Pseudo Random Number Generator (PRNG) Software-generated random numbers only are pseudorandom. They are not truly random because the computer uses an algorithm based on a distribution, and are not secure because they rely on deterministic, predictable algorithms. Since a seed number can be set to replicate the “random” numbers generated, it is possible to predict […]
Read MoreMore TagMonth: July 2021
wolfTPM first to support Nuvoton NPCT75x extra GPIO for safety-critical applications
wolfTPM is the leading TPM library for embedded and baremetal applications. It is widely used in aerospace, military, and medical systems because the wolfSSL TPM 2.0 library is designed specifically for embedded systems. wolfTPM offers a low memory footprint and supports all of the TPM 2.0 commands and operations; as well as provids examples of: […]
Read MoreMore TagwolfMQTT Client Supports HiveMQ Cloud
The wolfMQTT client library “mqttclient” example demonstrates securely connecting over TLS provided by wolfSSL. We set up a HiveMQ Cloud cluster that can be used for testing. The HiveMQ Cloud broker uses the Server Name Indicator (SNI) extension for TLS client authentication, which is specified using the `-S ` option. The example is located in […]
Read MoreMore TagEmbedded SSH client with TPM protected keys
We are adding hardware security to wolfSSH to meet the rising security requirements for connected systems. Thanks to the widely available Trusted Platform Module (TPM) and our portable wolfTPM library, wolfSSH can have the user’s private SSH key stored and used directly from a hardware security module. This way the private key material is never […]
Read MoreMore TagIntegration update: wolfSSL is the Secure Socket Solution for Qt
The QSslSocket class in Qt makes it easy to add encryption to your application. wolfSSL makes it secure! The wolfSSL embedded SSL/TLS library is a lightweight SSL/TLS library written in ANSI C and targeted for embedded, RTOS, and resource-constrained environments – primarily because of its small size, speed, and feature set. It is commonly used […]
Read MoreMore TagcURL Security Advisories
The 200th curl release found 3 major security advisories from the curl bug-bounty program. These are the advisories: CVE-2021-22901: TLS session caching disaster This is a Use-After-Free in the OpenSSL backend code that in the absolutely worst case can lead to an RCE, a Remote Code Execution. The flaw is reasonably recently added and it’s very […]
Read MoreMore Tag