RECENT BLOG NEWS

If you are using or thinking about using the wolfSSL lightweight SSL/TLS library in your application or project, it’s oftentimes helpful to get a general overview of some of the terms and types which are used in a simple wolfSSL connection. Below we have included a general summary of these types. 1) socket: wolfSSL uses […]

Dark Reading has a nice overview article covering IoT security issues.  See:  http://www.darkreading.com/vulnerabilities—threats/thingularity-triggers-security-warnings/d/d-id/1141587

Issue #1 (Memory  Corruption)CVE-ID:  CVE-2014-2896Product: CyaSSLVendor: wolfSSL Inc.Affected Versions: CyaSSL 2.9.0 and previous versionsVulnerability Type:  Improper Input Validation (CWE-20) Description: The TLS and DTLS implementations in wolfSSL CyaSSL before 2.9.4 lack a buffer length check in DoAlert(), possibly allowing an attacker to set the read index by up to 2 bytes past the length of […]

Release 2.9.4 includes important Security Fixes for issues found by Ivan Fratric of the Google Security Team and Suman Jana with security researchers at UT Austin and UC Davis.  CVE details to be posted today for issues with memory corruption, null pointer deference, out of bound read, and unknown certificate extensions.  All users should upgrade […]

A recently-discovered bug in OpenSSL’s implementation of the TLS Heartbeat Extension makes it possible for malicious attackers to potentially recover the private keys and sensitive data that should normally be secured by SSL/TLS. The vulnerability has been recorded as CVE-2014-0160. The purpose of this note is not to gloat over a competing projects problems, as […]

If you missed our recent presentation at FOSDEM, we just put our slide deck up online at the following URL: https://speakerdeck.com/wolfssl/wolfssl-year-in-review wolfSSL made significant progress in 2013 towards bringing the community a more usable, feature-rich, and better supported library for use in an ever-growing range of platforms and environments. These slides (and talk) provides an […]

The new release of wolfSSL, v2.9.0, is now ready to download from our website. New features include: Platforms: – Freescale Kinetis * RNGB support (K53 Sub-Family Reference Manual, Chapter 33) * mmCAU support (ColdFire/ColdFire+ CAU and Kinetis mmCAU Software Library User Guide) – Microchip * MPLAB Harmony support TLS Extensions: – Supported Curves – Secure […]

We are back to talk about TLS extensions again. Today we present the addition of Supported Elliptic Curves on wolfSSL! RFC 4492 introduces five new ECC-based key exchange algorithms for TLS: ECDH_ECDSA, ECDHE_ECDSA, ECDH_RSA, ECDHE_RSA and ECDH_anon. However, it may be desirable in constrained environments to only support a limited number of curves. When a […]

Hi!  Do you need OCSP (Online Certificate Status Protocol) in wolfSSL?  We added OCSP as a wolfSSL feature back in 2011.  At this point it is well tested by our users and well into the deployment phase.  More information on the protocol is available here:  http://www.ietf.org/rfc/rfc2560.txt.  The gist of the feature is that a client […]

Hi!  If you`re interested in smart grid security, and specifically the security required when connecting an electric car to the smart grid, this post is for you! wolfSSL has recently been supporting the development efforts of eNterop (as of 26 March 2018 at 9:30m MDT, this link no longer works and has no alternative), which is […]