Available New release of the compact cryptographic library WolfSSL 5.0.0 , optimized for use on embedded devices with disabilities and memory, such as Internet devices, smart home systems, automotive information systems, routers and mobile phones. The code is written in the SI language and spreads under the GPLv2 license.
Library provides high-performance implementation of modern cryptoalgorithms, including Chacha20, Curve25519, NTRU, RSA, Blake2B, TLS 1.0-1.3 and DTLS 1.2, which, according to developers, are 20 times more compact than implementations from OpenSSL. Provided both its simplified API and a layer for compatibility with OpenSSL API. There is support for OCSP (Online Certificate Status Protocol) and CRL (Certificate Revocation List) to verify certificate revocation.
Main innovations WolfSSL 5.0.0:
- Added support platforms: IoT-Safe (with support for TLS), SE050 (with support for RNG, SHA , AES, ECC and ED25519) and Renesas Tsip 1.13 (for RX72N microcontrollers).
- Added support for postcanthum cryptography algorithms, resistant to the selection on a quantum computer: Groups NIST Round 3 KEM for TLS 1.3 and hybrid NIST ECC groups on the basis of the project OQS (Open Quantum Safe, LIBOQS ). Resistant to the selection on the group’s quantum computer including added both to the layer to ensure compatibility. Supported support for NTRU and QSH algorithms.
- in module For Linux kernel implemented support for cryptographic algorithms that meet the security standard FIPS 140-3 . Presented separate product with the implementation of FIPS 140-3, the code of which is still at the stage of testing, reviewing and checking.
- The Linux kernel module added variants of RSA, ECC, DH, DSA, AES / AES-GCM algorithms, accelerated using the CPU x86 vector instructions. Using vector instructions, interrupt handlers are also accelerated. Added support for subsystem for checking modules for digital signatures. The possibility of assembling the built-in wolfcrypt cryptocrypt in the “–Nable-Linuxkm-Pie” mode is provided. The module provides support for Linux 3.16, 4.4, 4.9, 5.4 and 5.10.
- In the layer to provide compatibility with other libraries and applications added support Libssh2, Pyopenssl, LibimobileDevice, RsySlog, OpenSSH 8.5P1 and Python 3.8.5.