RECENT BLOG NEWS

So, what’s new at wolfSSL? Take a look below to check out the most recent news.
Or sign up to receive weekly email notifications containing the latest news from wolfSSL.
In addition, wolfSSL now has a support-specific blog page dedicated to answering some of the more commonly received support questions.

wolfSSL Cube pack for STM32 is now available!

The wolfSSL embedded SSL/TLS library has support for several of the STM32 microcontrollers and for the hardware-based cryptography and random number generator offered by them as well.

Our most recent update is that wolfSSL now offers support for Cube pack for STM32, adding on to previous support for the STM32 Standard Peripheral Library as well as the Cube HAL (Hardware Abstraction Layer). wolfSSL also maintains and makes available an STM32Cube Expansion Package for wolfSSL to make it easy for users to pull wolfSSL directly into STM32CubeMX and STM32CubeIDE projects. To check out specific support for ST microcontrollers read below.

Don’t forget to check out our STM32CubeMXv6 Partner Webinar hosted by engineer David Garske on October 1st! Stay tuned for more information.

wolfSSL STM Support

The wolfSSL and wolfCrypt library support the following STM microcontrollers:

  • STM32 F-Series: STM32F1, STM32F2, STM32F4, STM32F7
  • STM32 L-Series: STM32L4, STM32L5
  • STM32 H-Series: STM32H7
  • STM32 WB-Series: STM32WB55
  • STM32 G-Series: STM32G0

For STM32 Microcontrollers that have hardware crypto acceleration we fully support it.

  • RNG Hardware:
    • All of the STM32’s support hardware based RNG.
  • PKA Hardware Acceleration for ECC:
    • STM32WB55 and STM32L562.
  • AES ECB/CBC/GCM:
    • STM32F437, STM32H753, STM32F777, STM32H753, STM32L4A6, STM32WB55
  • SHA256:
    • STM32F437, STM32F777, STM32H753, STM32L4A6, STM32L552

Downloading Cube Pack Bundle

The STMCubeIDE and STM32CubeMX tools enable quick adoption of the wolfSSL library using the Cube Pack bundle, which can be downloaded here:
https://www.wolfssl.com/files/ide/I-CUBE-WOLFSSL-WOLFSSL.pack

To install the pack:

  1. Run the “STM32CubeMX” tool.
  2. Under “Manage software installations” click “INSTALL/REMOVE” button.
  3. From Local and choose “I-CUBE-WOLFSSL-WOLFSSL.pack”.

To create a Cube project with wolfSSL:

  1. Create or open a Cube Project based on your hardware.
  2. Under “Software Packs” choose “Select Components”.
  3. Find and check all components for the wolfSSL.wolfSSL packs (wolfSSL / Core, wolfCrypt / Core and wolfCrypt / Test). Close
  4. Under the “Software Packs” section click on “wolfSSL.wolfSSL” and configure the basic parameters.
  5. For Cortex-M recommend “Math Configuration” -> “Single Precision Cortex-M Math”
  6. Generate Code

For more information on the pack see:
https://github.com/wolfSSL/wolfssl/tree/master/IDE/STM32Cube

STM32 Benchmarks

A full list of STM32 benchmarks can be found here:
https://github.com/wolfSSL/wolfssl/tree/master/IDE/STM32Cube/STM32_Benchmarks.md

STM32F777 Cortex-M7 at 216 MHz:

Symmetric AlgorithmSoftware (MB/s)Accelerated (MB/s)
AES-CBC-1281.0068.350
AES-GCM-1280.0416.494
SHA-2561.7823.467
Asymmetric AlgorithmSoftware (ops/sec)Accelerated (ops/sec)
SP Math Cortex-M
RSA 2048 public20.61952.529
RSA 2048 private0.3601.585
DH 2048 key gen2.0233.279
DH 2048 agree1.0723.292
ECC 256 key gen0.917130.000
ECDHE 256 agree0.91759.821
ECDSA 256 sign0.90668.359
ECDSA 256 verify1.36735.468

STM32L562E Cortex-M33 at 110 MHz

Symmetric AlgorithmSoftware (MB/s)Accelerated (MB/s)
AES-CBC-1280.1214.468
AES-GCM-1280.0083.662
SHA-2560.1361.855
Asymmetric AlgorithmSoftware (ops/sec)Accelerated (ops/sec)
SP Math Cortex-M
Accelerated (ops/sec)
ST PKA ECC
RSA 2048 public9.20818.08318.083
RSA 2048 private0.1550.5260.526
DH 2048 key gen0.8331.1291.129
DH 2048 agree0.4111.1281.128
ECC 256 key gen0.66135.60810.309
ECDHE 256 agree0.66116.57510.619
ECDSA 256 sign0.65221.91220.542
ECDSA 256 verify1.01410.59110.667

Additional STM32 Benchmarks

A full list of STM32 benchmarks can be found here:
https://github.com/wolfSSL/wolfssl/tree/master/IDE/STM32Cube/STM32_Benchmarks.md

About STMicroelectronics

At ST, we are 46,000 creators and makers of semiconductor technologies mastering the semiconductor supply chain with state-of-the-art manufacturing facilities. An independent device manufacturer, we work with our 100,000 customers and thousands of partners to design and build products, solutions and ecosystems that address their challenges and opportunities, and the need to support a more sustainable world. Our technologies enable smarter mobility, more efficient power and energy management, and the wide-scale deployment of the Internet of Things and 5G technology.

In 2019, the Company’s net revenues were $9.56 billion. Find out more at www.st.com.

References

wolfSSL Product Page
STM32 Product Page
STM32F2 Standard Peripheral Library Documentation
ST STM32CubeMX

Check out the wolfSSL embedded SSL/TLS library, star us on Github, and learn more about the latest TLS 1.3 is available in wolfSSL. Contact us at facts@wolfssl.com with any questions, or to get help with using wolfSSL in your STM32-based project!

wolfCrypt FIPS 140-3 Status Update (#FIPS)

wolfSSL is working hard with our lab to make wolfCrypt be the first cryptography library to have FIPS 140-3 validation. We are very excited about the changes that are a part of FIPS 140-3. We can fit our FIPS validated library into just about any embedded operating environment.

wolfSSL currently maintains two FIPS 140-2 certificates for the wolfCrypt Cryptographic Module: #2425 and #3389. Certificate #3389 includes algorithm support required for TLS 1.3 and can be used in conjunction with the wolfSSL embedded SSL/TLS library for full TLS 1.3 client and server support. wolfSSL intends to continue to serve our customers by taking wolfCrypt through the FIPS 140-3 validation process.

Please send us an email at fips@wolfssl.com, or visit our FIPS 140 webpage for more information on our FIPS 140-3 status, or existing FIPS 140-2 validations.

Upcoming Webinar: Getting Started with wolfSSH

Do you want to learn more about wolfSSH? Join us for our upcoming webinar with wolfSSL engineer, John Safranek, to cover the basics of wolfSSH!

The wolfSSH library is a lightweight client and server library written in ANSI C and targeted for embedded, RTOS, and resource-constrained environments – primarily because of its small size, speed, and feature set. wolfSSH is built for maximum portability, and is generally very easy to compile on new platforms. wolfSSH supports the industry standard SSHv2 and offers progressive ciphers such as Poly1305, ChaCha20, NTRU, and SHA-3. Plus, it can be FIPS validated!

If you’re not using wolfSSH yet, join us to learn what you’re missing!

When: Aug 19, 2020 10:00 AM Pacific Time (US and Canada)
Topic: Webinar: Getting started with wolfSSH

Register in advance for this webinar:
https://us02web.zoom.us/webinar/register/WN_oI29EeJcSXWhFJo4j0WA0A

After registering, you will receive a confirmation email containing information about joining the webinar.

Please contact us at facts@wolfssl.com with any questions about the webinar and for technical support, please contact support@wolfssl.com or view our FAQ page. As always, there will be a Q&A session following the live presentation. We look forward to seeing you there!

Additional Resources
In the meanwhile, check out the wolfSSL embedded SSL/TLS library, star us on Github, and learn more about the latest TLS 1.3 is available in wolfSSL.

wolfSSL working on first embedded ACVP project

FIPS 140-2 requirements for CAVP testing have been deprecated in favor of the cutting edge ACVP test requirements! wolfSSL is currently working on (to our knowledge) the first ever embedded validation that will use the new ACVP test requirements!

References
https://csrc.nist.gov/Projects/Automated-Cryptographic-Validation-Testing
https://github.com/usnistgov/ACVP

If you would like to know more or have any questions please contact us at fips@wolfssl.com or support@wolfssl.com!

Upcoming Webinar: Why cURL is used in IoT devices

Join us for our upcoming webinar with cURL Founder and Engineer at wolfSSL Inc., Daniel Stenberg, on the use of cURL in IoT devices.

Register Here: Zoom Registration for Webinar
Date/Time: August 5, 2020 (Wednesday) 04:00 PM in Osaka, Sapporo, Tokyo

After registration, you will receive a confirmation email regarding your participation in the webinar.

cURL is used by web developers around the world and has started to play an active role in many IoT devices. Daniel Stenberg, lead developer of cURL, explains why cURL is the preferred choice for resource-constrained embedded devices. We will also talk about cURL user support provided by wolfSSL.

We look forward to seeing you there!

Contact Information
Please contact us at info@wolfssl.jp with any questions about the webinar. As always, there will be a Q&A session following the live presentation.

Additional Resources
In the meanwhile, check out the wolfSSL embedded SSL/TLS library, star us on Github, and learn more about the latest TLS 1.3 is available in wolfSSL. To learn more about wolfSSL support for cURL click here or check out Daniel Stenberg’s personal blog on cURL.

Upcoming Webinar: cURL: How to Make Your First Code Contribution

We are thrilled to announce our upcoming webinar on cURL: How to Make Your First Code Contribution with cURL founder and maintainer, Daniel Stenberg! Get your questions about cURL answered at this brand new webinar!

cURL is a wildly popular and well-used open source tool and library, and is the result of more than 2,200 named contributors out of which almost 800 wrote at least one commit.

In this presentation, cURL’s lead developer Daniel Stenberg talks about how any developer can proceed in order to get their first code contribution submitted and ultimately land in the curl git repository including how to approach code and commits, style, editing, pull-requests, and using GitHub etc. After you’ve seen this, you’ll know how to easily submit your improvement! To learn more about cURL, join us for this webinar!

When: Aug 13, 2020 10:00 AM Pacific Time (US and Canada)
Topic: Webinar: cURL: How to Make Your First Code Contribution

Register in advance for this webinar:
https://us02web.zoom.us/webinar/register/WN_poAshmaRT0S02J7hNduE7g

After registering, you will receive a confirmation email containing information about joining the webinar.

Please contact us at facts@wolfssl.com with any questions about the webinar and for technical support, please contact support@wolfssl.com or view our FAQ page. As always, there will be a Q&A session following the live presentation.

Additional Resources
In the meanwhile, check out the wolfSSL embedded SSL/TLS library, star us on Github, and learn more about the latest TLS 1.3 is available in wolfSSL. To learn more about wolfSSL support for cURL click here or check out Daniel Stenberg’s personal blog on cURL!

wolfSSL at Black Hat USA 2020 – Virtual Event!

wolfSSL is excited to participate as a sponsor for the first ever virtual Black Hat USA!!! Come visit wolfSSL at Black Hat USA August 1-6 in Pacific Daylight Time (UTC?07:00).

Register with the link to get your FREE Business Hall Pass:
https://www.blackhat.com/us-20/registration.html

Come and talk to one of our experts on TLS 1.3, embedded security, embedded SSL/TLS, Secure Boot, MQTT, SSH, TPM 2.0, curl + tiny-curl, FIPS, DO-178, MISRA and more. We’ve got the best-tested crypto on the market and the best security without sacrificing performance. Ask to see our benchmarks!

Stop by to hear more about the wolfSSL embedded SSL/TLS library, the wolfCrypt encryption engine, meet the wolfSSL team, and have all your crypto questions answered. We can’t wait to “see” you!

For more information about wolfSSL, our products, or future events, please contact facts@wolfssl.com.

More information about Black Hat USA 2020 can be found here: https://www.blackhat.com/us-20/

Azure Sphere partners with wolfSSL to provide premier client TLS support

Now, with the Azure Sphere OS 20.07 release, Microsoft has licensed and exposed a subset of wolfSSL, the first commercial implementation of TLS 1.3, for use on Azure Sphere devices. This strategic pairing allows software developers to create client TLS connections directly using the Azure Sphere SDK. Software developers no longer need to package their own TLS library for this purpose. Utilizing the best-tested, high-performance wolfSSL TLS support in Azure Sphere can save device memory space and programming effort, freeing developers to build new, cutting-edge IoT solutions.

Microsoft Azure Sphere and wolfSSL have been long-time partners, striving for the very best in security. The Azure Sphere OS has long used wolfSSL for TLS connections to Microsoft Azure services. Azure Sphere also uses wolfSSL’s versatile technology to enable secure interactions from developer apps to customer-owned services.

Partnerships with embedded security leaders like wolfSSL play an important role in Azure Sphere’s mission to empower every organization to connect, create, and deploy highly secured IoT devices. The unique Azure Sphere approach to security is based on years of vulnerability research, the findings of which Microsoft published in the seminal paper “Seven Properties of Highly Secure Devices.” These seven properties are the minimum requirement for any connected device to be considered highly secured. Azure Sphere implements all seven properties, providing a robust foundation for IoT devices. This level of consideration is not lost on an engineering team like wolfSSL’s, known for producing the best-tested crypto on the market and consistently supporting the latest developments in TLS protocol, like TLS 1.3.

Azure Sphere can be used with any customer cloud service, not just Microsoft’s own Azure. By providing a highly secured ecosystem, Microsoft and wolfSSL make security features more accessible and easier to use and can extend unmatched security to new frontiers in IoT where security has historically been sparse.

For information on how to use these wolfSSL APIs on Azure Sphere, please reference the Azure Sphere documentation on wolfSSL. We will be publishing a sample to go along with this, available at a later date. Check back here—we will update this post with the link to the sample once it is available.

If you have any questions, contact Microsoft at AzCommunity@microsoft.com or wolfSSL at facts@wolfSSL.com.

Upcoming Webinar: Testing and Security Vulnerability

We are excited to announce our upcoming webinar on Testing and Security Vulnerability with wolfSSL engineer, Kaleb Himes! We’ll explore vulnerabilities, why testing is a mission, the testing lifecycle and why wolfSSL is the best! This webinar may be a useful resource for learning more about how wolfSSL is tested and how security vulnerabilities are determined and addressed in record time.

When: Aug 6, 2020 09:00 AM Pacific Time (US and Canada)
Topic: Webinar: Testing and Security Vulnerability

Register in advance for this webinar:
https://us02web.zoom.us/webinar/register/WN_1dGaIH8TSqC-3ioO59SyCA

After registering, you will receive a confirmation email containing information about joining the webinar.
We look forward to seeing you there!

Please contact us at facts@wolfssl.com with any questions about the webinar and for technical support, please contact support@wolfssl.com or view our FAQ page. As always, there will be a Q&A session following the live presentation.

Additional Resources
In the meanwhile, check out the wolfSSL embedded SSL/TLS library, star us on Github, and learn more about the latest TLS 1.3 is available in wolfSSL.

For security and vulnerability information and details, please visit our known vulnerabilities page. This page also includes details on well known CVE’s and how or if they affect wolfSSL products.

Renesas RX72N Envision Kit Supported!

We are exited to announce wolfSSL‘s support for the Renesas RX72N Envision Kit with TSIP v1.09. The RX72N MCU is the flagship model of RX series, using a 32-bit RX72N 240 MHz microcontroller. The board just entered the market this spring and wolfSSL can now support secure connections on it via TLS!

If you have an interest in using wolfSSL with this MCU or the RX72N Envision Kit, we encourage you to give it a try with one of our sample applications.

wolfSSL provides TLS source code, sample programs, and project files that make your evaluation quick and easy. Our wolfCrypt benchmark sample application shows the performance of cryptography operations accelerated by the H/W accelerator (TSIP) and allows for an easy comparison to software cryptography performance.

Sample Applications Provided

  1. Cryptography test
  2. Cryptography benchmark
  3. TLS Client
  4. TLS Sever
  5. Linux server application which can communicate with #3

Board and Environment Support

Board: Renesas RX72N Envision Kit (R5F572NNHxFB)
IDE: Renesas e2Studio v7.8.0
Compiler: CCRX Tool Chain V.3.02.00
TSIP: V.1.09

Benchmarks

Here are the benchmark results gathered during testing, comparing algorithm performance with and without TSIP.

AlgorithmPerformance (TSIP accelerated)Performance (Software-only, no TSIP)Acceleration Ratio
Random Number Generation3.826MB/s831KB/sx4.6
AES-128-CBC-Enc4.88MB/s1.62MB/sx3.0
AES-128-CBC-Dec4.67MB/s1.53MB/sx3.0
AES-256-CBC-Enc4.71MB/s1.38MB/sx3.4
AES-256-CBC-Dec4.49MB/s1.31MB/sx3.7
AES-128-GCM-Enc4.35MB/s749KB/sx5.8
AES-128-GCM-Dec4.29MB/s748KB/sx5.7
AES-256-GCM-Enc4.25MB/s692KB/sx6.1
AES-256-GCM-Dec4.21MB/s692KB/sx6.1
SHA30.08MB/s5.52MB/sx5.4
SHA25634.54MB/s1.82MB/s x18.9
HMAC-SHA29.44MB/s5.48MB/sx5.4
HMAC-SHA256 33.74MB/s1.81MB/sx18.6

Resources

wolfSSL package including this RX72N Envision Kit support, is available from the wolfssl repository on GitHub:

https://github.com/wolfSSL/wolfssl/archive/master.zip

Unzip the package then refer to “wolfssl-master/IDE/Renesas/e2studio/RX72NEnvisionKit/README” for more details.

The README describes how to build and execute the sample programs.

Support

For more information, please contact facts@wolfssl.com.

Posts navigation

1 2 3 4 5 6 118 119 120

Weekly updates

Archives

Latest Tweets