Rust’s crypto ecosystem is good. `ring` is fast and well-tested. RustCrypto covers almost everything. rustls has replaced OpenSSL in a lot of stacks. None of it is FIPS 140-3 certifiable. If you’re shipping to the US federal, healthcare, finance, or defense, that matters. You can write excellent Rust and still get blocked at the compliance […]
Read MoreMore TagCategory: wolfCrypt FIPS
How to Leverage FIPS to Meet Common Criteria Requirements
Does your project require meeting Common Criteria standards? Using wolfSSL’s FIPS-validated module (or FIPS-ready which is tailored towards FIPS requirements) helps a lot with meeting CC (Common Criteria) because it gives strong, reusable evidence for the crypto portion through independent validation of crypto algorithms and validation evidence with ACVP workflows. Having the ACVP tests and […]
Read MoreMore TagFIPS 140-3 Encryption for Connected Medical Devices
Medical devices need encryption, but government and healthcare buyers often require FIPS 140-3 validated cryptography to meet compliance standards. wolfCrypt FIPS 140-3 provides validated encryption for embedded medical devices with lower memory and processing requirements than standard crypto libraries. It protects stored data and data in transit. wolfSSL FIPS extends this validation to TLS connections […]
Read MoreMore TagFIPS 140-3 Validated OpenZFS Encryption: Is There Demand?
We’re looking at building a wolfCrypt backend for OpenZFS native encryption. Before we commit, we want to know who needs it. If you’re running encrypted ZFS datasets, you’re running unvalidated crypto that no FIPS module can currently help with. Nobody offers FIPS-validated ZFS encryption. Anywhere. The engineering is straightforward. We have already spec’d and prototyped […]
Read MoreMore TagFIPS 140-3 Validated Proxmox VE: Is There Demand?
We’re looking at bringing FIPS 140-3 validated cryptography to Proxmox VE. Before we commit, we want to know if the market actually wants it. Here’s the situation. Broadcom’s VMware licensing changes are pushing a lot of enterprise customers toward Proxmox. Proxmox is solid (Debian-based, KVM, mature, production-proven) and the migration makes technical sense. But organizations […]
Read MoreMore Tagwolfssl-wolfcrypt Rust Crate Version 1.1.0 Released with FIPS Support
We are excited to announce the immediate availability of version 1.1.0 of the wolfssl-wolfcrypt Rust crate! This update is a big milestone, bringing official support for wolfSSL FIPS-enabled cryptography to the Rust ecosystem. Getting started with wolfSSL? Download the latest libraries here and start exploring. Key Highlights The new version focuses on providing robust, validated […]
Read MoreMore TagFIPS 140-3 for CMMC 2.0
In a previous blog post, we defined CMMC 2.0 in terms of NIST 800-171, DIB entities, CUI, FCI and the FIPS 140-3 program. You can find what the acronym stands for here. The bottom line is that FIPS 140-3 is the security certification foundation of CMMC 2.0. Getting started with wolfSSL? Download the latest libraries […]
Read MoreMore TagGuidance for FIPS Customers: Auditing Direct Calls to wc_ecc_verify_hash()
The fix for CVE-2026-5194 is available in wolfSSL 5.9.1. Upgrading to the new version resolves the issue for TLS, DTLS, and X.509 users. FIPS customers need to take a closer look. FIPS users who call wc_ecc_verify_hash() or wc_ecc_verify_hash_ex() directly may remain exposed until they add a small check at their call sites. The required check […]
Read MoreMore TagwolfCrypt FreeBSD kernel module update: FIPS and crypto acceleration support
The wolfSSL team are adding two new enhancements to our FreeBSD kernel module (bsdkm) that will make cryptography in the kernel faster and more secure: FIPS 140-3 in the kernel: PR #9590 introduced support for wolfCrypt FIPS in our FreeBSD kernel module. This provides a simple recipe for FIPS-certified crypto in FreeBSD kernel space. x86 […]
Read MoreMore TagYocto and PetaLinux: Achieving Full FIPS 140-3 Linux with meta-wolfssl
wolfSSL has made it possible to have a streamlined Full FIPS Linux build for Yocto and PetaLinux. The updates to meta-wolfssl provide a quick, known-good path to FIPS 140-3 cryptography for both userland and kernel applications, ensuring your entire embedded Linux ecosystem is compliant. Unified Kernel and Userland Cryptography A primary focus of this release […]
Read MoreMore Tag