wolfSSL’s wolfcrypt library includes several cryptographic algorithms that are now considered broken or deprecated. While these algorithms are typically disabled by default, developers should be aware of their security implications. Here is the list of these algorithms along with links to documents explaining why they are no longer considered secure: RC4/ARC4: Prohibited for TLS use […]
Read MoreMore TagCategory: Uncategorized
Enhancements to wolfCLU: PKCS8, Base64, and Improved Certificate Verification
We’re excited to announce recent improvements to wolfCLU, wolfSSL’s command line tool designed to make working with cryptographic data even easier and more flexible. PKCS8 and Base64 Support pkcs8: Easily parse and handle PKCS#8-formatted private keys, ensuring compatibility with modern secure key formatting standards. base64: Encode or decode data in Base64 format directly from the […]
Read MoreMore TagMigrating to wolfSSL from mbedTLS
We wanted to highlight a useful migration guide posted by Amazon for their AWS IoT Core with FreeRTOS showing how to migrate from mbedTLS to wolfSSL. The migration guide shows useful API mappings and how to expose PKCS11 capabilities. Check out the FreeRTOS with mbedTLS to FreeRTOS with wolfSSL Migration Guide v1.0. FreeRTOS is a […]
Read MoreMore TagLive Webinar: The Basics of wolfBoot and All the Advanced Features We Have Recently Added
Secure your boot process with built-in post-quantum algorithms, hybrid crypto, and hardware-backed protection using wolfBoot. Join us for the webinar, “The Basics of wolfBoot and the Advanced Features We Have Recently Added,” on July 9th at 9 AM PT. Presented by wolfSSL Senior Software Engineer Daniele Lacamera, this session introduces wolfBoot’s secure boot fundamentals and […]
Read MoreMore TagCryptoagility
Have you heard the newest and most pervasive buzzword in online security? Recently, the most popular and over-hyped expression doing the rounds these days is “Cryptoagility”. Why do we think it is so overhyped? Because if you are simply looking for a definition, you’ll be hard pressed to find one. People who talk about it […]
Read MoreMore TagComing Soon: tiny-curl for Zephyr RTOS
At wolfSSL, we’re excited to announce plans for a tiny-curl port tailored for Zephyr RTOS. This will bring lightweight HTTPS client capabilities to one of the most widely used real-time operating systems for embedded devices. Stay tuned for updates as we work to integrate tiny-curl’s proven functionality into the Zephyr ecosystem. If you have questions […]
Read MoreMore TagRetrofitting Legacy Bootloaders with wolfBoot: a Modern Secure Bootloader for Embedded Systems
Introduction: Modernizing Legacy Devices with Secure Boot Embedded developers often face the challenge of adding a secure bootloader for embedded systems to legacy hardware without overhauling the entire boot process. Many automotive and industrial devices – for example, older PowerPC-based electronic control units (ECUs) in vehicles or aging industrial controllers – still run insecure or […]
Read MoreMore TagSecuring UEFI with wolfSSL’s FIPS 140-3 Cryptography
One of the biggest strengths of the wolfSSL portfolio is its ability to adapt and run in the most diverse environments, whether it’s a minimal bare-metal deployment or a complex, multi-layered operating system. This blog highlights recent improvements in the wolfSSL products regarding integration with the Unified Extensible Firmware Interface (UEFI)—the modern way to interface […]
Read MoreMore TagwolfHSM Support for Renesas RH850
We’re happy to announce that we’ve added support for Renesas RH850 in wolfHSM. The RH850 Family of 32-bit automotive microcontrollers (MCUs) is an automotive microcontroller equipped with an integrated Hardware Security Module (HSM). It ensures fast and secure key management, cryptographic processing, and authentication at the hardware level. Designed for next-generation ECUs, it combines functional […]
Read MoreMore TagwolfSSL Java JSSE Provider Supports DTLS 1.3
wolfSSL’s Java JSSE provider (wolfJSSE) now supports DTLS 1.3! This support includes DTLS 1.3 on both client and server side through the SSLEngine interface. This support can be found in the wolfssljni GitHub master branch, and will be included in the next stable release. Benefits of DTLS 1.3 DTLS 1.3 (see RFC 9147) brings improved […]
Read MoreMore Tag