Executive Summary For production cryptographic software, memory safety alone does not define security. Real-world crypto must run on every platform, maintain stable assumptions over decades, and allow explicit control over hardware behavior. While memory-safe languages like Rust offer real benefits, serious cryptographic implementations inevitably rely on unsafe code, assembly, and low-level control, eroding those guarantees. […]
Read MoreMore TagMonth: April 2026
wolfSSL now supports GRPC on Zephyr
The people have been asking for GRPC on Zephyr, and wolfSSL has delivered. We support it with both our FIPS encryption and without FIPS. Contact us at facts@wolfssl.com or call us at +1 425 245 8247 if you have questions about any of the above.
Read MoreMore TagAnnouncing wolfTPM v4.0.0
wolfTPM v4.0.0 is our largest release to date. It delivers three headline capabilities: Firmware TPM (fwTPM) – a portable TPM 2.0 built on wolfCrypt. SPDM Secured Transport – encrypted host-to-TPM communication. ST33 TPM 2.0 Firmware Update – new update tool for STMicro ST33KTPM2X. All three are powered by the same wolfCrypt engine trusted in FIPS […]
Read MoreMore TagwolfBoot Secure Boot on the STM32N6
wolfSSL is announcing wolfBoot support for the STM32N6 series added in PR #720, starting with the NUCLEO-N657X0-Q development board (STM32N657X0H). The STM32N6 is ST’s first Cortex-M55 microcontroller, designed for high-performance edge AI workloads with a dedicated Neural Processing Unit (NPU). wolfBoot provides cryptographic signature verification and secure firmware updates on this new platform. Getting started […]
Read MoreMore TagwolfBoot Adds SD Card Secure Boot for Xilinx Zynq UltraScale+ MPSoC
wolfBoot now supports SD card boot on the AMD/Xilinx Zynq UltraScale+ MPSoC (PR #699). This brings authenticated, signature-verified boot of Linux directly from SD card partitions on the ZCU102 evaluation kit, complementing the existing QSPI flash boot path that has been the sole production boot option until now. The ZCU102 (quad-core Cortex-A53, dual Cortex-R5, FPGA […]
Read MoreMore TagwolfBoot 2.8.0 released
We are pleased to announce the release of wolfBoot 2.8.0, a major update that expands platform support, strengthens PSA and TrustZone integration, and delivers another round of meaningful hardening across the secure boot and firmware update flow. This release stands out for the breadth of hardware now supported. wolfBoot 2.8.0 adds or extends support for […]
Read MoreMore TagRunning wolfEntropy on PetaLinux 2025.1 with ZCU102
wolfEntropy is a jitter based source of entropy provided by wolfSSL. Evaluating entropy sources is a critical step when building secure systems, especially on embedded platforms where hardware RNG behavior must be validated. This post walks through running wolfEntropy on PetaLinux 2025.1 targeting the ZCU102 Evaluation Kit platform and reviewing the results. The outcome: the […]
Read MoreMore TagHardware-Backed Security Using wolfTPM with SPDM
Encrypted Bus Transfers, Multi-Vendor TPM Support, and TCG SPDM Binding Your Secrets Are on the Wire The Problem Discrete TPM chips talk to the host CPU over physical buses: SPI, I2C, or LPC. By default, this communication is unencrypted. Security researchers have repeatedly demonstrated that an attacker with brief physical access can tap these buses […]
Read MoreMore TagwolfSSH v1.5.0 Release
wolfSSH v1.5.0 is now available! This release brings additional post-quantum hybrid key exchange algorithms, a broad hardening pass across the code base, and a large number of bug fixes. There is also one low-severity vulnerability fix in this release affecting wolfSSHd on Windows when handling an edge case in terminal resize messages received from an […]
Read MoreMore TagwolfTPM SPDM vs The Field
The Only SPDM Implementation with Hardware TPM Support A Different Category wolfTPM’s SPDM implementation is not a standalone SPDM library. It is SPDM integrated directly with hardware TPMs, a category that no other open-source project occupies. wolfTPM works hand-in-hand with Nuvoton and NSING to deliver SPDM on real hardware, with full TCG SPDM binding, PSK […]
Read MoreMore Tag