We are thrilled to announce the release of wolfPKCS11 v2.0.0, a landmark update that solidifies its position as a top-tier, high-performance PKCS#11 provider. This release is the culmination of the work detailed in our previous blog posts, “Firefox Gets FIPS 140-3 Power” and “wolfPKCS11 Supercharged,” and it brings a new era of security, performance, and […]
Read MoreMore TagMonth: September 2025
Live Webinar: Securing the Edge AI with wolfSSL on the STM32N6
Unlock advanced security with the STM32N6 and wolfBoot for trusted Edge AI applications. This webinar explores the security and performance advantages of the STM32N6 for Edge AI, with wolfBoot extending protection through a secure, authenticated boot process. You’ll gain practical insights into how the STM32N6’s unique architecture accelerates AI workloads while maintaining strong security—plus see […]
Read MoreMore TagSecure Data Transfers on BSD Systems
Many developers working on FreeBSD, OpenBSD, and NetBSD may not realize that cURL can be integrated with wolfSSL for secure communications. This combination allows applications to use modern TLS protocols and FIPS 140-3 validated cryptography on BSD platforms. Secure communication is critical in servers and embedded devices. Using wolfSSL with cURL ensures standards-compliant TLS connections […]
Read MoreMore TagThe Radio Equipment Directive (RED) and Evolving Cybersecurity Requirements
The Radio Equipment Directive (RED) 2014/53/EU establishes the regulatory framework for placing radio equipment on the European market. Its goal is to create a unified market while ensuring essential requirements for safety, electromagnetic compatibility, efficient use of the radio spectrum, and more recently cybersecurity and data protection. To strengthen protections, the European Commission activated Articles […]
Read MoreMore TagSupport for STM32U5 DHUK
In wolfCrypt and wolfPKCS11 we added support for using a Derived Hardware Unique Key (DHUK) for AES with the STM32U5. This feature enables use of a device unique AES key (up to 256-bit) available for encryption/decryption. The key cannot be read from the hardware, which makes it great to wrap other symmetric keys for storage […]
Read MoreMore TagNew CMS/PKCS#7 decode APIs for SymmetricKeyPackage, OneSymmetricKey, and EncryptedKeyPackage
Recent commits to wolfSSL have enabled support to decode new CMS/PKCS#7 message types. The CMS message type EncryptedKeyPackage (defined in RFC 6032) can be decoded with the new API wc_PKCS7_DecodeEncryptedKeyPackage(). The CMS message types SymmetricKeyPackage and OneSymmetricKey (defined in RFC 6031) can be decoded with the new APIs wc_PKCS7_DecodeSymmetricKeyPackageAttribute(), wc_PKCS7_DecodeSymmetricKeyPackageKey(), wc_PKCS7_DecodeOneSymmetricKeyAttribute(), and wc_PKCS7_DecodeOneSymmetricKeyKey(). If you […]
Read MoreMore TagLive Webinar: Achieving Avionics Security with DO-178C-Certified Cryptography
Enhancing Avionics Security with DO-178C-Certified Solutions Join us on September 24 at 9 AM PT to learn how wolfSSL strengthens avionics security in safety-critical systems while meeting DO-178C DAL A certification requirements. The webinar will highlight practical strategies for secure embedded systems and how certified products are applied in real-world avionics. Register Now: Achieving Avionics […]
Read MoreMore TagRelaxing CMS/PKCS#7 decode support requirements
Previous wolfSSL versions required X.963 KDF support and AES keywrap functionality to be enabled in order to build CMS/PKCS#7 decode support. Recent changes to wolfSSL have allowed CMS/PKCS#7 decode support to be built without either of these requirements. Previously, if the user desired to have the HAVE_PKCS7 build option defined, then the HAVE_X963_KDF and HAVE_AES_KEYWRAP […]
Read MoreMore TagwolfCrypt MISRA improvements
Some recent pull requests have been merged to the wolfssl repository to allow wolfcrypt to avoid MISRA warnings for certain MISRA 2023 rules. For example, MISRA rule 3.1 disallows nested comment leaders (e.g. a “//” sequence within a “/* … */” comment block). These have been removed. Also, MISRA rule 8.2 requires function prototypes to […]
Read MoreMore TagUtilizing PSRAM for wolfSSL Heap Operations for the Espressif ESP32
The latest updates to the Espressif-specific integration of wolfSSL bring a significant enhancement for developers working on memory-constrained embedded systems: support for using PSRAM (pseudo-static RAM) during wolfSSL heap operations. This improvement not only unlocks larger memory capacity for cryptographic operations, but also lays the foundation for more stable and scalable TLS communication on ESP32 […]
Read MoreMore Tag