Greetings! In this post we are covering Operational Environment’s (OE’s) we worked with this past year. These OE’s were validated under an OEM relationship where the company validating is licensed to resell the wolfCrypt FIPS product under their own brand name. wolfSSL was particularly excited about both of these projects as they display the great […]
Read MoreMore TagCategory: Uncategorized
wolfSSL 3.12.0 Now Available
wolfSSL 3.12.0 is now available for download! This release contains bug fixes, new features, and includes fixes for one security vulnerability (low level). The one low level vulnerability fix included in this release is in relation to a potential DoS attack on a wolfSSL client. Previously a client would accept many warning alert messages without […]
Read MoreMore TagwolfSSL and libFuzzer
libFuzzer, a fuzzing engine created by LLVM, is now being used to test the wolfSSL library. Below is a short description of libFuzzer, taken from LLVM’s website here. LibFuzzer is linked with the library under test, and feeds fuzzed inputs to the library via a specific fuzzing entrypoint (aka “target function”); the fuzzer then tracks […]
Read MoreMore TagwolfSSL FIPS – A Year in Review (Part 1 of a 3 Part Series)
wolfSSL is pleased to bring our community a report of the past years FIPS activities. In part one of this three-part series we will cover the new Operating Environments (OEs) added to the wolfSSL certificate in the past year + CAVP algorithm testing done by wolfSSL. Part two of this series will cover OEs tested […]
Read MoreMore TagTLS 1.3 Reducing Latency
As we’ve mentioned in a previous blog post one of the key advantages of TLS 1.3 is the reduction in round-trips. Older versions of the TLS protocol require two complete round-trips before the client sends the application data. With TLS v1.3 only 1 round-trip is required! This means network latency has less impact on the […]
Read MoreMore TagwolfCrypt JNI Wrapper and JCE Provider
The wolfCrypt cryptography library is now available to Java developers! wolfSSL recently released a JNI wrapper and JCE provider that wraps the native C wolfCrypt library. The JCE (Java Cryptographic Extension) framework supports the installation of custom Cryptographic Service Providers which can in turn implement a subset of the underlying cryptographic functionality used by the […]
Read MoreMore TagNXP Kinetis K8X LTC support for PKI (RSA/ECC) with #TLS13
As our readers have seen us post about in the past, NXP has a new LP Trusted Crypto (LTC) core which accelerates RSA/ECC PKI in their Kinetis K8x line. The LTC hardware accelerator improves: * RSA performance by 12-17X * ECC performance by 18-23X * Ed/Curve25519 performance by 2-3X. wolfSSL now provides support for TLS […]
Read MoreMore TagUpcoming in wolfSSH v1.2.0
wolfSSH v1.2.0 is currently a work in process. We have just added support for Elliptic Curve algorithms and AES-GCM. The following key exchange and public key algorithms are now available: • ecdh-sha2-nistp256 • ecdh-sha2-nistp384 • ecdh-sha2-nistp521 • ecdsa-sha2-nistp256 • ecdsa-sha2-nistp384 • ecdsa-sha2-nistp521 The new encryption algorithm that is available is “aes128-gcm@openssh.com”, which is an implementation […]
Read MoreMore TagwolfSSL has added AFL to its Testing Suite
wolfSSL is glad to announce that it is incorporating American Fuzzy Lop (AFL) into its testing suite.Improving security is the at the heart of what wolfSSL is about. That is why wolfSSL has decided to include the AFL fuzzer to its list of tools. Finding bugs first locally allows our teams to make improvements to […]
Read MoreMore TagUsing wolfSSL on the Atmel ATECC508A with TLS 1.3 (#TLS13)
As previously announced, the wolfSSL embedded SSL/TLS library and wolfCrypt embedded crypto engine support the Atmel ATECC508A crypto element. This allows wolfSSL to take advantage of the ECC hardware acceleration and protected private key storage on the ATECC508A. Using wolfSSL, ATECC508A users can benefit from both increased ECC performance and secure key storage, thus hardening […]
Read MoreMore Tag