RECENT BLOG NEWS

Hi!  We have been asked a number of times about wolfSSL integration with the Nginx web server.  If you are not familiar with Nginx, it is a high performance, high concurrency web server that is becoming extremely popular these days.  You can learn more about Nginx at nginx.com.

Nginx and wolfSSL make a likely pairing because they are both lean, compact, fast, and scale well under high volumes of connections.  The big news today is that wolfSSL is now working with Nginx! We have added a new configure option “–enable-nginx” which will compile the wolfSSL libraries with NGINX support. For more info please contact us today facts@wolfssl.com!

Hi! Are you interested in using wolfSSL with the Contiki OS? If so, let us know at facts@wolfssl.com! The wolfSSL lightweight SSL/TLS library is a perfect match for resource-constrained embedded IoT devices. wolfSSL currently supports up to TLS 1.2 and DTLS 1.2, with TLS 1.3 support up and coming.

Contiki, as described by their website, is “an open source operating system for the Internet of Things. Contiki connects tiny low-cost, low-power microcontrollers to the Internet. Contiki is a powerful toolbox for building complex wireless systems.”

As those microcontrollers are connecting to the Internet, secure connectivity with SSL/TLS/DTLS is important. We look forward to hearing your thoughts about using wolfSSL with Contiki!

wolfSSL recently completed a port to Tenasys INTime RTOS! You can read more in the press release from Tenasys here: Secured INtime system traffic!

Tenasys is using wolfSSL to secure their networked real-time systems and wolfSSL is happy to be integrated into the INTime networking stack which allows us to provide world renowned security to INTime SDK consumers. If you have any questions about this please contact wolfSSL: facts@wolfssl.com

Reference: https://www.pressebox.com/pressrelease/tenasys-europe-gmbh/20-years-of-commercial-usage-TenAsys-Corp-shows-INtime-real-time-OS-at-Embedded-World-2017/boxid/842331

wolfSSL has support for The Real-time Operating system Nucleus’ (TRONs’) Micro T-Kernel or (uT-Kernel / ?T-Kernel). Users can define “WOLFSSL_uTKERNEL2” in their project settings to take advanatage of wolfSSL support for this popular T-Engine Forum integrated project!

If you have any questions please contact wolfSSL: facts@wolfssl.com!

Tired of using OpenSSL? Recently wolfSSL has been expanding our compatibility layer, which means that it soon will be even easier to replace OpenSSL with wolfSSL in existing projects. In some cases the replacement can be as easy as including and linking to a wolfSSL library that has been compiled with –enable-opensslextra.

For more information about the wolfSSL or the compatibility layer contact us at facts@wolfssl.com.

Curious about new features and additions to wolfSSL technologies for the coming year?  Some items on our current roadmap include increasing performance through hardware acceleration and instruction level tuning, resource reduction tuning, and increasing our Async Crypto support to other projects like nginx.  Our TLS 1.3 draft support is ready for testing and should the specification go final our release will be one of the first.

In terms of new environments we’ll have more FIPS platforms, more FIPS algorithms, easier integration with event programming, Data plane development support, more language wrappers, SGX support at the TLS level, and more Open Source project plugins including HAProxy, nginx, and wpa_supplicant.

Look for product improvements to wolfMQTT, wolfSSH, and wolfCrypt.  We also anticipate offering our testing and security audit programs as services.  Keep an eye out for connected home white papers and case studies.  Something we missed, or something you would like to see on our roadmap?  Please let us know.

Or feel free to visit our website at wolfssl.com or email us at facts@wolfssl.com.

Sometimes the consumers of the wolfSSL Embedded TLS library are curious about our internal process for handling vulnerability reports.  The first thing our users need to know is that wolfSSL takes every vulnerability report seriously!  We currently maintain a mean time to verification of about 1.5 hours.  Our mean time to achieve a fix is about 12 hours.  As most of our readers know, not all CVE’s are created equally, so our fixes can take anywhere from 24 minutes to 24 hours.

The final statistic we can share is one that we are particularly proud of:  Our mean time between a report and a release over the last 3 years is 38 hours!  We believe this is an industry leading number, and one that we will strive to maintain and even improve!

Break-down of wolfSSL vulnerability response procedures:

#1 – (45 – 120 minutes)

– Support staff de-prioritizes all support to confirm vulnerability exists

– Support staff makes any necessary modifications to provided test code to make it build out-of-the-box for engineering team

– Support staff creates README for engineering team to be able to re-produce in 10 minutes or less

– As soon as validated and tests streamlined alert is sent to engineering team along with report and test case

#2 – (20 minutes – 1 day)

– Engineering team fixes the issue and opens a pull request

– Multiple engineers review fix

#3 – (1 hour)

– Jenkins automated integration server tests fix

#4 – (1 hour)

– Senior Engineer reviews Jenkins results and suggested fix

#5 – (N/A)

– repeat steps #2 – #4 as necessary

#6 – (N/A)

– Fix is merged

#7 (1 day)

– Release process started

– New GPL licensed release posted to website

– Commercial Releases sent to customers

In addition to ongoing support for MPLAB Harmony,  wolfSSL has updated its support for Microchip Libraries for Applications (MLA). Using wolfSSL`s embedded SSL/TLS libraries we created an MLA TCP/IP demo using the PIC32 Ethernet Starter Kit, which enables SMTP and HTTPS over SSL/TLS. For access to this demo contact us today at facts@wolfssl.com.

If you are using Microchip’s MLA on any of the supported platforms (PIC16, PIC18, PIC24, dsPIC33, or PIC32) and looking for an embedded TLS solution, or have questions, please contact our support team at support@wolfssl.com, we would be more than happy to support your efforts!

References:

MLA Support: https://www.wolfssl.com/wolfSSL/wolfssl-pic32.html
Supported Platforms: http://www.microchip.com/mplab/microchip-libraries-for-applications

@wolfSSL has been collaborating with @TXInstruments for some time to provide ongoing hardware encryption support for your #IoT projects! Hardware support for the following algorithms is available in the #wolfSSL #embedded #TLS #SSL library when building with #TIRTOS for the #TivaC(PDF) micro controller.

AES
CCM
DES3
MD5
SHA
SHA-224
SHA-256

For instructions on building wolfSSL on TIRTOS, the following guide is very useful! Also included in the guide are details on setting up a TLS example server!
https://github.com/wolfSSL/wolfssl-examples/blob/master/tirtos_ccs_examples/README.md

For any other questions or info please contact support@wolfssl.com or facts@wolfssl.com

@wolfSSL has been collaborating with @TXInstruments for some time to provide ongoing hardware encryption support for your #IoT projects! Hardware support for the following algorithms is available in the #wolfSSL #embedded #TLS #SSL library when building with #TIRTOS for the #TivaC micro controller.

AES

CCM

DES3

MD5

SHA

SHA-224

SHA-256

For instructions on building wolfSSL on TIRTOS, the following guide is very useful!  Also included in the guide are details on setting up a TLS example server!

https://github.com/wolfSSL/wolfssl-examples/blob/master/tirtos_ccs_examples/README.md

For any other questions or info please contact support@wolfssl.com or facts@wolfssl.com