Open Source Project Ports: libssh2

One of the highlights of our wolfCrypt library is its exceptional portability, which allows wolfSSL’s team of engineers to frequently add new ports! Stay tuned for the rest of our blog series on the latest open source project ports over the next few weeks.

This week, we’re showcasing libssh2! We have integrated wolfSSL with the libssh2 project, which allows for the use of libssh2 with our FIPS-validated crypto library, wolfCrypt. Libssh2 is a client-side C library designed to implement the SSH2 protocol for embedding specific SSH (Secure Shell) capabilities into other tools. The project includes hundreds of functions that allow specific activities and components to be selected and added to an application, while still remaining small in size.

We’ve enabled libssh2 to be able to call into wolfSSL through the OpenSSL compatibility layer. You can access the GitHub page here:

Need more? Subscribe to our YouTube channel for access to wolfSSL webinars!
Love it? Star us on GitHub!

lighttpd Upstream Support

lighttpd has added support for wolfSSL in version 1.4.51! lighttpd is a fast and lightweight web server designed with a very low memory footprint. These design goals make wolfSSL an excellent choice as the SSL/TLS implementation, as it’s built to be lightweight, portable, and very fast. wolfSSL targets embedded and IoT devices but works just as well on desktop, enterprise, and cloud environments. Configuring wolfSSL as the SSL/TLS backend for lighttpd is simple and can provide you with the immediate benefit of a lower memory footprint and faster cryptography!

Compile wolfSSL with:

./configure --enable-lighty
make install

Compile lighttpd with:

./configure --with-wolfssl
make install

To learn about how to setup your lighttpd instance to use wolfSSL, please visit

Contact us at with any questions or feedback.
Love it? Star us on GitHub!

Upcoming Webinar : wolfCLU – Command Line Utility

Did you know we have a command-line utility? wolfSSL has laid the groundwork for a portable CLU, called wolfCLU. We want our community to be aware so you have the opportunity to begin using it with the wolfSSL embedded SSL/TLS library! Join our upcoming webinar to learn how.

Join this webinar to learn about wolfCLU and current features–such as autoconf for portability and FIPS build compatibility–as well as our future plans like certificate request creation. As always, bring your questions for the Q&A following the presentation. This is your chance to tell us what YOU want from wolfCLU!

When: Aug 26, 2021 10:00 AM Pacific Time (US and Canada)

Register in advance for this webinar:

Contact us at to learn more!

Open Source Project Ports: NTP

Because of the exceptional portability of our wolfCrypt library, plus our fantastic team of engineers, we’re able to frequently add new ports. We’ll be showcasing a few of the latest open source project ports over the next ten weeks, so tune in!

First, we just integrated wolfSSL with the NTP (Network Time Protocol) project. This port allows for the use of NTP with our FIPS-validated crypto library, wolfCrypt. NTP is designed to synchronize the clocks of computers over packet-switched, variable-latency data networks. For more information on NTP, you can also visit the project’s website at

We’ve enabled NTP to be able to call into wolfSSL through the OpenSSL compatibility layer. You can access the GitHub page here:

Need more? Subscribe to our YouTube channel for access to wolfSSL webinars!
Love it? Star us on GitHub!

ECIES – SEC.1 and ISO/IEC 18033

The wolfSSL library has for a long time supported encryption and decryption using ECC with an implementation of ECIES (Elliptic Curve Integrated Encryption Scheme). Recently the ECIES code was updated to support the SEC.1 and ISO/IEC 18033 variants.

ECIES is the elliptic curve equivalent of the RSA encryption algorithm and is useful as a key encapsulation mechanism (KEM). KEMs are used to established shared keys between two parties that have never communicated before. By securing, say, a symmetric key with the EC public key, only the owner of the EC private key can derive it.

Unlike RSA encryption, ECIES can also be used for sending a message securely to the owner of the private key (i.e. data encapsulation mechanism (DEM)). The integration of a symmetric cipher in the ECIES algorithm allows it to encrypt any amount of data.

In the real world, ECIES is used by standards like the Intelligent Transport Systems (ETSI TS 103 097) and is part of Android Pay and Apple’s iMessage and Find My.

In the wolfSSL library, the default algorithm is now as described in SEC.1. If you require the original wolfSSL algorithm then configure with -–enable-ecies=old or define WOLFSSL_ECIES_OLD. Alternatively, if the ISO/IEC 18033 algorithm is required then configure with -–enable-ecies=iso18033 or define WOLFSSL_ECIES_ISO18033.

Contact us at to learn more!

Sniffing traffic with TLS v1.3

The wolfSSL library includes a useful tool for sniffing TLS traffic. This can be used to capture and decrypt live or recorded PCAP traces when at least one of the keys is known. Typically a static RSA ciphersuite would be used, however with TLS v1.3 only Perfect Forward Secrecy (PFS) ciphers are allowed. For TLS v1.3 all cipher suites use a new ephemeral key for each new session.

In order to solve this we added a “static ephemeral” feature, which allows setting a known key that is used for deriving a shared secret. The key can be rolled periodically and synchronized with the sniffer tool to decrypt traffic. This feature is disabled by default and is only recommended for internal or test environments.

As a proof of concept we added this support to Apache httpd to demonstrate real-time decryption of web traffic. We are also working on a key manager to assist with key rolling and synchronization.

A use case that might be interesting is a company internal web server that requires auditing.

The TLS v1.3 sniffer support was added in PR 3044 and officially supported in v4.8.1.
The Apache httpd branch with sniffer and FIPS ready support is here.

Contact us at to learn more!

wolfSSL supports IoT SAFE

The wolfSSL embedded SSL/TLS library supports many popular hardware secure elements from several suppliers using different technologies.

Some of these hardware elements are specifically designed to enable end-to-end security in IoT devices, by providing a hardware ‘Root of Trust’, and by providing asynchronous cryptography functionality and key vaults.

GSMA is an alliance representing mobile operators, manufacturers and companies focusing on the mobile communication industry. The alliance has published the guidelines to implement  a Root-of-trust mechanism, IoT SIM Applet For Secure End-to-End Communication, also known as IoT-SAFE. This technology promotes the use of SIM cards as Root-of-Trust to secure applications and services running on embedded systems connected through the mobile network. IoT-SAFE opens new possibilities for key provisioning through a component that is, in fact, already designed to support end-to-end security within different layers of the protocol.

wolfSSL, in collaboration with partners in the mobile industry, has recently developed an IoT-SAFE module for the wolfSSL embedded TLS library.

The code is portable and it’s designed to be used on an embedded board, equipped with an LTE modem and an IoT-SAFE capable SIM card, but can be easily adapted to run on any environment that has access to a communication channel with an IoT-SAFE capable SIM card.

The module includes several features, such as the possibility to use IoT-SAFE as true random number generator, access asymmetric key operations on the SIM, as well as generate, store and retrieve keys in the secure vault. The most important feature though, is the possibility to equip wolfSSL sessions with IoT-SAFE support, so that all the operations during the TLS handshake for that session are executed through IoT-SAFE commands. 

To demonstrate a full TLS endpoint using IoT-SAFE API to complete the handshake and establish a TLS session, we have prepared an example that uses a SIM card pre-provisioned with our test ECC certificate and keys. Both TLS 1.3 and 1.2 are supported.

Securing Device-to-Cloud communication with a robust end-to-end strategy is of course the main priority of this module. However, we are looking forward to seeing wolfSSL IoT-SAFE support used in different applications and use cases.

Are you planning to integrate GSMA IoT-Safe in your TLS or cryptography design? Let us know about your architecture and use cases, write us an email to

Need more? Subscribe to our YouTube channel for access to wolfSSL webinars!
Love it? Star us on GitHub!

wolfSSL at ICMC 2021

wolfSSL is an exhibiting sponsor at this year’s International Cryptographic Module Conference (ICMC) in Maryland. We’re all about doing cryptography right, and as the best-tested crypto on the market, we can’t wait to talk through securing your projects at ICMC.

Find us September 1-3 in Washington DC at the Hyatt Regency Bethesda or online to join this hybridized event! We’re talking about:

Come meet us at ICMC and bring all your cryptography questions! In the meantime, download and star wolfSSL on GitHub. If you’d like to book a meeting online or in-person, email We can’t wait to see you!


Need more? Subscribe to our YouTube page for access to webinars.
Love it? Star us on GitHub!

wolfSSL in ExpressVPN’s Lightway

ExpressVPN’s Lightway protocol is out of beta and leverages wolfSSL for secure crypto. As such, the “modern VPN” inherits speed, performance, best-tested security and is able to maintain it’s lightweight mobility.

“In terms of the encryption, [ExpressVPN’s Chief Architect, Pete] Membrey explained that Lightway uses wolfSSL. ‘To be clear, we didn’t roll any of our own crypto. It’s something we – as a principle – keep well away from. It’s extremely easy to get that wrong so we outsourced it, effectively, to a library that’s open source and has been audited.’

wolfSSL is used on millions of devices already and is the library that powers Pokémon GO. It’s designed for embedded devices, so it’s fast on Apple M1 chip, on routers, iPhones and more.”

Learn more about ExpressVPN’s announcement on their blog and TechAdvisor.


Need more? Subscribe to our YouTube page for access to webinars.
Love it? Star us on GitHub!

What is a Block Cipher?

A block cipher is an encryption method that applies a deterministic algorithm along with a symmetric key to encrypt a block of text, rather than encrypting one bit at a time as in stream ciphers. For example, a common block cipher, AES (Advanced Encryption Standard), encrypts 128 bit blocks with a key of predetermined length: 128, 192, or 256 bits. Block ciphers are pseudorandom permutation (PRP) families that operate on the fixed size block of bits. PRPs are functions that cannot be differentiated from completely random permutations and thus, are considered reliable, until proven unreliable.

Block cipher modes of operation have been developed to eliminate the chance of encrypting identical blocks of text the same way, the ciphertext formed from the previous encrypted block is applied to the next block. A block of bits called an initialization vector (IV) is also used by modes of operation to ensure ciphertexts remain distinct even when the same plaintext message is encrypted a number of times.

Some of the various modes of operation for block ciphers include CBC (cipher block chaining), CFB (cipher feedback), CTR (counter), and GCM (Galois/Counter Mode), among others. AES, described above, is an example of a CBC mode where an IV is crossed with the initial plaintext block and the encryption algorithm is completed with a given key, and the ciphertext is then outputted. This resultant cipher text is then used in place of the IV in subsequent plaintext blocks.

For information on the block ciphers that are implemented in wolfSSL or to learn more about the wolfSSL lightweight, embedded SSL library, visit or contact us at


[1] Pseudorandom permutation. (2014, November 23). In Wikipedia, The Free Encyclopedia.Retrieved 22:06, December 18, 2014, from

[2] Margaret Rouse. (2014). Block Cipher [Online]. Available URL:

[3] Block cipher mode of operation. (2014, December 12). In Wikipedia, The Free Encyclopedia. Retrieved 22:17, December 18, 2014, from

[4] Wikimedia. (2014). Available URL:

Posts navigation

1 2 3 4 5 6 7 139 140 141