cpet/freebsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9e6d197a4f
freebsd-ports/security/wolfssl/pkg-plist
Santhosh Raju 44b4edac35 security/wolfssl: Update to v5.5.1 
Changes since v5.5.0:

wolfSSL Release 5.5.1 (Sep 28, 2022) Latest

Vulnerabilities
* [Med] Denial of service attack and buffer overflow against TLS 1.3 servers
  using session ticket resumption. When built with --enable-session-ticket and
  making use of TLS 1.3 server code in wolfSSL, there is the possibility of a
  malicious client to craft a malformed second ClientHello packet that causes
  the server to crash. This issue is limited to when using both
  --enable-session-ticket and TLS 1.3 on the server side. Users with TLS 1.3
  servers, and having --enable-session-ticket, should update to the latest
  version of wolfSSL. Thanks to Max at Trail of Bits for the report and
  "LORIA, INRIA, France" for research on tlspuffin.

New Feature Additions
* Add support for non-blocking ECC key gen and shared secret gen for
  P-256/384/521
* Add support for non-blocking ECDHE/ECDSA in TLS/DTLS layer.
* Port to NXP RT685 with FreeRTOS
* Add option to build post quantum Kyber API (--enable-kyber)
* Add post quantum algorithm sphincs to wolfCrypt
* Config. option to force no asm with SP build (--enable-sp=noasm)
* Allow post quantum keyshare for DTLS 1.3

Enhancements
* DTLSv1.3: Do HRR Cookie exchange by default
* Add wolfSSL_EVP_PKEY_new_CMAC_key to OpenSSL compatible API
* Update ide win10 build files to add missing sp source files
* Improve Workbench docs
* Improve EVP support for CHACHA20_POLY1305
* Improve wc_SetCustomExtension documentation
* RSA-PSS with OCSP and add simple OCSP response DER verify test case
* Clean up some FIPS versioning logic in configure.ac and WIN10 user_settings.h
* Don't over-allocate memory for DTLS fragments
* Add WOLFSSL_ATECC_TFLXTLS for Atmel port
* SHA-3 performance improvements with x86_64 assembly
* Add code to fallback to S/W if TSIP cannot handle
* Improves entropy with VxWorks
* Make time in milliseconds 64-bits for longer session ticket lives
* Support for setting cipher list with bytes
* wolfSSL_set1_curves_list(), wolfSSL_CTX_set1_curves_list() improvements
* Add to RSAES-OAEP key parsing for pkcs7
* Add missing DN nid to work with PrintName()
* SP int: default to 16 bit word size when NO_64BIT defined
* Limit the amount of fragments we store per a DTLS connection and error out
  when max limit is reached
* Detect when certificate's RSA public key size is too big and fail on loading
  of certificate

Fixes
* Fix for async with OCSP non-blocking in ProcessPeerCerts
* Fixes for building with 32-bit and socket size sign/unsigned mismatch
* Fix Windows CMakeList compiler options
* TLS 1.3 Middle-Box compat: fix missing brace
* Configuration consistency fixes for RSA keys and way to force disable of
  private keys
* Fix for Aarch64 Mac M1 SP use
* Fix build errors and warnings for MSVC with DTLS 1.3
* Fix HMAC compat layer function for SHA-1
* Fix DTLS 1.3 do not negotiate ConnectionID in HelloRetryRequest
* Check return from call to wc_Time
* SP math: fix build configuration with opensslall
* Fix for async session tickets
* SP int mp_init_size fixes when SP_WORD_SIZE == 8
* Ed. function to make public key now checks for if the private key flag is set
* Fix HashRaw WC_SHA256_DIGEST_SIZE for wc_Sha256GetHash
* Fix for building with PSK only
* Set correct types in wolfSSL_sk_*_new functions
* Sanity check that size passed to mp_init_size() is no more than SP_INT_DIGITS
2022-10-01 13:55:13 +02:00

254 lines
8.1 KiB
Plaintext
Raw Blame History

bin/wolfssl-config
include/cyassl/callbacks.h
include/cyassl/certs_test.h
include/cyassl/crl.h
include/cyassl/ctaocrypt/aes.h
include/cyassl/ctaocrypt/arc4.h
include/cyassl/ctaocrypt/asn.h
include/cyassl/ctaocrypt/asn_public.h
include/cyassl/ctaocrypt/blake2-impl.h
include/cyassl/ctaocrypt/blake2-int.h
include/cyassl/ctaocrypt/blake2.h
include/cyassl/ctaocrypt/camellia.h
include/cyassl/ctaocrypt/chacha.h
include/cyassl/ctaocrypt/coding.h
include/cyassl/ctaocrypt/compress.h
include/cyassl/ctaocrypt/des3.h
include/cyassl/ctaocrypt/dh.h
include/cyassl/ctaocrypt/dsa.h
include/cyassl/ctaocrypt/ecc.h
include/cyassl/ctaocrypt/error-crypt.h
include/cyassl/ctaocrypt/fips_test.h
include/cyassl/ctaocrypt/hmac.h
include/cyassl/ctaocrypt/integer.h
include/cyassl/ctaocrypt/logging.h
include/cyassl/ctaocrypt/md2.h
include/cyassl/ctaocrypt/md4.h
include/cyassl/ctaocrypt/md5.h
include/cyassl/ctaocrypt/memory.h
include/cyassl/ctaocrypt/misc.h
include/cyassl/ctaocrypt/mpi_class.h
include/cyassl/ctaocrypt/mpi_superclass.h
include/cyassl/ctaocrypt/pkcs7.h
include/cyassl/ctaocrypt/poly1305.h
include/cyassl/ctaocrypt/pwdbased.h
include/cyassl/ctaocrypt/random.h
include/cyassl/ctaocrypt/ripemd.h
include/cyassl/ctaocrypt/rsa.h
include/cyassl/ctaocrypt/settings.h
include/cyassl/ctaocrypt/settings_comp.h
include/cyassl/ctaocrypt/sha.h
include/cyassl/ctaocrypt/sha256.h
include/cyassl/ctaocrypt/sha512.h
include/cyassl/ctaocrypt/tfm.h
include/cyassl/ctaocrypt/types.h
include/cyassl/ctaocrypt/visibility.h
include/cyassl/ctaocrypt/wc_port.h
include/cyassl/error-ssl.h
include/cyassl/ocsp.h
include/cyassl/openssl/asn1.h
include/cyassl/openssl/bio.h
include/cyassl/openssl/bn.h
include/cyassl/openssl/conf.h
include/cyassl/openssl/crypto.h
include/cyassl/openssl/des.h
include/cyassl/openssl/dh.h
include/cyassl/openssl/dsa.h
include/cyassl/openssl/ec.h
include/cyassl/openssl/ec25519.h
include/cyassl/openssl/ec448.h
include/cyassl/openssl/ecdh.h
include/cyassl/openssl/ecdsa.h
include/cyassl/openssl/ed25519.h
include/cyassl/openssl/ed448.h
include/cyassl/openssl/engine.h
include/cyassl/openssl/err.h
include/cyassl/openssl/evp.h
include/cyassl/openssl/hmac.h
include/cyassl/openssl/lhash.h
include/cyassl/openssl/md4.h
include/cyassl/openssl/md5.h
include/cyassl/openssl/ocsp.h
include/cyassl/openssl/opensslconf.h
include/cyassl/openssl/opensslv.h
include/cyassl/openssl/ossl_typ.h
include/cyassl/openssl/pem.h
include/cyassl/openssl/pkcs12.h
include/cyassl/openssl/rand.h
include/cyassl/openssl/ripemd.h
include/cyassl/openssl/rsa.h
include/cyassl/openssl/sha.h
include/cyassl/openssl/ssl.h
include/cyassl/openssl/ssl23.h
include/cyassl/openssl/stack.h
include/cyassl/openssl/ui.h
include/cyassl/openssl/x509.h
include/cyassl/openssl/x509v3.h
include/cyassl/options.h
include/cyassl/sniffer.h
include/cyassl/sniffer_error.h
include/cyassl/ssl.h
include/cyassl/test.h
include/cyassl/version.h
include/wolfssl/callbacks.h
include/wolfssl/certs_test.h
include/wolfssl/crl.h
include/wolfssl/error-ssl.h
include/wolfssl/ocsp.h
include/wolfssl/openssl/aes.h
include/wolfssl/openssl/asn1.h
include/wolfssl/openssl/asn1t.h
include/wolfssl/openssl/bio.h
include/wolfssl/openssl/bn.h
include/wolfssl/openssl/buffer.h
include/wolfssl/openssl/camellia.h
include/wolfssl/openssl/cmac.h
include/wolfssl/openssl/cms.h
include/wolfssl/openssl/compat_types.h
include/wolfssl/openssl/conf.h
include/wolfssl/openssl/crypto.h
include/wolfssl/openssl/des.h
include/wolfssl/openssl/dh.h
include/wolfssl/openssl/dsa.h
include/wolfssl/openssl/ec.h
include/wolfssl/openssl/ec25519.h
include/wolfssl/openssl/ec448.h
include/wolfssl/openssl/ecdh.h
include/wolfssl/openssl/ecdsa.h
include/wolfssl/openssl/ed25519.h
include/wolfssl/openssl/ed448.h
include/wolfssl/openssl/engine.h
include/wolfssl/openssl/err.h
include/wolfssl/openssl/evp.h
include/wolfssl/openssl/fips_rand.h
include/wolfssl/openssl/hmac.h
include/wolfssl/openssl/kdf.h
include/wolfssl/openssl/lhash.h
include/wolfssl/openssl/md4.h
include/wolfssl/openssl/md5.h
include/wolfssl/openssl/modes.h
include/wolfssl/openssl/obj_mac.h
include/wolfssl/openssl/objects.h
include/wolfssl/openssl/ocsp.h
include/wolfssl/openssl/opensslconf.h
include/wolfssl/openssl/opensslv.h
include/wolfssl/openssl/ossl_typ.h
include/wolfssl/openssl/pem.h
include/wolfssl/openssl/pkcs12.h
include/wolfssl/openssl/pkcs7.h
include/wolfssl/openssl/rand.h
include/wolfssl/openssl/rc4.h
include/wolfssl/openssl/ripemd.h
include/wolfssl/openssl/rsa.h
include/wolfssl/openssl/sha.h
include/wolfssl/openssl/sha3.h
include/wolfssl/openssl/srp.h
include/wolfssl/openssl/ssl.h
include/wolfssl/openssl/ssl23.h
include/wolfssl/openssl/stack.h
include/wolfssl/openssl/tls1.h
include/wolfssl/openssl/txt_db.h
include/wolfssl/openssl/ui.h
include/wolfssl/openssl/x509.h
include/wolfssl/openssl/x509_vfy.h
include/wolfssl/openssl/x509v3.h
include/wolfssl/options.h
include/wolfssl/quic.h
include/wolfssl/sniffer.h
include/wolfssl/sniffer_error.h
include/wolfssl/ssl.h
include/wolfssl/test.h
include/wolfssl/version.h
include/wolfssl/wolfcrypt/aes.h
include/wolfssl/wolfcrypt/arc4.h
include/wolfssl/wolfcrypt/asn.h
include/wolfssl/wolfcrypt/asn_public.h
include/wolfssl/wolfcrypt/blake2-impl.h
include/wolfssl/wolfcrypt/blake2-int.h
include/wolfssl/wolfcrypt/blake2.h
include/wolfssl/wolfcrypt/camellia.h
include/wolfssl/wolfcrypt/chacha.h
include/wolfssl/wolfcrypt/chacha20_poly1305.h
include/wolfssl/wolfcrypt/cmac.h
include/wolfssl/wolfcrypt/coding.h
include/wolfssl/wolfcrypt/compress.h
include/wolfssl/wolfcrypt/cpuid.h
include/wolfssl/wolfcrypt/cryptocb.h
include/wolfssl/wolfcrypt/curve25519.h
include/wolfssl/wolfcrypt/curve448.h
include/wolfssl/wolfcrypt/des3.h
include/wolfssl/wolfcrypt/dh.h
include/wolfssl/wolfcrypt/dilithium.h
include/wolfssl/wolfcrypt/dsa.h
include/wolfssl/wolfcrypt/ecc.h
include/wolfssl/wolfcrypt/eccsi.h
include/wolfssl/wolfcrypt/ed25519.h
include/wolfssl/wolfcrypt/ed448.h
include/wolfssl/wolfcrypt/error-crypt.h
include/wolfssl/wolfcrypt/ext_kyber.h
include/wolfssl/wolfcrypt/falcon.h
include/wolfssl/wolfcrypt/fe_448.h
include/wolfssl/wolfcrypt/fe_operations.h
include/wolfssl/wolfcrypt/fips_test.h
include/wolfssl/wolfcrypt/ge_448.h
include/wolfssl/wolfcrypt/ge_operations.h
include/wolfssl/wolfcrypt/hash.h
include/wolfssl/wolfcrypt/hmac.h
include/wolfssl/wolfcrypt/integer.h
include/wolfssl/wolfcrypt/kdf.h
include/wolfssl/wolfcrypt/kyber.h
include/wolfssl/wolfcrypt/logging.h
include/wolfssl/wolfcrypt/md2.h
include/wolfssl/wolfcrypt/md4.h
include/wolfssl/wolfcrypt/md5.h
include/wolfssl/wolfcrypt/mem_track.h
include/wolfssl/wolfcrypt/memory.h
include/wolfssl/wolfcrypt/misc.h
include/wolfssl/wolfcrypt/mpi_class.h
include/wolfssl/wolfcrypt/mpi_superclass.h
include/wolfssl/wolfcrypt/pkcs12.h
include/wolfssl/wolfcrypt/pkcs7.h
include/wolfssl/wolfcrypt/poly1305.h
include/wolfssl/wolfcrypt/pwdbased.h
include/wolfssl/wolfcrypt/random.h
include/wolfssl/wolfcrypt/rc2.h
include/wolfssl/wolfcrypt/ripemd.h
include/wolfssl/wolfcrypt/rsa.h
include/wolfssl/wolfcrypt/sakke.h
include/wolfssl/wolfcrypt/settings.h
include/wolfssl/wolfcrypt/sha.h
include/wolfssl/wolfcrypt/sha256.h
include/wolfssl/wolfcrypt/sha3.h
include/wolfssl/wolfcrypt/sha512.h
include/wolfssl/wolfcrypt/signature.h
include/wolfssl/wolfcrypt/siphash.h
include/wolfssl/wolfcrypt/sp_int.h
include/wolfssl/wolfcrypt/sphincs.h
include/wolfssl/wolfcrypt/srp.h
include/wolfssl/wolfcrypt/tfm.h
include/wolfssl/wolfcrypt/types.h
include/wolfssl/wolfcrypt/visibility.h
include/wolfssl/wolfcrypt/wc_encrypt.h
include/wolfssl/wolfcrypt/wc_kyber.h
include/wolfssl/wolfcrypt/wc_port.h
include/wolfssl/wolfcrypt/wolfevent.h
include/wolfssl/wolfcrypt/wolfmath.h
include/wolfssl/wolfio.h
lib/libwolfssl.a
lib/libwolfssl.so
lib/libwolfssl.so.35
lib/libwolfssl.so.35.1.0
libdata/pkgconfig/wolfssl.pc
%%PORTDOCS%%%%DOCSDIR%%/QUIC.md
%%PORTDOCS%%%%DOCSDIR%%/README.txt
%%PORTDOCS%%%%DOCSDIR%%/example/client.c
%%PORTDOCS%%%%DOCSDIR%%/example/echoclient.c
%%PORTDOCS%%%%DOCSDIR%%/example/echoserver.c
%%PORTDOCS%%%%DOCSDIR%%/example/sctp-client-dtls.c
%%PORTDOCS%%%%DOCSDIR%%/example/sctp-client.c
%%PORTDOCS%%%%DOCSDIR%%/example/sctp-server-dtls.c
%%PORTDOCS%%%%DOCSDIR%%/example/sctp-server.c
%%PORTDOCS%%%%DOCSDIR%%/example/server.c
%%PORTDOCS%%%%DOCSDIR%%/example/tls_bench.c
%%PORTDOCS%%%%DOCSDIR%%/taoCert.txt
Reference in New Issue View Git Blame Copy Permalink