How to use TLS with JAVA

When developing an application that needs to communicate securely with another device TLS is a great option. The framework in place for TLS connections with JAVA is JSSE (Java Secure Socket Extension). JSSE is a set of interfaces that can be called to abstract the TLS process and make it easy for plugging in different security providers while keeping an application unchanged after initial integration. wolfJSSE is an open source implementation of these interfaces that uses the embedded IoT wolfSSL library for it’s cryptography operations. There are many ways to interact with JSSE when adding in security, two of the common ways are with creating a SSL socket or by creating a SSL engine. A simple example of creating and using SSL sockets for both the client and server side can be found in the “examples/provider” directory on the wolfssljni repository located here ( In addition to interacting with JSSE directly there are packages in JAVA that use it. One such package deals with URL connections and can be used for creating HTTPS connections. An example of a simple HTTPS connection using it can be found in the “java” directory of the wolfSSL examples repository (

For questions about the use of wolfJSSE, or the wolfSSL lightweight SSL/TLS library, contact

Improved NXP MMCAU Crypto Hardware Performance

The NXP Memory-Mapped Cryptographic Acceleration Unit (mmCAU) is on many Kinetis microcontrollers. It improves symmetric AES and SHA performance as compared to our software based implementation. wolfSSL version 4.2.0 enhanced mmCAU support to use multiple blocks against hardware and optimize to avoid memory copies (memcpy) when possible. This resulted in a 20-78% improvement in performance!


  • Enhancement for NXP mmCAU to process more than one block at a time.
  • Added optional buffer alignment detection macro, WC_HASH_DATA_ALIGNMENT, to avoid memcpy.
  • Added MD5 and SHA-1 support for XTRANSFORM_LEN to process blocks.
  • Cleanups for consistency between algorithms and code commenting.

Improved MMCAU performance: SHA-1 by 35%, SHA-256 by 20% and MD5 by 78%.

NXP K64 MMCAU with wolfSSL v4.2.0:

MD5 8 MB took 1.000 seconds, 7.910 MB/s
SHA 4 MB took 1.005 seconds, 3.644 MB/s
SHA-256 2 MB took 1.006 seconds, 2.306 MB/s

NXP K64 MMCAU with wolfSSL v4.1.0:

MD5 4 MB took 1.004 seconds, 4.450 MB/s
SHA 3 MB took 1.006 seconds, 2.670 MB/s
SHA-256 2 MB took 1.008 seconds, 1.913 MB/s

Changes are in GitHub pull request #2481 and in the wolfSSL v4.3.0 release.
For more information please email us at

We love you,
wolfSSL Team

CMS/PKCS #7 RSA Sign Callback for Raw Digest Signature Generation

We have added many new features in our new release of wolfSSL 4.3.0. One new feature we have added is a CMS/PKCS #7 callback for signing SignedData raw digests – enabled with the macro HAVE_PKCS7_RSA_RAW_SIGN_CALLBACK and call to function wc_PKCS7_SetRsaSignRawDigestCb().

For those who are unaware PKCS #7 is used to sign and/or encrypt messages under a PKI. Used also for certificate dissemination (for instance as a response to a PKCS #10 message), it formed the basis for S/MIME, which is as of 2010 based on RFC 5652, an updated Cryptographic Message Syntax Standard (CMS). Often used for single sign-on.

For more information on wolfSSL, PKCS #7, TLS 1.3, OCSP, FIPS, or for any additional questions, contact or!

We love you.

Team wolfSSL

Updates to RSA-PSS salt lengths

In our new release of wolfSSL 4.3.0 we have added updates to RSA-PSS salt lengths. The macro WOLFSSL_PSS_SALT_LEN_DISCOVER value into wc_RsaPSS_Verify_ex() attempts to discover salt length and can use larger salt lengths.

RSA-PSS is a probabilistic signature scheme (PSS) with appendix. A signature scheme with appendix requires the message itself to verify the signature (i.e. the message is not recoverable from the signature). RSA-PSS is an adaptation of their work and is standardized as part of PKCS#1 v2.1. In general, RSA-PSS should be used as a replacement for RSA-PKCS#1 v1.5.

RSA-PSS parameters

  • hash algorithm/function. The default is SHA-1.
  • mask generation function (MGF). Currently always MGF1.
  • salt length. The default value is 20 but the convention is to use hLen, the length of the output of the hash function in bytes. A salt length of zero is permitted and will result in a deterministic signature value. The actual salt length used can be determined from the signature value.
  • trailer field, used in the encoding operation. The default trailer field is the byte 0xbc. There are no options to change this value.

The default parameters for RSA-PSS are:

hashAlgorithm      sha1,
maskGenAlgorithm   mgf1SHA1 (the function MGF1 with SHA-1)
saltLength         20,
trailerField       trailerFieldBC (the byte 0xbc)

It is recommended that the MGF hash function be the same as the scheme hash algorithm/function, and that the salt length be hLen, the length of the output of the hash function.

For more information on RSA-PSS visit

For more information on wolfSSL updates, TLS 1.3, OCSP, FIPS 140-2, or for any additional questions, contact or!

We love you.

Team wolfSSL

Check out our Webinar on TLS 1.3, OpenSSL COMPARISON!

wolfSSL: TLS 1.3, OpenSSL comparison

wolfSSL’s open-source SSL/TLS library is constantly updated to maintain a mature code base and adapts quickly to any standard changes. One recent change is the release of TLS 1.3 (successor of TLS 1.2 which was out for 10 years).

What is new in TLS 1.3?
TLS 1.3 brought forth numerous improvements including faster handshake times, full session encryption and new cipher suites. There are faster handshake times as there is only one RTT instead of two which enables clients to send data immediately after the first reply from the server. Full session encryption is also achieved through the use of a variety of encryption algorithms to secure data. In addition, new cipher suites considered to be stronger also come with TLS 1.3.

How are we different from OpenSSL?
There are several key differentiators between wolfSSL and OpenSSL. These include the following:

  • Build size (up to 20x smaller than OpenSSL)
  • Standards support: up to date on most recent standards
  • Hardware acceleration
  • Team of security experts
  • Ease of Use designed for developers
  • Portability: a long list of supported platforms
  • Dual license: GPLv2 or Commercial
  • 24/7 Support

To watch all the wolfSSL webinars, check out our YouTube channel:

To read more about the differences between TLS 1.2 and TLS 1.3 visit:

Questions? Contact us

wolfMQTT Client Supports Secure AWS

The wolfMQTT client library has an Amazon Web Services example that demonstrates securely connecting over TLS provided by the wolfSSL embedded SSL/TLS library.

We setup an AWS IoT endpoint and testing device certificate. The AWS server uses a TLS client certificate for authentication. The example is located in `/examples/aws/`.  It subscribes to `$aws/things/”AWSIOT_DEVICE_ID”/shadow/update/delta` and publishes to `$aws/things/”AWSIOT_DEVICE_ID”/shadow/update`.

Everyone deserves to have their IoT data secure, and wolfSSL provides the best libraries to accomplish that! wolfSSL supports up to TLS 1.3, FIPS 140-2, expansive support for hardware cryptography, and more!  Secure-IoT-Love from the wolfSSL team!

You can download the latest release here:

Or clone directly from our GitHub repository.

Don’t forget to add a star while you’re there!  Contact us at with any questions or comments.

wolfSSL Conforms to MISRA-C:2012 Guidelines

The team at wolfSSL has taken the core functionality of the wolfSSL embedded SSL/TLS library to the next level and implemented changes to conform to the Required and Mandatory rules from the MISRA-C:2012 Guidelines.

Currently a subset of the wolfCrypt files are checked (sha256.c, aes.c (CBC/GCM), rsa.c, random.c, sp_c64.c), let us know if your project requires other files and we can target them while expanding coverage.

For questions contact us at Critical safety love to all from wolfSSL!  wolfSSL also supports TLS 1.3, FIPS 140-2, and more!