public key operations or only RSA verify operations are needed.

One of the many new exciting updates to existing wolfSSL features was the support for the Intel QuickAssist v1.7 driver being added! This enables wolfSSL to be used in asynchronous mode with newer Intel hardware for a massive performance gain over the previous driver. In addition to the driver update, support for RSA key generation and SHA-3 support was added to the wolfSSL QuickAssist port. The following is a list of some of the other notable additional updates and fixes in the release:

  • Fix for Xcode build with iPhone simulator on i386
  • Fix for building the wolfSSL library with AES-CBC disabled and the opensslextra compatibility layer enabled
  • Updates to sniffer for showing session information and handling split messages across records
  • Updates for Doxygen documentation, including PKCS#11 API and more
  • Enhancements to test cases for increased code coverage
  • Updates to VxWorks port for use with Mongoose, including updates to the OpenSSL compatibility layer
  • Updating --enable-armasm build for ease of use with autotools
  • Lots of improvements were made for ease of use with Yocto. The INSTALL file bundled with wolfSSL has been updated as part of this to help guide users through a Yocto build of wolfSSL.

Some updates and minor fixes were made to the TLS 1.3 code in wolfSSL. Keeping our industry leading TLS 1.3 implementation robust and up to date. These fixes included:

  • Updates to internal code checking TLS 1.3 version with a connection
  • Removing unnecessary extended master secret from ServerHello if using TLS 1.3
  • Fix for TLS v1.3 HelloRetryRequest to be sent immediately and not grouped

This release of wolfSSL also included a fix for 1 security vulnerability. It was a medium level fix for a potential cache attack with a variant of Bleichenbacher’s attack. Earlier versions of wolfSSL leaked PKCS #1 v1.5 padding information during private key decryption that could lead to a potential padding oracle attack. It is recommended that users update to the latest version of wolfSSL if they have RSA cipher suites enabled and have the potential for malicious software to be ran on the same system that is performing RSA operations. Users that have only ECC cipher suites enabled and are not performing RSA PKCS #1 v1.5 Decryption operations are not vulnerable. Users with TLS 1.3-only connections are not vulnerable to this attack. Thanks to Eyal Ronen (Weizmann Institute), Robert Gillham (University of Adelaide), Daniel Genkin (University of Michigan), Adi Shamir (Weizmann Institute), David Wong (NCC Group), and Yuval Yarom (University of Adelaide and Data61) for the report. The paper for further reading on the attack along with more details can be found at https://eprint.iacr.org/2018/1173.pdf. To view or apply a patch of the changes this is the exact PR on github with the fix: https://github.com/wolfSSL/wolfssl/pull/1950.