wolfSSL 2.2.0 is Now Available

Version 2.2.0 of the wolfSSL embedded SSL/TLS library has been released and is now available for download.  This release contains bug fixes, feature enhancements, and is a recommended update for all users. Changes include:

– Initial CRL (Certificate Revocation Lists) support with –enable-crl
– Initial OCSP (Online Certificate Status Protocol) support with –enable-ocsp
– Static ECDH suites including:
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDH_RSA_WITH_RC4_128_SHA
TLS_ECDH_ECDSA_WITH_RC4_128_SHA
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
– SHA-384 support
– ECC client certificate support

For more information on CRL checkout: http://en.wikipedia.org/wiki/Certificate_revocation_list .  More details on OCSP can be found here: http://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol .  The example/client has basic usage and the full API will be available in the manual. The addition of SHA-384 support makes wolfSSL even more compatible with other SSL implementations such as OpenSSL.

To download the open source, GPLv2-licensed version of wolfSSL 2.2.0, please visit our Download Page.  If you have any questions or comments or would like more information on commercial versions of wolfSSL, please contact us at info@yassl.com.

For build instructions, a full feature list, API reference, and more, please see the wolfSSL Manual.

Porting wolfSSL into OpenSSH

Hi!  This is a short note to let you know that we have ported wolfSSL into the sshd sources.  This effort was done for a customer of the wolfSSL embedded SSL product.  This particular customer of ours was looking for a version of OpenSSH with a smaller footprint, TLS 1.2 and some specialized ciphers.  Alpha versions of the code base can be made available to select members of our user base in June 2012, with wider availability in beta form on the 4th of July.    

If you are interested in trying OpenSSH with wolfSSL, then please contact us at info@yassl.com.

New features coming to wolfSSL in May

We`ve added some new features to wolfSSL that will go into the general release this month.  The features are:

1.  Support for SHA-384
2.  Client ECC certificates
3.  Static ECDH
4.  GCM

With the addition of SHA-384 and GCM, wolfSSL will become NSA Suite B compliant.

If you need access to these features right away, contact us at info@yassl.com and we can possibly arrange for an early private code drop.

wolfSSL Supports SPDY

Hi yaSSL users!  See the following link for an explanation on SPDY:  https://readwrite.com/2012/04/19/what-web-users-need-to-know-ab/

SPDY is a new protocol for web use proposed by Google and supported by many of the large web companies.  It is based on HTTP, but it is faster and more suited to modern web usage.  

You will note that SPDY mandates SSL, which will provide everyone more security in their day to day web use.  We should also note that our friends at NGINX are supporting SPDY.

If you have comments or questions on running wolfSSL with SPDY, then please contact us at info@yassl.com.