OpenZFS OpenZFS is a powerful combined filesystem and volume manager, that implements the well-known ZFS filesystem, which supports compressed and encrypted volumes. ZFS was originally developed by Sun Microsystems for Solaris Unix, and the source code was released in 2005 under the OpenSolaris project. Later, in 2013 the OpenZFS project took over open source management […]
Read MoreMore TagCategory: wolfSSL/ wolfCrypt
DTLS 1.3 in the Linux Kernel: Is There Demand?
We’re building a kernel-native DTLS 1.3 stack — the full wolfSSL handshake and record layer running entirely in Linux kernel context, with no userspace daemon. Before we commit to productizing it, we want to know who needs it. If you encrypt UDP traffic from inside the kernel today, you bounce every packet out to userspace […]
Read MoreMore TagHW Crypto Support for the NXP LPC55S69
wolfSSL announces wolfBoot / wolfCrypt support for hardware crypto acceleration in the NXP LPC55S69, available now in the following PR’s: wolfBoot: #757, #773 wolfSSL (wolfCrypt): #10278 This includes TRNG, SHA1, SHA-256, AES-CBC, AES-ECB, AES-OFB, AES-CFB, and AES-CTR. AES supports key sizes of 128, 192, and 256. About the NXP LPC55S69 The LPC55S69 is a general-purpose […]
Read MoreMore TagOTA Demonstrator with wolfBoot, wolfTPM and wolfMQTT
Our new demonstrator is available on GitHub. This demonstrator showcases a secure over-the-air (OTA) firmware update workflow using wolfSSL components and a software TPM. It integrates: wolfBoot for secure boot loader wolfTPM for root of trust wolfMQTT for update delivery wolfSSL / wolfCrypt for secure communication and verification The demo runs on Linux and can […]
Read MoreMore TagNew wolfSSL Crypto Callback Utilities: Set Key and Export Key
wolfSSL’s crypto callback framework lets you offload cryptographic operations to hardware. PR #9851 extends this framework with two new callback utilities, Set Key and Export Key, which provide a standardized way to move key material between wolfSSL and your hardware across AES, HMAC, RSA, and ECC. How It Works When a key is bound to […]
Read MoreMore TagAdding SHE (Secure Hardware Extension) Support to wolfSSL
wolfSSL now includes support for the Secure Hardware Extension (SHE) key management standard (see PR #10009). This new wolfCrypt module provides software-based generation and verification of SHE key update messages (M1–M5), with built-in support for hardware offload via crypto callbacks. What is SHE? The SHE specification was developed by the Hersteller Initiative Software (HIS) consortium […]
Read MoreMore TagCHERIoT Support Coming to wolfSSL
We are excited to announce that we will be working on CHERIoT support for wolfSSL! CHERIoT (Capability Hardware Extension to RISC-V for IoT) is a hardware-software platform that brings capability-based memory protection to small embedded devices. It enforces memory safety at the hardware level, catching entire classes of vulnerabilities like buffer overflows and use-after-free automatically. […]
Read MoreMore TagDifference between TLS Session ID and Tickets
TLS session resumption reuses previously negotiated keying material to shorten handshakes and reduce CPU and network overhead. Resumption saves latency and power on constrained devices by avoiding a full handshake when a safe cached session is available.—–Understanding Session IDs and Tickets Session IDs are a server-issued identifier used by TLS ≤ 1.2 where the server […]
Read MoreMore TagCaliptra: Your Silicon’s Security Chaperone
As a member of the wolfSSL team, each day is a new opportunity to learn. This time, we delve into Caliptra and our plans for it in the near future. Architecture and Purpose Caliptra isn’t just a piece of software or hardware, it is a specification for software combined with hardware as its own module, […]
Read MoreMore TagwolfSSL as a Cryptographic Service Provider for VPP
The engineering team at wolfSSL is working on integrating wolfCrypt as a cryptographic service provider for FD.io’s Vector Packet Processing framework. This will give VPP deployments access to FIPS 140-3 validated cryptography, hardware acceleration support, and wolfSSL’s battle-tested implementations directly within the high-performance data plane. This work targets network packet workloads demanding both regulatory compliance […]
Read MoreMore Tag
