Category: Uncategorized

The wolfSSL ecosystem consists of several software modules and components, each with specific goals and purposes. We make sure all our software products are engineered using the quality standards required by our process. Each step in the software lifetime is regulated by strict rules and testing criteria (including stringent fuzz based testing) that ensure the […]

Read MoreMore Tag

wolfSSL embedded SSL/TLS support the latest Microchip ATECC508 and ATECC608 I2C cryptographic coprocessors. Prerequisites: Requires the Microchip CryptoAuthLib (https://github.com/MicrochipTech/cryptoauthlib.git) Examples: wolfSSL uses PK (Public Key) callbacks for the TLS crypto operations wolfCrypt uses the WOLFSSL_ATECC508A or WOLFSSL_ATECC608A macros to enable native `wc_ecc_*` API support The README.md and reference PK callbacks can be found here: https://github.com/wolfSSL/wolfssl/tree/master/wolfcrypt/src/port/atmel […]

Read MoreMore Tag

Do you need a FIPS 140-2 validated cryptography library for your ARM-based platform? wolfCrypt has been FIPS 140-2 validated (certificate #3389) on several different operating environments to date, some of which have been on resource-constrained ARM-based devices. FIPS validating a crypto library on a resource-constrained device can be more involved than doing a validation on a standard desktop-like platform. […]

Read MoreMore Tag

Thanks to the portability of our wolfCrypt library, plus our team of expert engineers, wolfSSL is frequently adding new ports. Keep an eye out as we continue showcasing a few of the latest open source project ports over the next few weeks! We have recently integrated wolfSSL with the socat tool for Linux. This port […]

Read MoreMore Tag

The wolfSSL library is now safe against the “Harvest Now, Decrypt Later” post-quantum threat model with the addition of our new TLS 1.3 post-quantum groups. But where does that leave wolfSSH? It is still only using RSA and elliptic curve key exchange algorithms which are vulnerable to the threat model mentioned above. If you have […]

Read MoreMore Tag

wolfSSL Linux kernel module support has grown by leaps and bounds, with new support for public key (PK) cryptographic acceleration, FIPS 140-3, accelerated crypto in IRQ handlers, portability improvements, and overall feature completeness. The module provides the entire libwolfssl API natively to other kernel modules, allowing fully kernel-resident TLS/DTLS endpoints with in-kernel handshaking.  Configuration and […]

Read MoreMore Tag

It came to our attention that OpenSSL just published two new vulnerabilities. CVE-2021-3711 – “SM2 decryption buffer overflow” (nakedsecurity) CVE-202103712 – “Read buffer overruns processing ASN.1 strings.” (nakedsecurity) These were specific OpenSSL issues and do not affect wolfSSL. For a list of CVEs that apply to wolfSSL please watch the security page on our website […]

Read MoreMore Tag

A quick followup to the post “wolfSSLs’ Proprietary ACVP client”. wolfSSL Inc. is proud to announce a recent addition to the wolfCrypt FIPS cert 3389! CMSIS-RTOS2 v2.1.3 running on a Silicon Labs EFM32G (Giant Gecko) chipset with wolfCrypt v4.6.1 Testing and standup for the EFM32 Giant Gecko was done collaboratively between wolfSSL Inc. and one […]

Read MoreMore Tag

Recently, a lot of post-quantum activity has been happening here at WolfSSL. First, we’ve simplified and unified our naming conventions for the variants of the post-quantum algorithms. We now refer to each variant by the algorithm submitter’s claimed NIST level. For example, what used to be referred to as  LIGHTSABER is now known as SABER_LEVEL1 […]

Read MoreMore Tag

Adding security to a connection comes at a cost. It takes a little time to perform the crypto operations and some memory gets used during the operations. Not all TLS implementations are equal … how much memory and how much time is lost depends on what TLS library is being used. Recently OpenSSL came out […]

Read MoreMore Tag