What is CT (Certificate Transparency)? Certificate Transparency is from RFC 6962 and is an extension on certificates to create a Merkle Tree (hash tree like with blockchain). The purpose of the tree is to help spot misuses of certificates and to provide a public way to audit the log of certificates issued. It was first […]
Read MoreMore TagAuthor: Kajal Sapkota
OpenWrt switches wolfSSL to default SSL library
If you pop over to the OpenWrt project site, you’ll stumble upon some excellent news: “TLS support is now provided by default in OpenWrt images including the trusted CA certificates from Mozilla. It means that wget and opkg now support fetching resources over HTTPS out-of-the-box. The opkg download server is accessed through HTTPS by default. […]
Read MoreMore TagwolfSentry vs Suricata
With our new release of wolfSentry people might wonder how it compares to Suricata. Suricata is an open source IDS / IPS / NSM engine. While it seems that Suricata is in rivalry with wolfSentry, our embedded IDPS; they actually have a synergy, it would make sense for sophisticated users to deploy both of them. […]
Read MoreMore TagwolfSSL and MIKEY-SAKKE
wolfSSL is implementing MIKEY-SAKKE! MIKEY-SAKKE is a standard created by the UK government’s National Cyber Security Center (NCSC). MIKEY-SAKKE is a standard designed to enable secure, cross-platform multimedia communications. It is highly scalable, requiring no prior setup between users or distribution of user certificates. It is designed to be centrally-managed, giving a domain manager full […]
Read MoreMore TagSecure wolfMQTT SN with wolfSSL DTLS
The sensor network sub-specification of MQTT does not designate a method for securing the communication between the clients and the gateway. We here at wolfSSL think that is unacceptable! Using the DTLS library of wolfSSL, we would like to protect the sensor data all the way from the client to the gateway, and then from […]
Read MoreMore TagMQTT Embeddable Broker
Stay tuned for an MQTT embeddable broker coming soon. We are going to be expanding our wolfMQTT library to include a lightweight, embeddable broker. The wolfMQTT embedded broker will allow for a low cost, low power, MQTT enabled network, all implemented in a C-based library. wolfMQTT secures MQTT communication using the wolfSSL embedded SSL/TLS library […]
Read MoreMore TagACVP and FIPS 140-3
As many in the FIPS world are aware NIST retired CAVP (Cryptographic Algorithm Validation Protocol) testing on June 30th of 2020, permanently replacing CAVP with ACVP (Automated Cryptographic Validation Protocol), also referred to as ACVTS (Automated Cryptographic Validation Test System). In order to prepare for this transition NIST offered a “demo server” that Vendors like […]
Read MoreMore TagwolfSSL Examples Repository
From the early days of the wolfSSL library, we have provided example clients and servers with wolfSSL. These examples have shown how easy it is to use wolfSSL in various configurations. We also use them to help test the library. Over the years we’ve added new features available with TLS to our examples, and our […]
Read MoreMore TagwolfTPM brings TPM Physical Presence and IO Support to Embedded Systems
We see a continuing adoption of wolfTPM and TPM 2.0 modules in IoT and Edge embedded systems. In addition, there is a new trend of adding wolfTPM to safety-critical systems, such as aerospace and medical products. For many years, there was no TPM 2.0 stack designed for baremetal and RTOS systems and wolfTPM changed this. […]
Read MoreMore TagSSL/TLS and Cryptography Benchmarks
Some of our users have been wondering if we were doing benchmarks of our SSL/TLS and cryptography performance. Here are the results we have gathered so far: wolfSSL / wolfCrypt Benchmarking. This page includes several reference benchmarks as well as comparisons of software versus hardware cryptography. If you have any questions or run into any issues, […]
Read MoreMore Tag