In Part 1, we argued agents need cryptographic request authenticity. In Part 2 we surveyed the ecosystem and the adjacent tools. This post is about what we’re contributing: native RFC 9421 support at the plumbing layer — curl and libcurl, with wolfCrypt providing the Ed25519 math. Two open PRs: curl — curl/curl#21239 — httpsig: add […]
Read MoreMore TagCategory: Uncategorized
wolfCOSE: The First COSE Implementation with ML-DSA – Production-Tested, CAVP-Validated Post-Quantum Signatures in wolfCOSE
If you are signing CBOR payloads on an embedded device and you have started worrying about “harvest now, decrypt later,” that worry now extends to signatures too. Long-lived firmware artifacts, attestation reports, supply-chain manifests: anything signed today with ECDSA or RSA can be retroactively forged by an adversary with a cryptographically relevant quantum computer. wolfCOSE […]
Read MoreMore TagwolfCOSE: What is COSE?
COSE (CBOR Object Signing and Encryption) is a compact binary format for attaching signatures, encryption, or MACs directly to a piece of data, so that the proof travels with the object no matter how it is stored, cached, or forwarded. That is the whole idea. If you know JOSE, JWT, JWS, JWE, COSE is the […]
Read MoreMore TagThe Identity Gap: SigV4, JWT, mTLS, and the Open-Source Race to Authenticate AI Agents – Part 2
In Part 1, we argued that AI agents break the identity model the web was built on, and that RFC 9421 is a natural — if incomplete — primitive for the layer that’s missing. That invites three fair questions: Doesn’t AWS Signature V4 already do this? Doesn’t JWT already do this? If 9421 is the […]
Read MoreMore TagReplacing Zephyr’s TCP/IP Stack with wolfIP
Zephyr is a great RTOS for embedded development: broad board support, a familiar BSD socket interface, and a flexible networking subsystem. However, teams building long-lived connected products often need more than a default network stack: they need predictable memory behavior, modern TCP features, and tight alignment with their security architecture. Our new wolfIP port, replacing […]
Read MoreMore TagAnnouncing wolfssl-wolfcrypt Rust Crate v2.0.0
We are pleased to announce the release of wolfssl-wolfcrypt version 2.0.0, now available on crates.io. This major update introduces critical safety enhancements, expanded algorithm support, and architectural changes to improve reliability across different build configurations. Breaking Changes This release includes some breaking API changes necessitated by memory safety and soundness improvements: RNG Ownership: ECC::set_rng, RSA::set_rng, […]
Read MoreMore TagSigning the Agentic Web: Why AI Agents Need an Identity Layer – Part 1
We spent two decades teaching the web how to trust people. Passwords, OAuth, WebAuthn, passkeys — each generation a little less phishable than the last. It worked because the client was a human, or a program a human wrote, and there was typically one of them per session. That assumption has quietly collapsed. An autonomous […]
Read MoreMore TagCJOSE FIPS 140-3 Tested & Available with wolfCrypt FIPS
CJOSE is a C library for JSON Object Signing and Encryption (JOSE), providing support for JWS, JWE, JWK, and JWT standards. FIPS 140-3 support is available for CJOSE with wolfCrypt FIPS, tested for use with CJOSE environments. wolfCrypt FIPS provides a lightweight cryptographic module for security focused deployments. This helps organizations secure authentication, token signing, […]
Read MoreMore TagLMS versus XMSS versus SLH-DSA for Secure Boot
Here at wolfSSL we always stay on top of our customer’s requirements. By now you’ve heard us talk about the NSA’s (National Security Agency) CNSA 2.0 (Commercial National Security Algorithm Suite 2.0) ad nauseum. Well, let’s focus in on it again and zero in on that first line: It states that for Software and Firmware […]
Read MoreMore TagwolfCrypt Performance on the Altera Agilex 5
The Agilex Family and Agilex 5 The Altera Agilex portfolio represents a family of modern SoC FPGAs designed to address the scaling and power efficiency requirements of edge, data center, and communication infrastructures. Built on advanced process technologies, the family unifies programmable logic with hardened processor subsystems, high-bandwidth memory interfaces, and specialized digital signal processing […]
Read MoreMore Tag
