RECENT BLOG NEWS

wolfSSL implements support for both client side and server side DTLS. The server side requires extra attention when it comes to Denial-of-Service (DoS) attacks. One way to mitigate DoS on DTLS servers is to operate statelessly until a cookie exchange is completed with the peer. The cookie exchange is implemented in all versions of DTLS. […]

wolfSSL Inc is proud to announce an important incremental update to wolfSSH: v1.4.13! In this release, we fix a severe user authentication bug in wolfSSHd. It is highly recommended that anyone using wolfSSHd upgrade to this version immediately (see Vulnerabilities in the change log below). We have added a STM32Cube Expansion Pack for building in […]

wolfSSH offers all the functionality of a SSH server and client in a compact and microcontroller friendly library and is now available for use as an STM32Cube Package. wolfCrypt, the crypto engine for wolfSSH, heavily supports STM32 hardware and now you can leverage wolfSSH as an SSH solution in the same environment. wolfSSH supports SSH […]

wolfSSL uses mutexes for most locking synchronization. In release 5.6.0 we have added support for pthread_rwlock_t (https://github.com/wolfSSL/wolfssl/pull/5952 and https://github.com/wolfSSL/wolfssl/pull/6086). It is currently implemented in the session caching logic. This will speed up multi-threaded servers by allowing multiple threads to read from the cache simultaneously. We also recommend multi-threaded servers to define ENABLE_SESSION_CACHE_ROW_LOCK when building wolfSSL. […]

wolfSSL makes a great effort to support many different projects. We provide patches for projects to leverage our OpenSSL Compatibility Layer and work with maintainers to upstream support whenever possible. This blog is a list of currently supported open source projects. The support type denotes how wolfSSL is supported. “Patch” means that we provide a […]

wolfSSL release version 5.6.0 is available now! A couple things to note with this release is that the new and improved ASN parsing, and generation, code is enabled by default now. Additionally we have the upcoming deprecation of –enable-heapmath which is scheduled to be removed by 2024. This release also saw the addition of DTLS […]

What is the difference in modes with wpa_supplicant using wolfSSL FIPS vs non FIPS? Some of the algorithms are restricted when using CONFIG_FIPS=y while building wpa_supplicant. This is not a limitation in wpa_supplicant or in wolfSSL, but is due to restrictions and guidelines put in place for FIPS. To help avoid using algorithms that have […]

wolfSSL and Intel have jointly published a white paper on the advantages of using the wolfBoot secure bootloader together with 11th Gen Intel Core processors.  The white paper has been published on wolfSSL’s White Paper page and can be downloaded today! This white paper introduces the wolfBoot secure bootloader and 11th Gen Intel Core i7 […]

One of the primary distinctions between wolfSSL and other security libraries is the availability of commercial support packages (https://www.wolfssl.com/products/support-and-maintenance/). The Premium Support package includes these benefits: Having your build configuration tested by our Nightly CI ensures that any changes made to the library will not cause regressions to your project! Having a highly configurable library […]

A little while ago, we wrote a blog post (https://www.wolfssl.com/nsa-announces-cnsa-suite-2-0/) and did a webinar (https://www.youtube.com/watch?v=IiykMe-pjqo) about the CNSA 2.0 announcement(https://media.defense.gov/2022/Sep/07/2003071834/-1/-1/0/CSA_CNSA_2.0_ALGORITHMS_.PDF).  It discusses the need for preparing to use post-quantum algorithms.  For signature schemes, it specifies Dilithium Level 5 as a good general purpose algorithm and LMS and XMSS as being good for signing software and […]