Many organizations still rely on legacy versions of OpenSSL because upgrading certified or long lifecycle products is not always simple. wolfSSL provides lightweight SSL/TLS and cryptography libraries designed for modern embedded and security-focused systems. For compliance-driven environments, wolfCrypt FIPS offers FIPS 140-3 validated cryptography with TLS 1.3 support. If your team is still using OpenSSL […]
Read MoreMore TagCategory: Uncategorized
wolfSSL Now Runs on CHERI
wolfSSL now builds and runs on CHERI purecap RISC-V, with all of the supporting fixes merged upstream. This brings one of the most widely deployed TLS/SSL and cryptography libraries to a hardware-enforced memory-safety architecture, a natural pairing for the kind of security-critical embedded code wolfSSL is built for. This work was contributed by William Beasley […]
Read MoreMore TagwolfBoot for CNSA 2.0 Secure Boot on Zynq UltraScale+ MPSoC
Executive Summary Problem: Zynq UltraScale+ MPSoC secure boot authenticates the FSBL with RSA-4096 in immutable BootROM. CNSA 2.0 requires post-quantum algorithms for long-term software and firmware verification. RSA-4096 is not quantum-resistant, so the BootROM cannot be the final CNSA 2.0 firmware-authentication answer. Solution: Use wolfBoot as the system-level post-quantum authorization layer. Keep AMD secure boot […]
Read MoreMore TagwolfBoot Now Supports the NXP Kinetis KL26 with Post-Quantum LMS Signatures
wolfSSL is pleased to announce that wolfBoot, our secure bootloader, now ships with support for the NXP Kinetis KL26 family (MKL26Z128), a Cortex-M0+ part running at 48 MHz with 128 KB of flash and 16 KB of SRAM. The port has been validated on the FRDM-KL26Z development board. Post-Quantum Secure Boot on a Cost-Constrained Part […]
Read MoreMore TagwolfCOSE: CBOR and COSE on FIPS-Validated wolfCrypt: Announcing wolfCOSE for wolfCrypt
We are excited to announce wolfCOSE for wolfCrypt. It is a zero-allocation C library that implements CBOR (RFC 8949) and COSE (RFC 9052/9053). All six COSE message types are supported: Sign1, Sign, Encrypt0, Encrypt, Mac0, and Mac. Multi-signer, multi-recipient, and countersignature variants are included. Cryptographic operations use wolfCrypt under CMVP certificate #4718. That gives COSE […]
Read MoreMore TagSPDM Support for the wolfTPM Firmware TPM (fTPM)
wolfTPM’s firmware TPM (fTPM) now includes an SPDM responder in fwtpm_server, adding an authenticated, encrypted transport between a host and the software TPM 2.0. It supports both TCG certificate mode and DMTF DSP0274 pre-shared-key (PSK) mode, and is merged in PR #510. A TPM for Environments Without Hardware TPM Support The fTPM is a full […]
Read MoreMore TagwolfHSM Now Supports the Infineon AURIX™ TC4xx
We’re excited to announce that wolfHSM now supports Infineon’s AURIX™ TC4xx. We have wolfHSM running on the TC4xx, and an initial release is coming soon. This brings wolfSSL’s portable, open-source HSM framework to Infineon’s next-generation AURIX platform, the successor to the widely deployed TC3xx family. Why AURIX TC4xx? Infineon’s AURIX™ TC4xx is the next generation […]
Read MoreMore TagwolfSSL support for ZFS
OpenZFS OpenZFS is a powerful combined filesystem and volume manager, that implements the well-known ZFS filesystem, which supports compressed and encrypted volumes. ZFS was originally developed by Sun Microsystems for Solaris Unix, and the source code was released in 2005 under the OpenSolaris project. Later, in 2013 the OpenZFS project took over open source management […]
Read MoreMore TagDTLS 1.3 in the Linux Kernel: Is There Demand?
We’re building a kernel-native DTLS 1.3 stack — the full wolfSSL handshake and record layer running entirely in Linux kernel context, with no userspace daemon. Before we commit to productizing it, we want to know who needs it. If you encrypt UDP traffic from inside the kernel today, you bounce every packet out to userspace […]
Read MoreMore TagwolfCrypt Is Quantum-Safe and has a FIPS 140-3 CAVP cert!
We’re proud to announce that wolfCrypt Post Quantum has officially received CAVP validation from NIST, listed under certificate #A8437. This validation covers the CNSA 2.0 compatible algorithm library contained within the wolfSSL TLS bundle (v7.0.0), and is a critical milestone on the path to a full FIPS 140-3 module validation for our post-quantum module. Certificate […]
Read MoreMore Tag