RECENT BLOG NEWS
wolfMQTT Releases v1.17.0
The latest release of wolfMQTT, v1.17.0, is now available! This release has several bug fixes and optimizations including:
- Fix for declaration after executable block by @lealem47 in #341
- Add QNX IDE, Makefile, and remove source code exec bit by @JacobBarthelmeh in #317
- update for cmake after wolfssl added NAMESPACE by @JacobBarthelmeh in #343
- Add mutex protection to MqttClient_NetDisconnect by @embhorn in #342
- Add DTLS support to MQTT-SN client by @embhorn in #348
- Tie zephyr tests to a release by @julek-wolfssl in #350
- add documentation link to README by @gojimmypi in #355
- Possible patch for POSIX conditional wait issue by @dgarske in #356
- Fix publish with topic ID >=127 by @embhorn in #351
- Adding publish and subscribe atomic client examples by @embhorn in #347
- Allow disabling the posix conditional signal by @dgarske in #360
- Exclude CI tests with external brokers by @embhorn in #362
- Improvements for client property stack by @dgarske in #361
- Add mosquitto to CI tests by @embhorn in #365
- Fixes for non-blocking edge cases by @dgarske in #363
- Refactor MQTT-SN code by @embhorn in #366
Release 1.17.0 has been developed according to wolfSSL’s development and QA process and successfully passed the quality criteria.
Check out the changelog from the download for a full list of features and fixes, or contact us at facts@wolfSSL.com with any questions.
While you’re there, show us some love and give the wolfMQTT project a Star!
You can download the latest release of wolfMQTT today Or clone directly from our GitHub repository.
If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now
Live Webinar: Everything you need to know about DTLS 1.3
Announcing the Highly-Anticipated Return of the DTLS 1.3 Webinar!
We’re thrilled to invite you to the upcoming webinar, Everything you need to know about DTLS 1.3, on November 9th presented by wolfSSL Senior Software Engineer, Juliusz. If you’re eager to delve deep into the world of DTLS 1.3 and expand your knowledge, this is an unmissable opportunity.
Watch the webinar here: DTLS 1.3 Webinar
As a pioneer in DTLS 1.3 implementation, wolfSSL has brought numerous enhancements and innovations to bolster the security and efficiency of the DTLS protocol. Notably, ExpressVPN recently integrated DTLS 1.3 support into their lightweight core library via wolfSSL. Juliusz will be providing invaluable insights into the DTLS 1.3 protocol improvements and sharing the latest updates on security.
Sneak peek of the webinar:
- Introduction to basic DTLS
- DTLS v1.3 vs v1.2 comparison
- wolfSSL DTLS 1.3 examples and experiments
- Hands-On: utilizing DTLS in UDP applications
- Unveiling new features and updates
This is your perfect opportunity to gain in-depth understanding and enhance your DTLS 1.3 technical skills. Don’t miss out on the chance to learn and have your DTLS 1.3 related questions answered live. Watch it now!
If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now
Enhanced PKCS7 support in wolfSSL
Previously with calls to wolfSSL_SMIME_read_PKCS7 in wolfSSL we were automatically performing a verification of the bundle’s signature after parsing it. To support more use cases the behavior was updated to allow for only parsing the ASN.1 syntax when calling wolfSSL_SMIME_read_PKCS7. Now more complex bundle setup’s are supported and more flexible means of verifying the bundle after it has been parsed. One of the more straightforward ways that still exist to verify the bundle is by using wolfSSL_PKCS7_verify.
If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now
wolfTPM v3.0 Released
This is a major version for wolfTPM. We are excited for this release because it includes some really excellent new features and fixes!
Secure Boot Examples:
This release adds new examples for secure boot. See examples/boot/README.md for details.
We added a new secret sealing/unsealing example based on an externally signed policy. This is a complex use-case showing how to seal a secret based on a policy that is externally signed. The seal operation uses a public key. The private key associated with it is used to sign a policy to allow unsealing that secret. These examples use PCR registers, however there are other policy methods supported by the TPM. See secret_seal and secret_unseal.
We also added an example for anchoring a root of trust in the TPM using an NV in the platform hierarchy and optional NV lock feature. See secure_rot.
Support for ECC Parameter Encryption / Secrets:
We added support for encrypting secrets using ECC key. Allows using ECC for parameter encryption and importing ECC keys with custom seed. (See PR 276)
Authentication Refactor:
This release adds command information including the specific authentication requirements. If a command expects authentication and it is not provided the wolfTPM library will warn (if using –enable-debug). Likewise if a command does not use authentication it will automatically exclude it. If additional authenticated session(s) are available like HMAC or policy it will be included. The user is still required to set the correct session index.
HAL Improvements:
We have refactored the HAL to make it available with the library, not just in the examples. HAL support for Microchip Harmony SPI has been added. The STM32 I2C support has been fixed and performance improved. We added support for memory mapped (MMIO) found on Intel hardware.
PEM support:
We have added new API’s for making it easy to import and load PEM or DER/ASN.1 encoded ECC or RSA keys (private or public).
See “wolfTPM2_ImportPrivateKeyBuffer” and “wolfTPM2_ImportPublicKeyBuffer”
Security Best Practices:
We have added a new API “wolfTPM2_ChangePlatformAuth” to help set the platform authentication. This is useful during the boot phase to prevent access to the platform. Typically a random value is used, since this auth is cleared on reset or power cycle.
Testing has been greatly expanded in this release for our examples including greater use/support of -aes/-xor options for parameter encryption. See examples/run_examples.sh.
Full wolfTPM v3.0.0 Change Log:
Summary
Refactor of command authentication. Support for ECC sessions and secrets. Support for policy sealing/unsealing. Examples for secure boot.
Detail
- Refactor of the command authentication. If command does not require auth do not supply it (PR #305)
- Refactor HAL and added Microchip Harmony SPI HAL support (PR #251)
- Relocate crypto callback code to its own code file (PR #304)
- Fixed using a custom wolfTPM CSR sigType (PR #307)
- Fixed support for ECC 384-bit only support (PR #307)
- Fixed issue with using struct assignment (switched to memcpy) (PR #303)
- Fixed various issues building with C++ compiler (PR #303)
- Fixed issues with STM32 I2C build and improved performance (PR #302)
- Fixed seal with RSA and PCR extend auth. (PR #296)
- Fixed issue including user_settings.h when –disable-wolfcrypt set (PR #285)
- Fixed TPM private key import with custom seed (PR #281)
- Fixed autogen.sh (autoconf) to generate without warnings (PR #279)
- Fixed TPM2 create with decrypt or restricted flag set (PR #275)
- Fixed and improved low resource build options (PR #269)
- Fixed the TPM_E_COMMAND_BLOCKED macro to have the correct value (PR #257)
- Fixed casting and unused variable problems on windows (PR #255)
- Fixed Linux usage of cs_change and added config overrides (PR #268)
- Fixed and improved the NV auth and session auth set/unset (PR #299)
- Fixed capability to handle unknown TPM2_GetCapability type and fix bad printf (PR #293)
- Fixed macros for file IO XFEOF and XREWIND to make sure they are available (PR #277)
- Fixed seal/unseal example (PR #306)
- Fixed TLS examples with param enc enabled (PR #306)
- Fixed signed_timestamp with ECC (PR #306)
- Added CI tests for CSharp wrappers (PR #307)
- Added support for sealing/unsealing based on a PCR that is signed externally (PR #294)
- Added examples for Secure Boot solution to store root of trust in NV (PR’s #276, #289, #291 and #292)
- Added support for importing and loading public ECC/RSA keys formatted as PEM or DER (PR #290)
- Added new policy_nv example (PR #298)
- Added -nvhandle argument to nvram examples (PR #296)
- Added code to test external import between two TPM’s (PR #288)
- Added support for STM32 Cube Expansion Pack (PR #287)
- Added support memory mapped (MMIO) TPM’s (PR #271)
- Added wc_SetSeed_Cb call for FIPS ecc (PR #270)
- Added wrapper support for setting key usage (not just extended key usage) (PR #307)
- Added RSA key import methods to handle PEM and DER encoding directly (PR #252)
- Added thread local storage macro and make gActiveTPM local to the thread (PR #253)
- Added Microchip macro names and Support for bench with MPLABX Harmony (PR #256)
- Added support for encrypting secret using ECC key (PR #276)
- Added wolfTPM2_ChangePlatformAuth wrapper to help set the platform auth (PR #276)
- Improvements to CMake build (PR’s #280, #283 and #284)
If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now
wolfSSL Extends Support for System CA Certificates to Apple Devices
We are excited to announce an important update for our Apple device users: wolfSSL’s support for installed system CA certificates now extends to Apple devices! This means that applications can now use the convenient wolfSSL_CTX_load_system_CA_certs() API to authenticate TLS connections against certificates installed to the system trust store.
Due to recently introduced OS changes around application sandboxing, applications running on non-macOS Apple platforms can no longer directly access trusted certificates installed on the system. This prevents these certificates from being enumerated and loaded into wolfSSL to use for authentication.
To accommodate this API restriction, we have introduced a new certificate verification routine that relies on Apple’s Security framework APIs to authenticate peer certificates. TLS peer certificates are first checked against the trusted CAs loaded into wolfSSL’s certificate manager, as they always have been. However, if this check is unsuccessful, wolfSSL will now attempt to validate the peer certificate chain using the system trust APIs. This new routine is only used when support for system CA certificates is enabled and when compiling for an Apple target.
If you are building wolfSSL for iOS using configure, this new feature will be on by default and no additional configuration is required by the user. If you are building with a user_settings.h file, you must define the WOLFSSL_SYS_CA_CERTS and WOLFSSL_APPLE_NATIVE_CERT_VALIDATION preprocessor macros, as well as ensure you are linking wolfSSL against the Apple CoreFoundation and Security frameworks. Calling wolfSSL_CTX_load_system_CA_certs() before creating a new TLS connection will now enable system CA certificates to be used for authenticating a peer connection.
To use this feature on MacOS, the steps are the same except that you must define the WOLFSSL_APPLE_NATIVE_CERT_VALIDATION preprocessor macro even when building with configure, as the feature is not on by default.
If you are using cURL + wolfSSL, ensure that the feature is enabled in your wolfSSL build as described above, then set the CURLSSLOPT_NATIVE_CA curlopt in your curl application to indicate the native certificate verification routines should be used.
if you have questions, comments or suggestions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now
Repost: wolfBoot support for the STM32C0
Designed by Freepik: www.freepik.com
We are adding wolfBoot support for the new STM32C0. This is a low cost MCU similar to the STM32G0 based on a Cortex-M0 (48MHz). It is a very low cost general purpose 32-bit MCU with up to 32KB flash and 12KB RAM.
Our wolfBoot secure bootloader is the only solution available for this platform thanks to our small code size. Most STM32 parts are supported with wolfBoot out of the box. See our video series with ST for a tutorial on using wolfBoot.
See the STM32C0 announcement from ST.
Features:
- Written in C for bare-metal use
- Small footprint to run on small embedded devices
- Memory safety (no malloc/free)
- Support for on-board or external SPI flash
- Simple partitioning and header scheme
- Abstracted HAL design for CPU speed and flash
- Bootloader handles swapping and loading of partitions
- Key tools for key generation/import and signing
- Encrypted updates
- Delta updates (only differences)
Signature algorithms supported:
- ECC (SECP256R1,SECP384R1)
- RSA (2048/3072/4096)
- ED25519
- ED448
Firmware image integrity using hash digest:
- SHA2-256
- SHA2-384
- SHA3-384
Flexible partition scheme determined at build-time:
- Bootloader (10-30KB)
- Application
- Update
- Swap (1 sector)
- And custom partition ID’s
Reliable Firmware update mechanism:
- Independent from the update transport mechanism
- Fallback to a previous version when the update fails
- Resume interrupted swap operations during update, in case of power failure
Support for STM hardware crypto acceleration:
- STM32 HASH/AES/PKA
- ST33TP* TPM 2.0 using wolfTPM
If you are interested in trying our wolfBoot on the STM32C0, curious about post-quantum signature support in wolfBoot or have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now
Live Webinar hosted on Australian time for our Asia Pacific audience: SM Ciphers are now implemented in wolfSSL
How to access them, use them, and what sets them apart.
Join us for an informative webinar on the release of wolfSSL’s SM cipher implementations, presented by wolfSSL Senior Software Engineer Sean on November 3rd at 12pm AEST. This webinar is scheduled for Australian time to cater to our audience in the Asia Pacific region.
Watch the webinar here: wolfSSL’s SM cipher implementations
As many are aware, Chinese government regulators are now mandating use of SM2, SM3 and SM4 in critical systems, including automobiles, avionics, power systems, and communication systems. Since many of our customers are multinationals that conduct business in China, they have expressed the need for the inclusion of these algorithms in wolfSSL products.
We recently released our supported versions of SM2, SM3, and SM4, with the intention to release the ZUC stream cipher at some point this year to completely satisfy SM9. We are also in contact with labs regarding support of OSCCA certification at some point in the future.
This is truly exciting news for our customers in the Chinese markets!
For those considering using wolfSSL products, here are 6 key benefits you will gain:
- The SM Ciphers are fully supported in wolfSSL’s TLS 1.3 and DTLS 1.3 implementations.
- wolfSSH, wolfBoot and our other products will support ShangMi ciphers.
- ARM, Intel, and RiscV assembly is in the works for our SM implementations for maximum performance
- We support bare metal for SM2, SM3, and SM4.
- We have maximized performance and minimized size, so the ShangMi algorithms will work well for embedded systems use cases on a wide variety of microcontrollers (MCU’s). They will be available for all of the MCU silicon that we currently support, including STM32, NXP i.MX, RISC-V, Renesas RA, RX, and Synergy, Nordic NRF32, Microchip PIC32, Infineon Aurix, TI MSP, and many others.
- Our GPLv2 versions of the SM ciphers are available for download on GitHub
Commercially licensed versions are available.
Sean will delve into the insights of SM Ciphers and explain how you can effectively employ SM Ciphers with wolfSSL. Bring all your questions related to ShangMi Ciphers and algorithms; Sean is ready to answer them all.
Sneak peek of the SM Ciphers webinar:
- Background of the ShangMi Ciphers: SM2, SM3, SM4
- TLS and SM Ciphers
- When to Utilize SM Ciphers
- wolfSSL and SM Ciphers
- Building wolfSSL with SM Ciphers
- Using SM Ciphers in wolfSSL
- Future Developments
If you have questions about the ShangMi ciphers and algorithms, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now
Native CAN bus and A Full API Manual for the wolfSentry Embedded Firewall/IDPS
With our recent release of version 1.6, wolfSentry now natively supports CAN bus, with idiomatic bitmask-based address matching. Addresses and bitmasks can be supplied as hexadecimal, octal, or decimal numbers, supporting both 11 bit part A and 29 bit part B addresses.
Indeed, all address families now support bitmask matching, including user-defined address families, with computational overhead confined to bitmask-matched families. When using JSON configuration, bitmask matching is a simple matter of supplying a “bitmask” rather than a “prefix-bits” value for an endpoint. Bitmask-matched addresses can also be supplied directly through the API, using WOLFSENTRY_ROUTE_FLAG_REMOTE_ADDR_BITMASK and WOLFSENTRY_ROUTE_FLAG_LOCAL_ADDR_BITMASK. Consult the documentation for details.
Speaking of documentation, wolfSentry now includes a comprehensive developer’s manual, fully detailing the API, JSON configuration, build flags, and basic application integration in FreeRTOS-lwIP. The new API manual is available both as a bundled pregenerated PDF file at doc/wolfSentry_refman.pdf, and as Doxygen-generated HTML by running “make doc-html”.
Release 1.6 also includes additional portability improvements, allowing for full functionality in a newlib-nano runtime with a C89 toolchain. Callbacks are provided for all system facilities, assuring easy porting.
The latest wolfSentry release is available on GitHub, with native in-tree support for 32 and 64 bit targets and POSIX, DeOS, FreeRTOS, and MacOS X runtimes. Let us know if you would like it on another platform. Our current porting plans include Green Hills IntegrityOS, VxWorks, LynxOS, PetaLinux,TRON/ITRON/µITRON, QNX, PikeOS and NuttX. Clone it now, and make test!
Please contact us at facts@wolfSSL.com or call us at +1 425 245 8247 with any questions or for help getting started with wolfSentry in your project!
Download wolfSSL Now
Secure Your Apple HomeKit Espressif ESP32 Devices with wolfSSL
wolfSSL is proud to announce that wolfCrypt is being used to secure Espressif ESP32 devices on the Apple ® HomeKit ecosystem. Use wolfSSL on your own ESP32 (or any other embedded device!) along with the many other commercially available Apple Home Accessories to control and monitor nearly anything. Use wolfSSL encryption to keep communication between devices secure.
We recently became aware of the popular open source Homekit project that [AchimPieters] is working on with the esp32-homekit-demo. See also the Espressif Homekit SDK and the Apple HomeKit ADK.
Any good demo starts with a Hello World application. In the world of embedded devices, that’s of course typically the blinking LED. Check out the Homekit LED Example. Special thanks to [Julien C] that helped test and fine-tune wolfSSL to work with the demo and his iPhone!
Which Espressif device do you have? The classic ESP32? The updated ESP32-S3? Perhaps the RISC-V ESP32-C3? We support them all.
Just getting started with wolfSSL? Check out our blog on wolfSSL as a Managed Component and the Preview Blog for wolfSSH and wolfMQTT Managed components. You can add wolfSSL support to your Espressif project with just one line:
idf.py add-dependency "wolfssl/wolfssl^5.6.0-stable"
If you have an ESP32 product idea for the Apple Homekit or some other platform, or questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247 to learn more. We work with any size organization from the smallest garage maker to the largest Fortune 500 companies.
Download wolfSSL Now
Repost: Secure Boot and Glitching Attacks
Designed by @Noxifer81
In general, a “glitch” is a momentary fault that may happen on a system, preventing it from working properly, for a brief amount of time. The effects of a single glitch on proper software execution may be multiple, including catastrophic consequences that may prevent the system from continuing the execution.
Glitching attacks are complex and expensive to execute, but can be a real issue for secure boot mechanisms, and often very hard to prevent or mitigate. They aim at exploiting predictable consequences of single glitches in order to take control of the execution or the data contained in the system. The glitch can be injected using different techniques, which often rely on well known weaknesses of the specific microcontroller or CPU. The most common glitch injection consists in varying the voltage supplied to the chip at a specific time, or modifying the profile of the clock signal to mangle the timing of the execution of the instructions. More advanced attacks can rely on irradiating the device with strong electromagnetic interference.
In the specific context of secure boot, the goal for an attacker is to circumvent the security checks in those critical sections of the code, e.g. the code that performs verifications on the firmware authenticity, integrity or versioning. These attacks could eventually defeat the security checks, and take control of the system by uploading an unauthorized firmware image. While they require an accurate synchronization and several attempts, these attacks will eventually succeed in injecting a fault in the hardware at the required time in order to skip the verification.
Our secure bootloader, wolfBoot, follows the indication of RFC9019 to provide a secure, public key based verification of the integrity and authenticity of the firmware and its updates. It runs on several different architectures, from small microcontrollers up to x86_64 systems. wolfBoot is OS-agnostic and provides best-in-class security thanks to the FIPS 140-2 certified algorithms implemented in the wolfCrypt security engine.
wolfBoot already comes with plenty of unique features. Now it is also the first open source secure bootloader to implement mitigations against glitching attacks. Our development team has added an optional feature that can be activated at compile time, to reinforce the security of the critical variables and decision points in the code. This has required an evaluation of the code flow of wolfBoot from a point of view that includes the possibility for an attacker to skip single specific instructions. Introducing these mitigations has been tricky, because redundant code written in C is usually discarded by the compiler. For this reason the countermeasures must be programmed in assembly, which makes this code architecture specific.
Our latest release of wolfBoot v1.11 contains these countermeasures. Glitching support mitigation can be freely compiled and used in GPL projects for evaluation and auditing purposes.
To compile wolfBoot with glitching and side-channel attack mitigations turned on, it is sufficient to add ARMORED=1 to the configuration options (i.e. via command line when invoking make, or through the .config file). The ARMORED option is currently supported on ARM Cortex-M architecture. Support for other architectures will be added in the future.
You can download wolfBoot today from our download page or from our github repository
If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now
Weekly updates
Archives
- December 2024 (15)
- November 2024 (29)
- October 2024 (18)
- September 2024 (21)
- August 2024 (24)
- July 2024 (27)
- June 2024 (22)
- May 2024 (28)
- April 2024 (29)
- March 2024 (21)
- February 2024 (18)
- January 2024 (21)
- December 2023 (20)
- November 2023 (20)
- October 2023 (23)
- September 2023 (17)
- August 2023 (25)
- July 2023 (39)
- June 2023 (13)
- May 2023 (11)
- April 2023 (6)
- March 2023 (23)
- February 2023 (7)
- January 2023 (7)
- December 2022 (15)
- November 2022 (11)
- October 2022 (8)
- September 2022 (7)
- August 2022 (12)
- July 2022 (7)
- June 2022 (14)
- May 2022 (10)
- April 2022 (11)
- March 2022 (12)
- February 2022 (22)
- January 2022 (12)
- December 2021 (13)
- November 2021 (27)
- October 2021 (11)
- September 2021 (14)
- August 2021 (10)
- July 2021 (16)
- June 2021 (13)
- May 2021 (9)
- April 2021 (13)
- March 2021 (24)
- February 2021 (22)
- January 2021 (18)
- December 2020 (19)
- November 2020 (11)
- October 2020 (3)
- September 2020 (20)
- August 2020 (11)
- July 2020 (7)
- June 2020 (14)
- May 2020 (13)
- April 2020 (14)
- March 2020 (4)
- February 2020 (21)
- January 2020 (18)
- December 2019 (7)
- November 2019 (16)
- October 2019 (14)
- September 2019 (18)
- August 2019 (16)
- July 2019 (8)
- June 2019 (9)
- May 2019 (28)
- April 2019 (27)
- March 2019 (15)
- February 2019 (10)
- January 2019 (16)
- December 2018 (24)
- November 2018 (9)
- October 2018 (15)
- September 2018 (15)
- August 2018 (5)
- July 2018 (15)
- June 2018 (29)
- May 2018 (12)
- April 2018 (6)
- March 2018 (18)
- February 2018 (6)
- January 2018 (11)
- December 2017 (5)
- November 2017 (12)
- October 2017 (5)
- September 2017 (7)
- August 2017 (6)
- July 2017 (11)
- June 2017 (7)
- May 2017 (9)
- April 2017 (5)
- March 2017 (6)
- January 2017 (8)
- December 2016 (2)
- November 2016 (1)
- October 2016 (15)
- September 2016 (6)
- August 2016 (5)
- July 2016 (4)
- June 2016 (9)
- May 2016 (4)
- April 2016 (4)
- March 2016 (4)
- February 2016 (9)
- January 2016 (6)
- December 2015 (4)
- November 2015 (6)
- October 2015 (5)
- September 2015 (5)
- August 2015 (8)
- July 2015 (7)
- June 2015 (9)
- May 2015 (1)
- April 2015 (4)
- March 2015 (12)
- January 2015 (4)
- December 2014 (6)
- November 2014 (3)
- October 2014 (1)
- September 2014 (11)
- August 2014 (5)
- July 2014 (9)
- June 2014 (10)
- May 2014 (5)
- April 2014 (9)
- February 2014 (3)
- January 2014 (5)
- December 2013 (7)
- November 2013 (4)
- October 2013 (7)
- September 2013 (3)
- August 2013 (9)
- July 2013 (7)
- June 2013 (4)
- May 2013 (7)
- April 2013 (4)
- March 2013 (2)
- February 2013 (3)
- January 2013 (8)
- December 2012 (12)
- November 2012 (5)
- October 2012 (7)
- September 2012 (3)
- August 2012 (6)
- July 2012 (4)
- June 2012 (3)
- May 2012 (4)
- April 2012 (6)
- March 2012 (2)
- February 2012 (5)
- January 2012 (7)
- December 2011 (5)
- November 2011 (7)
- October 2011 (5)
- September 2011 (6)
- August 2011 (5)
- July 2011 (2)
- June 2011 (7)
- May 2011 (11)
- April 2011 (4)
- March 2011 (12)
- February 2011 (7)
- January 2011 (11)
- December 2010 (17)
- November 2010 (12)
- October 2010 (11)
- September 2010 (9)
- August 2010 (20)
- July 2010 (12)
- June 2010 (7)
- May 2010 (1)
- January 2010 (2)
- November 2009 (2)
- October 2009 (1)
- September 2009 (1)
- May 2009 (1)
- February 2009 (1)
- January 2009 (1)
- December 2008 (1)