Microsoft has created a Linux subsystem that allows running Linux distributions on Windows 10. This blog describes the steps for building and running wolfSSL on WSL. Installing WSL and Ubuntu 18.04: Open PowerShell as Administrator (right-click and choose “Run as Administrator”) Run the following commands: Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux Invoke-WebRequest -Uri https://aka.ms/wsl-ubuntu-1804 -OutFile Ubuntu.appx -UseBasicParsing […]
Read MoreMore TagMonth: July 2019
wolfTPM support for Xilinx Zynq and VxWorks
The wolfTPM library has now been tested on the Xilinx Zynq UltraScale with VxWorks. Testing was done using a Xilinx Zynq Pmod board with Infineon SLB9670 TPM 2.0 module. The TPM 2.0 module can be used for measured boot functionality and cryptographic security to extend the hardware root of trust enabled by Zynq and Zynq […]
Read MoreMore TagVulnerability Disclosure: TLSv1.3 PSK extension parsing potential buffer overflow
Affected Users: User of wolfSSL v4.0.0 are affected. Summary of issue: wolfSSL 4.0.0 has a Buffer Overflow in DoPreSharedKeys in tls13.c when a current identity size is greater than a client identity size. The identity data field of the PSK extension of the packet contains data beyond the buffer length to be stored in the […]
Read MoreMore TagVulnerability Disclosure: ECDSA signing operations and nonce size leaks
Settings that mitigate this vulnerability in affected versions (secp256r1 only, all other curves are affected): –enable-sp –enable-sp-asm –enable-fpecc Affected Users: Users with long-term private ECC ECDSA keys performing ECDSA sign operations with the USE_FAST_MATH setting (–enable-fastmath). Users who have disabled the default enabled timing resistance while also using fastmath (–disable-harden) or using normal math (–disable-fastmath) […]
Read MoreMore TagwolfSSL 4.1.0 Now Available
wolfSSL is excited to announce its summer release of the wolfSSL embedded SSL/TLS library version 4.1.0! As with each release, wolfSSL 4.1.0 comes with many feature additions, bug fixes, and improvements to the wolfSSL library. The list below outlines some of the new features and notable fixes added for version 4.1.0: Fixes and updates for […]
Read MoreMore TagDifferences between TLS 1.2 and TLS 1.3 (#TLS13)
wolfSSL’s embedded SSL/TLS library has included support for TLS 1.3 since early releases of the TLS 1.3 draft. Since then, wolfSSL has remained up-to-date with the TLS 1.3 specification. In this post, the major upgrades of TLS 1.3 from TLS 1.2 are outlined below: TLS 1.3 This protocol is defined in RFC 8446. TLS 1.3 […]
Read MoreMore TagMultithread Support in wolfMQTT
The most requested feature for the wolfMQTT client library is now available! Multithreading support allows an application to create multiple threads that use the wolfMQTT client library. There is a new example that demonstrates this functionality, located in `examples/multithread/`. This example creates a thread that subscribes to a topic and then waits for incoming messages; […]
Read MoreMore TagwolfSSL and the Zombie POODLE and GOLDENDOODLE Attacks
The wolfSSL library is NOT vulnerable to these attacks, thanks to previous fixes we’ve made and our extensive testing. Ongoing research regarding CBC padding oracle attacks against TLS will be presented in August 2019 at USENIX Security. These attacks were originally presented by Craig Young at BlackHat Asia in March 2019 (slides). Both attacks target […]
Read MoreMore Tag