So, what’s new at wolfSSL? Take a look below to check out the most recent news, or sign up to receive weekly email notifications containing the latest news from wolfSSL. wolfSSL also has a support-specific blog page dedicated to answering some of the more commonly received support questions.

wolfSSL adds ShangMi ciphers and algorithms SM2, SM3, and SM4 to wolfCrypt

As many people know, Chinese government regulators are now mandating use of SM2, SM3 and SM4 in critical systems, including automobiles, avionics, power systems, and communication systems.  Since many of our customers are multi-nationals that do business in China, they have been requesting the addition of these algorithms in wolfSSL products.

Today we are about to release our supported versions of SM2, SM3, and SM4, with the intention to release the ZUC stream cipher at some point this year to completely satisfy SM9.  We are also in contact with labs regarding support of OSCCA certification at some point in the future.

This is really great news for our customers selling into Chinese markets!

For those readers considering using wolfSSL products, here’s some additional notes:

  1. The SM Ciphers will be fully supported in wolfSSL’s TLS 1.3 implementation.
  2. wolfSSH, wolfBoot and our other products will support ShangMi ciphers.
  3. ARM, Intel, and RiscV assembly is in the works for our SM implementations for maximum performance.
  4. We will continue to support bare metal for ZUC, SM2, SM3, and SM4.
  5. True to form, we have maximized performance and minimized size, so the ShangMi algorithms will work well for embedded systems use cases on a wide variety of microcontrollers (MCU’s).  They will be available for all of the MCU silicon that we currently support, including STM32, NXP i.MX, RISC-V, Renesas RA, RX, and Synergy, Nordic NRF32, Microchip PIC32, Infineon Aurix, TI MSP, and many others.
  6. Our GPLv2 licensed versions of the SM ciphers will be made available on GitHub and for download.

Commercially licensed versions are available.

If you have questions about our support for the ShangMi ciphers and algorithms, please contact us at, or call us at +1 425 245 8247.

wolfSSL Support for Renesas RZ/N2L

wolfSSL is delighted to announce that we have added support for the Renesas RZ/N2L. Renesas RZ/N2L uses a high-performance Arm Cortex-R52 core to easily add network functionality to industrial equipment and machines. The RZ/N2L is supported by an open and flexible ecosystem concept – the Flexible Software Package (FSP), built on FreeRTOS – and is expandable to use other RTOS and middleware.

As part of wolfSSL’s port to support the Renesas RZ/N2L board we have added example TLS client and server applications which demonstrate wolfSSL usage. These examples are compiled with e2Studio and run on the target board. The example applications for Renesas RZ/N2L with Renesas IDE e2studio project files are provided in the wolfSSL package, inside the “IDE/Renesas/e2studio/RZN2L” directory. A detailed instruction manual is also included to help you easily get started with wolfSSL on the platform.

These sample applications also leverage the Renesas Secure IP (RSIP), which enables cryptographic hardware acceleration. Currently wolfSSL supports the following Renesas RSIP crypto acceleration algorithms:

  • SHA1/SHA256/SHA384/SHA512
  • RSA

The current version of the Renesas RSIP driver does not yet include API’s for TLS-related functionality. Therefore, wolfSSL’s usage of RSIP currently only uses hash and random generation while used inside TLS connections.

If interested in using wolfSSL on the RZ/N2L, or if you have questions about any of the above, please contact us at or call us at +1 425 245 8247.

Download wolfSSL

eXtremeDB introduces support for wolfSSL

We are extremely excited to announce that McObject, a world leader in embedded and real-time database systems, has chosen wolfSSL as the TLS provider for their eXtremeDB family of database products.

About eXtremeDB

eXtremeDB is a high-performance, low-latency, ACID-compliant embedded database management system with support for both in-memory and persistent storage capability. Exceptionally fast, with unparalleled flexibility, eXtremeDB is used in virtually all embedded systems markets, from consumer electronics to network infrastructure devices to aerospace and defense systems.

In 2021, McObject released eXtremeDB/rt, the first-ever commercially supported deterministic database system suitable for use in hard real-time embedded systems. As an ACID-compliant DBMS, eXtremeDB/rt guarantees internal consistency, but with real-time features also guarantees external consistency when transactions complete within their deadlines. eXtremeDB/rt is designed for use in critical sensor data fusion systems such as avionics and aircraft navigation, driver assistance, medical equipment, power generation and distribution infrastructure, and any other high-reliability system that requires data management.

Why WolfSSL?

The eXtremeDB embedded database system powers mission critical systems that demand “five-nines” reliability (99.999% up-time), thus security and performance is an absolute necessity. When it came to choosing a TLS provider, McObject needed a library that it was confident would satisfy the stringent guarantees it provides to its customers. wolfSSL emerged as the clear choice for several reasons:

Size, Performance, and Flexibility

In the world of embedded systems, resource utilization is critical. wolfSSL can be configured to have an exceptionally small footprint, making it ideal for systems with constrained resources. It also offers the most customizability on the market, allowing users to tune it for highly specific optimization goals such as code size, stack usage, maximum performance, power consumption, and more.


Compliance is a non-negotiable requirement in secure systems, and eXtremeDB is no exception. wolfCrypt has FIPS 140-2 Certificates #3389 and #2425 and has a certificate for FIPS 140-3 on the way. wolfCrypt has also been DO-178C DAL-A certified for avionics.


eXtremeDB/rt is available and tightly integrated with all major commercial RTOS including those that are certified to airborne safety standards (DO-178). Therefore, it could not choose a TLS library that had any architectural or platform restrictions. wolfSSL is engineered for maximum portability, supporting virtually every hardware platform and operating system and, like eXtremeDB, can even run on bare-metal, making it the perfect match for eXtremeDB’s diverse use-cases.

The Best-Tested Cryptography Library

eXtremeDB is a DBMS that serves customers who demand 99.999% uptime, designed to power systems that cannot afford to fail. wolfSSL boasts an extensive testing regime, with continuous and rigorous evaluations to ensure the most secure, robust, and up-to-date cryptography solutions, making it a natural choice to satisfy eXtremeDB’s uncompromising customer requirements. Our claim as the best-tested cryptography library in the world is backed by numerous third party audits and our transparent software development process.

Getting Started with eXtremeDB

To get started with eXtremeDB, simply download the latest evaluation release, and then follow the instructions in the documentation to install the package and run the SDK samples. You can contact McObject at for more information or support.

By leveraging wolfSSL’s best-in-class TLS capabilities, eXtremeDB can now offer an additional layer of security without compromising on performance. This integration strengthens eXtremeDB’s position as a secure, fast, and reliable database solution for embedded systems and mission-critical real-time applications. We’re thrilled to partner with McObject and look forward to contributing to the ongoing success and security of eXtremeDB products.

For more information on how wolfSSL can enhance your security solutions, feel free to reach out to us at, or call us at +1 425 245 8247 with any questions, comments, or suggestions.

Download wolfSSL

Live Webinar: How to Use wolfSSH on Windows

Join us for an informative webinar, wolfSSH on Windows, presented by wolfSSL Software Developer Jacob on September 21st. He will dive into the latest updates on wolfSSH tailored for the Windows environments.

Save the date: 9/21/2023 at 10am PT

wolfSSH has been ported to Windows, allowing it to operate as a service and host incoming SSH, SFTP and SCP connections. The power of wolfSSH extends further with the advantages of post-quantum support, along with the cryptographic library wolfCrypt, and it’s FIPS certified!

Don’t miss out on this opportunity to discover the benefits of using wolfSSH. This is your chance to gain knowledge about wolfSSH and enhance your technical skills.

Seats are limited. Register now!

As always, our webinars will include Q&A sessions throughout. If you have questions about any of the above, please contact us at, or call us at +1 425 245 8247.

Download wolfSSL

wolfSSL DTLS1.3 ESP32 Examples Now Available

Have you heard about secure UDP packets? Yes, you can enjoy the security of TLS1.3 level encryption but use UDP instead of TCP on the ESP32. It’s called DTLS. The UDP packets are typically used in lossy, unreliable networks such as LoRa (low-power, long-range radio networks). Most people interested in secure UDP are using the older DTLS 1.2.

Last year, wolfSSL announced support for the new RFC 9147 DTLS1.3 Standard. We now have DTLS13 client and server examples available for the Espressif ESP32 series. These projects can optionally be used in conjunction with the command-line client and server examples.

There are a variety of DTLS (both 1.2 and 1.3) examples in the wolfssl-examples/dtls.

If you intend to use Wireshark to inspect packets and verify that your application is using the newest DTLS 1.3, as of September 2023 this feature has not yet been added. See WireShark issue #18071. In the meantime you can check the cipher suite attribute in the Wireshark packet inspection and confirm it is one of the valid TLS 1.3 cipher suites. See RFC 8446 Page 133:

| Description                  | Value       |
| TLS_AES_128_GCM_SHA256       | {0x13,0x01} |
|                              |             |
| TLS_AES_256_GCM_SHA384       | {0x13,0x02} |
|                              |             |
| TLS_CHACHA20_POLY1305_SHA256 | {0x13,0x03} |
|                              |             |
| TLS_AES_128_CCM_SHA256       | {0x13,0x04} |
|                              |             |
| TLS_AES_128_CCM_8_SHA256     | {0x13,0x05} |

Just getting started with wolfSSL on the ESP32? Check out the recorded webinar on youtube

See also some of the recent ESP32 blogs such as the RISC-V ESP32-C3, running Linux on the ESP32-S3 and others.

There’s also support for wolfSSL on Espressif and more Espressif resources.

Do you have any questions related to using wolfSSL in your next project? Contact us at or call us at +1 425 245 8247 to learn more.

Download wolfSSL

wolfCLU supports new x509 options

We are constantly enhancing wolfCLU, a command line utility for manipulating certificates. Recently we added some new x509 options. These additions, -req, -extfile, -extensions, -signkey and -* enhance the x509 functionality. Having these options added to wolfCLU helps with generatingself-signed x509 certificates when using the x509 command.

  • [-req] Users can generate a certificate signing request (CSR) directly from the command line.
  • [-extfile] Users can specify a file containing certificate extension configuration.
  • [-extensions] Users can define certificate extensions directly in the command line.[-signkey] Users can provide an existing private key to sign the certificate being generated.
  • [-*] Users can select any supported digest for signing. Currently sha1, sha256, sha384 and sha512 are available.

The following example demonstrates how to use these new options to update a self signed x509 certificate.

wolfssl x509 -req -in client-cert.csr -extfile wolfssl.cnf -extensions
        uri -signkey client-key.pem -out client-uri-cert.pem

These new options are part of our ongoing commitment to provide a feature-rich and user-friendly experience with wolfCLU’s x509 command.

If you have any feedback, questions, or require support, please don’t hesitate to reach out to us at or call us at +1 425 245 8247.

Download wolfSSL

Post-Quantum: 3 New Draft Standards

After a long and arduous journey, NIST has finally released the draft standards for 3 post-quantum algorithms:

Let’s talk a little bit about each of the documents one by one.

FIPS-203 specifies ML-KEM which was based on the NIST Post-Quantum Competition’s only KEM winner Kyber. ML-KEM stands for Module Lattice-based Key Encapsulation Mechanism. It defines 3 parameter sets; each at a different level of security:

  • ML-KEM-512 (security equivalence to AES-128)
  • ML-KEM-768 (security equivalence to AES-192)
  • ML-KEM-1024 (security equivalence to AES-256)

ML-KEM is appropriate as a general replacement for quantum-vulnerable key exchange algorithms such as ECDH or FFDH. Note that ECDH and FFDH happen to be Non-Interactive Key Exchange (NIKE) algorithms, but ML-KEM is not so for applications where the non-interactivity is a requirement, ML-KEM is NOT an appropriate drop-in replacement. While the performance of ML-KEM is very good, the cryptographic artifact sizes are larger than those of ECDH and FFDH.

FIPS 204 specifies ML-DSA which was based on the NIST Post-Quantum Competition’s Signature Scheme winner Dilithium. ML-DSA stands for Module Lattice Digital Signature Algorithm. It defines 3 parameter sets; each at a different level of security:

  • ML-DSA-44 (security equivalence to SHA3-256)
  • ML-DSA-65 (security equivalence to AES-192)
  • ML-DSA-87 (security equivalence to AES-256)

Interestingly, the numbers in the parameter set names refers to the dimensions of a matrix that is used during key generation. For example, for ML-DSA-65, that matrix is 6 by 5 thus the 65. ML-DSA is appropriate as a general replacement for quantum-vulnerable signature algorithms such as ECDSA and RSA. While the performance of ML-DSA is very good, the cryptographic artifact sizes are larger than those of ECDSA and RSA.

FIPS 205 specifies SLH-DSA which was based on the NIST Post-Quantum Competition’s Signature Scheme winner SPHINCS+. SLH-DSA stands for StateLess Hash-based Digital Signature Algorithm. It defines 12 parameter sets:

  • SLH-DSA-SHA2-128s
  • SLH-DSA-SHAKE-128s
  • SLH-DSA-SHA2-128f
  • SLH-DSA-SHAKE-128f
  • SLH-DSA-SHA2-192s
  • SLH-DSA-SHAKE-192s
  • SLH-DSA-SHA2-192f
  • SLH-DSA-SHAKE-192f
  • SLH-DSA-SHA2-256s
  • SLH-DSA-SHAKE-256s
  • SLH-DSA-SHA2-256f
  • SLH-DSA-SHAKE-256f

The names can be seen as having the following format:
SLH-DSA-<hash>-<AES equivalence><optimization>

<hash> : Either SHA2 or or SHAKE. This is the hashing algorithm that is used for that parameter set.
<AES equivalence> : 128, 192, or 256. The security equivalence to AES.
<optimization> : s or f. ‘s’ is for small and ‘f’ is for fast.

SLH-DSA is appropriate as a general replacement for already standardized Stateful Hash-based Signature Schemes such as LMS and XMSS which are currently already standardized by NIST and are suggested for use for firmware signing and verification by the CNSA 2.0 guidance put out by the NSA. The performance and artifact sizes of SLH-DSA are comparable to LMS and XMSS.

This begs the question, since LMS and XMSS are already quantum-safe, why would they need to be replaced? The answer is that the management of the state in the Stateful Hash-based Signature Schemes is a potential pitfall and makes it vastly more difficult to use.

Finally, those of you that have been following this process are probably wondering what happened to Falcon. It is also getting a draft standard but is more difficult to implement so NIST is taking extra care and more time to write the draft standard for it.

If you have questions on any of the above, please contact us at, or call us at +1 425 245 8247.

Download wolfSSL

Post-Quantum Script Magician: Igor Barshteyn

Today we’d like to give a quick shout out to Igor Barshteyn! He is a long time and active member of the cryptography and information security communities. His interests are very apparent in his posts on LinkedIn.

Besides sleuthing out the the NIST post-quantum draft standards the day before their release and a multitude of other interesting posts, he has come up with a script to allow for easy experimentation in wolfSSL with post-quantum algorithms hybridized with NIST ECC curves in our fips-ready releases. But why would he do that?

Well, if you’re interested in cryptographic compliance, then you will know that the NSA’s CNSA 2.0 guidance requires the use of Kyber. You’ll also know that FIPS 140-2/3 requires the use of FIPS approved ECC curves for key exchange. Moreover, NIST has stated that an ECC key exchange done in a FIPS 140 approved mode of operation can be hybridized a with a post-quantum algorithm and still be considered in a FIPS 140 approved mode of operation. See FQAs for more detail.

Are you curious to see how hybrid FIPS 140 approved mode of key exchange hybridized with the CNSA 2.0 approved Kyber will perform in your environment or on your system? You can find out today!! Check out Igor’s post which has great instructions and a link to his script!Are you curious to see how hybrid FIPS 140 approved mode of key exchange hybridized with the CNSA 2.0 approved Kyber will perform in your environment or on your system? You can find out today!! Check out Igor’s post which has great instructions and a link to his script!

If you have questions on any of above, please contact us at, or call us as +1 425 245 8247.

Download wolfSSL

Live Webinar: Reasons to Migrate from OpenSSL to wolfSSL

Are you seeking a superior alternative to OpenSSL with better support and smoother workflow?
wolfSSL can fulfill your needs, addressing the gaps you might be experiencing while using OpenSSL. Join our upcoming webinar hosted by wolfSSL engineer Anthony, where he will focus on advantages of switching to wolfSSL. Discover why choosing wolfSSL over OpenSSL can reshape your projects.

Save the date: 9/14/2023 at 10 am PT

Sneak peek of the webinar:

  • Certified FIPS provider
  • Support for the QUIC protocol (–enable-quic)
  • Support for Post-quantum integration
  • Top-notch support services
  • And much more!

Anthony will provide in-depth insights into what sets wolfSSL apart from OpenSSL. Register now to explore the potential benefits of using wolfSSL. Let us introduce you to solutions that work best for your projects!

As always, our webinars will include Q&A sessions throughout the webinar. If you have questions on any of the above, please contact us at, or call us at +1 425 245 8247.

Download wolfSSL

Benchmarking wolfCrypt on Cortex M0+

We added a benchmark running on Raspberry Pi PIco-W. It runs with Cortex M0+, 125MHz. If you are interested in how wolfSSL/wolfCrypt works on low end MCU, this should be a good example benchmark to look into.

Here are some highlights:

  • Hash operations such as SHA256 run faster than 1 M bytes per second.
  • Symmetric algorithms like AES-GCM enc/dec faster than 300 k bytes per second.
  • ECDH keygen/agreement, ECDSA sign/verify around 100mSec to 50mSec per operation.

Visit our ‘Raspberry Pi Pico-W’ benchmark page for further details.

If you have questions on any of the above, please contact us at, or call us at +1 425 245 8247.
Download wolfSSL

DTLS Support Added to wolfMQTT-SN

wolfSSL is delighted to announce that we have added a secure way for sensors to communicate to the gateway using DTLS and MQTT-SN! We used the Paho MQTT-SN Gateway project’s recent addition of DTLS support for testing.

Testing details are in the pull request.

Let us know what you think by sending a note to

You can download the latest release, or clone directly from our GitHub repository.
While you’re there, show us some love and give the wolfMQTT project a Star!

If you have questions on any of the above, please contact us at, or call us at +1 425 245 8247.

Download wolfSSL

Posts navigation

1 2 3 4 173 174 175

Weekly updates