Content deleted Content added
Night1Rider (talk | contribs) →Assisted cryptography: Adding TPM section, Botan, wolfSSL as compatible (yes), GnuTLS, BESAFE as Not compatible (no), openSSL as (partial) due to there provider framework but not a direct implementation from them, and others as unknown(blank)) |
trim some columns for things no one (or almost no one) supports |
||
Line 219:
! [[Datagram Transport Layer Security|DTLS 1.0]] (deprecated)<ref name="auto3">{{cite IETF|rfc=4347}}</ref>
! [[Datagram Transport Layer Security|DTLS 1.2]]<ref name="RFC 6347" />
|-
| [[Botan (programming library)|Botan]]
Line 230 ⟶ 229:
| {{yes|No}}
| {{yes}}
|-
| [[BoringSSL]]
Line 241 ⟶ 239:
| {{okay|Yes}}
| {{yes}}
|-
|[[Bouncy Castle (cryptography)|Bouncy Castle]]
Line 252 ⟶ 249:
| {{okay|Yes}}
| {{yes}}
|-
| [[BSAFE]] SSL-J<ref name="RSABSAFETECH">{{cite web| title = RSA BSAFE Technical Specification Comparison Tables| url = http://www.emc.com/collateral/data-sheet/11433-bsafe-tech-table.pdf| access-date = 2015-01-09| archive-url = https://web.archive.org/web/20150924043531/http://www.emc.com/collateral/data-sheet/11433-bsafe-tech-table.pdf| archive-date = 2015-09-24| url-status = dead}}</ref>
Line 262 ⟶ 258:
| {{yes}}
| {{yes|No}}
| {{no}}
|-
Line 273 ⟶ 268:
|
| {{yes|No}}
| {{no}}
|-
Line 285 ⟶ 279:
| {{okay|Yes}}
| {{yes}}
|-
| [[Java Secure Socket Extension|JSSE]]
Line 296 ⟶ 289:
| {{okay|Yes}}
| {{yes}}
|-
| [[LibreSSL]]
Line 307 ⟶ 299:
| {{okay|Yes}}
| {{yes}}<ref name="libressl-3.3.3">{{cite web| title = LibreSSL 3.3.3 Released| url = https://marc.info/?l=openbsd-announce&m=162009196519308| date = 2021-05-04| accessdate = 2021-05-04}}</ref>
|-
| [[MatrixSSL]]
Line 318 ⟶ 309:
| {{okay|Yes}}
| {{yes}}
|-
| [[Mbed TLS]]
Line 329 ⟶ 319:
| {{okay|Yes}}<ref name="mbed-2.0">{{cite web | title = mbed TLS 2.0.0 released | url = https://tls.mbed.org/tech-updates/releases/mbedtls-2.0.0-released | date = 2015-07-10 | accessdate = 2015-07-14}}</ref>
| {{yes}}<ref name="mbed-2.0"/>
|-
| [[Network Security Services|NSS]]
Line 340 ⟶ 329:
| {{okay|Yes}}<ref name="NSS-3.14"/>
| {{yes}}<ref name="NSS-3.16.2">{{cite web| url=https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.16.2_release_notes| title=NSS 3.16.2 release notes| date=2014-06-30| work=Mozilla Developer Network| publisher=Mozilla| accessdate=2014-06-30| archive-date=2021-12-07| archive-url=https://web.archive.org/web/20211207015257/https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.16.2_release_notes| url-status=dead}}</ref>
|-
| [[OpenSSL]]
Line 351 ⟶ 339:
| {{okay|Yes}}
| {{yes}}<ref name="openssl-1.0.2-note">{{cite web|url=https://www.openssl.org/news/openssl-1.0.2-notes.html |title=Major changes between OpenSSL 1.0.1l and OpenSSL 1.0.2 [22 Jan 2015] |accessdate=2015-01-22 |url-status=dead |archiveurl=https://web.archive.org/web/20140904045720/http://www.openssl.org/news/openssl-1.0.2-notes.html |archivedate=September 4, 2014 }}</ref>
|-
| [[Rustls]]
Line 361 ⟶ 348:
| {{yes}}<ref name="rustls-features"/>
| {{yes|No}}
| {{no}}
|-
Line 373 ⟶ 359:
| {{yes}}
| {{yes|No}}
| {{no}}
|-
Line 384 ⟶ 369:
| {{No}}
| {{yes|No}}
| {{no}}
|-
Line 395 ⟶ 379:
| {{No}}
| {{yes|No}}
| {{no}}
|-
Line 407 ⟶ 390:
| {{No}}
| {{yes|No}}
| {{no}}
|-
Line 419 ⟶ 401:
| {{okay|Yes}}<ref name=MS2574819>{{cite web|title=An update is available that adds support for DTLS in Windows 7 SP1 and Windows Server 2008 R2 SP1|url=http://support.microsoft.com/kb/2574819/en-us|publisher=Microsoft|accessdate=13 November 2012}}</ref>
| {{no}}<ref name=MS2574819 />
|-
| [[Schannel]] 8, 2012<ref name="Windows7schannel" />
Line 429 ⟶ 410:
| {{No}}
| {{okay|Yes}}
| {{no}}
|-
Line 440 ⟶ 420:
| {{No}}
| {{okay|Yes}}
| {{no}}
|-
Line 452 ⟶ 431:
| {{okay|Yes}}
| {{yes}}
|-
| [[Schannel]] 11 / 2022<ref>{{cite web |title=Protocols in TLS/SSL (Schannel SSP) |date=25 May 2022 |url=https://learn.microsoft.com/en-us/windows/win32/secauthn/protocols-in-tls-ssl--schannel-ssp- |access-date=6 November 2022}}</ref>
Line 463 ⟶ 441:
| {{okay|Yes}}
| {{yes}}
|-
|[[MacOS|Secure Transport]]
Line 474 ⟶ 451:
|
| {{yes|No}}
| {{no}}
|-
Line 485 ⟶ 461:
|
| {{okay|Yes}}<ref group=lower-alpha name="secure-transport-osx" />
| {{no}}
|-
Line 497 ⟶ 472:
| {{okay|Yes}}
| {{Unknown}}
|-
| Secure Transport OS X 10.13, iOS 11
Line 508 ⟶ 482:
| {{okay|Yes}}
| {{Unknown}}
|-
| [[wolfSSL]]
Line 518 ⟶ 491:
| {{yes}}
| {{okay|Yes}}
| {{yes}}
|-
Line 531 ⟶ 503:
| {{yes|Disabled by default}} <ref group=lower-alpha name="otp-22" />
| {{yes}}
|-
|- class="sortbottom"
Line 543 ⟶ 514:
! [[Datagram Transport Layer Security|DTLS 1.0]] (deprecated)<ref name="auto3" />
! [[Datagram Transport Layer Security|DTLS 1.2]]<ref name="RFC 6347" />
|}
{{Reflist|group=lower-alpha|refs=
Line 629 ⟶ 599:
! colspan="2"|[[FIPS 140-1]], [[FIPS 140-2]]<ref>{{cite web|url=http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm|title=Search - Cryptographic Module Validation Program - CSRC|website=csrc.nist.gov|access-date=2014-03-18|archive-url=https://web.archive.org/web/20141226152243/http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm|archive-date=2014-12-26|url-status=dead}}</ref>
! [[FIPS 140-3]]
|-
! Level 1
Line 636 ⟶ 605:
|-
| [[Botan (programming library)|Botan]]<ref>{{cite web|url=http://botan.randombit.net/faq.html?highlight=fips#is-botan-fips-140-certified|title="Is botan FIPS 140 certified?" Frequently Asked Questions — Botan|access-date=2014-11-16|archive-url=https://web.archive.org/web/20141129042131/http://botan.randombit.net/faq.html?highlight=fips#is-botan-fips-140-certified|archive-date=2014-11-29|url-status=dead}}</ref>
|
|
Line 643 ⟶ 611:
|[[Bouncy Castle (cryptography)|Bouncy Castle]]
|{{yes|BC-FJA 1.0.0 (#2768)<br /> BC-FJA 1.0.1 (#3152)}}
|
|
Line 649 ⟶ 616:
| [[BSAFE]] SSL-J<ref>{{cite web|url=https://csrc.nist.gov/projects/cryptographic-module-validation-program/validated-modules/search|title=Search - Cryptographic Module Validation Program - CSRC|website=csrc.nist.gov|date=11 October 2016}}</ref>
| {{yes|Crypto-J 6.0 ([https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1785 1785], [https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1786 1786])<br />Crypto-J 6.1 / 6.1.1.0.1 ([https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2057 2057], [https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2058 2058])<br />Crypto-J 6.2 / 6.2.1.1 ([https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2468 2468], [https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2469 2469])<br />Crypto-J 6.2.4 ([https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3172 3172], [https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3184 3184])<br />Crypto-J 6.2.5 ([https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3819 #3819], [https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3820 #3820])<br />Crypto-J 6.3 ([https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4696 #4696], [https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4697 #4697])}}
|
|
|-
| [[cryptlib]]<ref>{{cite web|url=http://www.cs.auckland.ac.nz/~pgut001/cryptlib/faq.html#Q8|archive-url=https://web.archive.org/web/20131011085917/http://www.cs.auckland.ac.nz/~pgut001/cryptlib/faq.html#Q8|url-status=dead|archive-date=11 October 2013|title=cryptlib|date=11 October 2013}}</ref>
|
|
Line 661 ⟶ 626:
| [[GnuTLS]]<ref>{{cite web |title=B.5 Certification |url=https://www.gnutls.org/manual/gnutls.html#Certification |website=GnuTLS 3.7.7 |access-date=26 September 2022}}</ref>
| {{yes|Red Hat Enterprise Linux GnuTLS Cryptographic Module (#2780)}}
|
|
|-
| [[Java Secure Socket Extension|JSSE]]
|
|
Line 673 ⟶ 636:
| [[LibreSSL]]<ref name="OpenBSD5.6"/>
| no support
|
|
Line 679 ⟶ 641:
| [[MatrixSSL]]<ref>{{cite web|url=http://cdn2.hubspot.net/hub/327778/file-618993629-pdf/Matrix+SSL-3.pdf|title=Matrix SSL Toolkit|publisher=}}</ref>
| {{yes|SafeZone FIPS Cryptographic Module: 1.1 (#2389)}}
|
|
|-
| [[Mbed TLS]]<ref>{{cite web|url=https://mbed-tls.readthedocs.io/en/latest/kb/generic/is-mbedtls-fips-certified/|title=Is mbed TLS FIPS certified? - Mbed TLS documentation|website=Mbed TLS documentation}}</ref>
|
|
Line 692 ⟶ 652:
| {{yes|Network Security Services: 3.2.2 (#247)<br />Network Security Services Cryptographic Module: 3.11.4 (#815), 3.12.4 (#1278), 3.12.9.1 (#1837)}}
| {{yes|Netscape Security Module: 1 (#7<ref group="notes">with Sun [[Sparc]] 5 w/ Sun [[Solaris (operating system)|Solaris]] v 2.4SE (ITSEC-rated)</ref>), 1.01 (#47<ref group="notes">with Sun [[Ultra 5/10|Ultra-5]] w/ Sun [[Trusted Solaris]] version 2.5.1 (ITSEC-rated)</ref>)<br />Network Security Services: 3.2.2 (#248<ref group="notes">with [[Solaris (operating system)|Solaris]] v8.0 with [[AdminSuite]] 3.0.1 as specified in UK IT SEC CC Report No. P148 EAL4 on a SUN [[SPARC]] [[Ultra 1|Ultra-1]]</ref>)<br />Network Security Services Cryptographic Module: 3.11.4 (#814<ref group="notes">with these platforms; [[Red Hat Enterprise Linux]] Version 4 Update 1 AS on [[IBM System x|IBM xSeries 336]] with Intel Xeon CPU, [[Trusted Solaris]] 8 4/01 on [[Sun Blade (workstation)|Sun Blade 2500 Workstation]] with [[UltraSPARC IIIi]] CPU</ref>), 3.12.4 (#1279, #1280<ref group="notes">with these platforms; [[Red Hat Enterprise Linux]] v5 running on an [[IBM System x]]3550, [[Red Hat Enterprise Linux]] v5 running on an [[ProLiant|HP ProLiant DL145]], Sun [[Solaris 10]] 5/08 running on a Sun [[Sun Blade (workstation)|SunBlade 2000 workstation]], Sun [[Solaris 10]] 5/08 running on a [[Sun Java Workstation|Sun W2100z workstation]]</ref>)}}
|
|-
Line 698 ⟶ 657:
| {{yes|OpenSSL FIPS Object Module: 1.0 (#624), 1.1.1 (#733), 1.1.2 (#918), 1.2, 1.2.1, 1.2.2, 1.2.3 or 1.2.4 (#1051)<br />2.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7 or 2.0.8 (#1747)}}
|
|
|-
Line 705 ⟶ 663:
|
| {{yes|aws-lc FIPS module<ref>{{cite web|url=https://docs.rs/rustls/0.23.12/rustls/manual/_06_fips/index.html|title=rustls FIPS documentation|accessdate=2024-08-28}} </ref> ([https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4759 #4759])}}
|-
| [[Schannel]]<ref>{{Cite web|url=https://technet.microsoft.com/en-us/library/security/cc750357.aspx#_Microsoft_FIPS_140|title=Microsoft FIPS 140 Validated Cryptographic Modules}}</ref>
| {{yes|Cryptographic modules in Windows NT 4.0, 95, 95, 2000, XP, Server 2003, CE 5, CE 6, Mobile 6.x, Vista, Server 2008, 7, Server 2008 R2, 8, Server 2012, RT, Surface, Phone 8<br />See details on [https://technet.microsoft.com/en-us/library/security/cc750357.aspx#_Microsoft_FIPS_140 Microsoft FIPS 140 Validated Cryptographic Modules]}}
|
|
|-
Line 716 ⟶ 672:
| {{yes|Apple FIPS Cryptographic Module: 1.0 (OS X 10.6, #1514), 1.1 (OS X 10.7, #1701)<br />Apple OS X CoreCrypto Module; CoreCrypto Kernel Module: 3.0 (OS X 10.8, #1964, #1956), 4.0 (OS X 10.9, #2015, #2016)<br />Apple iOS CoreCrypto Module; CoreCrypto Kernel Module: 3.0 (iOS 6, #1963, #1944), 4.0 (iOS 7, #2020, #2021)}}
|
|
|-
Line 723 ⟶ 678:
|
| {{yes|wolfCrypt FIPS Module (#4178)<br />See details on [https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4718 NIST certificate]}}
|-
|-class="sortbottom"
Line 730 ⟶ 684:
! Level 2
! Level 1
|-
! colspan="2"|FIPS 140-1, FIPS 140-2
Line 1,216 ⟶ 1,169:
! [[Online Certificate Status Protocol|OCSP]]<ref>{{cite IETF|rfc=2560}}</ref>
! [[DNS-based Authentication of Named Entities|DANE]] (DNSSEC)<ref>{{cite IETF|rfc=6698}}</ref><ref>{{cite IETF|rfc=7218}}</ref>
! [[Certificate Transparency|CT]]<ref>{{cite IETF |title=Certificate Transparency |rfc=6962 |idlink=Certificate Transparency |last1=Laurie |authorlink1=Ben Laurie |first1=B. |last2=Langley |first2=A. |last3=Kasper |first3=E. |date=June 2013 |publisher=[[Internet Engineering Task Force|IETF]] |access-date=2020-08-31 |issn=2070-1721}}</ref>
|-
Line 1,224 ⟶ 1,176:
| {{yes}}
| {{yes}}
| {{no}}
| {{unknown}}
Line 1,234 ⟶ 1,185:
| {{yes}}
| {{yes}}
| {{unknown}}
|-
Line 1,242 ⟶ 1,192:
| {{yes}}
| {{yes}}
| {{no}}
| {{unknown}}
Line 1,251 ⟶ 1,200:
| {{yes}}
| {{yes}}
| {{no}}
| {{unknown}}
|-
| [[GnuTLS]]
| {{yes}}
| {{yes}}
Line 1,269 ⟶ 1,216:
| {{yes}}
| {{yes}}
| {{no}}
| {{no}}
Line 1,278 ⟶ 1,224:
| {{yes}}
| {{yes}}
| {{no}}
| {{unknown}}
Line 1,287 ⟶ 1,232:
| {{yes}}
| {{yes}}<ref>{{cite web|url=http://www.matrixssl.org/blog/releases/matrixssl_3_8_3|title=MatrixSSL 3.8.3|accessdate=2017-01-18|archive-url=https://web.archive.org/web/20170119052959/http://www.matrixssl.org/blog/releases/matrixssl_3_8_3|archive-date=2017-01-19|url-status=dead}}</ref>
| {{no}}
| {{unknown}}
Line 1,296 ⟶ 1,240:
| {{yes}}
| {{no}}<ref>{{cite web|url=https://tls.mbed.org/tech-updates/blog/mbedtls-2.0-defaults-best-practices|title=mbed TLS 2.0 defaults implement best practices|accessdate=2017-01-18}}</ref>
| {{no}}
| {{unknown}}
Line 1,306 ⟶ 1,249:
| {{yes}}
| {{no}}<ref>{{cite web|url=https://bugzilla.mozilla.org/show_bug.cgi?id=672600|title=Bug 672600 - Use DNSSEC/DANE chain stapled into TLS handshake in certificate chain validation |publisher=Mozilla|accessdate=2014-06-18}}</ref>
| {{unknown}}
|-
Line 1,315 ⟶ 1,257:
| {{yes}}
| {{yes}}
| {{yes}}
|-
Line 1,322 ⟶ 1,263:
| {{yes}}
| {{yes}}
| {{no}}
| {{no}}
Line 1,332 ⟶ 1,272:
| {{no}} <ref>{{Cite web |title=CRL Validation · Issue #3499 · aws/s2n-tls |url=https://github.com/aws/s2n-tls/issues/3499 |access-date=2022-11-01 |website=GitHub |language=en}}</ref>
| {{unknown}} <ref>{{Cite web |title=OCSP digest support for SHA-256 · Issue #2854 · aws/s2n-tls · GitHub |url=https://github.com/aws/s2n-tls/issues/2854 |access-date=2022-11-01 |website=GitHub |language=en}}</ref>
|
| {{unknown}} <ref>{{Cite web |title=[RFC 6962] s2n Client can Validate Signed Certificate Timestamp TLS Extension · Issue #457 · aws/s2n-tls · GitHub |url=https://github.com/aws/s2n-tls/issues/457 |access-date=2022-11-01 |website=GitHub |language=en}}</ref>
Line 1,342 ⟶ 1,281:
| {{yes}}<ref name="TechNet">{{cite web |url=https://technet.microsoft.com/en-us/library/ee619754(WS.10).aspx |title=How Certificate Revocation Works |author=<!--Staff writer(s); no by-line.--> |date=March 16, 2012 |website=[[Microsoft TechNet]] |publisher=[[Microsoft]] |accessdate=July 10, 2013}}</ref>
| {{yes}}<ref name="TechNet" />
| {{no}}
| {{unknown}}
Line 1,351 ⟶ 1,289:
| {{yes}}
| {{yes}}
| {{no}}
| {{unknown}}
Line 1,360 ⟶ 1,297:
| {{yes}}
| {{yes}}
| {{no}}
| {{unknown}}
Line 1,368 ⟶ 1,304:
| {{yes}}
| {{yes}}
| {{no}}
| {{no}}
Line 1,380 ⟶ 1,315:
! OCSP
! DANE (DNSSEC)
! CT
|}
Line 2,141 ⟶ 2,075:
! [[ECC Brainpool|brainpoolP384r1]]<br />(27)
! [[ECC Brainpool|brainpoolP512r1]]<br />(28)
|}
Line 3,059 ⟶ 2,798:
! Keying Material Exporter<br /><ref name="sticket">{{cite IETF|rfc=5705}}</ref>
! Maximum Fragment Length<br /><ref name=tlsexts/>
! [[Encrypt-then-MAC]]<br /><ref name=rfc7366/>
! TLS Fallback SCSV<br /><ref name="tlsfallbackscsv">{{cite IETF|rfc=7507}}</ref>
Line 3,076 ⟶ 2,814:
| {{yes}}
| {{yes}}
| {{yes}}
| {{yes}}<ref name="Botan 1.11.10">{{cite web|url=http://botan.randombit.net/relnotes/1_11_10.html|title=Version 1.11.10, 2014-12-10 — Botan|date=2014-12-10|accessdate=2014-12-14}}</ref>
Line 3,093 ⟶ 2,830:
| {{no}}
| {{yes}}
| {{no}}
| {{no}}
Line 3,110 ⟶ 2,846:
| {{no}}
| {{no}}<ref name="cryptlib-maxfrag">Present, but disabled by default due to lack of use by any implementation.</ref>
| {{yes}}
| {{yes}}
Line 3,127 ⟶ 2,862:
| {{yes}}
| {{yes}}
| {{yes}}<ref name="GnuTLS-3.4.0"/>
| {{yes}}<ref name="GnuTLS-3.4.4">{{cite web|url=http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/8267|title=gnutls 3.4.4|accessdate=2015-08-25|archive-url=https://web.archive.org/web/20170717020648/http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/8267|archive-date=2017-07-17|url-status=dead}}</ref>
Line 3,144 ⟶ 2,878:
| {{no}}
| {{yes}}
| {{no}}
| {{no}}
Line 3,161 ⟶ 2,894:
| {{yes}}?
| {{no}}
| {{no}}
| {{partial|Server side only}}<ref name="libressl-2.1.4">{{cite web| title = LibreSSL 2.1.4 released| url = https://marc.info/?l=openbsd-announce&m=142543818707898| date = 2015-03-04| accessdate = 2015-03-04}}</ref>
Line 3,178 ⟶ 2,910:
| {{no}}
| {{yes}}
| {{no}}
| {{yes}}<ref name="matrixssl_3.8.3"/>
Line 3,195 ⟶ 2,926:
| {{no}}
| {{yes}}
| {{yes}}<ref name="mbedTLS-1.3.10">{{cite web|url=https://polarssl.org/tech-updates/releases/mbedtls-1.3.10-released|title=mbed TLS 1.3.10 released|date=2015-02-08|access-date=2015-02-09|archive-date=2015-02-09|archive-url=https://web.archive.org/web/20150209180352/https://polarssl.org/tech-updates/releases/mbedtls-1.3.10-released|url-status=dead}}</ref>
| {{yes}}<ref name="mbedTLS-1.3.10"/>
Line 3,212 ⟶ 2,942:
| {{yes}}
| {{no}}
| {{no}}<ref>{{cite web|url=https://bugzilla.mozilla.org/show_bug.cgi?id=972145|title=Bug 972145 - Implement the encrypt-then-MAC TLS extension |publisher=Mozilla|accessdate=2014-11-06}}</ref>
| {{yes}}<ref>{{cite web|url=https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.1_release_notes|title=NSS 3.17.1 release notes|accessdate=2014-10-17|archive-date=2019-04-19|archive-url=https://web.archive.org/web/20190419152214/https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.1_release_notes|url-status=dead}}</ref>
Line 3,229 ⟶ 2,958:
| {{yes}}
| {{yes}}
| {{yes}}
| {{yes}}<ref>{{cite web|url=https://openssl-library.org/news/secadv/20141015.txt|title=OpenSSL Security Advisory [15 Oct 2014]|date=2014-10-15}}</ref>
Line 3,246 ⟶ 2,974:
| {{yes}}
| {{no}}
| {{no}}
| {{no}} <ref>rustls does not implement earlier versions that would warrant protection against insecure downgrade</ref>
Line 3,263 ⟶ 2,990:
| {{no}}
| {{no}}
| {{no}}
| {{no}}
Line 3,280 ⟶ 3,006:
| {{no}}
| {{no}}
| {{no}}
| {{no}}
Line 3,297 ⟶ 3,022:
| {{no}}
| {{no}}
| {{no}}
| {{no}}
Line 3,314 ⟶ 3,038:
| {{no}}
| {{no}}
| {{no}}
| {{no}}
Line 3,331 ⟶ 3,054:
| {{no}}
| {{no}}
| {{no}}
| {{no}}
Line 3,348 ⟶ 3,070:
| {{no}}
| {{no}}
| {{no}}
| {{no}}
Line 3,365 ⟶ 3,086:
| {{no}}
| {{yes}}
| {{yes}}<ref name="wolfssl-4.2.0">{{cite web|url=https://www.wolfssl.com/wolfssl-version-4-2-0-now-available/|title=wolfSSL Version 4.2.0 is Now Available!|date=22 October 2019|accessdate=2021-08-13}}</ref>
| {{no}}
Line 3,382 ⟶ 3,102:
| {{no}}
| {{no}}
| {{no}}
| {{yes}}
Line 3,400 ⟶ 3,119:
! Keying Material Exporter
! Maximum Fragment Length
! Encrypt-then-MAC
! TLS Fallback SCSV
Line 3,418 ⟶ 3,136:
! [[ARM architecture#ARMv8-A|ARMv8-A]]
! [[Intel SGX]]
! [[Intel SHA extensions|Intel SHA]]
! [[NXP CAAM]]
Line 3,428 ⟶ 3,145:
| {{no}}
| {{yes}}
| {{no}}
|
Line 3,440 ⟶ 3,156:
| {{no}}
| {{okay|Yes}}
| {{no}}
| {{okay|Yes}}
Line 3,452 ⟶ 3,167:
| {{no}}
|
|
|
Line 3,463 ⟶ 3,177:
|
|
| {{yes}}
|
Line 3,473 ⟶ 3,186:
| {{yes}}
| {{yes}}<ref>{{Cite web|url=https://lists.gnupg.org/pipermail/gnutls-devel/2016-October/008194.html|title=[gnutls-devel] gnutls 3.5.5|first=Nikos|last=Mavrogiannopoulos|date=October 9, 2016}}</ref>
| {{no}}
| {{yes}}
Line 3,485 ⟶ 3,197:
| {{no}}
|
|
| {{no}}
Line 3,496 ⟶ 3,207:
| {{no}}
|
|
|
Line 3,507 ⟶ 3,217:
| {{yes}}
|
|
| {{no}}
Line 3,518 ⟶ 3,227:
| {{no}}
|
|
| {{no}}
Line 3,529 ⟶ 3,237:
| {{no}}
|
|
| {{no}}
Line 3,540 ⟶ 3,247:
| {{yes}}<ref>{{cite web|url=http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddacb8f27ba4c8a8d51c306c150e1a8703b008f2|title=git.openssl.org Git - openssl.git/commitdiff|website=git.openssl.org}}</ref>
|
| {{yes}}
| {{Partial}}
Line 3,550 ⟶ 3,256:
|
| {{yes}}
|
| {{yes}}
Line 3,562 ⟶ 3,267:
| {{no}}
|
|
| {{no}}
Line 3,573 ⟶ 3,277:
| {{Yes}}
|
|
| {{no}}
Line 3,584 ⟶ 3,287:
| {{yes}}
| {{yes}}
|
| {{yes}}<ref>{{cite web|url=https://community.nxp.com/t5/i-MX-Processors/CAAM-support-in-wolfSSL/m-p/1013736|title=CAAM support in wolfSSL |date=10 March 2020|publisher=}}</ref>
Line 3,596 ⟶ 3,298:
! ARMv8-A
! Intel SGX
! Intel SHA
! NXP CAAM
Line 3,609 ⟶ 3,310:
|-
! Implementation
!
! af_alg
! [[Cryptographic Service Provider|Windows CSP]]
! CommonCrypto
! [[OpenSSL|OpenSSL engine]]
|-
| |||