RECENT BLOG NEWS

Dark Reading has a nice overview article covering IoT security issues.  See:  http://www.darkreading.com/vulnerabilities—threats/thingularity-triggers-security-warnings/d/d-id/1141587

Issue #1 (Memory  Corruption)CVE-ID:  CVE-2014-2896Product: CyaSSLVendor: wolfSSL Inc.Affected Versions: CyaSSL 2.9.0 and previous versionsVulnerability Type:  Improper Input Validation (CWE-20) Description: The TLS and DTLS implementations in wolfSSL CyaSSL before 2.9.4 lack a buffer length check in DoAlert(), possibly allowing an attacker to set the read index by up to 2 bytes past the length of […]

Release 2.9.4 includes important Security Fixes for issues found by Ivan Fratric of the Google Security Team and Suman Jana with security researchers at UT Austin and UC Davis.  CVE details to be posted today for issues with memory corruption, null pointer deference, out of bound read, and unknown certificate extensions.  All users should upgrade […]

A recently-discovered bug in OpenSSL’s implementation of the TLS Heartbeat Extension makes it possible for malicious attackers to potentially recover the private keys and sensitive data that should normally be secured by SSL/TLS. The vulnerability has been recorded as CVE-2014-0160. The purpose of this note is not to gloat over a competing projects problems, as […]

If you missed our recent presentation at FOSDEM, we just put our slide deck up online at the following URL: https://speakerdeck.com/wolfssl/wolfssl-year-in-review wolfSSL made significant progress in 2013 towards bringing the community a more usable, feature-rich, and better supported library for use in an ever-growing range of platforms and environments. These slides (and talk) provides an […]

The new release of wolfSSL, v2.9.0, is now ready to download from our website. New features include: Platforms: – Freescale Kinetis * RNGB support (K53 Sub-Family Reference Manual, Chapter 33) * mmCAU support (ColdFire/ColdFire+ CAU and Kinetis mmCAU Software Library User Guide) – Microchip * MPLAB Harmony support TLS Extensions: – Supported Curves – Secure […]

We are back to talk about TLS extensions again. Today we present the addition of Supported Elliptic Curves on wolfSSL! RFC 4492 introduces five new ECC-based key exchange algorithms for TLS: ECDH_ECDSA, ECDHE_ECDSA, ECDH_RSA, ECDHE_RSA and ECDH_anon. However, it may be desirable in constrained environments to only support a limited number of curves. When a […]

Hi!  Do you need OCSP (Online Certificate Status Protocol) in wolfSSL?  We added OCSP as a wolfSSL feature back in 2011.  At this point it is well tested by our users and well into the deployment phase.  More information on the protocol is available here:  http://www.ietf.org/rfc/rfc2560.txt.  The gist of the feature is that a client […]

Hi!  If you`re interested in smart grid security, and specifically the security required when connecting an electric car to the smart grid, this post is for you! wolfSSL has recently been supporting the development efforts of eNterop (as of 26 March 2018 at 9:30m MDT, this link no longer works and has no alternative), which is […]

2013 was an interesting year in the world of cryptography and computer security.  We have seen and mitigated against attacks such as Lucky13 and watched with interest as existing technologies such as Dual_EC_DRBG have become widely regarded as insecure.  wolfSSL has been happy to provide our users with timely fixes, suggestions, and new technologies to […]