wolfSSH can make use of X.509 certificates when verifying the peer! Both on the client side and on the server side. The implementation follows RFC 6187 and adds x509v3-ecdsa-sha2-* and x509v3-ssh-rsa to the key exchange algorithms. Instead of the public key, the whole certificate is passed along during authentication and then verified by the peer […]
Read MoreMore TagAuthor: Kajal Sapkota
wolfSSL Supports Keil v6 Compiler
Looking to add SSL/TLS to your Keil project? The wolfSSL embedded SSL/TLS library is a lightweight SSL/TLS library written in ANSI C and targeted for embedded, RTOS, and resource-constrained environments – primarily because of its small size, speed, and feature set. For Keil MDK and uVision users we provide a CMSIS pack that enables them […]
Read MoreMore TagBetter ASN.1 Support with Templates
wolfSSL has significant improvements on how we parse and encode ASN.1 data like certificates and keys. Parsing X.509 certificates, and RSA and ECC keys is important to do correctly. In fact, vulnerabilities come from not checking the validity of the encoding correctly! Reading outside the encoded data can result in crashing of your application or […]
Read MoreMore TagHow to build a smaller wolfSSL library when used with cURL?
The size of software builds can often be a concern for developers, particularly in embedded systems or other resource-constrained environments. Recently, a change was made to the wolfSSL library that has resulted in smaller build sizes when used with the popular cURL library. The change in question was made in a pull request to the […]
Read MoreMore TagwolfSentry Protecting the CAN bus
The CAN bus is becoming ubiquitous in vehicle and factory automation the world over. The devices it connects are becoming more powerful and more connected to the outside world. As such security for the devices on this bus is becoming more and more important. In a previous post we mentioned that we have provided an […]
Read MoreMore TagwolfSSHd on Windows
Are you looking for an excellent Windows SSHd service? wolfSSL is adding Windows support for our SSHd implementation! This allows for running wolfSSHd as a service in Windows 10 and newer environments, handling SFTP, SCP and shell connections. If you have any questions or run into any issues, contact us at facts@wolfssl.com, or call us […]
Read MoreMore TagHow to Use SECO with wolfSSL
On i.MX8 devices there is a SECO (https://www.nxp.com/docs/en/application-note/AN12906.pdf) hardware module available for heightened security. This module handles AES operations, limited ECC operations, key storage, and provides a RNG. wolfSSL has long since been expanded to make use of the SECO where possible. A full step by step guide for building wolfSSL and setting up Linux […]
Read MoreMore TagDelta Firmware Updates with wolfBoot
A quite unique feature of wolfBoot is the possibility to update the firmware using signed incremental updates. The mechanism relies on a delta algorithm that produces a small update package. Instead of transferring the entire binary image of the firmware update, incremental updates only contain the binary difference with the previous version. Distributing a new […]
Read MoreMore TagTLS 1.3 IoT-SAFE with wolfSSL
IoT-SAFE, IoT SIM Applet For Secure End-to-End Communication, is a standard mechanism, based on the use of SIM cards (both physical SIM and ESIM) as Root-of-Trust to secure applications and services running on embedded systems connected through the mobile network. IoT-SAFE is standardized and promoted by GSMA, and is currently being implemented in the mobile market […]
Read MoreMore TagEntrust’s Cybersecurity Institute Podcast on Post-Quantum Cryptography’s Impact on Constrained Devices
Are you a thought leader in the world of embedded devices? If so, you will need to make yourself aware of the coming impacts of post-quantum cryptography and how it will affect the various industries and verticals that you participate in. Have a listen to Entrust’s Cybersecurity Institute’s second episode of the their post-quantum podcast […]
Read MoreMore Tag