wolfSSL prior to version 5.6.6 had a vulnerability where the (D)TLS key boundaries were not properly checked. As a result, it was possible to combine (D)TLS messages using different keys into one (D)TLS record. The most extreme edge case is that, in (D)TLS 1.3, it was possible that an unencrypted (D)TLS 1.3 record from the […]
Read MoreMore TagCategory: Uncategorized
wolfBoot v2.0.0 intel x86_64 support
wolfBoot v2.0.0 introduced support for the Intel x86-64 bit architecture by leveraging the Intel Firmware Support Package (Intel FSP) and several new exciting and interesting features: TPM integration, Multiboot2/ELF support, PCI support, AHCI support, SATA security features, and others. On Intel x86_64, wolfBoot uses a dual stage design. In the first stage, It initializes the […]
Read MoreMore TagSniffing TLS Traffic
Do you have a need to capture and/or analyze TLS traffic? The wolfSSL library includes a useful tool that you can leverage. The wolfSSL sniffer can be used to capture TLS packets and even decrypt them when at least one of the keys is known. This can be done with both live and recorded PCAP […]
Read MoreMore TagwolfSSL Rust Wrapper coming soon
Rust support is coming to wolfSSL this year! The wolfSSL embedded TLS library is a lightweight, portable, C-language-based SSL/TLS library known for its low footprint, speed, and feature set. Users have been able to take advantage of our library not only in C but also in their Java, C#, Python, and JavaScript projects using the […]
Read MoreMore TagLive Webinar: Medical Device Security: Key Strategies for Cybersecurity and Data Protection
You are invited to join a webinar on “Medical Device Security: Key Strategies for Cybersecurity and Data Protection” scheduled for January 25th at 10 am PT. wolfSSL’s Senior Software Engineer, Eric, will delve into the topic of medical device security. As the complexity and connectivity of medical devices have increased, it is essential to maintain […]
Read MoreMore TagThe Quantum Arena
It is always very interesting to see news articles about technical advances in the Quantum Arena. For example: https://www.scmp.com/news/china/science/article/3246752/china-and-russia-test-hack-proof-quantum-communication-link-brics-countries This article talks about cooperation between China and Russia to make QKD (Quantum Key Distribution) between the two countries a reality. While only an experiment, this is a landmark achievement for the BRICS group of countries. […]
Read MoreMore TagX.509 Alternative Public Key and Signature
For people who work in the world of PKI (Public Key Infrastructure) and security protocols, when you think of certificates, RFC 5280 instantly comes to mind. However, it is interesting to note that this document was written in 2008 and is the IETF’s specification of X.509 which is itself a standard that is maintained by […]
Read MoreMore TagwolfSSL Support for the Espressif ESP-IDF v5.2 Beta
Recently Espressif announced their ESP-IDF v5.2 Beta 1 on GitHub. The same day we found out about this exciting new version, we confirmed that all the wolfSSL Espressif ESP32 Examples are working in that environment. So far the “beta” looks to be well polished from our perspective. Last week, we learned about the ESP-IDF v5.2 […]
Read MoreMore TagwolfSSH – Now Available as an Espressif Managed Component Includes SSH Echo Server Example
Not long ago, we announced preview support for new Espressif Managed Components. This is in addition to the core wolfssl managed component. Today you can add SSH capabilities to your toolbox by visiting this link: https://components.espressif.com/components/wolfssl/wolfssh If the ESP Registry page does not fully load with all the text, try holding down the “ctrl” key […]
Read MoreMore TagLive Webinar: Getting Started with wolfSSH in 2024
Join us for a webinar on ‘Getting Started with wolfSSH‘ scheduled for January 18th at 10 am PT. The latest release, wolfSSH v1.4.15, has just been unveiled as part of our Christmas releases! Packed with numerous features and improvements, this version promises an enriching experience. wolfSSL Software Developer, Jacob Barthelmeh, will be your guide, starting […]
Read MoreMore Tag