Building wolfSSL and TLS 1.3 on Windows

We wanted to cover building for TLS 1.3 today for our Windows users! For those interested in testing with TLS 1.3 on Windows system please use the wolfssl64.sln located in the root directory of our download (wolfssl-x.x.x/wolfssl64.sln).

The wolfssl64.sln solution provides builds configurations for:

WIN32 | Debug

WIN32 | DLL Debug

WIN32 | Release

WIN32 | DLL Release 

x64 | Debug

x64 | DLL Debug

x64 | Release

x64 | DLL Release

To customize the configuration for wolfSSL we use the file wolfssl-x.x.x/IDE/WIN/user_settings.h with the wolfssl64.sln. Simply add these settings to that header:

#define WOLFSSL_TLS13

#define HAVE_TLS_EXTENSIONS

#define HAVE_SUPPORTED_CURVES

#define HAVE_ECC

#define HAVE_HKDF

#define HAVE_FFDHE_8192

#define WC_RSA_PSS

Then rebuild and run the example client/server with the -v 4 option to test TLS 1.3! (See screenshot below)

If you have any questions or run into any issues, contact us at facts@wolfssl.com, or call us at +1 425 245 8247.

Using Pre-Shared Keys (PSK) with wolfSSL

Ever wondered how to use PSK with the embedded wolfSSL library?  PSK is useful in resource constrained devices where public key operations may not be viable.  It`s also helpful in closed networks where a Certificate Authority structure isn`t in place.  To enable PSK with wolfSSL you can simply do:

$ ./configure --enable-psk

Using PSK on the client side requires one additional function call:

wolfSSL_CTX_set_psk_client_callback()

There`s an example client callback in cyassl/test.h called my_psk_client_cb().  The example sets the client identity which is helpful for the server if there are multiple clients with unique keys and is limited to 128 bytes.  It could also examine the server identity hint in case the client is talking to multiple servers with unique keys.  Then the pre-shared key is returned to the caller, here that is simply 0x1a2b3c4d, but it could be any key up to 64 bytes in length (512 bits).

On the server side two additional calls are required:

wolfSSL_CTX_set_psk_server_callback()
wolfSSL_CTX_use_psk_identity_hint()

The server stores it`s identity hint to help the client with the 2nd call, in our server example that`s “cyassl server”.  An example server psk callback can also be found in my_psk_server_cb() in cyassl/test.h.  It verifies the client identity and then returns the key to the caller, which is again 0x1a2b3c4d, but could be any key up to 64 bytes in length.

If you have any questions or run into any issues, contact us at facts@wolfssl.com, or call us at +1 425 245 8247.

wolfCrypt Support for Cryptographic Callbacks

wolfCrypt adds support for cryptographic callbacks that can be registered for replacing stock software calls with your own custom implementations. The goal is to make adding hardware cryptographic support easier.

Currently supported crypto callbacks:

  • RNG and RNG Seed
  • ECC (key gen, sign/verify and shared secret)
  • RSA (key gen, sign/verify, encrypt/decrypt)
  • AES CBC and GCM
  • SHA1 and SHA256
  • HMAC

This feature is enabled using “–enable-cryptocb” or “#define WOLF_CRYPTO_CB”.

To register a cryptographic callback function use the “wc_CryptoCb_RegisterDevice” API. This takes a unique device ID (devId), callback function and optional user context.

typedef int (*CryptoDevCallbackFunc)(int devId, wc_CryptoInfo* info, void* ctx);
WOLFSSL_API int wc_CryptoCb_RegisterDevice(
    int devId,
    CryptoDevCallbackFunc cb,
    void* ctx);

To enable use of the crypto callbacks you must supply the “devId” arguments on initialization.

For TLS use:  

  • wolfSSL_CTX_SetDevId(ctx, devId);
  • wolfSSL_SetDevId(ssl, devId);

For wolfCrypt API’s use the init functions that accept “devId” such as:

  • wc_InitRsaKey_ex
  • wc_ecc_init_ex
  • wc_AesInit
  • wc_InitSha256_ex
  • wc_InitSha_ex
  • wc_HmacInit

Examples:

If you have any questions or run into any issues, contact us at facts@wolfssl.com, or call us at +1 425 245 8247.

wolfBoot adds RISC-V Support

We have added support for RISC-V hardware in our wolfBoot library. The reference example uses the SiFive HiFive1 FE310 board to demonstrate a secure bootloader and firmware upgrade.

The HiFive1 is a 32-bit E31 RISC-V core capable of running at 320MHz. It includes 4MB of external flash and 16KB of internal RAM.

The wolfBoot library provides:

  • Boot validation of the firmware image using hash and signature
  • Reliable firmware update (power fail safe).
  • Rollback support if application does not report “success”
  • Version checking to prevent downgrade attack
  • Support for external flash on updates

This adds support for:

  • RV32 Hardware Access Layer (HAL) support for:
    • PLL Clock configuration
    • Flash eSPI
    • UART
    • RTC
  • Firmware update example using the serial interface

Full setup and installation instructions can be found in “docs/Targets.md”.

These new features can be found on GitHub here:
https://github.com/wolfSSL/wolfBoot/pull/14

If you have any questions or run into any issues, contact us at facts@wolfssl.com, or call us at +1 425 245 8247.

Differences between TLS 1.2 and TLS 1.3 (#TLS13)

wolfSSL's embedded SSL/TLS library has included support for TLS 1.3 since early releases of the TLS 1.3 draft. Since then, wolfSSL has remained up-to-date with the TLS 1.3 specification. In this post, the major upgrades of TLS 1.3 from TLS 1.2 are outlined below:

TLS 1.3

This protocol is defined in RFC 8446. TLS 1.3 contains improved security and speed. The major differences include:

  • The list of supported symmetric algorithms has been pruned of all legacy algorithms. The remaining algorithms all use Authenticated Encryption with Associated Data (AEAD) algorithms.
  • A zero-RTT (0-RTT) mode was added, saving a round-trip at connection setup for some application data at the cost of certain security properties.
  • Static RSA and Diffie-Hellman cipher suites have been removed; all public-key based key exchange mechanisms now provide forward secrecy.
  • All handshake messages after the ServerHello are now encrypted.
  • Key derivation functions have been re-designed, with the HMAC-based Extract-and-Expand Key Derivation Function (HKDF) being used as a primitive.
  • The handshake state machine has been restructured to be more consistent and remove superfluous messages.
  • ECC is now in the base spec  and includes new signature algorithms. Point format negotiation has been removed in favor of single point format for each curve.
  • Compression, custom DHE groups, and DSA have been removed, RSA padding now uses PSS.
  • TLS 1.2 version negotiation verification mechanism was deprecated in favor of a version list in an extension.
  • Session resumption with and without server-side state and the PSK-based ciphersuites of earlier versions of TLS have been replaced by a single new PSK exchange.

More information about the TLS 1.3 protocol can be found here: https://www.wolfssl.com/docs/tls13/.

If you have any questions or run into any issues, contact us at facts@wolfssl.com, or call us at +1 425 245 8247.

wolfSSL Adds Support for the Arm® TrustZone® CryptoCell-310

Are you a user of MCU with CryptoCell hardware?  If so, you will be happy to know that wolfSSL recently added support for CryptoCell with wolfCrypt and benchmark examples to the wolfSSL embedded SSL/TLS library!

The wolfSSL port supports the following features:

  • SHA-256
  • AES CBC
  • Elliptic Curve Digital Signature Algorithm (ECDSA) – sign and verify
  • Elliptic Curve Diffie Hellman (ECDH) – shared secret
  • ECC key generation support
  • RSA sign and verify
  • RSA key generation support
  • RSA encrypt and decrypt

These features are tested on nRF52840 hardware platform with Nordic nRF5_SDK_15.2.0.

You can use the WOLFSSL_CRYPTOCELL macro to activate the CryptoCell support in wolfSSL. For instructions on how to build and run the examples on your projects, please see the “<wolfssl-root>/IDE/CRYPTOCELL/README” file.  This support is currently located in our GitHub master branch, and will roll into the next stable release of wolfSSL.

wolfSSL provides support for the latest and greatest version of the TLS protocol, TLS 1.3! Using the wolfSSL port will allow your device to connect to the internet in one of the most secure ways possible.

If you have any questions or run into any issues, contact us at facts@wolfssl.com, or call us at +1 425 245 8247.

Resources

The most recent version of wolfSSL can be downloaded from our download page, here: https://www.wolfssl.com/download/
wolfSSL GitHub repository: https://github.com/wolfssl/wolfssl.git
wolfSSL support for TLS 1.3: https://www.wolfssl.com/docs/tls13/

wolfSSH SSHv2 Server Library

wolfSSL provides many products, services, and support for almost all things TLS and embedded. One of these products provided by wolfSSL is wolfSSH - an SSHv2 server library!

wolfSSH is wolfSSL's own open-source and dual-licensed implementation of the SSHv2 protocol. It's a server library written in ANSI C and targeted for embedded/RTOS/resource-constrained environments. It's fast, has a small code size, and an extensive feature set.  This feature set includes items such as SCP support, SFTP support, PEM and DER certificate support, and also hardware cryptography for supported devices! This comes from wolfSSH's leverage of the wolfCrypt crypto engine for its cryptographic operations.

wolfSSH can be downloaded from the wolfSSL download page (located here: https://www.wolfssl.com/download/), or from a git-clone of the wolfSSH GitHub repository (located here: https://github.com/wolfssl/wolfssh.git).

Additionally, wolfSSL provides support and maintenance for all of its products, wolfSSH included. More information on wolfSSH support and maintenance can be found on the wolfSSL support page, located here: https://www.wolfssl.com/products/support-and-maintenance/.

If you have any questions or run into any issues, contact us at facts@wolfssl.com, or call us at +1 425 245 8247.

Xilinx “Zynq UltraScale+ MPSoC’s” Benchmarking with wolfSSL

Benchmark values of the wolfSSL embedded SSL/TLS library running on Xilinx boards, including the ZCU102, have been collected and are up for viewing. Our friends over at Xilinx have a white paper posted that goes into detail about the benchmark values here https://www.xilinx.com/support/documentation/white_papers/wp512-accel-crypto.pdf. This shows how much faster applications can perform secure operations when incorporating the hardware acceleration available on Xilinx devices. It also gives a demonstration of the performance trade-offs when choosing FreeRTOS versus an embedded Linux OS.

Additionally, Xilinx has also posted their own evaluation of the cryptographic performance gains that can be achieved by using wolfSSL in conjunction with their own hardware. Their post can be viewed here: https://forums.xilinx.com/t5/Adaptable-Advantage-Blog/Increase-your-products-cryptographic-performance-by-using/ba-p/978932

If you have any questions or run into any issues, contact us at facts@wolfssl.com, or call us at +1 425 245 8247.

7.65.1 PATCHED UP AND READY TO GO

author: Daniel Stenberg

Whatever we do and whatever we try, no matter how hard we try to test, debug, review and do CI builds it does not change the eternal truth:

Nothing gets tested properly until released.

We worked hard on fixing bugs in the weeks before we shipped curl 7.65.0. We really did. Yet, several annoying glitches managed to creep in, remain unnoticed and cause problems to users when they first eagerly tried out the new release. Those were glitches that none in the development team had experienced or discovered but only took a few hours for users to detect and report.

The initial bad sign was that it didn’t even take a full hour from the release announcement until the first bug on 7.65.0 was reported. And it didn’t stop with that issue. We obviously had a whole handful of small bugs that caused friction to users who just wanted to get the latest curl to play with. The bugs were significant and notable enough that I quickly decided we should patch them up and release an update that has them fixed: 7.65.1. So here it is!

This patch release even got delayed. Just the day before the release we started seeing weird crashes in one of the CI builds on macOS and they still remained on the morning of the release. That made me take the unusual call to postpone the release until we better understood what was going on. That’s the reason why this comes 14 days after 7.65.0 instead of a mere 7 days.

Numbers

the 182nd release
0 changes
14 days (total: 7,747)
35 bug fixes (total: 5,183)
61 commits (total: 24,387)
0 new public libcurl function (total: 80)
0 new curl_easy_setopt() option (total: 267)
0 new curl command line option (total: 221)
27 contributors, 12 new (total: 1,965)
16 authors, 6 new (total: 687)
0 security fixes (total: 89)
0 USD paid in Bug Bounties

Bug-fixes

Let me highlight some of the fixes that went this during this very brief release cycle.

build correctly with OpenSSL without MD4

This was the initial bug report, reported within an hour from the release announcement of 7.65.0. If you built and installed OpenSSL with MD4 support disabled, building curl with that library failed. This was a regression since curl already supported this and due to us not having this build combination in our CI builds we missed it… Now it should work again!

CURLOPT_LOW_SPEED_* repaired

In my work that introduces more ways to disable specific features in curl so that tiny-curl would be as small as possible, I accidentally broke this feature (two libcurl options that allow a user to stop a transfer that goes below a certain transfer speed threshold during a given time). I had added a way to disable the internal progress meter functionality, but obviously not done a good enough job!

The breakage proved we don’t have proper tests for this functionality. I reverted the commit immediately to bring back the feature, and when now I go back to fix this and land a better fix soon, I now also know that I need to add tests to verify.

multi: track users of a socket better

Not too long ago I found and fixed a pretty serious flaw in curl’s HTTP/2 code which made it deal with multiplexed transfers over the same single connection in a manner that was far from ideal. When fixed, it made curl do HTTP/2 better in some circumstances.

This improvement ended up proving itself to have a few flaws. Especially when the connection is closed when multiple streams are done over it. This bug-fix now makes curl closing down such transfers in a better and cleaner way with fewer “loose ends”.

parse_proxy: use the IPv6 zone id if given

One more zone id fix that I didn’t get around to land in 7.65.0 has now landed: specifying a proxy with a URL that includes an IPv6 numerical address and a zone id – now works.

connection “bundles” on same host but different ports

Internally, libcurl collects connections to a host + port combination in a “bundle” (that’s just a term used for this concept internally). It does this to count number of connections to this combination and enforce limits etc. It is only used a bit for controlling when multiplexing can be done or not on this host.

Due to a regression, probably added already back in 7.62.0, this logic always used the default port for the protocol instead of the actual port number used in the given URL! An application that for example did parallel HTTP transfers to the hostname “example.org” on both port 80 and port 81, and used HTTP/1 on one of the ports and HTTP/2 on the other would be totally mixed up by curl and cause transfer failures.

But not anymore!

Coming up

This patch release was not planned. We will give this release a few days to stew and evaluate the situation. If we keep getting small or big bugs reported, we might not open the feature window at all in this release cycle and instead just fix bugs.

Ideally however, we’ve now fixed the most pressing ones and we can now move on and follow our regular development process. Even if we have, the feature window for next release will be open during a shorter period than normal.

 

curl can be downloaded from the wolfSSL download page located here: https://www.wolfssl.com/download/
If you have any questions or run into any issues, contact us at facts@wolfssl.com, or call us at +1 425 245 8247.