- FIPS 140-3 Kernel Crypto: libwolfssl.ko delivers a FIPS 140-3 compliant cryptographic stack for the Linux kernel, using the same validated wolfCrypt implementations as the user-space library.
- wolfGuard: WolfGuard is a FIPS 140-3 implementation of WireGuard which replaces WireGuard’s non-FIPS algorithms with wolfCrypt’s FIPS based AES-GCM, ECDH, SHA-256 HMAC, and HASH-DRBG. WolfGuard-Go is the Go implementation of WireGuard-Go that enables FIPS 140-3 encryption outside of Kernel for Windows and macOS consumers that need FIPS 140-3.
- Transparent System-Wide Integration: When configured to register with the Linux Kernel Crypto API (KCAPI), wolfCrypt’s FIPS-validated algorithms are automatically used by new kernel cryptographic operations, including disk encryption, VPN, and all other security services.
- FIPS-Compliant Entropy and DRBG: The module replaces native kernel entropy mechanisms, transforming /dev/random, /dev/urandom, and getrandom() into NIST SP 800-90B compliant DRBG sources.
- Built-In FIPS Security Features: Includes mandatory self-tests, integrity verification, private key access controls, continual DRBG health checks, on-demand self-checks at runtime, and extensive automated kernel and interoperability testing.
If you have questions about any of the above, please contact us at facts@wolfssl.com or call us at +1 425 245 8247.
Download wolfSSL Now