Category: wolfCrypt FIPS

In a previous blog post, we defined CMMC 2.0 in terms of NIST 800-171, DIB entities, CUI, FCI and the FIPS 140-3 program. You can find what the acronym stands for here. The bottom line is that FIPS 140-3 is the security certification foundation of CMMC 2.0. Getting started with wolfSSL? Download the latest libraries […]

The fix for CVE-2026-5194 is available in wolfSSL 5.9.1. Upgrading to the new version resolves the issue for TLS, DTLS, and X.509 users. FIPS customers need to take a closer look. FIPS users who call wc_ecc_verify_hash() or wc_ecc_verify_hash_ex() directly may remain exposed until they add a small check at their call sites. The required check […]

The wolfSSL team are adding two new enhancements to our FreeBSD kernel module (bsdkm) that will make cryptography in the kernel faster and more secure: FIPS 140-3 in the kernel: PR #9590 introduced support for wolfCrypt FIPS in our FreeBSD kernel module. This provides a simple recipe for FIPS-certified crypto in FreeBSD kernel space. x86 […]

wolfSSL has made it possible to have a streamlined Full FIPS Linux build for Yocto and PetaLinux. The updates to meta-wolfssl provide a quick, known-good path to FIPS 140-3 cryptography for both userland and kernel applications, ensuring your entire embedded Linux ecosystem is compliant. Unified Kernel and Userland Cryptography A primary focus of this release […]

Do you have a Linux appliance, embedded system, container image, VM image, or distribution that must meet FIPS 140 requirements, or interoperate with systems operating under FIPS restrictions? wolfSSL provides FIPS-aligned cryptographic integrations across the Linux stack, including kernel-level updates and userspace cryptography platforms such as OpenSSL, Mozilla NSS, GnuTLS, and libgcrypt. These integrations replace […]

Active Certificates: wolfSSL holds two active FIPS 140-3 certificates #4718 and #5041. Download wolfSSL → Entropy Validation: An Entropy Source Validation (ESV) is currently at the CMVP for an in-house, high-performance software jitter TRNG and the Jan 1, 2026 Transition! In addition to the above, here is a roadmap of how 2026 will go for […]

Introducing meta-wolfssl support for LinuxKM: build-time FIPS-validated kernel crypto for embedded Linux What’s New: LinuxKM Recipes in meta-wolfssl The meta-wolfssl Yocto layer now includes recipes for building wolfSSL’s Linux Kernel Module (LinuxKM) directly into your embedded Linux images. This means Yocto-based projects can integrate FIPS 140-3 validated cryptography at the kernel level. You can now: […]

wolfSSL is bringing FIPS 140-3 to the NVIDIA Jetson Orin GPU platform, in both kernel and userspace contexts, with a kernel module alongside user-space cryptography that works under OpenSSL, GnuTLS, and Gcrypt, requiring no or minimal changes to applications. Download wolfSSL → It is ARM64-native and uses AES-XTS to meet the high throughput demands of […]