RECENT BLOG NEWS

Big news for Linux kernel module developers with crypto requirements! wolfCrypt and wolfSSL are now loadable as modules in the Linux kernel, providing the entire libwolfssl API natively to other kernel modules. For the first time on Linux, the entire TLS protocol stack can be loaded as a module, allowing fully kernel-resident TLS/DTLS endpoints with […]

wolfSSL has recently added support for Nginx version 1.7.7. Nginx is a high performance HTTP server and reverse proxy. Just like wolfSSL, Nginx is an open source project serving millions of users around the world. Expanding Nginx support gives users the power to choose their preferred cryptographic and SSL/TLS library. wolfSSL is very customizable, which […]

wolfSSL is up and running and tested on Apple’s new A12Z platform, and with the right options it is blazing fast! The key options that we benchmarked include our out of the box defaults vs some key optimizations described below. Some notes to help you decipher these benchmarks: SP is Single Precision Math. It is […]

Both SSL and TLS are terms that refer to protocols designed to secure communications over the Internet. They stand for Secure Socket Layer and Transport Layer Security, respectively. Historical Background SSL was designed by Netscape Communications and implemented in their browsers; several vulnerabilities were discovered in SSL, and the version was upgraded to continue revisions […]

A Cipher Suite is a set of cryptographic instructions or algorithms that helps secure network connections through Transport Layer Security(TLS)/Secure Socket Layer (SSL). It helps determine how your web server will communicate secure data over HTTPS, and makes sure to secure the communications between client and server. To start a HTTPS connect, the web server […]

ANNOUNCEMENT: wolfSSL is  very proud to let our FIPS community know that wolfCrypt has received its’ first two consolidated ACVP vector certificates! #A894 #A902 Both of these consolidated certificates were for embedded operating environments (OEs’) and wolfSSL will soon be working on adding a Linux 4.4 on ARM OE, CMSIS-RTOS on EFM32 OE, WINCE on […]

We at wolfSSL have recently been benchmarking the performance of our core TLS read and write functions, wolfSSL_read and wolfSSL_write. With assembly optimizations enabled, read and write throughput can reach well over 1 GB/s! The data in the charts below was collected using an Intel Core i5-7300HQ CPU @ 2.50GHz and Ubuntu 18.04.4 LTS. Server […]

Hi! As our readers know, wolfSSL produces the first embedded TLS library that has begun testing for the new FIPS 140-3 standard, as listed here: https://csrc.nist.gov/projects/cryptographic-module-validation-program/modules-in-process/iut-list One of the things that is critical to our users is Key Derivation Functions, which are explained here: https://en.wikipedia.org/wiki/Key_derivation_function Key derivation functions are consumed by TLS 1.2, TLS 1.3, […]

The TPM feature for parameter encryption and HMAC verification has been added to wolfTPM! The TCG TPM 2.0 specification allows protection of the first parameter of a command or response using parameter encryption. When using an authenticated session it also adds HMAC validation to prove the TPM entity is trusted and integrity of command and […]

The wolfSSL team is happy to announce support for the latest version of Apache httpd, 2.4.46, with both our standard and FIPS-compliant code. In addition to building wolfSSL with –enable-apachehttpd, users will also need to add –enable-postauth. To support this latest version, we have added new OpenSSL compatibility functions to wolfSSL, updated our Apache httpd […]