We’re thrilled to announce a new feature in wolfSSL 5.8.0: the ability to offload Extended Master Secret (EMS) generation to hardware, introduced in Pull Request #8303. Integrated into `–enable-pkcallbacks –enable-extended-master` builds, this enhancement empowers developers to leverage Trusted Execution Environments (TEEs) or custom hardware for EMS generation, boosting security and performance in TLS sessions. This […]
Read MoreMore TagCategory: Uncategorized
Live Webinar: Latest FIPS 140-3 developments at wolfSSL
Join us for an exclusive look into the Latest FIPS 140-3 Developments at wolfSSL, presented by Kaleb Himes, Senior Software Engineer at wolfSSL. This live webinar is scheduled for June 4th at 9 AM PT. Discover cutting-edge advancements in FIPS 140-3 compliance, Post-Quantum cryptography, and optimized solutions for Level 2 and Level 3 validation. Register […]
Read MoreMore TagExpired Test Certificate: baltimore-cybertrust-root.pem and make check Failures
On May 12th, 2025, the test certificate baltimore-cybertrust-root.pem expired. This may cause issues with the test cases run during make check with wolfSSL builds that do not use the OpenSSL compatibility layer and have a filesystem enabled. One of the unit tests attempts to load all Certificate Authorities (CAs) from the certs/external directory, which previously […]
Read MoreMore TagFirefox Gets FIPS 140-3 Power: wolfPKCS11 Unleashes wolfCrypt in NSS!
wolfSSL is thrilled to announce a significant milestone in browser security: the successful integration of wolfPKCS11 to provide FIPS 140-3 validated cryptography for the Mozilla Firefox browser. This is achieved by enabling wolfPKCS11 to serve as the backend cryptographic provider for Firefox’s Network Security Services (NSS) layer. This development represents a major step forward, bringing […]
Read MoreMore TagIronVelo Chooses wolfSSL for Secure Identity Solutions
In the realm of identity management, security is paramount. IronVelo, a company dedicated to building robust and reliable identity provider solutions, understands this critical need. To meet their stringent security requirements, IronVelo has partnered with wolfSSL, leveraging the power and reliability of the wolfCrypt cryptographic library. This collaboration highlights IronVelo’s commitment to security best practices […]
Read MoreMore TagwolfSSL Enhances PKCS7 Streaming Support with Indefinite Length Handling
wolfSSL has extended its PKCS7 capabilities to better handle indefinite length encodings, particularly in streaming scenarios. While basic support for indefinite length verification existed, recent updates have refined the wc_PKCS7_VerifySignedData() API to process multipart and indefinite length content more efficiently in a streaming manner.(wolfSSL) Key Enhancements Streaming Verification: The wc_PKCS7_VerifySignedData() function now supports verifying PKCS7 […]
Read MoreMore TagLive Webinar: Achieving Avionics Security with DO-178C-Certified Cryptography
If you’re developing avionics software or working on embedded systems for aerospace, DO-178C certification isn’t optional. It’s essential for safety, compliance, and market acceptance. Join us on May 28th at 9 AM PT for a live webinar, “Achieving Avionics Security with DO-178C-Certified Cryptography,” presented by wolfSSL Software Engineer Tesfa Mael. Register Now: Achieving Avionics Security […]
Read MoreMore TagwolfSSL 5.8.0: Easier NXP SE050 Development with Automatic Key Deletion
The NXP EdgeLock SE050 is a popular secure element providing a strong root of trust for IoT devices, known for its “Plug & Trust” simplicity. wolfSSL has consistently supported the SE050, enabling robust hardware-based security for TLS, cloud onboarding, and data protection. However, managing cryptographic keys on secure elements during development can often be a […]
Read MoreMore TagEnhancing wolfSSL’s CMake Build System: Adding WOLFSSL_CLU Support
The wolfSSL team recently merged a significant improvement to their CMake build system with Pull Request #8548. This enhancement adds a new WOLFSSL_CLU option to CMakeLists.txt, providing CMake users with the same functionality that was previously only available through the –enable-wolfclu option in the autotools build system. What is wolfCLU? Before diving into the technical […]
Read MoreMore TagUsing secp256k1 with wolfSSL: A Step-by-Step Guide
Elliptic curve cryptography (ECC) is increasingly popular in secure communications, and secp256k1—famous for its use in Bitcoin and Blockchains—is a widely used curve. This blog post will walk you through building wolfSSL with support for secp256k1, generating an ECC certificate using that curve, and using it in a TLS connection with wolfSSL’s example client and […]
Read MoreMore Tag