wolfSSL Loves Robots!
Did you say robots? At wolfSSL we love robots! We even have one to clean our office in Bozeman, Montana. But even more than that little cleaner, we love securing robots.
If you are in the robotics and automation space, you already know that it’s all about scaling up. Sure a robot can clean an office, but that’s not the end goal. Once you’ve proven your product in one location, it can clean every location your client has. But in order to scale, you need a big customer. What better customer than government agencies?
But you need reliable security. That means confidentiality of all transmissions and proper authentication of all commands. That means authenticating your firmware to prevent tampering by nefarious actors. After all, you’re likely operating in healthcare, law enforcement or government. In all these industries, you’ll need to fulfill your regulatory requirements such as FIPS-140 or DO-178 before you even approach your customers. You specialize in making the robots do what they do so let our experts help you with those regulatory requirements.
Here at wolfSSL, we’ve helped numerous robotics companies with their FIPS-140 efforts with our support for the Robot Operating System (ROS).
But even more importantly than that, we support just about any real-time embedded platform you throw at us and have the best performance to boot! We understand you have millisecond real-time reaction requirements due to safety standards and can’t have processes locked up doing cryptographic operations. Send us a message asking about our asynchronous cryptographic APIs and we’ll set you up with a call with our expert engineers to hash out the details.
If you’re making robots, we need to have a conversation!
If you have questions about any of the above, please reach out to facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now
Live Webinar: An introduction to Stateful Hash-Based Signature Schemes
Get ready to embark on a journey into another cutting-edge realm of cybersecurity with wolfSSL! Join us for an exciting webinar, “An Introduction to Stateful Hash-Based Signature Schemes,” led by Senior Software Developer Anthony Hu. Mark your calendars for April 25th at 10 am PT, as we explore the fundamentals of stateful hash-based signature schemes and their implications for the future of digital security.
Watch the Webinar Here: An Introduction to Stateful Hash-Based Signature Schemes
- Gain insight into the importance of staying ahead of the CNSA 2.0 timeline
- Dive into the One Time Signatures (OTS)
- Discover how Merkle Trees hierarchical data structures enhance security and scalability
-
Understanding the significance of the state in these algorithms
- Explore future advancements and beyond
And much more
Don’t miss out on this exclusive opportunity to boost your cybersecurity knowledge. This webinar promises to equip you with invaluable insights and practical skills to navigate the complexities of modern digital security.
Mark your calendar for April 25th at 10am PT and join us for an enlightening exploration of stateful hash-based signature schemes.
As always, our webinar includes Q&A sessions throughout. If you have any questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now
wolfSSL LTS Announcement
wolfSSL is announcing a long term support (LTS) version of the wolfSSL library. The goal of this product will be to provide users with fully ABI compatible releases of wolfSSL that are secure against all known vulnerabilities. Patches for vulnerabilities will be backported to the LTS branch in an ABI compatible way to guarantee security and stability.
ABI (Application Binary Interface) is a low-level interface that defines how functions and data structures are accessed in machine code. ABI specifies how parameters are passed to functions, how return values are retrieved, and how data structures are arranged in memory. Guaranteeing ABI stability means that compiling a newer version of the library with the same configuration will work with programs linked against an older release.
wolfSSL LTS will provide users with a stable and reliable library that can be kept up to date with no additional headache. Your programs will always be compatible with the latest wolfSSL LTS release and will be safe from discovered vulnerabilities. Separating out a LTS branch will allow us to continue developing and improving wolfSSL without the strict restrictions of ABI backwards compatibility. Users will be able to choose the appropriate version for them based on their individual priorities.
wolfSSL LTS, like all of our libraries, will be offered under a dual-license model. GPL will be available for open source users and a commercial license will be available for customers integrating it in commercial products. Additional limited backporting services will also be available for customers.
If you’re interested in wolfSSL LTS or have questions about any of the above, please reach to us at facts@wolfSSL.com or call us at +1 425 245 8247!
Download wolfSSL Now
wolfSSH Now Includes Curve25519 Support
wolfSSH now has Curve25519 support as of version 1.4.17! Go ahead and download it today. You’ll need both wolfSSL and wolfSSH. Here are instructions to get this up and running to try out yourself.
Compile wolfSSL with support for wolfSSH and Curve25519.
$ cd wolfssl $ ./configure --enable-wolfssh --enable-curve25519 $ make all $ sudo make install $ sudo ldconfig
After building and installing wolfSSL, you can simply configure wolfSSH with no options and build:
$ cd wolfssh $ ./configure $ make all
The wolfSSH client and server will automatically negotiate the use of Curve25519 for key exchange.
Run the server:
$ ./examples/echoserver/echoserver -f In a separate terminal, run the client: $ ./examples/client/client -u jill -P upthehill
Congratulations! You’ve just made an SSH connection where the key exchange was done with Curve25519.
Our next natural step is to add support for hybrid Curve25519 and Kyber/ML-KEM at NIST security level 1. Want to see this work at a higher priority and accelerated? Let our management know. Simply send a message saying you support our efforts in developing this implementation to facts@wolfSSL.com.
If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now
TLS on Embedded Systems: UART, I2C or SPI
Recently, we have seen an uptick in interest in securing communications between different embedded modules within a larger system. The academic community has seen great work in showing that these communications need to be secured; especially in the automotive space.
Are you looking to start securing your internal communications over UART, I2C or SPI? With wolfSSL, no matter how small and constrained your micro-controller, we can help!! You can make trade-offs and set build flags to suit your needs with regards to code size, memory usage and binary footprint size. For example, if you are running a TLS 1.3 client, we have flags to exclude all server-only code and exclude all earlier versions of TLS and SSL.
Some might find the idea of TLS over UART, I2C or SPI to be somewhat strange. Isn’t TLS supposed to be running over a network connection? Actually, with our IO callback system, there is no problem at all. For a great example of how to do it, you can have a look at our STM32 example code. There we show TLS 1.3 over UART both as server and client. Please have a look at https://github.com/wolfSSL/wolfssl/blob/master/IDE/STM32Cube/wolfssl_example.c. You can search there for the ENABLE_TLS_UART macro to better understand how it hooks into our IO callbacks.
Want more details? Want to discuss further how you can secure your data interfaces on your micro-controller? Reach out to facts@wolfssl.com.
If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now
wolfMQTT Releases v1.19.0
In the realm of lightweight MQTT (Message Queuing Telemetry Transport) implementations, wolfMQTT continues to push the boundaries of efficiency and versatility. With the release of version 1.19.0, wolfMQTT introduces several pivotal features that enhance its performance, usability, and integration capabilities.
- Enhanced Stress Test Module:
The incorporation of an advanced stress test module empowers developers to subject wolfMQTT to rigorous testing scenarios, ensuring its resilience under high loads and adverse conditions. - Seamless CMake Integration for CI Testing:
By integrating with CMake for continuous integration testing, wolfMQTT simplifies the process of building and testing across different platforms and environments. - Tailored Templates for Espressif ESP32 and AWS IoT Examples:
The introduction of dedicated templates for Espressif’s ESP32 platform, coupled with AWS IoT examples, accelerates the integration of wolfMQTT into IoT projects. - Expanded Compatibility with Curl Test Dependencies:
wolfMQTT’s compatibility horizon broadens with the addition of curl test dependencies. This expansion facilitates smoother integration with systems reliant on curl for HTTP-based communication, enhancing the interoperability of wolfMQTT with a broader ecosystem of tools and frameworks. - Initiation of Espressif CI and Zephyr CI Optimization:
The initiation of continuous integration setups for Espressif platforms and optimization efforts targeting Zephyr CI underscore wolfMQTT’s commitment to comprehensive testing and compatibility assurance.
Release 1.19.0 has been developed according to wolfSSL’s development and QA process (see link below) and successfully passed the quality criteria.
https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
Check out the changelog from the download for a full list of features and fixes, or contact us at facts@wolfssl.com with any questions:
https://github.com/wolfSSL/wolfMQTT/blob/master/ChangeLog.md
While you’re there, show us some love and give the wolfMQTT project a Star!
You can download the latest wolfMQTT release or clone directly from our GitHub repository
If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now
meta-wolfSSL: Simplifying Security with FIPS-Ready on Yocto and Petalinux
What is meta-wolfssl?
The meta-wolfssl layer provides Yocto / OpenEmbedded recipes for wolfSSL’s GPL based products. These allow users to easily introduce wolfSSL packages into embedded computing targets. meta-wolfssl now includes support for streamlined building of wolfSSL FIPS Ready, wolfCrypt FIPS 140-2/3, and commercial version bundles into projects as well!
Why Choose meta-wolfSSL?
- Integration Ease: meta-wolfssl simplifies the process of integrating the wolfSSL library into Yocto or Petalinux projects, saving developers time and effort.
- Security Compliance: With options for FIPS Ready and FIPS 140-2/3 validated packages, customers can prepare for and meet stringent security standards.
- Commercial Support: Access to commercial support and licensing ensures projects have the security they need with the backing of expert assistance for any issue that may arise.
wolfSSL FIPS Ready with meta-wolfssl
If you’re working on a project that might need to be FIPS 140-2 or 140-3 compliant, the wolfSSL FIPS Ready package is for you. It’s essentially wolfSSL with the ability to enable the power-on self tests that FIPS compliance would include. This package is not FIPS validated, but is designed for you to get your product ready to use our FIPS compliant bundle, making it a flexible option if you’re considering or know you will need FIPS compliance in the future.
Checkout the README on our GitHub page to get started with wolfSSL FIPS Ready on Yocto, OpenEmbedded, or Petalinux.
Contact us
If you are interested in using wolfSSL’s FIPS and/or commercial bundles, or have any issues with meta-wolfssl contact us at support@wolfSSL.com!
If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now
Live Webinar: wolfSSL 2024 Roadmap
Discover the Future of Cybersecurity with wolfSSL. Join wolfSSL 2024 Roadmap Webinar. Mark your calendar for April 17th at 10am PT as we unveil the wolfSSL 2024 Roadmap. Duration of this webinar is about one hour. This highly anticipated event promises an exclusive preview of the groundbreaking developments shaping the future of wolfSSL.
During the webinar, wolfSSL will delve into upcoming features, enhancements, and advancements that will revolutionize the cybersecurity landscape in 2024.
Watch the webinar here: wolfSSL 2024 Roadmap
It’s an unique chance to learn the key highlights of the wolfSSL 2024 Roadmap. From cutting-edge technologies to strategic partnerships, this webinar will provide valuable insights into the direction of wolfSSL and its role in safeguarding digital assets across various industries such as satellite, automotive, aerospace and much more.
Don’t miss this opportunity to be part of the conversation and shape the future of cybersecurity with wolfSSL. Watch today for the wolfSSL 2024 Roadmap Webinar.
As always, our webinar includes Q&A sessions throughout. If you have any questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now
wolfSSL Managed Component v5.7.0 Update for for Espressif
Recently we announced our release of wolfSSL version 5.7.0. This release is now available in the Espressf Managed Component library.
Getting started with wolfSSL in Espressif projects has never been easier. See our prior blog with details on Getting Started with wolfSSL as a Managed Component.
Find out more
If you have any feedback, questions, or require support, please don’t hesitate to reach out to us via facts@wolfSSL.com, call us at +1 425 245 8247, or open an issue on GitHub.
See also:
- wolfSSL 5.7.0 Now Available
- Kyber (ML-KEM) Hybridized with X25519 in wolfSSH
- Post-Quantum Kyber Benchmarks (Linux)
- https://www.wolfssl.com/docs/espressif/
- https://www.wolfssl.com/espressif/
Download wolfSSL Now
Building Qt 5.15 with wolfSSL Support
Did you know that you can build Qt 5.15 against the wolfSSL embedded SSL/TLS library instead of the default OpenSSL backend? Using wolfSSL as the TLS provider in Qt offers many advantages depending on application and industry. Some of these may include:
- Progressive TLS protocol support (up to TLS 1.3)
- Smaller footprint size (wolfSSL is up to 20 times smaller than OpenSSL)
- Extensive testing (wolfSSL is the best-tested SSL/TLS implementation available today)
- Certifications (FIPS 140-2 / 140-3, DO-178C)
- Portability (wolfSSL supports over 30 operating systems)
- Hardware cryptography support
- Commercial support
- Consulting services and training available
To compile wolfSSL for Qt, use the following configure options:
$ cd wolfssl $ ./autogen.sh $ ./configure --enable-qt --enable-qt-test --enable-alpn --enable-rc2 --prefix=/path/to/wolfssl-install\ CFLAGS="-DWOLFSSL_ERROR_CODE_OPENSSL -DWOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS=0x1b" $ make $ make install
Depending on the environment, adding wolfSSL install path to LD_LIBRARY_PATH for Qt build
LD_LIBRARY_PATH=/path/to/wolfssl\install/lib:$LD_LIBRARY_PATH
To compile Qt with the wolfSSL follow the steps below:
- Follow the Building Qt Guide to download needed Qt dependencies and initialize the Qt repository. To clone Qt for v5.15.x, you can use the following command:
$ git clone git://code.qt.io/qt/qt5.git --branch v5.15.x
- Init Qt repository
$ cd qt5 $ ./init-repository --module-subset=qtbase
- Apply the wolfSSL Qt patch file to qt5.
$ wget https://raw.githubusercontent.com/wolfSSL/osp/master/qt/wolfssl-qt-515.patch $ cd qtbase $ git apply -v ../wolfssl-qt-515.patch
- Configure Qt5
$ cd ../../ $ mkdir build $ cd ./build $ ../qt5/configure -opensource -wolfssl-linked -confirm-license -ccache -no-pch -developer-build -I/path/to/wolfssl-install/include/wolfssl -I/path/to/wolfssl-install/include
- Build Qt
$ make
To find more detailed steps and then run test cases, you can find them in README at our ops repository.
If you have questions about any of the above, feel free to email us at facts@wolfSSL.com or support@wolfSSL.com, or call us at +1 425 245 8247.
Download wolfSSL Now