wolfSSL is announcing a long term support (LTS) version of the wolfSSL library. The goal of this product will be to provide users with fully ABI compatible releases of wolfSSL that are secure against all known vulnerabilities. Patches for vulnerabilities will be backported to the LTS branch in an ABI compatible way to guarantee security […]
Read MoreMore TagCategory: wolfSSL/ wolfCrypt
TLS on Embedded Systems: UART, I2C or SPI
Recently, we have seen an uptick in interest in securing communications between different embedded modules within a larger system. The academic community has seen great work in showing that these communications need to be secured; especially in the automotive space. Are you looking to start securing your internal communications over UART, I2C or SPI? With […]
Read MoreMore TagwolfSSL 5.7.0 Now Available!
Version 5.7.0 of wolfSSL is now available! Many new and exciting features were added in this release. Near the top of that list is the addition of our Kyber implementation along with other post quantum algorithm support. This empowers you to future-proof your security measures, ensuring robust protection against evolving threats. In addition to introducing […]
Read MoreMore TagGetting Started with wolfSSL on Arduino
Getting started with wolfSSL has never been easier. We’ve recently updated our library as published on the Arduino libraries site, listed in the “Communications” section: https://www.arduino.cc/reference/en/libraries/wolfssl/ To use wolfSSL in the Arduino IDE, download the latest IDE version from arduino.cc and follow the installation instructions. Note that if you used any version of wolfSSL prior […]
Read MoreMore TagwolfSSL SSL/TLS Support for NXP SE050
The wolfSSL lightweight SSL/TLS library and underlying wolfCrypt cryptography library have included support for the NXP SE050 module since November 2021. Since that time we have been increasing compatibility with SE050 along with usage of SCP03 (Secure Channel Protocol 03) authentication. To help users get started with TLS usage, we also have two example client […]
Read MoreMore TagSkipping the Cookie Exchange in DTLS 1.3
wolfSSL 5.6.6 introduces the option for DTLS 1.3 servers to skip the cookie exchange on a session resumption. The cookie exchange is a security mechanism employed during the resumption of a DTLS 1.3 session. When a client wants to resume a previous DTLS 1.3 session, it sends a session ticket to the server, which may […]
Read MoreMore TagwolfSSL Adds Support for 0.5-RTT Data in (D)TLS 1.3
(D)TLS 1.3 support for 0.5-RTT (round trip time) data has been introduced to wolfSSL in the latest release (5.6.6). 0.5-RTT data is an optimization in (D)TLS 1.3 that significantly reduces latency and improves overall performance of application data. The full handshake requires two full round trips to start sending data while this functionality allows the […]
Read MoreMore TagHandshake Message Coalescing Vulnerability
wolfSSL prior to version 5.6.6 had a vulnerability where the (D)TLS key boundaries were not properly checked. As a result, it was possible to combine (D)TLS messages using different keys into one (D)TLS record. The most extreme edge case is that, in (D)TLS 1.3, it was possible that an unencrypted (D)TLS 1.3 record from the […]
Read MoreMore TagSniffing TLS Traffic
Do you have a need to capture and/or analyze TLS traffic? The wolfSSL library includes a useful tool that you can leverage. The wolfSSL sniffer can be used to capture TLS packets and even decrypt them when at least one of the keys is known. This can be done with both live and recorded PCAP […]
Read MoreMore TagwolfSSL Rust Wrapper coming soon
Rust support is coming to wolfSSL this year! The wolfSSL embedded TLS library is a lightweight, portable, C-language-based SSL/TLS library known for its low footprint, speed, and feature set. Users have been able to take advantage of our library not only in C but also in their Java, C#, Python, and JavaScript projects using the […]
Read MoreMore Tag