wolfSSL DTLS Session Export

The wolfSSL embedded SSL/TLS library supports features not only pertaining to TLS, but DTLS as well! A prime example of a DTLS feature supported by wolfSSL is DTLS session exporting. This allows for serializing and sending a DTLS session immediately after the handshake has been completed. The ability to export the session after a handshake is established has many practical use cases in IoT and embedded environments.

In establishing and maintaining a DTLS connection the handshake portion is the most resource intensive. With this additional feature it is possible to offload the handshake onto a more powerful system, serialize and export it after the handshake is completed, and then have throughput handled by a more resource constrained device.

For more information about wolfSSL and DTLS, or just wolfSSL, please contact facts@wolfssl.com.

wolfSSL also supports TLS 1.3! More information can be found here: https://www.wolfssl.com/docs/tls13/

wolfSSL Adds Support for the Deos Safety Critical RTOS

Are you a user of Deos?  If so, you will be happy to know that wolfSSL recently added support for Deos RTOS and added TLS client/server examples to the wolfSSL embedded SSL/TLS library for Deos!

Deos is an embedded RTOS used for safety-critical avionics applications on commercial and military aircraft. Certified to DO-178C DAL A, the time and space partitioned RTOS features deterministic real-time response and employs patented “slack scheduling” to deliver higher CPU utilization. DO-178C DAL A refers to a specification that is required for software to be used in aerospace software systems. 

The Deos port in wolfSSL is activated by using the "WOLFSSL_DEOS" macro. For instructions on how to build and run the examples on your projects, please see the “<wolfssl-root>/IDE/ECLIPSE/DEOS/README” file.  This support is currently located in our GitHub master branch, and will roll into the next stable release of wolfSSL as well.

wolfSSL provides support for the latest and greatest version of the TLS protocol, TLS 1.3! Using the wolfSSL port with your device running Deos will allow your device to connect to the internet in one of the most secure ways possible.

For more information, please contact facts@wolfssl.com.

Resources
The most recent version of wolfSSL can be downloaded from our download page, here: https://www.wolfssl.com/download/
wolfSSL GitHub repository: https://github.com/wolfssl/wolfssl.git
wolfSSL support for TLS 1.3: https://www.wolfssl.com/docs/tls13/
Deos RTOS homepage: https://www.ddci.com/category/deos/

wolfBoot – wolfSSL’s Secure Bootloader

wolfBoot is wolfSSL's own implementation of a secure bootloader that leverages wolfSSL's underlying wolfCrypt module to provide signature authentication for the running firmware.

The role of a secure bootloader is to effectively prevent the loading of malicious or unauthorized firmware on the target. Additionally, wolfBoot provides a fail-safe update mechanism, that can be interrupted at any time, and resumed at next boot.

wolfBoot is designed to be a portable, OS-agnostic, secure bootloader solution for all 32-bit microcontrollers, relying on wolfCrypt for firmware authentication.

Due to its minimalist design and the tiny Hardware Abstraction Layer (HAL) API, wolfBoot is completely independent of any OS or bare-metal application, and can be easily ported and integrated into existing embedded software solutions.

wolfBoot provides the basis for secure firmware update (OTA) management at boot time, cutting down the development effort needed to implement and validate the required mechanisms to handle the updates. It reduces the development effort to just receiving the image using a secure channel within the application/OS. We recommend using wolfSSL to encrypt the firmware transfer over TLS, to avoid eavesdropping. Once the image is transferred and stored into the update partition, wolfBoot takes care of the update procedure at the next boot.

Remote updates that would lead to a faulty firmware are automatically reverted by wolfBoot after the first 'test' boot, by restoring the original firmware image whenever the update has failed to boot properly. This mechanism protects the target device from accidental updates on the field.

wolfBoot can be downloaded from the wolfSSL download page here: https://www.wolfssl.com/download/

More about boot loaders can be found here: https://en.wikipedia.org/wiki/Booting#BOOT-LOADER
More about wolfSSL: https://www.wolfssl.com/products/wolfssl/
More about wolfCrypt: https://www.wolfssl.com/products/wolfCrypt/

Additionally, wolfSSL will be at ICMC in a couple of weeks! Be sure to stop by booth #103 and say hello!

Contact facts@wolfssl.com for any questions or for more information

wolfSSH Version 1.4.0 Now Available

Version 1.4.0 of the wolfSSH SSHv2 server library has been released! Many new and exciting features were added to wolfSSH with this release. Some of the new additions include: support for port forwarding, client side pseudo terminal support, enhancements for non blocking use, AES-CTR cipher support, and support for SFTP on windows.

This release also includes fixes and enhancements to existing features. Some of the fixes include resolving GCC-7 warnings and fixes for example use cases when wolfSSL ECC caching is turned on.

A full list of notable addition and fixes is as follows:

  • SFTP support for time attributes
  • TCP port forwarding feature added (--enable-fwd)
  • Example TCP port forwarding added to /examples/portfwd/portfwd
  • Fixes to SCP, including default direction set
  • Fix to match ID during KEX init
  • Add check for window adjustment packets when sending large transfers
  • Fixes and maintenance to Nucleus port for file closing
  • Add enable all option (--enable-all)
  • Fix for --disable-inline build
  • Fixes for GCC-7 warnings when falling through switch statements
  • Additional sanity checks added from fuzz testing
  • Refactor and fixes for use with non blocking
  • Add extended data read for piping stderr
  • Add client side pseudo terminal connection with ./examples/client/client -t
  • Add some basic Windows terminal conversions with wolfSSH_ConvertConsole
  • Add wolfSSH_stream_peek function to peek at incoming SSH data
  • Change name of internal function from SendBuffered to wolfSSH_SendPacket to avoid clash with wolfSSL
  • Add support for SFTP on Windows
  • Use int types for arguments in examples to fix Raspberry Pi build
  • Fix for fail case with leading 0’s on MPINT
  • Default window size (DEFAULT_WINDOW_SZ) lowered from ~ 1 MB to ~ 16 KB
  • Disable examples option added to configure (--disable-examples)
  • Callback function and example use added for checking public key sent
  • AES CTR cipher support added
  • Fix for freeing ECC caches with examples
  • Renamed example SFTP to be examples/sftpclient/wolfsftp

The most up-to-date versions of wolfSSH and other wolfSSL products can be found on the wolfSSL download page here: https://www.wolfssl.com/download/.

For more information about wolfSSH or the changes incorporated into the 1.4.0 release, please contact facts@wolfssl.com.

wolfSSL at ICMC 2019

wolfSSL is at ICMC this year! The International Cryptographic Module Conference (ICMC) attracts hundreds of cryptographic professionals from across the Pacific to address the unique challenges faced by the people who develop, produce, test, specify, and use cryptographic modules, with an emphasis on FIPS 140-2, ISO/IEC 19790 and Common Criteria standards. For 2019, ICMC will be held in Vancouver, BC.

Where ICMC will be held for 2019:
Venue: JW Mariott Parq Vancouver
wolfSSL Booth #: 103
When: May 15-16
Directions: https://icmconference.org/?page_id=7194

Additionally, wolfSSL founder and CTO Todd Ouska will be on the panel for the track session "Panel on TLS: The Problems in Moving to 1.3". Stop by the Cambie space to learn more about the problems in upgrading to the newest version of TLS (Friday, May 17th, at 10:30am)

Stop by our booth to hear more about the wolfSSL embedded SSL/TLS library, the wolfCrypt encryption engine, to meet the wolfSSL team, or to get some free stickers and swag!

For more information about wolfSSL, its products, or future events, please contact facts@wolfssl.com.

More information about ICMC can be found here: https://icmconference.org.

Posts navigation

1 2 3 4