Category: wolfSSL/ wolfCrypt

wolfSSL 5.8.4 (PR#9309) has expanded the crypto callback api to include support for copy and free operations. This addition addresses a lifecycle management challenge for developers integrating hardware security modules (HSM) or hardware accelerators. Download wolfSSL → The Capability Previously, wolfSSL’s default behavior for duplicating a hash context was a standard memory copy. While efficient […]

Read MoreMore Tag

Rust is a modern programming language known for its focus on memory safety and performance, making it a powerful choice for systems programming, including security-sensitive applications. To bridge the gap between Rust’s strong guarantees and the mature, high-performance cryptography provided by the wolfSSL library, we have developed and are continuing to improve a comprehensive set […]

Read MoreMore Tag

wolfSSL is excited to announce that wolfSSL version 5.8.4 now supports Renesas Flexible Software Package (FSP) v6.1.0 for the RA6M3 and RA6M4 microcontroller platforms. Download wolfSSL → The Renesas RA6M3 and RA6M4 MCUs feature high-performance Arm Cortex cores with TrustZone technology and utilize the Flexible Software Package built on FreeRTOS. The open FSP ecosystem is […]

Read MoreMore Tag

We’re pleased to announce improvements to wolfSSL’s Windows CE support through PR #8709, which addresses critical compatibility issues when building with Visual Studio 2008 for Windows CE 6.0 and 7.0 platforms. Download wolfSSL → Background Windows CE (Windows Embedded Compact) remains an important platform for many embedded and industrial applications, particularly in legacy systems requiring […]

Read MoreMore Tag

Affected Users: Users of wolfSSL builds that use the C implementation of Curve25519 for private key operations. This does not affect builds using assembly-optimized implementations (ARM or Intel), the small footprint Curve25519 build, or hardware offload implementations. Summary: A potential side-channel vulnerability was identified in the C implementation of Curve25519 private key operations in wolfSSL. […]

Read MoreMore Tag

wolfSSL 5.8.2 has enhanced the wc_PKCS12_create() function to support modern AES encryption algorithms for PKCS#12 files. This update enables stronger security for protecting private keys and certificates. What Changed PKCS#12 files are commonly used to store cryptographic objects like private keys, certificates, and certificate chains. wolfSSL 5.8.2 supports modern AES encryptions for PKCS#12 instead of […]

Read MoreMore Tag

Affected Users: Applications using wolfSSL’s OpenSSL compatibility layer before wolfSSL version 5.8.2 that call both RAND_bytes() and fork() operations. This does not affect internal TLS operations or applications that do not explicitly use RAND_bytes(). Summary: A vulnerability was discovered in wolfSSL’s OpenSSL compatibility layer where the RAND_poll() function was not behaving as expected, leading to […]

Read MoreMore Tag

Affected Users: Users performing ECC or Ed25519 signature verification operations on devices that may be susceptible to fault injection attacks, particularly in security-critical applications such as secure boot implementations. Summary: A potential vulnerability to fault injection attacks was identified in wolfSSL’s ECC and Ed25519 signature verification operations. Fault injection is a sophisticated physical attack technique […]

Read MoreMore Tag

Affected Users: Anyone using wolfSSL on Apple platforms with versions after 5.6.4 and before 5.8.0, specifically when built with WOLFSSL_SYS_CA_CERTS and WOLFSSL_APPLE_NATIVE_CERT_VALIDATION enabled (default for non-macOS Apple targets when using autotools or CMake). Summary: When using system CA certificates and Apple native certificate validation on Apple platforms, the native trust store verification routine incorrectly overrides […]

Read MoreMore Tag