wolfEntropy is a jitter based source of entropy provided by wolfSSL. Evaluating entropy sources is a critical step when building secure systems, especially on embedded platforms where hardware RNG behavior must be validated. This post walks through running wolfEntropy on PetaLinux 2025.1 targeting the ZCU102 Evaluation Kit platform and reviewing the results. The outcome: the […]
Read MoreMore TagCategory: Uncategorized
Hardware-Backed Security Using wolfTPM with SPDM
Encrypted Bus Transfers, Multi-Vendor TPM Support, and TCG SPDM Binding Your Secrets Are on the Wire The Problem Discrete TPM chips talk to the host CPU over physical buses: SPI, I2C, or LPC. By default, this communication is unencrypted. Security researchers have repeatedly demonstrated that an attacker with brief physical access can tap these buses […]
Read MoreMore TagwolfSSH v1.5.0 Release
wolfSSH v1.5.0 is now available! This release brings additional post-quantum hybrid key exchange algorithms, a broad hardening pass across the code base, and a large number of bug fixes. There is also one low-severity vulnerability fix in this release affecting wolfSSHd on Windows when handling an edge case in terminal resize messages received from an […]
Read MoreMore TagwolfTPM SPDM vs The Field
The Only SPDM Implementation with Hardware TPM Support A Different Category wolfTPM’s SPDM implementation is not a standalone SPDM library. It is SPDM integrated directly with hardware TPMs, a category that no other open-source project occupies. wolfTPM works hand-in-hand with Nuvoton and NSING to deliver SPDM on real hardware, with full TCG SPDM binding, PSK […]
Read MoreMore TagAnnouncing SPDM Support in wolfTPM
Lightweight Device Authentication for Nuvoton and NSING TPMs Device Attestation and Authentication Are No Longer Optional From data center accelerators to automotive ECUs, the industry is moving toward verifying every component on every bus. Today, wolfSSL is proud to announce SPDM support in wolfTPM, enabling secure device authentication and attestation for Nuvoton NPCT75x and NSING […]
Read MoreMore TagA Thank You to Everyone who Helped with wolfssl-5.9.1
Here at wolfSSL, we are extremely proud of the work we do, but we also realize we owe a debt of gratitude to the wider community for their help and support. We make the best cryptography and security library NOT because we are perfect, but because we do the right thing and we do it […]
Read MoreMore TagwolfSSL 5.9.1 release blog
wolfSSL 5.9.1 is available with new features, post-quantum cryptography improvements, broad bug fixes, and a number of vulnerability fixes. Users are always recommended to stay up to date with wolfSSL releases. In this release, use cases that are affected by high severity reports are: PKCS7 with ORI callback set or AuthEnvelopedData with AES-GCM (–enable-pkcs7), ECDSA […]
Read MoreMore TagHow Claude Mythos Preview helped harden wolfSSL
At wolfSSL, we do an incredible amount of testing. Some of it is visible, some of it is not. You can see our GitHub Actions run on every pull request, and behind that we have a private Jenkins setup doing more extensive testing across multiple platforms, some of it on hardware physically sat in one […]
Read MoreMore TagAI deluge and wolfSSL average time between Vulnerability Report and Fix
We have always prided ourselves on our mean time between a vulnerability report and delivering a fix. Our historical average is about 36 hours. Like everyone else providing open source infrastructure software, we’ve been under a lot of pressure in the past 30 days with valid and meaningful reports from AI research efforts. Fortunately, we […]
Read MoreMore TagwolfBoot vs Intel Slim Bootloader
Since version 2.0.0, wolfBoot runs as a bare-metal bootloader on x86-64 (amd64 / Intel 64), using Intel FSP for silicon initialization — the same approach taken by Intel’s Slim Bootloader. So what sets them apart? Quite a lot. Getting started with wolfSSL? Download the latest libraries here and start exploring. Advanced Cryptography & Quantum Readiness […]
Read MoreMore Tag
