We have added bare-metal wolfIP ports for three AMD/Xilinx PS-GEM SoCs, all brought up and measured on real hardware: ZCU102 – Zynq UltraScale+ MPSoC, Cortex-A53 (AArch64, EL3) VMK180 – Versal ACAP Gen 1, Cortex-A72 (AArch64, EL3) ZC702 – Zynq-7000, Cortex-A9 (ARMv7-A, SVC) All three share a single source tree (each board’s Makefile build-selects its components, […]
Read MoreMore TagCategory: Uncategorized
wolfSSL granted NIST ESV Cert #335
Following a Dec 5, 2025 submission, the wolfSSL proprietary, software-based TRNG ‘wolfEntropy’ has officially achieved NIST Entropy Source Validation: ESV Certificate #335. The Engineering The wolfEntropy solution was written from the ground up to eliminate supply-chain risk and optimize performance, footprint, and run time resource use: Custom Architecture: Zero-dependency, proprietary jitter-based design. Cache-Optimized: Specifically engineered […]
Read MoreMore TagwolfIP Adds a Clean-Room Wi-Fi Supplicant: WPA2, WPA2-Enterprise, and WPA3 for Embedded Systems
wolfIP now ships an in-tree Wi-Fi supplicant (src/supplicant/) that brings WPA2-Personal, WPA2-Enterprise, and WPA3-Personal authentication to resource-constrained embedded devices, with no external proprietary supplicant and no dynamic memory allocation. It is a clean-room implementation built directly on wolfSSL/wolfCrypt, so the same crypto you already trust now drives your Wi-Fi association. Supported authentication methods Mode Standard […]
Read MoreMore TagIntroducing tinytls13: A minimal TLS 1.3 build profile that fits a complete client in about 30 KB of flash.
In brief. tinytls13 is a new wolfSSL build profile for deeply constrained devices. It compiles a complete, working TLS 1.3 client in about 30.8 KB of flash on an ARM Cortex-M33, with no X.509 and no extras you did not ask for. Why we built it Secure boot, attestation, and IoT connectivity increasingly need TLS […]
Read MoreMore TagXilinx Versal Gen 2 ASU support coming to wolfSSL
wolfSSL is proud to announce that active development has started to support offloading cryptographic operations to the ASU subsystem found on the Xilinx Versal Gen 2. We are currently implementing offload support for TRNG, SHA2, SHA3, SHAKE, HMAC, AES, RSA, and ECC. This will help enable future wolfSSL projects on the Versal Gen 2 platform, […]
Read MoreMore TagwolfMKA: The MACsec Control Plane for Your Switch Firmware
Your switches already do the hard part in silicon. A modern MACsec-capable ASIC encrypts, authenticates, and replay-protects every frame at line rate on the physical layer – no CPU in the data path. But that hardware doesn’t key itself. Before a single protected frame goes out, something has to discover peers, prove liveness, elect a […]
Read MoreMore TagwolfMQTT 2.1.0 Released: Broker Session Persistence, Stronger Security, and MQTT v5 Reliability
wolfMQTT is wolfSSL’s lightweight MQTT client and broker library, purpose-built for embedded and IoT devices. It is small, portable, and pairs directly with the wolfSSL embedded TLS library for secure MQTT over TLS 1.3, giving resource-constrained devices a fully authenticated, encrypted messaging stack in a tiny footprint. The wolfMQTT 2.1.0 release extends the built-in broker […]
Read MoreMore TagDesigning Secure Automotive Platforms
Securing modern vehicles requires more than protecting network traffic. Security must extend from secure boot and software updates to in-vehicle communications, cloud connectivity, and ADAS throughout the vehicle lifecycle. This webinar shows how the technologies used to secure modern automotive platforms fit together in practice. You’ll gain a practical understanding of how automotive HSMs, secure […]
Read MoreMore TagProtecting Control-Center Communications: wolfMKA and MACsec for NERC CIP-012-2
If you operate part of the North American Bulk Electric System, NERC CIP-012-2 – Cyber Security: Communications between Control Centers – requires you to protect the confidentiality and integrity of Real-time Assessment and Real-time monitoring data while it is transmitted between Control Centers, and to identify where that protection is applied. Both properties have to […]
Read MoreMore TagwolfProvider Post-Quantum Cryptography: ML-KEM and ML-DSA
wolfProvider now brings post-quantum key encapsulation and signatures to any OpenSSL 3.x application through the wolfCrypt backend, with no application code changes. The difference from OpenSSL’s own post-quantum support is validation. The ML-KEM (FIPS 203) and ML-DSA (FIPS 204) implementations that actually run are wolfCrypt’s, which hold NIST CAVP validation under certificate #5041. An application […]
Read MoreMore Tag
