Two modes of AES have been added to the embedded TLS library wolfSSL; AES-CFB and AES-XTS. AES CFB (Cipher FeedBack) mode is a stream cipher mode of AES. For the first 16 bytes it encrypts an IV using AES and xor’s the result with the plain text for encryption or the cipher text for decryption. […]
Read MoreMore TagMonth: March 2018
wolfSSL SGX Updates (Including FIPS!)
wolfSSL is pleased to announce we are in the process of adding FIPS + SGX to our FIPS certificate! We have updated our SGX-Linux support and are working on adding an example client and server to the existing SGX-Windows project for a complete solution. If you are working with SGX and need FIPS validated crypto […]
Read MoreMore TagJob Posting: Embedded Systems Software Engineer
wolfSSL is a growing company looking to add a top notch embedded systems software engineer to our organization. wolfSSL develops, markets and sells the leading Open Source embedded SSL/TLS protocol implementation, wolfSSL. Our users are primarily building devices or applications that need security. Other products include wolfCrypt embedded cryptography engine, wolfMQTT client library, and wolfSSH. […]
Read MoreMore TagSHA-3 Support in wolfSSL #TLS13
We’ve fully added support for SHA-3 to the wolfSSL embedded TLS library. We have also included SHA-3 support to HMAC and HKDF. Our SHA-3 offering includes 224, 256, 384, and 512-bit digests. It is tied into our hashing and signature infrastructure, so it will be available to TLS v1.2 or TLS v1.3 when the IETF […]
Read MoreMore TagNginx with wolfSSL #TLS13
At wolfSSL, we are dedicated to 3rd party integration and have been improving our support for Nginx. wolfSSL now has tested patches for Nginx 1.13.8, 1.12.2 and other point releases. Nginx builds with OpenSSL by default and this makes getting FIPS 140-2 compliance difficult. Compiling Nginx with wolfSSL is simple and we can help you […]
Read MoreMore TagSTM32F Support Expanded
We’ve expanded our STM32F series support in the wolfSSL embedded TLS library to include the STM32F1, STM32F2, STM32F4 and STM32F7. This supports using either the CubeMX HAL or the Standard Peripheral Library. If the chip supports symmetric hardware crypto such as AES (CBC/GCM), 3DES, MD5, SHA1 or SHA256 we support using this from wolfCrypt native […]
Read MoreMore TagASN Strict Enforcement
Thanks to feedback from Xidian University we’ve improved the strictness of the X.509 checking in the wolfSSL embedded TLS library. Xidian researchers wrote a tool to take the RFC 5280 specification and parse for “MUST” clauses and generate certificates to test these criteria. They found three places wolfSSL was not strictly enforcing the RFC. Although […]
Read MoreMore TagRegistering Diffie-Hellman Callbacks with wolfSSL
In the latest release of the wolfSSL embedded TLS library (version 3.14), functionality was added to allow users to define and utilize custom Diffie-Hellman Agreement callbacks. This functionality was added in the form of a new API method, whose title and signature are shown below: void wolfSSL_CTX_SetDhAgreeCb(WOLFSSL_CTX* ctx, CallbackDhAgree cb) This function takes in a […]
Read MoreMore Tag