Category: wolfCLU

wolfCLU version 0.1.9 is now available! This command-line utility, built on the wolfSSL embedded TLS library, helps with admin tasks and common use cases such as key generation and certificate parsing to human human-readable form. Among the most notable changes to this release is the addition of support for PKCS8 and Base64 commands, introduced in […]

Read MoreMore Tag

We’re excited to announce recent improvements to wolfCLU, wolfSSL’s command line tool designed to make working with cryptographic data even easier and more flexible. PKCS8 and Base64 Support pkcs8: Easily parse and handle PKCS#8-formatted private keys, ensuring compatibility with modern secure key formatting standards. base64: Encode or decode data in Base64 format directly from the […]

Read MoreMore Tag

The wolfSSL team recently merged a significant improvement to their CMake build system with Pull Request #8548. This enhancement adds a new WOLFSSL_CLU option to CMakeLists.txt, providing CMake users with the same functionality that was previously only available through the –enable-wolfclu option in the autotools build system. What is wolfCLU? Before diving into the technical […]

Read MoreMore Tag

The wolfSSL team would like to announce support for XMSS (eXtended Merkle Signature Scheme) and XMSS^MT (Multi-Tree XMSS) post-quantum cryptographic signature schemes to wolfCLU. The implementation includes key generation, signing, and verification capabilities. Note that this feature includes best-effort state management for stateful private keys. We have done our best to implement state management, but […]

Read MoreMore Tag

This PR updates wolfCLU to properly handle X509 name parsing following changes in wolfSSL’s OBJ_sn2nid function behavior. The changes focus on how Distinguished Name (DN) components are processed when creating X509 certificates. These changes ensure wolfCLU properly handles X509 name components when interfacing with wolfSSL’s updated OBJ_sn2nid implementation. Users working with X509 certificates through wolfCLU […]

Read MoreMore Tag

With the release of wolfCLU 0.1.7, you can now verify long certificate chains! Our way of doing it is a bit unique. You will need to verify the certificates in your chain one by one. For example, suppose you have a certificate chain where there is a root, intermediate, another intermediate and leaf certificate. If […]

Read MoreMore Tag

We have added the Dilithium command to wolfCLU. Dilithium (referred to as ML-DSA by NIST) is a post-quantam cryptography (PQC) algorithm for signing and verification. This blog post provides an overview of how to use the Dilithium command in wolfCLU. To use the Dilithium command, you must first build wolfSSL with the appropriate configuration options: […]

Read MoreMore Tag

We have added initial support for the s_server command to wolfCLU! This exciting new feature supports handling basic TLS connections leveraging the best tested cryptography from the wolfSSL library. It is a quick way to set up simple TLS connection tests. So far the arguments available are : “` ./wolfssl s_server -help -port Port to […]

Read MoreMore Tag

Throughout the last development cycle, we have increased the test coverage for wolfCLU. This includes many different types of tests done with continuous integration. One of the tests expanded was involving -fsanitize=address builds on every code addition by updating the GitHub actions used. Another was expanding the unit test for the new features added including […]

Read MoreMore Tag

The `dgst` command of wolfCLU saw support for some new arguments with the latest release. Support for `-inform` was added, giving the flexibility to choose if the incoming file is in DER or PEM format. Before only PEM formatted inputs were handled and the application would gracefully error out if a DER input had been […]

Read MoreMore Tag