wolfSSL 5.8.2 is now available! We are excited to announce the release of wolfSSL 5.8.2, packed with significant enhancements, introducing new functionalities, and refining existing features! Important Notes for this Release GPLv3 Licensing: wolfSSL has transitioned from GPLv2 to GPLv3. Deprecated Feature: `–enable-heapmath` is now deprecated. MD5 Disabled by Default: For enhanced security, MD5 is […]
Read MoreMore TagCategory: Uncategorized
ML-KEM Versus ML-DSA
ML-KEM (Module Lattice Key Encapsulation Mechanism) is for secure key exchange. ML-KEM enables two parties to establish a shared secret key over an insecure channel. ML-DSA (Module Lattice Digital Signature Algorithm) is for authentication. ML-DSA allows a signer to generate a digital signature that can be verified by others, ensuring the authenticity and integrity of […]
Read MoreMore TagUsing ECH with curl and wolfSSL
The Server Name Indication (SNI) extension to TLS allows the client to specify the name of the server it is trying to connect to, which allows the server to select between multiple virtual servers and present the appropriate certificate for the connection. The client sends the server name as a part of a Client Hello […]
Read MoreMore TagTrusted by Design: How wolfSSL and Dark Sky Technology Came Together
How wolfSSL and Dark Sky Technology Secure Embedded Systems When defense systems run open-source code touched by foreign adversaries, it’s not just risky—it’s a national security threat. That’s why wolfSSL and Dark Sky Technology teamed up: to combine certifiable cryptography with provable trust. wolfSSL builds the most trusted cryptography on the market. Our lightweight, FIPS […]
Read MoreMore Tag802.1AE-MACsec with wolfCrypt
What is 802.1AE? 802.1AE (MACsec) is a network layer 2 protocol for protecting ethernet frames with encryption and authentication across ethernet links. It introduces a new MACsec ethernet frame format, which carries an additional security tag (SecTAG) field inserted between the ethernet header and payload, as well as an integrity check value (ICV) trailer field […]
Read MoreMore TagBenchmarking wolfCrypt on the Frontgrade Gaisler GR740: A Glimpse into Performance
In the context of the recent collaboration between wolfSSL and Frontgrade Gaisler, we are excited to share some benchmark results of the wolfCrypt library running on the Gaisler GR740-MINI board. The GR740, designed as ESA’s Next Generation Microprocessor (NGMP), is a radiation-hardened System-on-Chip (SoC) featuring a quad-core fault-tolerant LEON4 SPARC V8 processor. WolfSSL and Gaisler […]
Read MoreMore TagLive Webinar: Learn to Bring (D)TLS to any Transport via wolfSSL’s I/O Callbacks
Secure Bluetooth and Beyond: Bring (D)TLS to Any Transport Layer with wolfSSL’s I/O Callbacks. Join us on July 16th at 9 AM PT for a live webinar with wolfSSL Senior Software Developer Anthony Hu, as we explore how to secure communication transport layers like Bluetooth Low Energy (BTLE), serial interfaces, and other custom or resource-constrained […]
Read MoreMore TagFIPS-Certified WireGuard
As WireGuard continues to grow in popularity for its simplicity and efficiency in VPN deployments, security-conscious organizations are increasingly demanding solutions that adhere to stringent security standards, such as FIPS 140-3 or CMMC 2.0. FIPS certification is a key requirement for governmental agencies and industries like defense and healthcare, where secure cryptographic implementations are mandatory […]
Read MoreMore TagBroken Cryptographic Algorithms
wolfSSL’s wolfcrypt library includes several cryptographic algorithms that are now considered broken or deprecated. While these algorithms are typically disabled by default, developers should be aware of their security implications. Here is the list of these algorithms along with links to documents explaining why they are no longer considered secure: RC4/ARC4: Prohibited for TLS use […]
Read MoreMore TagEnhancements to wolfCLU: PKCS8, Base64, and Improved Certificate Verification
We’re excited to announce recent improvements to wolfCLU, wolfSSL’s command line tool designed to make working with cryptographic data even easier and more flexible. PKCS8 and Base64 Support pkcs8: Easily parse and handle PKCS#8-formatted private keys, ensuring compatibility with modern secure key formatting standards. base64: Encode or decode data in Base64 format directly from the […]
Read MoreMore Tag