RECENT BLOG NEWS

So, what’s new at wolfSSL? Take a look below to check out the most recent news, or sign up to receive weekly email notifications containing the latest news from wolfSSL. wolfSSL also has a support-specific blog page dedicated to answering some of the more commonly received support questions.

LMS in wolfPKCS11

wolfSSL is excited to announce upcoming support for the Leighton-Micali Signature (LMS) scheme in wolfPKCS11. This implementation builds upon our existing LMS support in wolfCrypt to provide a complete PKCS#11 API interface for LMS operations.

LMS, a stateful hash-based signature scheme standardized in RFC 8554 and approved by NIST SP 800-208, is already incorporated into the latest version of the PKCS#11 specification. This quantum-resistant signature scheme is designed to be resistant to attacks from quantum computers and is best used in off-line signing operations such as firmware signing.

The addition of LMS support to wolfPKCS11 will enable applications using the PKCS#11 interface to leverage wolfSSL’s proven LMS implementation.

Key Features:

  • Complete PKCS#11 API support for LMS operations
  • Quantum-resistant stateful hash based signature scheme
  • Compliant with NIST SP 800-208 specifications

This enhancement demonstrates wolfSSL’s continued commitment to providing comprehensive support for post-quantum cryptography across our product line.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now

Announcing WebSocket Support in wolfMQTT

We are excited to announce that wolfMQTT now fully supports MQTT over WebSockets, including both standard WebSockets and secure WebSockets (WSS). Read more about websockets here. This significant enhancement allows wolfMQTT clients to connect to MQTT brokers through WebSocket endpoints, expanding the versatility of our lightweight MQTT client implementation.

Why Websockets Matter for MQTT

WebSockets provide several advantages for MQTT deployments:

  1. Firewall Traversal: WebSockets operate over HTTP ports (80 and 443), which are typically open in most network environments, allowing MQTT traffic to pass through firewalls that might block traditional MQTT ports.
  2. Web Integration: WebSockets enable seamless integration between web applications and MQTT, making it easier to build web-based IoT dashboards and control interfaces.
  3. Proxy Compatibility: WebSockets can work through HTTP proxies, extending the reach of MQTT in corporate environments.
  4. Enhanced Security: Secure WebSockets (WSS) leverage TLS encryption, providing the same level of security as MQTT over TLS.

The WebSocket implementation has been tested with popular MQTT brokers including:

  • Mosquitto
  • HiveMQ
  • VerneMQ

The addition of WebSocket support to wolfMQTT enhances its versatility and makes it even more suitable for a wide range of IoT applications, especially those that need to operate in restricted network environments or integrate with web applications.

This feature is available now in the latest version of wolfMQTT. We encourage our users to try it out and provide feedback. As always, we’re committed to maintaining the lightweight, secure, and efficient nature of our MQTT client implementation while expanding its capabilities.

Check out our example!

For more information, visit our [GitHub repository].

If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

Live Webinar: wolfHSM Design for Automative Hardware Security Modules

Learn how wolfHSM enhances automotive security by providing powerful cryptographic protection and seamless hardware integration.

Register today: wolfHSM Design for Automotive Hardware Security Modules
Date: March 20th | 10 AM PT

wolfHSM is a versatile hardware security module (HSM) framework that secures cryptography, key management, and storage. Integrated with wolfBoot, it enhances firmware update security by offloading cryptographic tasks to the HSM. Compatible with hardware like Infineon Aurix TriCore TC3XX, it supports post-quantum algorithms, SM ciphers, and FIPS 140-3 compliance, ensuring robust automotive security.

Join us for an exclusive webinar on automotive HSMs, where wolfSSL Software Engineer Bill Phipps will explore the crucial role of wolfHSM in safeguarding modern vehicles. Stay ahead in the fast-evolving field of automotive security by gaining insights into the integration, functionality, and advantages of wolfHSM in automotive applications.

What This Webinar Will Cover:

  • Overview of wolfHSM: Key features and how it enhances automotive system security.
  • Cryptographic Capabilities: Support for post-quantum cryptography, SM ciphers, and FIPS 140-3 compliance.
  • Hardware Integration: Best practices for integrating wolfHSM with Infineon Aurix TriCore TC3XX and other automotive platforms.
  • Security for ECUs: How wolfHSM secures Electronic Control Units (ECUs) and other critical vehicle components.
  • Hands-On Demo: Live demonstration showcasing wolfHSM in action on automotive hardware.

Secure your spot today and gain practical insights on how wolfHSM can elevate your automotive security framework.

Register Now!

As always, our webinar will include Q&A throughout. If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now

curl up 2025 – Save The Date

Join us for curl up 2025: The Ultimate Event for curl Enthusiasts!

Mark your calendars! curl up 2025 is happening in Prague, Czech Republic, on May 3-4, 2025. This official annual developer conference for curl and libcurl brings together experts, contributors, and users from around the world. It’s the premier event for developers, engineers, and tech enthusiasts working with the curl project.

Date: May 3-4, 2025
Location: Pracovna, Vlkova 36, Praha 3 – Žižkov, 130 00, Czech Republic
Registration: Register here
Fee: Free of charge

curl up 2025 is a unique gathering that celebrates the curl community and its future. Expect insightful sessions on the current state and roadmap of the curl project, security best practices, and emerging technologies. Engage in collaborative discussions on the project’s growth, sustainability, and team expansion.

We’d love to hear from you! If there’s a topic you’re passionate about or a session you’d like to attend, let us know. Your input will help shape the agenda for curl up 2025.

Join us in supporting curl, a crucial open-source project. We are currently seeking sponsors for curl up 2025. Your sponsorship will directly contribute to a community dedicated to maintaining curl’s robustness, security, and continued free accessibility.

Mark your calendars for May 3-4, 2025, and stay tuned for registration details.

See you in Prague!

If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

Visual Studio Support for Non-Windows OS in wolfSSL

Expanding Cross-Compilation Capabilities in Visual Studio

With the recent release of wolfSSL, we have significantly improved the cross-compiling capabilities of wolfSSL in Visual Studio, particularly when targeting non-Windows operating systems from a Windows-based development environment. This improvement was introduced in PR #7884 and provides a new build option that makes cross-compilation smoother and more efficient.

Introducing WOLFSSL_NOT_WINDOWS_API

One of the key additions in this release is the new macro WOLFSSL_NOT_WINDOWS_API. This is specifically designed for scenarios where:

  • The compilation is performed on Windows using Visual Studio.
  • The target operating system is not Windows.
  • The Windows API should not be used during compilation.

When WOLFSSL_NOT_WINDOWS_API is defined, the related macro USE_WINDOWS_API is not defined, ensuring that wolfSSL is built under the assumption that no Windows API functions are available. This allows developers to cross-compile for platforms such as Linux or embedded systems while using Visual Studio as their primary development environment.

Why is this Important?

In many embedded and IoT use cases, developers prefer to work within Visual Studio due to its powerful debugging and development tools. However, the final deployment target may be a non-Windows OS. Prior to this update, Visual Studio builds often assumed that Windows API functions were available, leading to compatibility issues when targeting platforms that do not support them.

With WOLFSSL_NOT_WINDOWS_API, these limitations are removed, making it much easier to:

  • Compile wolfSSL for embedded Linux and other POSIX-based environments from Windows.
  • Maintain a single development workflow without switching between build environments.
  • Ensure consistent behavior across different platforms.

How to Use WOLFSSL_NOT_WINDOWS_API in Your Build

To leverage this new macro, follow these steps:

  1. Modify Your Preprocessor Definitions:
    In your Visual Studio project settings, navigate to:

    • Configuration Properties → C/C++ → Preprocessor → Preprocessor Definitions
    • Add WOLFSSL_NOT_WINDOWS_API to the list.
  2. Use CMake (if applicable):
    If you are using CMake for your build configuration, you can define this macro using:

    add_definitions(-DWOLFSSL_NOT_WINDOWS_API)
  3. Manually Define in Your Code (not recommended):
    You can also define the macro at the beginning of your source files, though this is not the preferred method: 
    #define WOLFSSL_NOT_WINDOWS_API
#include 
#include

Example Use Case: Building wolfSSL for Linux from Visual Studio

Let’s say you want to compile wolfSSL in Visual Studio for a Linux-based target while avoiding Windows API dependencies. Here’s a step-by-step approach:

  1. Set Up Your Toolchain
    Install a cross-compilation toolchain for Linux, such as MinGW-w64 or WSL with a Linux cross-compiler.
  2. Update Your Visual Studio Project Settings
    • Define WOLFSSL_NOT_WINDOWS_API in preprocessor definitions.
    • Ensure that your include paths point to the correct non-Windows headers.
  3. Compile and Verify
    • Build the project in Visual Studio.
    • Test the generated binary on the target Linux system to ensure it operates correctly.

Future Enhancements and Next Steps

This update is just the beginning of improving wolfSSL’s cross-compilation capabilities within Visual Studio. Some potential future enhancements include:

  • Better integration with CMake toolchains for automated cross-platform builds.
  • Expanded CI/CD support for Visual Studio-based cross-compilation.
  • Additional optimizations to streamline the build process further.

Conclusion

With the introduction of WOLFSSL_NOT_WINDOWS_API, developers can now cross-compile wolfSSL in Visual Studio for non-Windows targets without encountering Windows API dependencies. This simplifies the workflow for embedded and Linux developers who prefer to work in Visual Studio but deploy on other platforms.

For more details on getting started with wolfSSL in Visual Studio, check out our previous blog: Getting Started with wolfSSL Using Visual Studio 2022

Or this awesome webinar recording on YouTube.

Have a specific request or questions? We’d love to hear from you. Please contact us at support@wolfSSL.com or open an issue on GitHub.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now

curl Distro Discussion 2025 – Save The Date

Join the second annual curl Distro Discussion on April 10th at 3 PM UTC (5 PM CEST). This online event brings together Linux and BSD distributions, OS maintainers, and the curl community for an in-depth two-hour conference. The event is free and open to anyone interested in improving curl’s integration within operating systems and package distributions.

Join us: curl Distro Discussion 2025
Date: April 10th | 3 PM UTC (5 PM CEST)

This is a unique opportunity for curl developers, maintainers, and distributors to discuss important aspects of curl deployment across various operating systems. Our goal is to make curl more efficient and secure within distributions.

Key discussion topics include:

  • Enhancing curl’s build system, third-party library, and documentation for distributors
  • Strategies to streamline security advisories and patch management
  • Discussion on HTTP/3, long-term support, and TLS advancements
  • Exploring Post-Quantum Cryptography in curl
  • The future of wcurl and trurl
    And more…

Feel free to add your own proposed discussion topics and sign up as an intended participant. Mark your calendar for April 10th at 3 PM UTC (5 PM CEST) and be part of shaping curl’s future in distributions and secure networking.

Check out the details of curl Distro Discussion 2025, and share this invitation with others in the open-source and security communities to help spread the word and ensure the right people are invited.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

Live Webinar: FIPS 140-3 Updates: OE Certification Progress and Scheduling

Learn how wolfSSL’s FIPS 140-3 validated solutions can accelerate certification, reduce costs, and keep you ahead of evolving cybersecurity standards.

wolfCrypt is a comprehensive cryptographic library designed for embedded systems and real-time applications. With a 5-year FIPS 140-3 certification (#4718), wolfCrypt ensures robust security for sensitive data across various applications. It also supports Conditional Power-On Self Tests (CAST) for all algorithms, enhancing both security and performance.

Join our webinar where wolfSSL Senior Software Engineer, Kaleb Himes, will provide key insights into the latest developments in FIPS 140-3, including the OE backlog and certification timelines. Learn how wolfCrypt FIPS simplifies compliance and helps you stay ahead in the security landscape.

Register today: FIPS 140-3 Updates: OE Certification Progress and Scheduling
Date: March 13th | 10 AM PT

What You’ll Learn:

  • The importance of FIPS 140-3 certification and its role in security compliance
  • How wolfSSL sets the standard for FIPS compliance
  • Strategies to streamline OE certifications, reducing time and costs
  • Updates on the OE certification backlog and its impact on deployment plans
  • Key milestones since achieving FIPS 140-3 Certificate #4718
  • Gain insights into current submissions, OE updates, and advancements in post-quantum cryptography
  • The latest developments in post-quantum cryptography and compliance with CNSA guidelines

Register today to learn how wolfSSL can simplify your FIPS compliance Journey and future-proof your security stack!

As always, our webinar will include Q&A throughout. If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at + 1 425 245 8247.

Download wolfSSL Now

wolfSSL at Embedded World 2025: Pioneering Advanced Cryptographic Solutions

Secure your Embedded Projects with wolfSSL, the Leader in Advanced Cryptographic Protocols

wolfSSL is returning to the Embedded World Exposition and Conference in 2025, bringing the best-tested cryptography and industry-leading security solutions for embedded systems.

Join us March 11th – 13th in Nuremberg, Germany. Visit Hall 4, Booth #4-201a to explore how wolfSSL’s advanced cryptographic protocols and open-source cybersecurity solutions can safeguard your embedded projects.

Schedule a one-on-one meeting with our cryptography experts – email us at facts@wolfssl.com to book a meeting.

With over 5 billion secured connections, wolfSSL continues to set the standard for embedded security. wolfSSL provides FIPS 140-3 validated certificate #4718 to safeguard embedded projects, and integrates post-quantum cryptography with wolfCrypt, offering ML-KEM and ML-DSA. Backed by the largest cryptography-focused engineering team, our solutions ensure seamless integration, maximum efficiency, and future-proof security across industries. Get started today: wolfssl.com/download.

Live Demos at Embedded World 2025

Join us at Hall 4, Booth #4-201a, and partner booths to see live demonstrations showcasing secure boot, post-quantum cryptography, TLS acceleration, and more.

  • Demo 1: Launching Safe and Secure Systems with Intel, Curtiss Wright, wolfSSL and SYSGO
    Location: Hall 4, Booth #4-201aSecure boot is essential for mission-critical systems. This demo highlights wolfBoot integrated with wolfCrypt, running on Curtiss-Wright’s VPX3-1262 SBC with 13th Gen Intel Core i7 and SYSGO PikeOS RTOS. See how DO-178C DAL-A certifiable wolfBoot and wolfCrypt protects avionics systems.
  • Demo 2: wolfSSL and NXP / Infineon
    Location: Hall 4, Booth #4-201aPower up your embedded security with wolfSSL (TLS), wolfMQTT, wolfSSH, and wolfTPM on NXP FRDM-MCXN947 (Cortex-M33, 150MHz) with Infineon SLB9673 TPM 2.0, ensuring secure communication and authentication. Also, explore wolfBoot on NXP FRDM-MCXW71, designed for trusted firmware updates in resource-constrained environments.
  • Demo 3: wolfSSL and ST
    Location: Hall 4, Booth #4-201aOptimize security without compromising performance. Watch wolfCrypt and wolfSSL TLS benchmarks on ST32MP257F (Dual Cortex-A35 1.5GHz + Cortex-M33 400MHz) running OpenSTLinux. This demo demonstrates how wolfSSL’s cryptographic library accelerates encryption speed, reduces resource consumption, and ensures ultra-low latency for TLS handshakes.
  • Demo 4: wolfSSL and Winbond
    Location: Hall 4A, Booth #4A-635Future-proof your firmware security with wolfCrypt Post-Quantum LMS. This demo features Winbond W77Q Secure Flash on Raspberry Pi Zero over SPI, demonstrating quantum-resistant firmware updates to protect devices from emerging cyber threats.

Why Choose wolfSSL for Embedded Security?

  • Post-Quantum Support: wolfSSL supports post-quantum cryptography solutions, including ML-KEM (Kyber) and ML-DSA (Dilithium), enabling long-term data protection (harvest now, decrypt later) and compliance with the CNSA 2.0 timeline.
  • Lightweight and Fast: Written in C, wolfSSL boasts a compact footprint, up to 20 times smaller than OpenSSL, minimizing memory usage and maximizing performance on even the most resource-constrained microcontrollers and processors. Integrated robust security into your embedded systems without sacrificing functionality or performance.
  • Industry Leading TLS 1.3 and DTLS 1.3 Support: As the first commercial implementation of TLS 1.3, we offer the most up-to-date security protocols, keeping your data secure with the latest standards.
  • Comprehensive Hardware Integration: wolfSSL supports a wide range of hardware cryptography schemes, including Intel AES-NI, ARMv8, and various secure elements like NXP SE050 and Microchip ATECC, providing enhanced security and performance. Check out the every hardware cryptography scheme wolfSSL has ever enabled.
  • Rigorous Testing and Certification: Our solutions are best-tested and come with incomparable certifications, including FIPS 140-3 validated certificate (#4718), ensuring they meet stringent security standards.
  • Dedicated Support: We offer 24/7 support from our team of engineers, ensuring you receive immediate assistance whenever you need it.

Connect with wolfSSL at Embedded World 2025

Don’t miss the chance to see wolfSSL in action! Visit us at Hall 4 Booth #4-201a to explore our cutting-edge cryptographic solutions and live demos. Want a personalized discussion? Email us at facts@wolfssl.com to schedule a one-on-one meeting with our experts. See you in Nuremberg!

If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

The DEADBEEF RNG Example

Here at wolfSSL, we love making top notch examples for our customers to help them move faster. You can see a huge sample of them here.

That said, this one is a bit different. This is an example of how someone could integrate their new RNG into our wolfCrypt library. Here are some great reasons why you’d want to do that:

  • You might have a NIST-certified entropy source which would be helpful for a customer that has FIPS 140-3 requirements. Since wolfSSL is FIPS 140-3 certified, combining it with a NIST-certified entropy source is a natural fit.
  • Perhaps you have a special new RNG but do not have the man-power nor expertise to construct a cryptographic library to use it. (Rule #1: Never roll your own crypto!) In this case, integrating it with wolfSSL’s wolfCrypt library is a natural match to show real world use cases. Examples of this might be QRNGs (Quantum Random Number Generators) or any other new and interesting entropy generation methods.

Integrating your product into wolfCrypt might sound difficult, but it is NOT!

We show how easy it is by integrating a toy example of an RNG. Please see the patch that can be found as a github gist.

It is called the DEADBEEF RNG because when it is called to fill a buffer with randomness, it fills it with copies of 0xDEADBEEF. The diff is only 200 lines and is very simple to read and understand. Much of it is GPL boilerplate comments.

NOTE: Please do not use this patch. It is for illustrative purposes only! It provides zero randomness!

If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now

wolfSSL Conforms to MISRA-C Guidelines

The team at wolfSSL has taken the core functionality of the wolfSSL embedded SSL/TLS library to the next level and implemented changes to conform to the Required and Mandatory rules from the MISRA-C guidelines.

Currently a subset of the wolfCrypt modules are already covered for compliance, including detailed deviation documents (sha256.c, aes.c (CBC/GCM), rsa.c, random.c, sp_c64.c). Let us know if your project requires other files and we can target them while expanding coverage.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now

Posts navigation

1 2 3 4 5 196 197 198

Weekly updates

Archives