wolfSSL in the kernel The last year has been quite active for wolfSSL in kernel space. To give a quick recap, we’ve added support to register wolfCrypt algs in the Linux kernel crypto API (making them available for filesystem encryption, IPsec, etc) wrote patches for Linux /dev/random, giving it FIPS-compliant wolfCrypt implementations introduced wolfGuard, a […]
Read MoreMore TagCategory: wolfSSL/ wolfCrypt
wolfCrypt Now Supported in ST’s STSAFE SDK (STSELib)
The STMicroelectronics STSELib now includes built-in wolfCrypt support for the STSAFE-A120 secure element. Download wolfSSL ? What is the STSAFE-A120? The STSAFE-A120 is ST’s latest secure element running on a CC EAL5+ certified platform. Key features include: Authentication with X.509 certificates (Qi 2.0, Matter compatible) TLS 1.2/1.3 handshake support ECC curves: NIST P-256/P-384/P-521, Brainpool, Ed25519, […]
Read MoreMore TagLess is More: Community Contributions That Make wolfSSL Stronger
At wolfSSL, we continuously work to keep our TLS and cryptography engine fast, portable, secure, and lightweight. Most improvements come in the form of new features, optimizations, or platform ports. But sometimes the most valuable contributions are the ones that simplify the code rather than expand it. A recent community contribution highlighted exactly this. Pull […]
Read MoreMore TagNew Feature: Copy and Free Callbacks for Hardware Acceleration
wolfSSL 5.8.4 (PR#9309) has expanded the crypto callback api to include support for copy and free operations. This addition addresses a lifecycle management challenge for developers integrating hardware security modules (HSM) or hardware accelerators. Download wolfSSL → The Capability Previously, wolfSSL’s default behavior for duplicating a hash context was a standard memory copy. While efficient […]
Read MoreMore TagExpanded Rust API for wolfSSL
Rust is a modern programming language known for its focus on memory safety and performance, making it a powerful choice for systems programming, including security-sensitive applications. To bridge the gap between Rust’s strong guarantees and the mature, high-performance cryptography provided by the wolfSSL library, we have developed and are continuing to improve a comprehensive set […]
Read MoreMore TagML-KEM and ML-DSA Improvements in wolfSSL 5.8.4
Version 5.8.4 improves wolfSSL’s implementation of ML-KEM (formerly Kyber) and ML-DSA (formerly Dilithium) post-quantum algorithms. Download wolfSSL → Bug Fixes The ML-KEM derive secret operation was corrected to properly compute shared secrets; there was a miscalculation of an offset in a buffer. An out-of-bounds read was fixed in the ML-KEM/Kyber 5-bit value decomposition code, where […]
Read MoreMore TagwolfSSL Now Supports Renesas FSP v6.1.0 on RA6 Platforms
wolfSSL is excited to announce that wolfSSL version 5.8.4 now supports Renesas Flexible Software Package (FSP) v6.1.0 for the RA6M3 and RA6M4 microcontroller platforms. Download wolfSSL → The Renesas RA6M3 and RA6M4 MCUs feature high-performance Arm Cortex cores with TrustZone technology and utilize the Flexible Software Package built on FreeRTOS. The open FSP ecosystem is […]
Read MoreMore TagEnhanced Windows CE Support in wolfSSL
We’re pleased to announce improvements to wolfSSL’s Windows CE support through PR #8709, which addresses critical compatibility issues when building with Visual Studio 2008 for Windows CE 6.0 and 7.0 platforms. Download wolfSSL → Background Windows CE (Windows Embedded Compact) remains an important platform for many embedded and industrial applications, particularly in legacy systems requiring […]
Read MoreMore TagVulnerability Disclosure: wolfSSL CVE-2025-7396
Affected Users: Users of wolfSSL builds that use the C implementation of Curve25519 for private key operations. This does not affect builds using assembly-optimized implementations (ARM or Intel), the small footprint Curve25519 build, or hardware offload implementations. Summary: A potential side-channel vulnerability was identified in the C implementation of Curve25519 private key operations in wolfSSL. […]
Read MoreMore TagPKCS#12 Support Enhancement: AES Encryption for Keys and Certificates
wolfSSL 5.8.2 has enhanced the wc_PKCS12_create() function to support modern AES encryption algorithms for PKCS#12 files. This update enables stronger security for protecting private keys and certificates. What Changed PKCS#12 files are commonly used to store cryptographic objects like private keys, certificates, and certificate chains. wolfSSL 5.8.2 supports modern AES encryptions for PKCS#12 instead of […]
Read MoreMore Tag