Here at wolfSSL, the best defense has always been a proactive one. That principle is why we built Fenrir, our AI-powered codebase scanner, and why we’re talking about it today. If We Don’t, They Will The security landscape has changed. Attackers are already using large language models to analyze codebases, find vulnerabilities, and develop exploits […]
Read MoreMore TagCategory: Uncategorized
Rust finally has a path to FIPS-certifiable crypto
Rust’s crypto ecosystem is good. `ring` is fast and well-tested. RustCrypto covers almost everything. rustls has replaced OpenSSL in a lot of stacks. None of it is FIPS 140-3 certifiable. If you’re shipping to the US federal, healthcare, finance, or defense, that matters. You can write excellent Rust and still get blocked at the compliance […]
Read MoreMore TagwolfBoot Support for the NXP LPC55S69
wolfSSL announces wolfBoot support for the NXP LPC55S69, available now in PR #713. With Secure Boot, TrustZone-M, and an industry-standard cryptographic API, your non-secure application can be rapidly developed for a secure world. About the NXP LPC55S69 The LPC55S69 is a general purpose edge computing device, with dual ARM Cortex-M33 cores running up to 150 […]
Read MoreMore TagwolfIP TCP/IP Stack on the STM32N6
wolfSSL is announcing wolfIP support for the STM32N6 series, starting with the NUCLEO-N657X0-Q development board (STM32N657X0H). The STM32N6 is ST’s first Cortex-M55 microcontroller, designed for high-performance edge AI workloads with a dedicated Neural Processing Unit (NPU). wolfIP provides a full TCP/IP stack with ping, TCP echo, and ARP on this new platform. About the STM32N6 […]
Read MoreMore TagMeeting FBI CJIS Security Policy v6 with wolfGuard
The FBI’s Criminal Justice Information Services (CJIS) Security Policy v6 has sent a clear message to law enforcement and public safety agencies: the window for legacy cryptography is closing. Specifically, Control SC-13 mandates that all Criminal Justice Information (CJI) in-transit outside of physically secure locations must be protected by FIPS 140-3 validated cryptographic modules. With […]
Read MoreMore TagCaliptra Part 2: wolfCaliptra…Seriously?
Actually, no. We are not going to add another entry into our product portfolio called wolfCaliptra. There are already so many! Caliptra defines a module that includes specifications for hardware and software. To be honest, wolfSSL is a software organization, so something that would be called wolfCaliptra would fall outside the scope of what we […]
Read MoreMore TagwolfBoot Port for NXP T2080 QorIQ for Avionics
wolfSSL is pleased to announce wolfBoot support for the NXP QorIQ T2080, a quad-core Power Architecture e6500 processor used in aerospace, defense, and industrial control. wolfBoot is a compact, portable secure bootloader that replaces U-Boot with cryptographic firmware verification and optional Post-Quantum Cryptography (PQC) – pure PQC or hybrid classical/PQC. It compiles to under 32 […]
Read MoreMore TagDifference between TLS Session ID and Tickets
TLS session resumption reuses previously negotiated keying material to shorten handshakes and reduce CPU and network overhead. Resumption saves latency and power on constrained devices by avoiding a full handshake when a safe cached session is available.—–Understanding Session IDs and Tickets Session IDs are a server-issued identifier used by TLS ≤ 1.2 where the server […]
Read MoreMore TagHow to Leverage FIPS to Meet Common Criteria Requirements
Does your project require meeting Common Criteria standards? Using wolfSSL’s FIPS-validated module (or FIPS-ready which is tailored towards FIPS requirements) helps a lot with meeting CC (Common Criteria) because it gives strong, reusable evidence for the crypto portion through independent validation of crypto algorithms and validation evidence with ACVP workflows. Having the ACVP tests and […]
Read MoreMore TagStopping Ransomware at the Device Level
Ransomware now targets medical devices, not just IT systems. Once malicious code runs on a device, it can disrupt patient care. The best defense is preventing execution. wolfSSL blocks ransomware before it runs: wolfBoot – Prevents unauthorized firmware from executing at startup wolfCrypt – Encrypts storage and secures firmware updates to prevent tampering wolfSentry – […]
Read MoreMore Tag