Session ID: FTF-INS-F1145 June, 2015
HANDS-ON WORKSHOP
Create Secure Network-Connected Embedded Systems with CyaSSL and Kinetis SDK
1 Copyright 2015 wolfSSL Inc. SESSION INTRODUCTION
• Abstract • Secure your data communications with TLS/SSL for embedded systems, now available in an easy-to-use package for Kinetis SDK and MQX™ RTOS. Learn how to enable secure web server connections to browsers and mobile devices as well as web client connections to the cloud. • Presenters • Chris Conlon | wolfSSL Inc. | Software Engineer • Timing • 1 Hour : Presentation (Protocol, technology overview) • 1 Hour : Hands-on Lab with FRDM-K64F
2 #FTF2015 Copyright 2015 wolfSSL Inc. SESSION OBJECTIVES
• Gain overview knowledge of SSL / TLS protocols • Learn about TLS and cryptography performance • Gain insight into best practices for using TLS on devices • Learn how to enable secure web server communication, using demos included in the CyaSSL patch for the Kinetis SDK • Learn the advantages to using wolfSSL and CyaSSL on Freescale platforms • Get hands on experience, directly from experts at wolfSSL
3 #FTF2015 Copyright 2015 wolfSSL Inc. AGENDA
1. Introduction and History of wolfSSL 2. Overview of SSL / TLS, and Cryptography 3. X.509 and Certificates 4. Overview of wolfSSL Embedded SSL / TLS 5. Using CyaSSL with Freescale KDS IDE and Kinetis MCUs 6. Using Wireshark to Inspect a TLS Connection 7. Hands On Lab: HTTPS Server Example with CyaSSL, KDS, and FRDM-K64F 8. Additional Tips and Tricks about CyaSSL (Time Permitting)
4 #FTF2015 Copyright 2015 wolfSSL Inc. ABOUT WOLFSSL
Founded: 2004 Products: - wolfSSL
- wolfSSL FIPS Location: Bozeman, MT - wolfCrypt Seattle, WA - wolfSSH - wolfSCEP Portland, OR - wolfSSL Inspection - yaSSL Our Focus: Open Source Embedded Security (for Applications, Devices, IoT, and the Cloud)
200 OEM Customers 2011 3 employees 2012 9 employees 10 Resale Partners 2013 11 employees 2014 15 employees Currently Securing 2015 17 employees 1 Billion Connections!
5 #FTF2015 Copyright 2015 wolfSSL Inc. WOLFSSL LIGHTWEIGHT SSL/TLS
• Advantages to wolfSSL:
• Written from the Ground Up. wolfSSL owns the Copyright • Built for Portability, Modularity, and Performance • Strong, collaborative partnership with Freescale • Commitment to new ciphers, features, and addressing ongoing security threats • Current SSL/TLS/DTLS protocol support up to TLS 1.2 and DTLS 1.2 • Community, User, and Professional vetted since 2006
6 #FTF2015 Copyright 2015 wolfSSL Inc. WOLFSSL LIGHTWEIGHT SSL/TLS
• Advantages to wolfSSL:
• Dedicated support via [email protected] and direct phone support • Free Presales Support!
7 #FTF2015 Copyright 2015 wolfSSL Inc. OVERVIEW OF SSL / TLS
GOALS, HISTORY
16 #FTF2015 Copyright 2015 wolfSSL Inc. SSL / TLS : HISTORY AND PROTOCOLS
• SSL / TLS / DTLS versions
1995 SSL 2.0 1996 SSL 3.0 Notes:
• SSL 2.0 is insecure 1999 TLS 1.0 • SSL = “Secure Sockets Layer” 2006 TLS 1.1 DTLS 1.0 • TLS = “Transport Layer Security” 2008 TLS 1.2 • DTLS = “Datagram TLS”
2012 DTLS 1.2
17 #FTF2015 Copyright 2015 wolfSSL Inc. SSL / TLS : GOALS
• Enables secure client/server communication
Privacy + Prevent eavesdropping Authentication + Prevent impersonation Integrity + Prevent modification
18 #FTF2015 Copyright 2015 wolfSSL Inc. TLS : SIMPLIFIED ANALOGY
Goals: A. Talk to the desired person B. Talk privately (securely) ? ?
Alice Bob
19 #FTF2015 Copyright 2015 wolfSSL Inc. TLS : SIMPLIFIED ANALOGY
Goals: A. Talk to the desired person B. Talk privately (securely)
Drivers Drivers License License
Alice Bob
20 #FTF2015 Copyright 2015 wolfSSL Inc. TLS : SIMPLIFIED ANALOGY
Goals: A. Talk to the desired person B. Talk privately (securely)
Drivers Drivers License License
Alice Bob
21 #FTF2015 Copyright 2015 wolfSSL Inc. TLS : SIMPLIFIED ANALOGY
Goals: A. Talk to the desired person B. Talk privately (securely)
Drivers Drivers License License
Alice Bob
22 #FTF2015 Copyright 2015 wolfSSL Inc. TLS : SIMPLIFIED ANALOGY
Goals: • Talk to the desired peer • X.509 Certificates (RSA, ECC)
• Talk privately (securely) • Encryption, Integrity checks
23 #FTF2015 Copyright 2015 wolfSSL Inc. MITM ATTACKS
• Man in the Middle Attacks • One of the most prominent attacks TLS tries to prevent
Device Server
Attacker
24 #FTF2015 Copyright 2015 wolfSSL Inc. SSL / TLS
TECHNICAL OVERVIEW, RFC’S, HANDSHAKE
25 #FTF2015 Copyright 2015 wolfSSL Inc. TLS : PROTOCOL SPECS
Protocol Specifications
• RFC 6101: SSL 3.0 • RFC 2246: TLS 1.0 • RFC 4346: TLS 1.1 • RFC 5246: TLS 1.2 • “Draft”: TLS 1.3
26 #FTF2015 Copyright 2015 wolfSSL Inc. TLS : PROTOCOLS AND LOCATION
Protocols Secured by SSL/TLS
SSL SSL Change SSL Alert LDAP, Handshake Cipher Spec HTTP Protocol etc. SMTP, Protocol Protocol HTTP etc.
SSL Record Layer Application Layer
TCP Transport Layer
IP Internet Layer
Network Access Network Layer
27 #FTF2015 Copyright 2015 wolfSSL Inc. TLS : SUB PROTOCOLS 1 Handshake Protocol
• Responsible for negotiating a session, includes: 2 • Session identifier • Peer certificate • Compression method 3 • Cipher spec
(A) • Master secret 4 (B) • “is resumable”
28 #FTF2015 Copyright 2015 wolfSSL Inc. TLS : SUB PROTOCOLS
Client Server
1 1 Client Hello Cryptographic Info (SSL version, supported ciphers, etc.)
2 3 Server Hello 2 Cipher Suite Verify server cert, Server Certificate check crypto Server Key Exchange (public key) parameters ( Client Certificate Request ) Server Hello Done
4 3 Client Key Exchange 5 ( Certificate Verify ) Verify client cert ( Client Certificate ) (if required)
6 (A) Change Cipher Spec 4 (B) Client Finished 7 Change Cipher Spec Server Finished
8
Exchange Messages (Encrypted)
29 #FTF2015 Copyright 2015 wolfSSL Inc. TLS : SUB PROTOCOLS 1 Handshake Protocol
• Client Hello ! 2 • Sent when client first connects to server • Includes • Protocol version 3 • Random structure • Session ID (A) • Cipher suites (B) 4 • Compression methods • Extensions
30 #FTF2015 Copyright 2015 wolfSSL Inc. TLS : SUB PROTOCOLS 1 Handshake Protocol
• " Server Hello 2 • Sent in response to Client Hello • Only when it can find acceptable set of algorithms • Includes 3 • Protocol version • Random (A) (B) • Session ID 4 • Cipher suite • Compression method • Extensions
31 #FTF2015 Copyright 2015 wolfSSL Inc. TLS : SUB PROTOCOLS 1 Handshake Protocol
• Hello Extensions 2 • Signature Algorithms • Which signature / hash pairs may be used
3 • Maximum Fragment Length • Set maximum SSL record fragment size (A) (B) 4 • Several more…
32 #FTF2015 Copyright 2015 wolfSSL Inc. TLS : SUB PROTOCOLS 1 Handshake Protocol
• " Server Certificate 2 • Server’s certificate chain sent to client • X.509v3 certificates • Must be compatible with selected key exchange 3 method
(A) 4 (B)
33 #FTF2015 Copyright 2015 wolfSSL Inc. TLS : SUB PROTOCOLS 1 Handshake Protocol
• " Server Key Exchange 2 • Sent when cert message doesn’t contain enough data for client to exchange premaster secret: • DHE_DSS 3 • DHE_RSA • DHE_ANON (A) (B) 4 *Or rather, when “ephemeral” suites are used.
34 #FTF2015 Copyright 2015 wolfSSL Inc. TLS : SUB PROTOCOLS 1 Handshake Protocol
• " (Certificate Request) 2 • Server request for client certificate 3 • Used when “mutual authentication” is done
(A) 4 (B)
35 #FTF2015 Copyright 2015 wolfSSL Inc. TLS : SUB PROTOCOLS 1 Handshake Protocol
• " Server Hello Done 2 • Indicates end of Server Hello 3 • After sending, server waits for client response
(A) 4 (B)
36 #FTF2015 Copyright 2015 wolfSSL Inc. TLS : SUB PROTOCOLS 1 Handshake Protocol
• Client Authenticates Server 2 • Using cert sent previously and loaded CA certs 3
(A) 4 (B)
37 #FTF2015 Copyright 2015 wolfSSL Inc. TLS : SUB PROTOCOLS 1 Handshake Protocol
• (Client Certificate) ! 2 • Only sent if server requests it 3 • If no cert available, must send empty one
(A) 4 (B)
38 #FTF2015 Copyright 2015 wolfSSL Inc. TLS : SUB PROTOCOLS 1 Handshake Protocol
• Client Key Exchange ! 2 • Sets the premaster secret: • RSA-encrypted premaster secret message 3 • Client DH public value
(A) 4 (B)
39 #FTF2015 Copyright 2015 wolfSSL Inc. TLS : SUB PROTOCOLS 1 Handshake Protocol
• Certificate Verify ! 2 • Used to provide explicit verification of the client certificate • Client signs some data* with private key 3 • Server tries to decrypt with public key
(A) 4 (B) *concatenation of all handshake messages thus far
40 #FTF2015 Copyright 2015 wolfSSL Inc. TLS : SUB PROTOCOLS 1 Handshake Protocol
• Change Cipher Spec ! 2 • Switches to agreed upon cipher suite, compression, etc. 3
(A) 4 (B)
41 #FTF2015 Copyright 2015 wolfSSL Inc. TLS : SUB PROTOCOLS 1 Handshake Protocol
• Finished ! 2 • Verifies that key exchange and authentication process was successful. • First message sent under negotiated algorithms, 3 keys, and secrets.
(A) 4 (B)
42 #FTF2015 Copyright 2015 wolfSSL Inc. TLS : SUB PROTOCOLS 1 Handshake Protocol
• " Change Cipher Spec 2 • Same purpose as client’s 3
(A) 4 (B)
43 #FTF2015 Copyright 2015 wolfSSL Inc. TLS : SUB PROTOCOLS 1 Handshake Protocol
• " Finished 2 • Same purpose as client’s 3
(A) 4 (B)
44 #FTF2015 Copyright 2015 wolfSSL Inc. TLS : SUB PROTOCOLS 1 Change Cipher Spec Protocol
• Signals transitions in ciphering strategies 2 • Sent by both client and server
3 • Notifies receiving party that subsequent records will be protected under newly negotiated CipherSpec (A) and keys 4 (B)
45 #FTF2015 Copyright 2015 wolfSSL Inc. TLS : SUB PROTOCOLS 1 Alert Protocol
• Convey severity and description of alert 2 • Either “warning” or “fatal” • Fatal results in immediate termination of connection 3 • Encrypted and compressed as per CipherSpec
(A) 4 (B)
46 #FTF2015 Copyright 2015 wolfSSL Inc. TLS : SUB PROTOCOLS 1 Record Protocol
• Layered protocol (Sending Side) 2 • Fragments input data into blocks • (optionally) compresses data • Applies MAC 3 • Encrypts
(A) • Transmits the result 4 (B)
47 #FTF2015 Copyright 2015 wolfSSL Inc. TLS : SUB PROTOCOLS 1 Record Protocol
• Layered protocol (Receiving Side) 2 • Decrypts received data • Verifies data (using MAC) • Decompresses 3 • Reassembles
(A) • Delivers result to higher level 4 (B)
48 #FTF2015 Copyright 2015 wolfSSL Inc. CRYPTO BITS
ALGORITHMS, CIPHERS, AND PERFORMANCE
49 #FTF2015 Copyright 2015 wolfSSL Inc. CRYPTO : BLOCK CIPHERS
• Algorithms operating on fixed-length BLOCKS of data. • Use a symmetric key • Several types of operating modes: • ECB, CBC, CTR, … • Commonly-used block ciphers in SSL/TLS: • AES, DES, 3DES
50 #FTF2015 Copyright 2015 wolfSSL Inc. CRYPTO : BLOCK CIPHERS
• Mode of operation: ECB • ECB: Electronic Codebook Mode
Ref: Wikipedia: Block Cipher Modes of Operation
51 #FTF2015 Copyright 2015 wolfSSL Inc. CRYPTO : BLOCK CIPHERS
• But, ECB isn’t very secure:
Original Image Encrypted using ECB mode Modes other than ECB
Ref: Wikipedia: Block Cipher Modes of Operation
52 #FTF2015 Copyright 2015 wolfSSL Inc. CRYPTO : BLOCK CIPHERS
• Mode of Operation: CBC • CBC: Cipher Block Chaining Mode
Ref: Wikipedia: Block Cipher Modes of Operation
53 #FTF2015 Copyright 2015 wolfSSL Inc. CRYPTO : BLOCK CIPHERS
• Mode of Operation: CTR • CTR: Counter Mode
Ref: Wikipedia: Block Cipher Modes of Operation
54 #FTF2015 Copyright 2015 wolfSSL Inc. CRYPTO : STREAM CIPHERS
• Symmetric key ciphers where plaintext digits are XOR’d with corresponding digit of keystream
• Typically execute at higher speed than block cipher. • Have lower hardware complexity
• Stream Cipher Examples: • RC4 (ARC4), RABBIT, HC-128, ChaCha20
55 #FTF2015 Copyright 2015 wolfSSL Inc. CRYPTO : AEAD CIPHERS
• AEAD: Authenticated Encryption with Associated Data
• Block cipher mode providing confidentiality, integrity, and authenticity.
• MAC-then-Encrypt (MtE): MAC of plaintext, together with plaintext encrypted, then sent.
• AEAD Examples: • AES-GCM, AES-CCM, Poly1305
56 #FTF2015 Copyright 2015 wolfSSL Inc. CRYPTO : HASH FUNCTIONS
• Ideal hash function creates a message digest that is:
• Easy to compute for a given message • Infeasible to generate message that has given hash • Infeasible to modify message without changing hash • Infeasible to find two different messages with same hash
• Common hash (MAC) functions: • MD5, SHA-1, SHA-256, SHA-384, SHA-512
57 #FTF2015 Copyright 2015 wolfSSL Inc. CRYPTO : PUBLIC KEY ALGORITHMS
• Asymmetric algorithms (public / private key) • Public key used to encrypt, private key used to decrypt
• Algorithms: • RSA, ECC, DSA, DH, NTRU
58 #FTF2015 Copyright 2015 wolfSSL Inc. CRYPTO : PUBLIC KEY ALGORITHMS
RSA ECC PSK
+ Well established + Shorter keys w/ same security + Avoid expensive PK ops + Lower CPU usage + Key management convienence + Lower memory usage
59 #FTF2015 Copyright 2015 wolfSSL Inc. CRYPTO : KEY SIZES
NIST Recommended Key Sizes
Bits of Symmetric Key Hash Function RSA Key ECC Key Security Algorithm Size Size
80 3DES (2 keys) SHA-1 1024 160
112 3DES (3 keys) SHA-224 2048 224
128 AES-128 SHA-256 3072 256
192 AES-192 SHA-384 7680 384
256 AES-256 SHA-512 15360 521
NIST SP800-57: Recommendations for Key Management BlueKrypt: Cryptographic Key Length Recommendations
60 #FTF2015 Copyright 2015 wolfSSL Inc. CRYPTO : PERFORMANCE
61 #FTF2015 Copyright 2015 wolfSSL Inc. TLS : CIPHER SUITES
STRUCTURE, PRECEDENCE
62 #FTF2015 Copyright 2015 wolfSSL Inc. CIPHER SUITES : STRUCTURE
• Combination of hash functions and algorithms:
Hash Functions: MD5, SHA-1, SHA-256, … Block and Stream Ciphers: AES, 3DES, RC4, RABBIT, … Public Key Algorithms: RSA, ECC, …
CIPHER SUITE
63 #FTF2015 Copyright 2015 wolfSSL Inc. CIPHER SUITES : STRUCTURE
Protocol_keyexchange_WITH_bulkencryption_mode_messageauth
Examples: SSL_RSA_WITH_DES_CBC_SHA SSL_DHE_RSA_WITH_DES_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_DHE_DSS_WITH_AES_128_CBC_SHA TLS_DHE_RSA_WITH_AES_256_CBC_SHA
64 #FTF2015 Copyright 2015 wolfSSL Inc. CIPHER SUITES : PRECEDENCE
• In SSL/TLS, cipher suites have precedence over others • Varies from library to library • Can be specified by the application (through API) • Typically sorted by security level
65 #FTF2015 Copyright 2015 wolfSSL Inc. X.509 : CERTS AND KEYS
CHAINS, GENERATION, AND CONVERSION
66 #FTF2015 Copyright 2015 wolfSSL Inc. MAKING SENSE OF X.509
• X.509 is a standard for PKI (public key infrastructure)
• Some things specified by it include: • Public key certificates • Certificate revocation lists • Certificate path validation algorithm (CA / cert chain structure)
• Structure is expressed in ASN.1 syntax
67 #FTF2015 Copyright 2015 wolfSSL Inc. X.509V3 CERTIFICATES Structure of X.509v3 certificate is as follows:
• Certificate • Version • Serial Number • Algorithm ID • Issuer • Validity • Not Before • Not After • Subject • Subject Public Key Info • Public Key Algorithm • Subject Public Key • Issuer Unique Identifier (optional) • Subject Unique Identifier (optional) • Extensions (optional) • … • Certificate Signature Algorithm • Certificate Signature
68 #FTF2015 Copyright 2015 wolfSSL Inc. X.509V3 CERTIFICATES
• Filename Extensions: • .pem -----BEGIN CERTIFICATE----- • “Privacy-enhanced Electronic Mail” … … • Base64-encoded DER certificate -----END CERTIFICATE----- • .der, .cer, .crt • Binary DER form
• Others include • .p7b, .p7c (PKCS#7) – standard for signing/encrypting data • .p12 (PKCS#12) – bundle certs and private keys • .pfx (predecessor to .p12)
69 #FTF2015 Copyright 2015 wolfSSL Inc. CERTIFICATE CHAIN
• A list of certificates followed by one or more CA certificates, where:
• The Issuer of each certificate matches the Subject of the next • Each cert is signed by the private key of the following cert • The last cert in the chain (although not sent in the SSL/TLS handshake) is the “root CA”
70 #FTF2015 Copyright 2015 wolfSSL Inc. CERTIFICATE CHAIN
https://www.google.com
Equifax Secure Certificate Authority Root CA
GeoTrust Global CA Intermediate CA
Google Internet Authority G2 Intermediate CA
*.google.com Server Certificate
71 #FTF2015 Copyright 2015 wolfSSL Inc. WOLFSSL
LIGHTWEIGHT SSL / TLS LIBRARY
72 #FTF2015 Copyright 2015 wolfSSL Inc. WOLFSSL
Features • C-language based SSL/TLS library • Standards up to TLS 1.2 and DTLS 1.2 • Focused on size and speed optimization, progressive • Minimum footprint size of 20-100 kB • Minimum RAM usage: 1-36kB
• Web server integration (NGINX, Lighttpd, Mongoose, GoAhead) • OpenSSL Compatibility Layer • Hardware Crypto Support (including Freescale mmCAU / CAU / SEC) • Suite-B Compatible, FIPS 140-2 (Level 1) in process • Dual Licensed (GPLv2 and Commercial)
73 #FTF2015 Copyright 2015 wolfSSL Inc. WOLFSSL
Algorithm Support
MD2, MD4, MD5, SHA-1, SHA-2, SHA-3, RIPEMD Hash Functions AES, DES, 3DES, Camellia Block Ciphers ARC4, RABBIT, HC-128, ChaCha20 Stream Ciphers AES-GCM, AES-CCM, Poly1305 Authenticated Ciphers RSA, ECC, DSS, DH, EDH Public Key Options HMAC, PBKDF2 Password-based Key Derivation
RED = Supports mmCAU Hardware Acceleration
74 #FTF2015 Copyright 2015 wolfSSL Inc. WOLFSSL
Ability to take advantage of mmCAU Hardware Crypto
75 #FTF2015 Copyright 2015 wolfSSL Inc. CYASSL + KDS + KINETIS MCUS USING CYASSL WITH FREESCALE KINETIS DESIGN STUDIO IDE AND KINETIS MCUS
76 #FTF2015 Copyright 2015 wolfSSL Inc. CYASSL + KDS + KINETIS MCUS
• CyaSSL is available for download as a patch to MQX RTOS & Kinetis SDK • Patch includes sample HTTPS server • (used in the upcoming lab session)
• CyaSSL tightly integrates with MQX / RTCS / MFS
• FREESCALE_MQX Defines Located In: • FREESCALE_MMCAU ./cyassl/ctaocrypt/settings.h (CyaSSL) ./wolfssl/wolfcrypt/settings.h (wolfSSL) • FREESCALE_K70_RNGA • FREESCALE_K53_RNGB
77 #FTF2015 Copyright 2015 wolfSSL Inc. OBTAINING THE KSDK PATCH
Visit www.freescale.com/ksdk 1
2 Click
3 Install 2nd 1st
Patch Licensing: Commercial Evaluation Only
78 #FTF2015 Copyright 2015 wolfSSL Inc. CYASSL + KDS + KINETIS MCUS
• RTCS exposes SSL layer from the following header:
#include
KSDK_1.2.0/middleware/tcpip/rtcs/source/include
• Provides structure to hold keys, certs, and side:
typedef struct rtcs_ssl_params_struct { char* cert_file; char* priv_key_file; char* ca_file; RTCS_SSL_INIT_TYPE init_type; }RTCS_SSL_PARAMS_STRUCT;
79 #FTF2015 Copyright 2015 wolfSSL Inc. CYASSL + KDS + KINETIS MCUS
• The SSL/TLS side is specified from the RTCS_SSL_INIT_TYPE structure:
typedef enum rtcs_ssl_init_type { RTCS_SSL_SERVER, RTCS_SSL_CLIENT }RTCS_SSL_INIT_TYPE;
80 #FTF2015 Copyright 2015 wolfSSL Inc. CYASSL + KDS + KINETIS MCUS
• Available functions include:
void* RTCS_ssl_init(RTCS_SSL_PARAMS_STRUCT *params); void RTCS_ssl_release(void *ctx); uint32_t RTCS_ssl_socket(void* ctx, uint32_t sock); uint32_t RTCS_ssl_shutdown(uint32_t ssl_sock); int32_t RTCS_ssl_recv(uint32_t ssl_sock, void *buf, uint32_t len, uint32_t flags); int32_t RTCS_ssl_send(uint32_t ssl_sock, void *buf, uint32_t len, uint32_t flags);
“void* ctx” is a pointer to a CYASSL_CTX structure.
81 #FTF2015 Copyright 2015 wolfSSL Inc. WIRESHARK FOR TLS
USING WIRESHARK TO INSPECT A TLS CONNECTION
82 #FTF2015 Copyright 2015 wolfSSL Inc. LEVERAGING WIRESHARK
1. Make sure an SSL/TLS server is running:
83 #FTF2015 Copyright 2015 wolfSSL Inc. LEVERAGING WIRESHARK
2. Open Wireshark
84 #FTF2015 Copyright 2015 wolfSSL Inc. LEVERAGING WIRESHARK
2. Observe traffic captured: • Make an HTTPS connection, notice data secured + TLS
85 #FTF2015 Copyright 2015 wolfSSL Inc. LEVERAGING WIRESHARK
Protocol Decoding Tip:
• After capturing traffic, navigate to: • Analyze -> Decode As -> SSL
• This will show you the SSL/TLS packets, ie: • “ClientHello”, “ServerHello”, etc.
86 #FTF2015 Copyright 2015 wolfSSL Inc. HANDS ON LAB HTTPS SERVER EXAMPLE WITH CYASSL, KDS, AND FRDM-K64F
87 #FTF2015 Copyright 2015 wolfSSL Inc. HANDS ON LAB
• Please reference the lab manual passed out at the beginning of session.
88 #FTF2015 Copyright 2015 wolfSSL Inc. THANKS! QUESTIONS?
WOLFSSL CHRIS CONLON FREESCALE COMMUNITY [email protected] [email protected] Freescale.com/community +1 (425) 245 - 8247
89 #FTF2015 Copyright 2015 wolfSSL Inc. TIME PERMITTING TOPICS
- Viewing certificates with “openssl x509” app - Converting and loading certificates into CyaSSL - mktfs (memory buffer gen tool)
- Optimizing CyaSSL for low resource devices - Overview of CyaSSL / wolfSSL code structure
90 #FTF2015 Copyright 2015 wolfSSL Inc.