RECENT BLOG NEWS

At wolfSSL, we have been developing a TPM stack with customers for many years called wolfTPM, a portable, open-source TPM 2.0 stack with backward API compatibility, designed for embedded use. It is highly portable, and has native support for Linux and Windows. RTOS and bare metal environments can take advantage of a single IO callback for […]

As a Cybersecurity company we have to make sure all of our products are state of the art. As such we make sure to be proactive, so that our products are always the best they can be. Being an open source company, we like to keep our users, customers, and followers up to date on […]

As many people know, the OpenSSL project is struggling with FIPS, as of October 2020, OpenSSL has no active FIPS 140 validation. OpenSSL had plans to restore it’s FIPS validation with OpenSSL 3.0, however they ran into significant delays, and since FIPS 140-2 testing ends September 2021, OpenSSL ultimately decided to focus their efforts on […]

WolfSSL continues to extend and improve our TPM 2.0 portable library. wolfTPM is the only TPM 2.0 Stack designed for baremetal and embedded systems use. In just two months we added six new wolfTPM examples. At the end of March, we released wolfTPM version 2.1.0 that added three new examples: NVRAM examples Using the TPM as […]

FIPS 140-2 requires the use of validated cryptography in the security systems implemented by federal agencies to protect sensitive information. The wolfCrypt Module is a comprehensive suite of FIPS Approved algorithms. All key sizes and modes have been implemented to allow flexibility and efficiency. The National Institute of Standards and Technology (NIST) is sending FIPS […]

With wolfSSL 4.6.0, the cisco/libest EST library has been ported to work with wolfSSL. The Enrollment over Secure Transport (EST) protocol defines “enrollment for clients using Certificate Management over CMS (CMC) [RFC5272] messages over a secure transport.” It uses TLS >1.1 and the Hypertext Transfer Protocol (HTTP) to facilitate secure and authenticated Public Key Infrastructure […]

What is CT (Certificate Transparency)?  Certificate Transparency is from RFC 6962 and is an extension on certificates to create a Merkle Tree (hash tree like with blockchain). The purpose of the tree is to help spot misuses of certificates and to provide a public way to audit the log of certificates issued. It was first […]

If you pop over to the OpenWrt project site, you’ll stumble upon some excellent news: “TLS support is now provided by default in OpenWrt images including the trusted CA certificates from Mozilla. It means that wget and opkg now support fetching resources over HTTPS out-of-the-box. The opkg download server is accessed through HTTPS by default. […]

The acronym CAAM stands for Cryptographic Accelerator and Assurance Module. It is hardware that can be found on many i.MX NXP devices. When used it speeds up the cryptographic algorithms such as ECC and AES. In addition to the performance gained with using the CAAM for cryptographic operations, the application can also increase security by […]

The embedded systems community has long sought a top quality, super flexible, made-with-love IDPS. Today, wolfSSL answers the call, with our first preview release of wolfSentry, the IDPS (Intrusion Detection and Prevention System) for embedded and IoT systems. Included in this preview are Support for Linux, BSD, MacOS X, and Deos, on 32 and 64 […]