wolfSSL has extended its PKCS7 capabilities to better handle indefinite length encodings, particularly in streaming scenarios. While basic support for indefinite length verification existed, recent updates have refined the wc_PKCS7_VerifySignedData() API to process multipart and indefinite length content more efficiently in a streaming manner.(wolfSSL) Key Enhancements Streaming Verification: The wc_PKCS7_VerifySignedData() function now supports verifying PKCS7 […]
Read MoreMore TagCategory: wolfSSL/ wolfCrypt
wolfSSL 5.8.0: Easier NXP SE050 Development with Automatic Key Deletion
The NXP EdgeLock SE050 is a popular secure element providing a strong root of trust for IoT devices, known for its “Plug & Trust” simplicity. wolfSSL has consistently supported the SE050, enabling robust hardware-based security for TLS, cloud onboarding, and data protection. However, managing cryptographic keys on secure elements during development can often be a […]
Read MoreMore TagUsing secp256k1 with wolfSSL: A Step-by-Step Guide
Elliptic curve cryptography (ECC) is increasingly popular in secure communications, and secp256k1—famous for its use in Bitcoin and Blockchains—is a widely used curve. This blog post will walk you through building wolfSSL with support for secp256k1, generating an ECC certificate using that curve, and using it in a TLS connection with wolfSSL’s example client and […]
Read MoreMore TagAnnouncing mcwolf: Classic McEliece Support with wolfSSL
We are excited to announce the creation of mcwolf, a new project that brings a Classic McEliece post-quantum cryptographic algorithm implementation and integration to wolfSSL. We would like to thank Daniel J. Bernstein for the integration work that went into mcwolf. The mcwolf project is a series of scripts and patches against wolfSSL that adds […]
Read MoreMore TagAnnouncing STM32WBA Support in wolfSSL
We’re excited to announce that wolfSSL now officially supports the STM32WBA series of microcontrollers from STMicroelectronics! This addition broadens our commitment to providing lightweight, robust, and high-performance SSL/TLS solutions across a wide range of embedded platforms. What is the STM32WBA Series? The STM32WBA series is a family of ultra-low-power wireless microcontrollers designed to bring advanced […]
Read MoreMore TagwolfSSL’s µITRON support and HSM integration
We have received many inquiries about wolfSSL’s µITRON support for years. The fact that µITRON is used so widely by wolfSSL customers is unique to Japan, but wolfSSL supports µITRON in all wolfSSL products to meet the needs of Japanese customers. ITRON is an RTOS specification definition, so it is available in many commercial versions, […]
Read MoreMore TagPost-Quantum Benchmark Comparison: ML-KEM wolfSSL 5.8.0 vs. OpenSSL 3.5
Recently, both OpenSSL 3.5 and wolfSSL 5.8.0 have been released. We thought we’d run some benchmarks on an x86_64 Linux PC. Note: output has been edited for brevity and clarity. OpenSSL Configuration and build: $ ./Configure $ make all Benchmarking Output: 47317 ML-KEM-512 KEM keygen ops in 0.99s 72114 ML-KEM-512 KEM encaps ops in 1.00s […]
Read MoreMore TagHybrid Post-Quantum Key Exchange in wolfSSL 5.8.0
Release 5.8.0 of our wolfSSL library implements hybrid key exchange algorithms that combine conventional elliptic curve cryptography with post-quantum key encapsulation mechanisms (KEMs). New Hybrid Groups: Combining elliptic curves (SECP256/384/521, X25519, X448) with ML-KEM. This provides compatibility with Chromium and other organizations that are together with wolfSSL leading the way in post-quantum migration. Some of […]
Read MoreMore TagwolfSSL visits Radiona in Zagreb
We at wolfSSL would like to thank Goran Mahovlic and the entire Radiona team for inviting us to their headquarters in Zagreb, Croatia! We enjoyed the opportunity to present information on one of our flagship products, wolfBoot, during the recent OpenHardware Meet-up. The hospitality was outstanding and greatly appreciated! Radiona is home to the awesome […]
Read MoreMore TagTest Certificates in Production: KeyPlug’s WolfSSL Misconfiguration Leads to Infrastructure Exposure
Summary A critical security incident exposed KeyPlug malware infrastructure due to the improper use of wolfSSL test certificates in production. The 24-hour exposure revealed sophisticated attack tools linked to the RedGolf/APT41 threat group, demonstrating how poor certificate management can compromise even advanced threat actors’ operations. The Certificate Failure The compromised server was identified through its […]
Read MoreMore Tag