From 67606bd9b8ffc248d3efb5a3b0c12e2437733682 Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Thu, 21 May 2026 11:51:30 -0700 Subject: [PATCH] prepare for release 0.2.0 --- ChangeLog.md | 57 +++++++++++++++++++++++++++++++++++++++++++++++ configure.ac | 2 +- wolfclu/version.h | 4 ++-- 3 files changed, 60 insertions(+), 3 deletions(-) diff --git a/ChangeLog.md b/ChangeLog.md index f07af243..642ea747 100644 --- a/ChangeLog.md +++ b/ChangeLog.md @@ -1,3 +1,60 @@ +# wolfCLU v0.2.0 (May 22, 2026) + +### New Features +- Add generating Chimera (dual-algorithm) certificates, enabling conventional + and post-quantum signatures on a single X.509 cert by @Yu-Ma28051503 (PR 182) +- Implement OCSP client and OCSP responder with both HTTP and SCGI transports, + allowing the responder to be fronted by nginx in production by @julek-wolfssl + (PR 200) +- Port shell-based tests to Python (unittest) so the test suite can run on + Windows in addition to Linux/macOS by @julek-wolfssl (PR 215) +- Support passing an explicit key file to the enc command instead of deriving + the key from a password by @embhorn (PR 224) + +### Fixes and Enhancements +- Improve x509-req test coverage by @kojiws (PR 188) +- Fix README examples and setting of the subject name in the req command by + @Yu-Ma28051503 (PR 191) +- Check that the keystring is present before use to avoid a segfault in the + pkey command by @anhu (PR 192) +- Fix enc command handling of the legacy algorithm name format + (e.g. aes-128-cbc) by @lealem47 (PR 193) +- Remove redundant manual null-termination already added by the compiler for + string literals by @anhu (PR 194) +- Sign/verify with ML-DSA now passes a context for interop with OpenSSL + signatures by @anhu (PR 195) +- Fix path concatenation in wolfCLU_CertSignAppendOut so generated output paths + are well-formed by @kojo1 (PR 197) +- Document build prerequisites (autoconf, automake, libtool) in the README by + @kareem-wolfssl (PR 201) +- Fix out-of-bounds writes when processing argv by @miyazakh (PR 202) +- Fix wrong variable used when storing the RSA exponent by @miyazakh (PR 203) +- Fix potential double-free by @miyazakh (PR 204) +- Fix null pointer check by @miyazakh (PR 205) +- Fix XFWRITE being called with a negative size by @miyazakh (PR 206) +- Fix use-after-free by @miyazakh (PR 207) +- Fix unreachable if condition by @miyazakh (PR 208) +- Update post-quantum groups list to match the latest wolfSSL by @Frauschi + (PR 209) +- Fixes from static analysis @yosuke-wolfssl (PR 210) +- Fix compile and unit test failures by @miyazakh (PR 211) +- Fix stack buffer overflow in encryption setup by @miyazakh (PR 212) +- Fix shell command injection by @miyazakh (PR 213) +- Fix read of exactly MAX_LEN bytes being treated as an error by + @miyazakh (PR 214) +- Fix SHA-1 prefix match overwriting SHA-256/384/512 output selection + by @miyazakh (PR 216) +- Fix issues uncovered by wolfCLU Fenrir fuzz testing by @aidangarske (PR 218) +- Fix wolfCLU_sign_data_ecc and wolfCLU_verify_signature_ecc by @embhorn + (PR 219) +- Fix potential heap buffer over-read by @miyazakh (PR 220) +- Fix flaky test_encrypt_decrypt_base64 bad-password check by @julek-wolfssl + (PR 221) +- Additional sanity checks on input arguments based on static analysis results + by @JacobBarthelmeh (PR 222) +- Fixes for closing file descriptors, sanity checks on init calls, buffer + scope, and sanity checks on arguments passed in by @JacobBarthelmeh (PR 223) + # wolfCLU v0.1.9 (July 24, 2025) - Fix client and server KEM macro (PR 177) - Implementing PKCS8 and Base64 commands (PR 178) diff --git a/configure.ac b/configure.ac index 6d0ccd78..71cd0699 100644 --- a/configure.ac +++ b/configure.ac @@ -10,7 +10,7 @@ #requires user to have AutoConf version 2.63 or greater. AC_PREREQ([2.63]) -AC_INIT([wolfclu], [0.1.9], [http://www.wolfssl.com]) +AC_INIT([wolfclu], [0.2.0], [http://www.wolfssl.com]) #a helpful directory to keep clutter out of root AC_CONFIG_AUX_DIR([build-aux]) diff --git a/wolfclu/version.h b/wolfclu/version.h index f75d78d9..a653935f 100644 --- a/wolfclu/version.h +++ b/wolfclu/version.h @@ -26,8 +26,8 @@ extern "C" { #endif -#define CLUWOLFSSL_VERSION_STRING "0.1.9" -#define CLUWOLFSSL_VERSION_HEX 0x00001009 +#define CLUWOLFSSL_VERSION_STRING "0.2.0" +#define CLUWOLFSSL_VERSION_HEX 0x00002000 #ifdef __cplusplus }