Category: wolfCLU

We have added initial support for the s_server command to wolfCLU! This exciting new feature supports handling basic TLS connections leveraging the best tested cryptography from the wolfSSL library. It is a quick way to set up simple TLS connection tests. So far the arguments available are :

```
./wolfssl s_server
	-help
	-port <+int>
    	Port to listen on.


	-key 
    	only PEM can be used.


	-cert 
    	only PEM can be used.


	-noVerify
    	Disable client cert check.


	-CAfile 
    	only PEM can be used.


	-version 
    	SSL version [0-4], SSLv3(0) - TLS1.3(4))


	-naccept <+int>
    	Number of times to accept.(default 1)


	-www
    	The response is in HTML format.


	-readyFile 
    	Create Ready file for external monitor.
```

For interest in expanding the capabilities or questions in general, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now

Throughout the last development cycle, we have increased the test coverage for wolfCLU. This includes many different types of tests done with continuous integration. One of the tests expanded was involving -fsanitize=address builds on every code addition by updating the GitHub actions used. Another was expanding the unit test for the new features added including the ML-DSA (Dilithium support). This is all part of a never ending effort to always be improving on the quality of wolfCLU. Feel free to reach out to us at support@wolfSSL.com with any troubles encountered when using wolfCLU.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now

The `dgst` command of wolfCLU saw support for some new arguments with the latest release. Support for `-inform` was added, giving the flexibility to choose if the incoming file is in DER or PEM format. Before only PEM formatted inputs were handled and the application would gracefully error out if a DER input had been given. An example of using this new argument would be the following `wolfssl dgst -inform DER -sign private.ec.der -sha512 -out test.wc.sig test.bin`. To see all of the options available for the `dgst` command uses the `-h` flag, i.e. `wolfssl dgst -h`.

For more information or questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now

Enhancements were made to wolfCLU for using PEM formatted keys with sign and verify operations. Previously, the sign and verify commands only expected DER formatted keys. This addition was made for all supported algorithms: RSA, ECC, and ED25519. It can be used with the flag -inform. An example would be `wolfssl rsa -inkey priv.key -inform PEM -sigfile signature.bin -in sign-this.txt -out result`. This new enhancement helps make it easier to quickly generate a signature of a file. No longer have the restriction on the format of keys used and the hassle of converting between the two.

For more information or questions about any of the above, please contact us at facts@wolfssl.com or call us at +1 425 245 8247.

Download wolfSSL Now

The `rsa` command with wolfCLU just got better! Now there is support for `-pubin` and `-pubout` options. This facilitates loading in a RSA public key only and printing out just the public version of the key. Very useful for cases such as signature verification where you may only have the public part of the key, or for printing out the public version of an RSA key to distribute to others. The expanded support follows the same naming as the OpenSSL command line utility, making it easy to interchange the command line utility being used.

For more information or questions about the above, contact us at facts@wolfSSL.com or call +1 425 245 8247.

Download wolfSSL Now

We have added support for creating and verifying signatures with ML-DSA. This new feature was introduced in wolfCLU release 0.1.6 and can be seen in the handy help message by running `wolfssl -h`. There are a couple of options available to be passed to the new `dilithium` command to increase the flexibility for tuning performance versus security strength.

For more information or questions about the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now

Parsing and viewing PKCS7 bundles just got easier with the addition of the `pkcs7` command in wolfCLU. This neat command takes multiple arguments allowing for printing out the certificates contained in a PKCS7 bundle and parsing both PEM and DER formats. Creation of PKCS7 bundles is supported using wolfSSL API’s but not yet supported in wolfCLU. Let us know at facts@wolfssl.com if this is a capability desired in wolfCLU.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now

wolfCLU release 0.1.6 is available! wolfSSL’s command line utility (wolfCLU) is a drop in replacement for the OpenSSL command line utility. It’s a handy swiss army knife of common operations used, often great for system admins or test developers. Doing things such as creating and signing certificates, generating new keys, parsing X509 certificates into human readable form, and much more. This release has seen some fixes to wolfCLU along with exciting new features. One of the new features being the addition of support for post quantum Dilithium signature generation and verification. For a full list of changes check out the ChangeLog.md.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now