Many embedded devices generate their SSH server host key in RAM on every boot, then hand it to the SSH stack as a DER buffer. It works, but the private key lives in memory where firmware bugs, cold-boot attacks, or a careless core dump can leak it. For a safety-critical or long-lived product, the host […]
Read MoreMore TagCategory: Uncategorized
Introducing wolfHAL: A Lightweight Hardware Abstraction Layer for Embedded Systems
We are excited to announce wolfHAL, a new open-source project from wolfSSL. wolfHAL is a lightweight, OS-agnostic, compiler-agnostic hardware abstraction layer (HAL) for embedded targets, written in portable C. It sits between your application and the silicon, exposing a clean, uniform API for talking to peripherals such as GPIO, UART, SPI, I2C, DMA, flash, timers, […]
Read MoreMore TagwolfBoot Microchip PolarFire SoC support for full HSS replacement
wolfBoot can now boot a Microchip PolarFire SoC (MPFS250T) entirely on its own — no Hart Software Services (HSS) required — and bring up 4-CPU SMP Linux from a signed, verified image. One bootloader, one root of trust wolfBoot can now run in M-Mode directly on the E51 hart out of eNVM and handles all […]
Read MoreMore TagwolfCrypt as a FIPS 140-3 Crypto Provider for VPP
wolfSSL has lab-demoed wolfCrypt as a crypto provider for VPP. VPP (Vector Packet Processing) is FD.io’s user-space networking data plane. wolfCrypt plugs into VPP’s crypto dispatch and handles IPsec traffic. VPP has no FIPS 140-3 validated crypto path today. The built-in crypto has no validation. The OpenSSL path carries whatever FIPS posture OpenSSL has; on […]
Read MoreMore TagwolfSSL Roadmap 2026
Understand upcoming changes before they impact your builds, compliance timelines, and security architecture. Join us on June 25 at 9 AM PT for a focused walkthrough of the wolfSSL roadmap. This session goes beyond a high-level preview to highlight what’s actually changing across FIPS 140-3, post-quantum cryptography, and TLS—and what those changes mean for your […]
Read MoreMore TagwolfTPM Firmware TPM 2.0 with Post-Quantum
Firmware TPMs (fTPMs) are enabling TPM 2.0 functionality on platforms that cannot accommodate discrete TPM devices, including microcontrollers, safety processors, FPGA soft-cores, and trusted execution environments. Join us on June 24 at 9 AM PT for a technical webinar on wolfTPM Firmware TPM (fTPM). We’ll examine how TPM 2.0 is being deployed across embedded systems, […]
Read MoreMore TagFree Support for Open Source Projects
At wolfSSL, we are committed to supporting the open source community. If you are using wolfSSL software in an open source project and need technical assistance, contact us at support@wolfssl.com. Our engineering team is happy to help with integration, configuration, and troubleshooting questions. If you think your project may require a GPLv3 license exception, please […]
Read MoreMore TagMerkle Tree Certificates
If you’re part of the Web PKI community and haven’t heard of Merkle Tree Certificates then you must have been hiding under a rock for the past year! These are the new format of certificates that are being pushed by Google and Cloudflare to solve the issue of large public keys and signatures in ML-DSA […]
Read MoreMore TagwolfKeyMgr: Decrypt Internal TLS 1.3 Traffic Without Breaking It
TLS 1.3 made per-session forward secrecy the default. That is a win for privacy on the open internet, but inside your own data center it leaves monitoring, compliance, and intrusion-detection tools blind to the traffic they are meant to watch. wolfKeyMgr is wolfSSL’s answer. What wolfKeyMgr Does wolfKeyMgr is a secure key management service […]
Read MoreMore TagWhy is wolfSSL reporting so many CVEs?
Why are we reporting so many CVEs? If you follow wolfSSL, you’ve probably noticed the number of CVEs we file per release has ramped up this spring 2026. From 5.8.0 (April 2025) to 5.9.1 (April 2026) we’ve experienced nearly geometric growth in reported CVEs per wolfSSL release. So what’s going on? Should users of wolfSSL […]
Read MoreMore Tag
