wolfSSL has lab-demoed wolfCrypt as a crypto provider for VPP. VPP (Vector Packet Processing) is FD.io’s user-space networking data plane. wolfCrypt plugs into VPP’s crypto dispatch and handles IPsec traffic. VPP has no FIPS 140-3 validated crypto path today. The built-in crypto has no validation. The OpenSSL path carries whatever FIPS posture OpenSSL has; on […]
Read MoreMore TagCategory: Uncategorized
wolfssl-openssl1: Drop-In wolfCrypt FIPS for OpenSSL 1.1.1
wolfSSL is releasing wolfssl-openssl1, a build of OpenSSL 1.1.1 where every cryptographic primitive is implemented by wolfCrypt. It produces drop-in libcrypto.so.1.1 and libssl.so.1.1. Applications get FIPS 140-3 validated crypto without recompiling. OpenSSL 1.1.1 reached end-of-life in September 2023. Its FIPS module is also EOL. There is no upgrade path to FIPS 140-3. Customers stuck on […]
Read MoreMore TagwolfSSL Roadmap 2026
Understand upcoming changes before they impact your builds, compliance timelines, and security architecture. Join us on June 25 at 9 AM PT for a focused walkthrough of the wolfSSL roadmap. This session goes beyond a high-level preview to highlight what’s actually changing across FIPS 140-3, post-quantum cryptography, and TLS—and what those changes mean for your […]
Read MoreMore TagwolfTPM Firmware TPM 2.0 with Post-Quantum
Firmware TPMs (fTPMs) are enabling TPM 2.0 functionality on platforms that cannot accommodate discrete TPM devices, including microcontrollers, safety processors, FPGA soft-cores, and trusted execution environments. Join us on June 24 at 9 AM PT for a technical webinar on wolfTPM Firmware TPM (fTPM). We’ll examine how TPM 2.0 is being deployed across embedded systems, […]
Read MoreMore TagFree Support for Open Source Projects
At wolfSSL, we are committed to supporting the open source community. If you are using wolfSSL software in an open source project and need technical assistance, contact us at support@wolfssl.com. Our engineering team is happy to help with integration, configuration, and troubleshooting questions. If you think your project may require a GPLv3 license exception, please […]
Read MoreMore TagMerkle Tree Certificates
If you’re part of the Web PKI community and haven’t heard of Merkle Tree Certificates then you must have been hiding under a rock for the past year! These are the new format of certificates that are being pushed by Google and Cloudflare to solve the issue of large public keys and signatures in ML-DSA […]
Read MoreMore TagwolfKeyMgr: Decrypt Internal TLS 1.3 Traffic Without Breaking It
TLS 1.3 made per-session forward secrecy the default. That is a win for privacy on the open internet, but inside your own data center it leaves monitoring, compliance, and intrusion-detection tools blind to the traffic they are meant to watch. wolfKeyMgr is wolfSSL’s answer. What wolfKeyMgr Does wolfKeyMgr is a secure key management service […]
Read MoreMore TagWhy is wolfSSL reporting so many CVEs?
Why are we reporting so many CVEs? If you follow wolfSSL, you’ve probably noticed the number of CVEs we file per release has ramped up this spring 2026. From 5.8.0 (April 2025) to 5.9.1 (April 2026) we’ve experienced nearly geometric growth in reported CVEs per wolfSSL release. So what’s going on? Should users of wolfSSL […]
Read MoreMore TagwolfCOSE vs The Field: The smallest and fastest COSE library, now with post-quantum ML-DSA at the same cost.
Scope: ES256 (P-256) COSE_Sign1 size and speed plus post-quantum ML-DSA (FIPS 204), wolfCOSE vs t_cose vs COSE-C, with cross-language and on-device results. Method: one identical operation, every library and crypto backend built from source on one machine with identical flags, dead-code eliminated. Desktop: x86_64 Intel i9-11950H, GCC 14.2. On-device: NUCLEO-H563ZI Cortex-M33 at 250 MHz. June […]
Read MoreMore TagPost-Quantum Cryptography in curl
wolfSSL continues to advance post-quantum cryptography support throughout its ecosystem, including curl when built with wolfSSL. Developers can use post-quantum and hybrid TLS 1.3 key exchange mechanisms, including ML-KEM, to help protect connections against future quantum threats. Supported Hybrid TLS 1.3 Key Exchange: SecP256r1MLKEM512 SecP384r1MLKEM768 SecP521r1MLKEM1024 SecP256r1MLKEM768 SecP521r1MLKEM1024 SecP384r1MLKEM1024 X25519MLKEM512 X25519MLKEM768 X448MLKEM768 To learn more […]
Read MoreMore Tag