Most people know that wolfSSL supports being a PKCS11 consumer. It is easy to enable this with the –enable-pkcs11 configure time flag and then trying out the examples. Now, what most people don’t realize is that we also have the ability to be a PKCS11 provider!! This is via our library called wolfPKCS11. Check out […]
Read MoreMore TagCategory: wolfSSL/ wolfCrypt
wolfSSL 5.7.4 Release
wolfSSL release 5.7.4 is now available, with exciting optimizations for ARM devices and enhancements to post-quantum cryptography algorithms. If you’re using wolfSSL on RISC-V, we’ve also included new performance enhancements specifically for RISC-V devices. Alongside these optimizations and new features, several important fixes were made. One notable fix involves the behavior of X509_STORE_add_cert() and X509_STORE_load_locations() […]
Read MoreMore TagwolfSSL wolfCrypt CSharp wrapper
wolfSSL is excited to announce additional support for wolfCrypt API’s in our CSharp (C#) wrapper. Our CSharp wrapper now includes wolfCrypt support for ECC (ECDSA/ECDHE), ECIES, RSA, ED25519/Curve25519, AES-GCM, and HASH cryptographic algorithms. The supported HASH algorithms are MD2, MD4, MD5, SHA, SHA-224, SHA-256, SHA-384, SHA-512, SHA-MD5, SHA3-224, SHA3-256, SHA3-384, SHA3-512, BLAKE2B, and BLAKE2S. In […]
Read MoreMore TagEnhance Embedded System Security with ADI MAXQ1065 and wolfSSL
wolfSSL’s trusted partner, Analog Devices, Inc. (ADI), recently announced that integrating the MAXQ1065 with wolfSSL can significantly enhance security for IoT and embedded systems. Explore the ADI Engineer Zone blog post, Securing IoT and Embedded Systems: Integrate MAXQ1065 with wolfSSL, to discover wolfSSL’s competitive advantages and how this integration improves IoT security solutions and embedded […]
Read MoreMore TagDeprecation and Removal of TLS 1.0 / 1.1 Support from wolfSSL
As part of our quality control and review process, wolfSSL is planning removal of obsolete and deprecated TLS protocol support from our mainline TLS library. TLS 1.0 and 1.1 were introduced in 1999 and 2006 respectively, and both versions were formally deprecated by RFC 8996 in 2021. As noted in the deprecation RFC, TLS 1.0 […]
Read MoreMore TagIntroducing rustls-wolfcrypt-provider: wolfCrypt for Rustls
rustls-wolfcrypt-provider integrates the wolfCrypt cryptographic library as a backend for Rustls, allowing developers to use wolfCrypt’s secure cryptographic functions with Rustls’ modern TLS stack. Currently in alpha, this library offers flexibility for those needing an alternative crypto provider, especially for projects requiring FIPS 140-3 readiness. Other reasons to consider wolfCrypt as your Rustls provider include […]
Read MoreMore TagStrengthening RSA default minimum to 2048 bits
wolfSSL helps make the internet secure. Part of this task is continually updating our default settings to keep up with adversarial advancements. A recent article detailed the use of default RSA key sizes by an IoT manufacturer, which resulted in a 512 bit key being used for authentication. “The factoring required $70 in cloud computing […]
Read MoreMore TagExpressVPN’s Benchmark Results with wolfSSL
wolfSSL’s trusted partner, ExpressVPN, recently announced impressive cryptographic benchmark results comparing unaccelerated and hardware-accelerated performance with wolfSSL. Check out ExpressVPN’s benchmarks and download Lightway Core, ExpressVPN’s modern VPN protocol, on GitHub. If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247. Download wolfSSL Now
Read MoreMore TagAzure Removing TLS 1.0 & TLS 1.1
Are you prepared for the upcoming security enhancements in Azure, which will remove support for TLS 1.0 and TLS 1.1? By the end of October, Azure will no longer accept connections using TLS 1.0 and TLS 1.1 (Azure announcement). This is great news! The older TLS protocols are less secure compared to the newer TLS […]
Read MoreMore TagFIPS 140-3 and CNSA 2.0 with a Single TLS Connection
Can you believe it? With wolfSSL you can now have a TLS 1.3 connection that is compliant with both FIPS 140-3 and the CNSA 2.0! Want to know how? For key establishment, we can use the new ML-KEM-1024 (also known as Kyber-1024 which is at security level 5 as defined by NIST) hybridized with ECDH […]
Read MoreMore Tag