Month: June 2025

New Feature Spotlight: Offloading Extended Master Secret Generation to Hardware in wolfSSL

We’re thrilled to announce a new feature in wolfSSL 5.8.0: the ability to offload Extended Master Secret (EMS) generation to hardware, introduced in Pull Request #8303. Integrated into `–enable-pkcallbacks –enable-extended-master` builds, this enhancement empowers developers to leverage Trusted Execution Environments (TEEs) or custom hardware for EMS generation, boosting security and performance in TLS sessions. This makes wolfSSL an even more robust solution for embedded systems, IoT, and high-security applications.

What is Extended Master Secret Offloading?

The Extended Master Secret (EMS), defined in RFC 7627, strengthens TLS session security by tying the master secret to the full handshake transcript, mitigating man-in-the-middle attacks. The new feature in wolfSSL allows developers to offload EMS generation to hardware, such as a Trusted Execution Environment (e.g., ARM TrustZone, Intel SGX) or specialized cryptographic hardware. By using a custom callback function, you can delegate EMS computation to secure hardware, ensuring sensitive operations occur in a protected environment.

If you want to know more about using callbacks in wolfSSL or have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

Live Webinar: Latest FIPS 140-3 developments at wolfSSL

Join us for an exclusive look into the Latest FIPS 140-3 Developments at wolfSSL, presented by Kaleb Himes, Senior Software Engineer at wolfSSL. This live webinar is scheduled for June 4th at 9 AM PT. Discover cutting-edge advancements in FIPS 140-3 compliance, Post-Quantum cryptography, and optimized solutions for Level 2 and Level 3 validation.

Register now: Latest FIPS 140-3 developments at wolfSSL
Date: June 4th | 9 AM PT

wolfSSL is FIPS 140-3 validated with 5-year Certification #4718. As the first to support Post-Quantum standards, wolfSSL delivers unmatched portability across dozens of hardware targets, establishing itself as a trusted leader in open-source cybersecurity.

This webinar will cover:

  • Post-Quantum Full Submission: How wolfSSL is preparing for quantum-resistant encryption.
  • FIPS 140-3 Level 2 & Level 3 Validation: Achieving rigorous standards with wolfSSL software and your hardware.
  • Planned OE Additions: Get insight into our roadmap for expanding FIPS 140-3 certified OEs.
  • Full Submission on Demand: Tailored modules, algorithm subsets, and boot loaders for embedded use-cases.

Register now to learn why industry leaders trust wolfSSL for their FIPS 140-3 projects and discover how you can stay ahead in cybersecurity!

As always, our webinar will include Q&A throughout. If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

Posts navigation

1 2 3