RECENT BLOG NEWS
Or sign up to receive weekly email notifications containing the latest news from wolfSSL.
In addition, wolfSSL now has a support-specific blog page dedicated to answering some of the more commonly received support questions.
Are you developing for Android? If so, we have recently created an Android NDK package for the wolfSSL Embedded SSL library. Using this package as a guide, you should be able to easily integrate the native wolfSSL library into your Android application for either SSL or cryptography use.
wolfSSL supports the current SSL standards up to TLS 1.2 as well as a long list of ciphers (which can be used individually by your application as well), and is dual licensed under both the GPLv2 as well as a standard commercial license. For a full list of features of the wolfSSL embedded SSL library, please see the product page, here: wolfSSL Product Page.
The wolfSSL NDK contains the wolfSSL library as well as a sample application that runs through tests of the CTaoCrypt crypto library. You can find the NDK package at the following GitHub repository: https://github.com/cconlon/cyassl-android-ndk.
Let us know what you think at email@example.com. We welcome your feedback and constructive criticism to make our package better.
– Team yaSSL
Some of you may be familiar with the TLS 1.2 signature_algorithm extension, and might be curious if wolfSSL supports it. The signature_algorithm extension is found in section 188.8.131.52.1 RFC5246 (http://tools.ietf.org/html/rfc5246#section-184.108.40.206.1), and is a hello extension of type supported_signature_algorithms. The purpose of this extension is to allow clients to indicate to the server which signature/hash algorithm pairs may be used in digital signatures. If the client supports the default algorithms, the client is not required to send this extension.
wolfSSL supports the default algorithms, and as such, the wolfSSL client does not support this extension. The wolfSSL server will accept this extension if received from a client, but currently doesn’t do anything with the response it receives. This is something that will most likely be added to wolfSSL in the future when more clients and servers start using non-default extension algorithms.
If you have any questions about wolfSSL, or would like more information, please let us know at firstname.lastname@example.org.
Are you currently using wolfSSL in your open source, community, or hobby project? If so, we’d love to hear about what you’ve done so far and what your plans are for the future. yaSSL is dedicated to helping community-based projects who are using the wolfSSL embedded SSL library or the yaSSL Embedded Web Server. Let us know about your project at email@example.com and we’ll put you up on our Community page.
To access and download our most recent wolfSSL source code, please visit our project page on GitHub, here. As always, please feel free to contact us with any questions you might have regarding our products.
You may have not realized it, but wolfSSL is very popular for game development, and is in use in millions of games.
1. Experienced: The yaSSL team has been supplying game developers with an efficient, portable SSL Stack for years.
2. Small: Our code size is small. We won`t bog down your game.
3. Portable: We run on all the major gaming consoles/platforms and some of the minor ones.
4. Scalable: Building a MMPORG and require security? We have experience helping with that too. wolfSSL won`t consume all of your server`s memory.
5. Streaming media: wolfSSL was built with securing streaming media in mind.
Let us know if you have questions. If you are a game developer and would like to speak with our references in the gaming industry, just email us at firstname.lastname@example.org.
One predominant question we get asked frequently is what are the build size and runtime memory usage of the wolfSSL embedded SSL library. Hopefully this post will help clear things up.
Firstly, wolfSSL was built from the ground up to be optimized for embedded and resource-constrained devices and environments. As such, we have kept a close eye on keeping our SSL library small while still providing the features our users want and need.
Build sizes (compiled binary size) for wolfSSL range between 30-100kB depending on build options and the compiler being used. Typically on an embedded system, build sizes will be around 60kB. This size will include a full-featured TLS 1.2-compliant client and server. For details on build options, please see Chapter 2 of the wolfSSL Manual.
Looking at runtime memory usage, wolfSSL will generally consume somewhere between 5-50kB (average is around 3kB). The runtime RAM usage per connection will vary depending the size of the input/output buffers being used. For example, with standard 16kB buffers, the total runtime memory usage of wolfSSL with a single connection would be 3kB + 16kB + 16kB = 35kB.
Do you want to install a HTTPS-capable web server on your Apple TV? If so, continue reading below to find out how the open source yaSSL Embedded Web Server can easily be installed on the second generation Apple TV.
Following our port of wolfSSL to the second generation Apple TV, our next step was to get the yaSSL Embedded Web Server running on the Apple TV. Having a web server running on the Apple TV brings with it many benefits including the ability to host a website from a very small, energy-efficient, discreet, and quiet device.
If you missed our post on porting wolfSSL to the Apple TV, you can read it here: Running wolfSSL on the Apple TV 2. If you would like to install the yaSSL Embedded Web Server on your Apple TV with HTTPS support, follow the instructions in our previous post prior to installing yasslEWS. Note that you will need to build wolfSSL with either the –enable-opensslExtra or –enable-webServer build option.
1. Jailbroken second generation Apple TV (we leave this step for you to do)
2. wolfSSL installed on Apple TV for HTTPS support (see link above)
1. Compiling the Web Server
In order to easily compile the yaSSL Embedded Web Server for iOS (specifically the Apple TV), we added a new target to the makefile. You can download our updated yasslEWS makefile, here: Updated yasslEWS iOS Makefile.
After placing the new Makefile in your yasslEWS directory, simply run the following command. This will build yasslEWS for iOS and the ARM architecture.
1. Web Server Installation
After compiling the web server, move the application and configuration file to the Apple TV using your favorite FTP client. We chose to place the yaSSL Embedded Web Server in the following location on the Apple TV.
1. Running the Web Server
If you followed our previous instructions on installing wolfSSL on the Apple TV, the wolfSSL libraries should be located at “/usr/local/cyassl_atv2”. To make sure the loader can find them, you’ll need to set the path:
Then, to start the web server with both insecure (HTTP) and secure (HTTPS) ports, issue the following command. Keep in mind that you can set runtime options either on the command line during startup or in the configuration file (yasslEWS.conf). The yaSSL Embedded Web Server will automatically load the configuration file name “yasslEWS.conf” if present in the same directory as the executable. For a list of config options, use the “./yasslEWS -h” command.
./yasslEWS -s server.pem -p 8080,8081s -e error.txt
1. Build Sizes
One of the great things about using wolfSSL and the yaSSL Embedded Web Server is that they have been designed and optimized to run on embedded devices – thus giving them an extremely small footprint. Below you can see the sizes on disk of the compiled wolfSSL library and yaSSL Embedded Web Server using the above methods for the Apple TV – a total disk footprint of 181 kB for both SSL and a web server!
122 kB Footprint
Full Feature Set
Standards up to the current TLS 1.2
yaSSL Embedded Web Server
Full Feature Set
For more information about the wolfSSL embedded SSL library or the yaSSL Embedded Web Server, please visit their respective product pages (wolfSSL, yaSSLEWS). yaSSL products are open source and dual licensed under both the GPLv2 as well as standard commercial licensing.
If you have any questions or comments, please let us know at email@example.com. We’re interested in hearing what you think!
The Apple TV brought with it a long list of desirable and useful features for the home – including high usability, a small form factor, easy setup, and low cost. We here at yaSSL are users and fans of the second generation Apple TV, and as such, recently ported the wolfSSL embedded SSL library to the Apple TV 2. We were quite surprised by how easy it was to get wolfSSL up and running.
The Apple TV 2 runs iOS with the Apple A4 (ARM Cortex-A8) processor and is equipped with 256 Mb of RAM and a 8GB flash drive, giving it more than enough space and speed to effectively run wolfSSL.
1. Jailbreak your Apple TV
Installation of wolfSSL onto the Apple TV requires that the TV be jailbroken first. There are any number of readily-accessible posts around the internet explaining this process, therefore, we will leave this step up to you.
1. Cross compile wolfSSL for iOS and ARM
For this step, we used a modified version of a script written by Michael Aaron Safyan to cross compile libraries for iOS. You can find our modified version of the script for iOS 4.3 and the armv7 architecture, here: Cross Compile Script. This script uses the ARM toolchain from the iOS Developer tools that come with the iPhone SDK. It sets environment variables, then runs wolfSSL’s normal ./configure script.
If you want to change the location where wolfSSL is installed, you can edit the script to adjust for your desired directory location. To build wolfSSL, place the cross compile script (iOS4.3-configure.sh) in the root directory of the wolfSSL download and run the following commands. This builds wolfSSL with the –enable-fastmath option.
sudo make install
If unaltered, this will install the cross-compiled wolfSSL library into /usr/local/cyassl_atv2.
1. Copy wolfSSL to the Apple TV
Use your favorite FTP client to upload the contents of the /usr/local/cyassl_atv2 directory to the same location on your second generation Apple TV. If desired, you can also copy additional wolfSSL elements to the Apple TV such as the CTaoCrypt benchmark utility, the wolfSSL testsuite, or examples. We chose to place these on the Apple TV under the /var/mobile/Applications/cyassl directory.
1. Benchmark Results
Our results of running the CTaoCrypt benchmark application are below:
AES 5 megs took 0.500 seconds, 9.99 MB/s
ARC4 5 megs took 0.174 seconds, 28.66 MB/s
RABBIT 5 megs took 0.126 seconds, 39.56 MB/s
3DES 5 megs took 2.196 seconds, 2.28 MB/s
MD5 5 megs took 0.163 seconds, 30.73 MB/s
SHA 5 megs took 0.137 seconds, 36.61 MB/s
SHA-256 5 megs took 0.309 seconds, 16.20 MB/s
RSA 1024 encryption took 1.12 milliseconds, avg over 100 iterations
RSA 1024 decryption took 17.81 milliseconds, avg over 100 iterations
DH 1024 key generation 11.90 milliseconds, avg over 100 iterations
DH 1024 key agreement 11.22 milliseconds, avg over 100 iterations
If you have any questions or comments about our port to the Apple TV, please let us know at firstname.lastname@example.org. We’d be happy to hear what you think!
Most of the focus of wolfSSL has been towards the embedded world, emphasizing small size, speed, and low memory use. Ironically, these attributes also make wolfSSL ideal for scaling on a huge magnitude. Other libraries often run into problems when trying to scale to hundreds of thousands of connections for applications like load balancing or cloud services. We have users doing just that.
If you`d like to try wolfSSL in a highly scaled environment, drop us a line, we`re eager to help and explore performance options with you.
With release candidate 2, the full 2.0 version of wolfSSL is drawing near. We have chosen to put out several release candidates for wolfSSL 2.0 because of the volume of new features that were added combined with the number of bugs that are fixed in this release.
We would like to invite any interested developers and users to download and test wolfSSL 2.0 RC2 and let us know what you find. This will help speed up the release process, and hopefully turn up some bugs that we can fix before the final release. For testing, you can download the most recent version of wolfSSL 2.0 RC2 from our GitHub page, here:
Instructions for building wolfSSL can be found in the wolfSSL Manual, Chapter 2, titled “Building wolfSSL”. With RC2, we have also updated our documentation. If you find any documentation mistakes, or have suggestions in how we can improve, please let us know. Updated documentation can be found on our Docs page.
Please send any feedback, questions, or comments to email@example.com, or post to our support forums .
Thanks for your help!
Recently we’ve been working on enhancing and expanding our documentation and focusing on making it more useful for our users. One of the things that we recently released is an API Reference for the wolfSSL embedded SSL library. The wolfSSL API reference is available both online and in the wolfSSL Manual PDF. You can find it online, here:
wolfSSL API Reference (Chapter 17, wolfSSL Manual)
Please let us know what you think, and if you have any suggestions for further improvement in the wolfSSL documentation. You can email us at firstname.lastname@example.org with any questions or suggestions.
- July 2019 (3)
- June 2019 (13)
- May 2019 (35)
- April 2019 (32)
- March 2019 (20)
- February 2019 (10)
- January 2019 (16)
- December 2018 (24)
- November 2018 (11)
- October 2018 (18)
- September 2018 (18)
- August 2018 (8)
- July 2018 (15)
- June 2018 (29)
- May 2018 (15)
- April 2018 (11)
- March 2018 (19)
- February 2018 (6)
- January 2018 (11)
- December 2017 (5)
- November 2017 (12)
- October 2017 (7)
- September 2017 (8)
- August 2017 (6)
- July 2017 (11)
- June 2017 (8)
- May 2017 (10)
- April 2017 (5)
- March 2017 (7)
- February 2017 (1)
- January 2017 (8)
- December 2016 (3)
- November 2016 (2)
- October 2016 (18)
- September 2016 (8)
- August 2016 (5)
- July 2016 (4)
- June 2016 (11)
- May 2016 (4)
- April 2016 (5)
- March 2016 (4)
- February 2016 (12)
- January 2016 (6)
- December 2015 (4)
- November 2015 (6)
- October 2015 (6)
- September 2015 (5)
- August 2015 (8)
- July 2015 (7)
- June 2015 (9)
- May 2015 (1)
- April 2015 (4)
- March 2015 (13)
- January 2015 (6)
- December 2014 (7)
- November 2014 (3)
- October 2014 (2)
- September 2014 (11)
- August 2014 (6)
- July 2014 (9)
- June 2014 (11)
- May 2014 (11)
- April 2014 (9)
- March 2014 (3)
- February 2014 (3)
- January 2014 (5)
- December 2013 (9)
- November 2013 (4)
- October 2013 (7)
- September 2013 (3)
- August 2013 (9)
- July 2013 (7)
- June 2013 (4)
- May 2013 (8)
- April 2013 (4)
- March 2013 (2)
- February 2013 (3)
- January 2013 (9)
- December 2012 (13)
- November 2012 (5)
- October 2012 (7)
- September 2012 (4)
- August 2012 (6)
- July 2012 (4)
- June 2012 (3)
- May 2012 (6)
- April 2012 (7)
- March 2012 (2)
- February 2012 (5)
- January 2012 (7)
- December 2011 (5)
- November 2011 (7)
- October 2011 (6)
- September 2011 (6)
- August 2011 (5)
- July 2011 (2)
- June 2011 (8)
- May 2011 (12)
- April 2011 (4)
- March 2011 (12)
- February 2011 (9)
- January 2011 (13)
- December 2010 (17)
- November 2010 (12)
- October 2010 (14)
- September 2010 (11)
- August 2010 (20)
- July 2010 (14)
- June 2010 (7)
- May 2010 (1)
- January 2010 (2)
- November 2009 (2)
- October 2009 (1)
- September 2009 (1)
- May 2009 (1)
- February 2009 (1)
- January 2009 (1)
- December 2008 (1)