#wolfssl — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #wolfssl, aggregated by home.social.
-
🦾 Why C Remains the Gold Standard for Cryptographic Software - wolfSSL
「 While memory-safe languages like Rust offer real benefits, serious cryptographic implementations inevitably rely on unsafe code, assembly, and low-level control, eroding those guarantees. At that point, the added abstraction often increases complexity without meaningfully reducing risk 」
https://www.wolfssl.com/why-c-remains-the-gold-standard-for-cryptographic-software/
-
Sicherheitslücke: #wolfSSL-Bibliothek winkt manipulierte Zertifikate durch | Security https://www.heise.de/news/Sicherheitsluecke-wolfSSL-Bibliothek-winkt-manipulierte-Zertifikate-durch-11256250.html #Patchday
-
Critical wolfSSL flaw (CVE-2026-5194) allows digital ID forgery across billions of devices. Update to version 5.9.1 to fix the issue and reduce risk
Read: https://hackread.com/wolfssl-vulnerability-iot-routers-military-systems/
-
Critical flaw in #wolfSSL library enables forged certificate use
-
Long, but great read from #HAProxy on the state of #TLS libraries. Includes some scathing remarks about the #OpenSSL project.
“The development team has degraded their project’s quality, failed to address ongoing issues, and consistently dismissed widespread community requests for even minor improvements.”
“This unfortunate situation considerably hurts QUIC protocol adoption. It even makes it difficult to develop or build test tools to monitor a QUIC server.”
“When some of the project members considered a 32% performance regression ‘pretty near’ the original performance, it signaled to our development team that any meaningful improvement was unlikely.”
“In blunt terms: running OpenSSL 3.0.2 as shipped with Ubuntu 22.04 results in 1/100 of #WolfSSL’s performance on identical hardware! To put this into perspective, you would have to deploy 100 times the number of machines to handle the same traffic, solely because of the underlying SSL library.”
-
“AWS-LC looks like a very active project with a strong community. […] Even the recently reported performance issue was quickly fixed and released with the next version. […] This is definitely a library that anyone interested in the topic should monitor.”
#OpenSSL #BoringSSL #WolfSSL #AWSLC #HAProxy #OpenSource #FreeSoftware #FOSS #OSS #TLS #QUIC
https://www.haproxy.com/blog/state-of-ssl-stacks -
“AWS-LC looks like a very active project with a strong community. […] Even the recently reported performance issue was quickly fixed and released with the next version. […] This is definitely a library that anyone interested in the topic should monitor.”
#OpenSSL #BoringSSL #WolfSSL #AWSLC #HAProxy #OpenSource #FreeSoftware #FOSS #OSS #TLS #QUIC
https://www.haproxy.com/blog/state-of-ssl-stacks -
“AWS-LC looks like a very active project with a strong community. […] Even the recently reported performance issue was quickly fixed and released with the next version. […] This is definitely a library that anyone interested in the topic should monitor.”
#OpenSSL #BoringSSL #WolfSSL #AWSLC #HAProxy #OpenSource #FreeSoftware #FOSS #OSS #TLS #QUIC
https://www.haproxy.com/blog/state-of-ssl-stacks -
“AWS-LC looks like a very active project with a strong community. […] Even the recently reported performance issue was quickly fixed and released with the next version. […] This is definitely a library that anyone interested in the topic should monitor.”
#OpenSSL #BoringSSL #WolfSSL #AWSLC #HAProxy #OpenSource #FreeSoftware #FOSS #OSS #TLS #QUIC
https://www.haproxy.com/blog/state-of-ssl-stacks -
“AWS-LC looks like a very active project with a strong community. […] Even the recently reported performance issue was quickly fixed and released with the next version. […] This is definitely a library that anyone interested in the topic should monitor.”
#OpenSSL #BoringSSL #WolfSSL #AWSLC #HAProxy #OpenSource #FreeSoftware #FOSS #OSS #TLS #QUIC
https://www.haproxy.com/blog/state-of-ssl-stacks -
I'll be speaking at CYSAT Conference in Paris next month!
Let me know if you are going! Stop by and say hi. I'll be at the #wolfSSL booth, too.
-
Frontgrade Gaisler and wolfSSL Collaborate to Enhance Cybersecurity in Space Applications
-
At this year's #FOSDEM my team at #wolfSSL got no booth space so my large volume #curl sticker distribution (LVCSD) has to be done using other means.
The LVCSD will most likely happen in the cafeteria area, but feel free to ping me if you can't get your fix as planned.
I will bring thousands of curl stickers and hundreds of coasters. There will be a few mugs and maybe some tshirts.
Buying myself friends, like a boss.
-
Andrew Hutchings prépare le portage de la bibliothèque de sécurité wolfSSL sur Amiga. Il vous montre ses premiers essais dans cet article (traduit en français et disponible sur Obligement) :
http://obligement.free.fr/articles/wolfssl_pointe_museau_amiga.php
(source : @obligement sur X)
-
That moment where I finally figure out workarounds for the crypto HAL bugs in a new microcontroller board to get AES GCM working 🕺
#wolfSSL -
Обновился #OpenSSL до 3.4.0 и опять без полноценной нормальной поддержки #QUIC, т.е. непригодный для #HTTP/3 на серверной стороне. И, соответственно, ещё не ясно на сколько хорошо сделана клиентская часть :)
Аж вспомнились времена, когда желая получить #curl поддерживающий нормально работу #HTTP/3 приходилось собирать его из исходников с аналогами/форками #OpenSSL.
#HTTP/3 работает не через tcp-соединения, а использует в качестве транспорта протокол QUIC (Quick UDP Internet Connections), т.е. передаёт данные поверх udp без использования абстракций и сущностей tcp. Вот картинка про современный #HTTP
Сам по себе #QUIC не умеет передавать данные в открытом виде, а может только через #TLS v1.3, т.е. в обязательном порядке только зашифрованные. Тем самым в QUIC используется встроенный вариант TLS 1.3 крайне близкий/схожий с #DTLS, поскольку работа протокола идёт на уровне обмена udp-пакетами, а не tcp-соединений.
#curl может использовать разные альтернативы OpenSSL, т.к. изначально спроектирован таким образом, что не завязан именно на OpenSSL:- Есть официальная документация что и как с бэкендами вообще.
- Рядом, примерно там же имеется сравнение разных криптографических бэкендов.
Что предлагают по HTTP/3 авторы curl?
Вот зелёным выделена комбинация библиотек, которую полагают наиболее стабильным и полноценным вариантом
Вся загвоздка в том, что #OpenSSL пытается содержать в себе реализацию #QUIC, а не использует реализацию в виде какой-то библиотеки.
Что получается в целом?
Протокол #HTTP/3 реализуется через библиотеку #nghttp3.
Необходимая реализация #QUIC через #ngtcp2.
А для TLS используется #GnuTLS или же #wolfSSL или что-то ещё:The OpenSSL forks #LibreSSL, #BoringSSL, #AWS-LC and #quictls support the QUIC API that #curl works with using #ngtcp2.
Вот из документация примеры и детали по сборке этих составляющих. Если выбрана #GnuTLS и в системе версия далёкая от свежих, то сама она довольно быстро собирается из исходников.
В целом, вообще, про варианты добавления поддержки #HTTP/3 очень достойно расписано здесь. И есть перевод этой публикации на русском языке.
#https #http #openssl #softwaredevelopment #lang_ru @Russia -
The encryption libraries worked in a project; however, this update lets components in the ESP-IDF such as the esp-tls and http libraries leverage the power and flexibility of #wolfSSL #wolfcrypt #TLS 1.3 #PQ and more.
-
The encryption libraries worked in a project; however, this update lets components in the ESP-IDF such as the esp-tls and http libraries leverage the power and flexibility of #wolfSSL #wolfcrypt #TLS 1.3 #PQ and more.
-
The encryption libraries worked in a project; however, this update lets components in the ESP-IDF such as the esp-tls and http libraries leverage the power and flexibility of #wolfSSL #wolfcrypt #TLS 1.3 #PQ and more.
-
The encryption libraries worked in a project; however, this update lets components in the ESP-IDF such as the esp-tls and http libraries leverage the power and flexibility of #wolfSSL #wolfcrypt #TLS 1.3 #PQ and more.
-
The encryption libraries worked in a project; however, this update lets components in the ESP-IDF such as the esp-tls and http libraries leverage the power and flexibility of #wolfSSL #wolfcrypt #TLS 1.3 #PQ and more.
-
#wolfSSL "Immediately Retired" From #Fedora #Linux For Failing To Follow Packaging Rules :fedora: 🐺
https://www.phoronix.com/news/wolfSSL-Fedora-Immediately-Ends
-
#wolfSSL 5.7.2 update now available on #platformio
Commercial Grade, NIST FIPS 140-3 Certified Cryptographic libraries. All open source ❤️
-
Here's my "quick" and easy installation of tls_wolfssl for #Kamailio
-
@ryanc Maybe by using #wolfssl instead of #openssl, just like #openwrt for embedded devices does it: https://openwrt.org/releases/21.02/notes-21.02.0-rc1#tls_and_https_support_included_by_default
-
-
linuxmafia.com is my site.
I really don't care about SSL (on my site), because there's no compelling use-case for https for anything the site does. (I could remove the current self-signed cert with no functional loss.)
The whole CA thing is notorious security theatre as implemented. (See Schneier's entire chapter on that in Secrets and Lies.)
Yes, I'll probably eventually upgrade to a serious SSL implementation using something less hopeless than OpenSSL (looking at wolfSSL and MatrixSSL in addition to the obvious LibreSSL [edit: add Rustls and possibly others; would have to check my records]), and I'll probably accomodate the unthinking masses with a Let's Encrypt cert the way MIchael Orlitzky eventually did, but think it's a well-meaning solution (from excellent and righteous people who are cherished friends) to the wrong problem, for the same reason MIchael Orlitzky does.
https://michael.orlitzky.com/articles/lets_not_encrypt.xhtml
#LetsEncrypt
#EFF
#LibreSSL
#wolfSSL
#MatrixSSL
#indyweb
#geezer -
linuxmafia.com is my site.
I really don't care about SSL (on my site), because there's no compelling use-case for https for anything the site does. (I could remove the current self-signed cert with no functional loss.)
The whole CA thing is notorious security theatre as implemented. (See Schneier's entire chapter on that in Secrets and Lies.)
Yes, I'll probably eventually upgrade to a serious SSL implementation using something less hopeless than OpenSSL (looking at wolfSSL and MatrixSSL in addition to the obvious LibreSSL [edit: add Rustls and possibly others; would have to check my records]), and I'll probably accomodate the unthinking masses with a Let's Encrypt cert the way MIchael Orlitzky eventually did, but think it's a well-meaning solution (from excellent and righteous people who are cherished friends) to the wrong problem, for the same reason MIchael Orlitzky does.
https://michael.orlitzky.com/articles/lets_not_encrypt.xhtml
#LetsEncrypt
#EFF
#LibreSSL
#wolfSSL
#MatrixSSL
#indyweb
#geezer -
I've been working on Official #wolfSSL cryptography support for #Arduino. It's there! Check it out, let me know how it goes. Please open issues for any boards that might need extra attention. See my blog:
https://www.wolfssl.com/getting-started-with-wolfssl-on-arduino
-
On this day five years ago, I started working on #curl full time. https://daniel.haxx.se/blog/2024/02/02/five-year-full-time-curl-anniversary/
for #wolfssl
-
CW: 🎄 Tag 19 des Free-Open-Source-Software Maskottchen Adventskalender #FOSSMAK23. Jeden Tag ein tierisches/pflanzliches Software Maskottchen.
🐺 der Wolf
* steht für: #WolfSSL https://wolfssl.com
* ist: eine schlanke TLS/SSL Software, beliebt im #embedded Bereich (z.B. Arduino)
* seit: 2006
* in Aktion im https://jugendhacktlab.qdrei.info: nein -
WolfSSL a son binding Ada/Spark !!
Voilà, vous n'aurez plus aucune excuse de ne pas faire de cryptographie dans vos développements Ada/SPARK.
https://blog.adacore.com/announcing-ada-binding-to-the-wolfssl-library
-
WolfSSL a son binding Ada/Spark !!
Voilà, vous n'aurez plus aucune excuse de ne pas faire de cryptographie dans vos développements Ada/SPARK.
https://blog.adacore.com/announcing-ada-binding-to-the-wolfssl-library
-
WolfSSL a son binding Ada/Spark !!
Voilà, vous n'aurez plus aucune excuse de ne pas faire de cryptographie dans vos développements Ada/SPARK.
https://blog.adacore.com/announcing-ada-binding-to-the-wolfssl-library
-
WolfSSL a son binding Ada/Spark !!
Voilà, vous n'aurez plus aucune excuse de ne pas faire de cryptographie dans vos développements Ada/SPARK.
https://blog.adacore.com/announcing-ada-binding-to-the-wolfssl-library
-
Siguiendo con el webinar de wolfSSL: qué recuerdos, si me habré peleado con los códigos fuente de esas apps cuando hice mi tesis... creo hoy tengo menos pelo gracias a eso 😂
-
Acá ando, desde antes que salga el sol, en un excelente webinar brindado por @wolfSSL ... sí, SSL/TLS, criptografía, algoritmos, y sobre cómo usar las librerías de cifrado de #wolfssl.
En #infosec uno nunca deja de aprender, después de la tesis de posgrado sobre Criptografía Post-Cuántica, acá sigo metiéndole cosas locas al tarro 😀
(y si, sigo dándole vueltas a un futuro curso de criptografía aplicada, ese que me hubiera gustado hacer cuando empecé con todo esto)
-
> typically 10 times faster than OpenSSL 3.0.8 on a large system, using 1 lock per connection vs 691 for OpenSSL
yikes 😬
-
📬 Lazarus Hacker bringen ihren eigenen Dell-Treiber mit zur Party
#Hacking #Malware #AmazonStellenangebote #BLINDINGCAN #BYOVDAngriff #DellTreiber #FingerText #Lazarus #wolfSSL https://tarnkappe.info/artikel/hacking/lazarus-hacker-bringen-ihren-eigenen-dell-treiber-mit-zur-party-257168.html