RECENT BLOG NEWS

Online Certificate Status Protocol or OCSP is an Internet protocol that is used to obtain the revocation status of an X.509 digital certificate. An OCSP client will send a status request to an OCSP responder and receive information if the certificate is valid or revoked. A good response shows that the certificate is valid and […]

In the latest wolfSSL releases, we have added 200+ new API to our OpenSSL compatibility layer. Many of these new API were added for providing support for Apache HTTP Server. We are excited to announce that as of version 4.3.0, wolfSSL provides support for the Apache web server with the enable option –enable-apachehttpd.  This means […]

When developing an application that needs to communicate securely with another device TLS is a great option. The framework in place for TLS connections with JAVA is JSSE (Java Secure Socket Extension). JSSE is a set of interfaces that can be called to abstract the TLS process and make it easy for plugging in different […]

The NXP Memory-Mapped Cryptographic Acceleration Unit (mmCAU) is on many Kinetis microcontrollers. It improves symmetric AES and SHA performance as compared to our software based implementation. wolfSSL version 4.2.0 enhanced mmCAU support to use multiple blocks against hardware and optimize to avoid memory copies (memcpy) when possible. This resulted in a 20-78% improvement in performance! […]

We have added many new features in our new release of wolfSSL 4.3.0. One new feature we have added is a CMS/PKCS #7 callback for signing SignedData raw digests – enabled with the macro HAVE_PKCS7_RSA_RAW_SIGN_CALLBACK and call to function wc_PKCS7_SetRsaSignRawDigestCb(). For those who are unaware PKCS #7 is used to sign and/or encrypt messages under […]

In our new release of wolfSSL 4.3.0 we have added updates to RSA-PSS salt lengths. The macro WOLFSSL_PSS_SALT_LEN_DISCOVER value into wc_RsaPSS_Verify_ex() attempts to discover salt length and can use larger salt lengths. RSA-PSS is a probabilistic signature scheme (PSS) with appendix. A signature scheme with appendix requires the message itself to verify the signature (i.e. […]

wolfSSL: TLS 1.3, OpenSSL comparison wolfSSL’s open-source SSL/TLS library is constantly updated to maintain a mature code base and adapts quickly to any standard changes. One recent change is the release of TLS 1.3 (successor of TLS 1.2 which was out for 10 years). What is new in TLS 1.3? TLS 1.3 brought forth numerous […]

The wolfMQTT client library has an Amazon Web Services example that demonstrates securely connecting over TLS provided by the wolfSSL embedded SSL/TLS library. We setup an AWS IoT endpoint and testing device certificate. The AWS server uses a TLS client certificate for authentication. The example is located in `/examples/aws/`.  It subscribes to `$aws/things/”AWSIOT_DEVICE_ID”/shadow/update/delta` and publishes […]

The team at wolfSSL has taken the core functionality of the wolfSSL embedded SSL/TLS library to the next level and implemented changes to conform to the Required and Mandatory rules from the MISRA-C:2012 Guidelines. Currently a subset of the wolfCrypt files are checked (sha256.c, aes.c (CBC/GCM), rsa.c, random.c, sp_c64.c), let us know if your project […]

The Java Secure Socket Extension (JSSE) framework supports the installation of security providers. These providers can implement a subset of the functionality used by the Java JSSE security APIs, including SSL/TLS.  We are happy to announce the availability of the wolfJSSE Provider, which wraps the native wolfSSL SSL/TLS library.  With this provider, users can leverage […]