CyaSSL Changelog

New in version 3.6.0

August 17th, 2015
  • Release 3.6.0 of wolfSSL has bug fixes and new features including new Max Strength build that only allows TLSv1.2, AEAD ciphers, and PFS (Perfect Forward Secrecy), server side session ticket support, FIPS version submitted for iOS, TI Crypto Hardware Acceleration, DTLS fragmentation fixes, ECC key check validation, memory reductions for Curve/Ed25519, JNI build switch, PicoTCP improvements, DH min ephemeral key size enforcement, KEEP_PEER_CERT and AltNames can now be used together, ChaCha20 big endian fix, and more.

New in version 2.9.0 (February 11th, 2014)

  • This version adds Freescale RNGA, RNGB, and mmCAU support, new TLS extensions (ECC, Truncated HMAC), SCEP support with partial PKCS#7 support, PKCS#10 Certificate Signing Request generation, DTLS sliding window, OCSP improvements, GMAC hashing, Windows build fixes, Microchip MPLAB Harmony support, ECC encrypt/decrypt primitives, ECC certificate generation, and more.

New in version 2.8.0 (November 23rd, 2013)

  • New features in CyaSSL 2.8.0 include AES-NI support for both AES-GCM and AES-CCM, NetX default I/O callback handlers, IPv6 fixes for DTLS Hello Cookies, the ability to unload certs/keys after the handshake with CyaSSL_UnloadCertsKeys(), SEP certificate extensions, callback getters for easier resource freeing, external CYASSL_MAX_ERROR_SZ for correct error buffer sizing, MacEncrypt and DecryptVerify Callbacks for User Atomic Record Layer Processing, Public Key Callbacks for ECC and RSA, and the client now sends blank certs upon request if it doesn't have one with TLS.

New in version 2.7.0 (June 26th, 2013)

  • This version adds SNI, Keil MDK-ARM project files, wildcard and Subject altname domain name checks, persistent session and certificate cache, DTLS reliability enhancements, and much more.

New in version 2.5.0 (February 7th, 2013)

  • This version includes bugfixes, a fix for the "Lucky 13" TLS CBC padding timing attack, Microchip PIC32 support, MPLAB X example project files for the PIC32 Ethernet Starter Kit, an updated CTaoCrypt benchmark app for embedded systems, 1024-bit test certs/keys and cert/key buffers, AES-CCM-8 crypto and cipher suites, Camellia crypto and cipher suites, OCSP callbacks, STM32F2 support with hardware crypto and RNG, and Cavium NITROX support.

New in version 2.4.6 (December 27th, 2012)

  • This version adds ECC, LeanPSK, CyaSSL_peek(), CodeWarrior, and MQX support, Freescale Kinetis with H/W RNG support, autoconf builds which use jobserver, and more.

New in version 2.4.0 (October 12th, 2012)

  • This version adds bugfixes and a few new features, including DTLS reliability, reduced memory usage after handshake, and an updated build process.

New in version 2.0.6 (January 31st, 2012)

  • This version has bugfixes and a few new features, including fixes for CA basis constraint checks, CTX reference counting, initial unit test additions, a Lean and Mean Windows fix, ECC benchmarking, SSMTP build support, the ability to group handshake messages with set_group_messages(ctx/ssl), CA cache addition callbacks, and exportation of Base64_Encode for general use.

New in version 2.0.0 RC3 (October 13th, 2011)

  • This version has bugfixes and a few new features, including updated autoconf support, better "make install" and "uninstall" (using system directories), "make test"/"make check", and a new CyaSSL and CTaoCrypt header structure.

New in version 1.9.0 (March 4th, 2011)

  • This version adds bugfixes, improved TLSv1.2 through testing and better hash/sig algo ids, an --enable-webServer build option for the yaSSL embedded Web server, improper AES key setup detection, user cert verify callback improvements, and more.

New in version 1.4.0 (February 23rd, 2010)

  • Release 1.4.0 contains bug fixes, better support for multi TLS/SSL version support through SSLv23_server_method(), and new documentation in doc/.

New in version 1.1.0 (September 4th, 2009)

  • This release adds bugfixes, a check against malicious session cache use, support for lighttpd, and TLS 1.2.

New in version 1.0.6 (August 6th, 2009)

  • Release 1.0.6 for CyaSSL adds bug fixes, an improved session cache, and faster math with a huge code option.
  • The session cache now defaults to a client mode, also good for embedded servers. For servers not under heavy load (less than 200 new sessions per minute), define BIG_SESSION_CACHE. If the server will be under heavy load, define HUGE_SESSION_CACHE.
  • There is now a fasthugemath option for configure. This enables fastmath plus even faster math by greatly increasing the code size of the math library. Use the benchmark utility to compare public key operations.

New in version 1.0.3 (May 11th, 2009)

  • Release 1.0.3 for CyaSSL adds bug fixes and increases OpenSSL compatibility support for building other applications.

New in version 1.0.0 RC2 (January 27th, 2009)

  • This release candidate fixes bugs and adds two new stream ciphers (HC-128 and RABBIT) along with their respective cipher suites.

New in version 1.0.0 RC1 (December 23rd, 2008)

  • This release candidate contains major internal changes.
  • Several areas have optimization improvements, less dynamic memory use, and the I/O strategy has been refactored to allow alternate I/O handling or Library use.