We are thrilled to announce a significant enhancement to the wolfSSL repository: the addition of Rust wrappers for wolfCrypt! This integration, available now in our official wolfSSL GitHub repository, allows developers to leverage the robust cryptographic primitives of wolfCrypt directly within their Rust applications, benefiting from Rust’s safety, performance, and modern language features. Why Rust […]
Read MoreMore TagCategory: wolfSSL/ wolfCrypt
Updated Xilinx/AMD Versal Benchmarks
There are three build options for crypto operations when using wolfSSL on Xilinx/AMD Ultrascale+ devices. The lightweight wolfSSL library can use a software only implementation, make use of the ARMv8 crypto extensions along with custom ARM assembly, or offload the operation to the CSU. Each has its trade offs. Recently wolfSSL has made improvements to […]
Read MoreMore TagNew Keystores and Secure Elements Added to wolfSSL (5.8.2)
wolfSSL continues to expand its hardware security ecosystem with significant new additions over the past year. Here are the latest keystores and secure elements now supported by our cryptographic library: New Secure Element Support TROPIC01 Secure Element wolfSSL now includes dedicated crypto callback functions for the TROPIC01 secure element, providing seamless hardware-backed cryptographic operations for […]
Read MoreMore TagEvery hardware cryptography scheme wolfSSL has ever enabled
At wolfSSL we support hardware cryptography for a wide range of platforms. The benefits of hardware cryptography include reduced code footprint size, improved security, acceleration of cryptographic operations, and utilization of . For example, this allows everything from wolfBoot to TLS cipher suites to enjoy acceleration of cryptographic operations. Furthermore, we have deep partnerships with […]
Read MoreMore TagHow to use the wolfSSL staticmemory feature
wolfSSL is an embedded cryptographic library that includes a TLS/DTLS implementation. For resource-constrained devices or safety-critical applications, dynamic memory allocation via malloc and free system calls may be unavailable. To address these scenarios, wolfSSL offers the –enable-staticmemory feature. This feature provides a robust and straightforward allocation mechanism as an alternative. It utilizes a pre-allocated buffer, […]
Read MoreMore TagThe Radio Equipment Directive (RED) and Evolving Cybersecurity Requirements
The Radio Equipment Directive (RED) 2014/53/EU establishes the regulatory framework for placing radio equipment on the European market. Its goal is to create a unified market while ensuring essential requirements for safety, electromagnetic compatibility, efficient use of the radio spectrum, and more recently cybersecurity and data protection. To strengthen protections, the European Commission activated Articles […]
Read MoreMore TagSupport for STM32U5 DHUK
In wolfCrypt and wolfPKCS11 we added support for using a Derived Hardware Unique Key (DHUK) for AES with the STM32U5. This feature enables use of a device unique AES key (up to 256-bit) available for encryption/decryption. The key cannot be read from the hardware, which makes it great to wrap other symmetric keys for storage […]
Read MoreMore TagNew CMS/PKCS#7 decode APIs for SymmetricKeyPackage, OneSymmetricKey, and EncryptedKeyPackage
Recent commits to wolfSSL have enabled support to decode new CMS/PKCS#7 message types. The CMS message type EncryptedKeyPackage (defined in RFC 6032) can be decoded with the new API wc_PKCS7_DecodeEncryptedKeyPackage(). The CMS message types SymmetricKeyPackage and OneSymmetricKey (defined in RFC 6031) can be decoded with the new APIs wc_PKCS7_DecodeSymmetricKeyPackageAttribute(), wc_PKCS7_DecodeSymmetricKeyPackageKey(), wc_PKCS7_DecodeOneSymmetricKeyAttribute(), and wc_PKCS7_DecodeOneSymmetricKeyKey(). If you […]
Read MoreMore TagRelaxing CMS/PKCS#7 decode support requirements
Previous wolfSSL versions required X.963 KDF support and AES keywrap functionality to be enabled in order to build CMS/PKCS#7 decode support. Recent changes to wolfSSL have allowed CMS/PKCS#7 decode support to be built without either of these requirements. Previously, if the user desired to have the HAVE_PKCS7 build option defined, then the HAVE_X963_KDF and HAVE_AES_KEYWRAP […]
Read MoreMore TagwolfCrypt MISRA improvements
Some recent pull requests have been merged to the wolfssl repository to allow wolfcrypt to avoid MISRA warnings for certain MISRA 2023 rules. For example, MISRA rule 3.1 disallows nested comment leaders (e.g. a “//” sequence within a “/* … */” comment block). These have been removed. Also, MISRA rule 8.2 requires function prototypes to […]
Read MoreMore Tag