wolfSSL was a proud sponsor and exhibitor at the RISC-V Summit EU earlier this year. Thank you to all the attendees that stopped by; We enjoyed the interesting discussions regarding wolfSSL in your projects. Some of the most common questions we heard: Q: Is wolfSSL supported on RISC-V devices? A: Yes! Absolutely. The wolfSSL libraries […]
Read MoreMore TagCategory: Uncategorized
FIPS 140-3 and KDF’s (Key Derivation Functions)
As our readers know, wolfSSL is currently the leader in embedded FIPS certificates. The wolfCrypt module holds the world’s first SP800-140Br1 FIPS 140-3 Validated Certificate #4718. One of the things that is critical to our users is Key Derivation Functions. Key derivation functions are consumed by TLS 1.2, TLS 1.3, and SSH. We will support […]
Read MoreMore TagWhy wolfSSH is Immune to the regreSSHion
Recently, Qualys found an exploit in OpenSSH’s sshd server application that they named regreSSHion. This exploit lets attackers run arbitrary code by exploiting a race condition in a signal handler. wolfSSH is not a port or fork of OpenSSH. It is written from scratch by wolfSSL Inc. While wolfSSHd is using the same alarm signal […]
Read MoreMore TagWhy Would You Want wolfSSL’s FIPS 140-3 Certificate
As our readers know, wolfSSL is currently the leader in embedded FIPS certificates. The wolfCrypt module holds the world’s first SP800-140Br1 FIPS 140-3 Validated Certificate #4718, valid through July 10th, 2029. There are a few significant changes coming with FIPS 140-3. Over the years with many specification updates, a few things got a little inconsistent, […]
Read MoreMore TagEclipse Mosquitto Broker with wolfSSL
The wolfSSL team has expanded our Open Source Projects repository with a port for Mosquitto, an open source MQTT broker. Mosquitto users can benefit from wolfSSL’s lightweight SSL/TLS library. Why should you use wolfSSL with Mosquitto? Portability across platforms and OS/RTOS environments Low/optimized memory use (runtime and footprint) Best-tested SSL/TLS/crypto implementation available, reducing vulnerabilities Current […]
Read MoreMore TagACVP and FIPS 140-3
As many in the FIPS world are aware NIST retired CAVP (Cryptographic Algorithm Validation Protocol) testing on June 30th of 2020, permanently replacing CAVP with ACVP (Automated Cryptographic Validation Protocol), also referred to as ACVTS (Automated Cryptographic Validation Test System). In order to prepare for this transition NIST offered a “demo server” that Vendors like […]
Read MoreMore TagLive Webinar: Medical Device Security
Learn a comprehensive overview of the current medical device landscape, the associated security challenges, and how wolfSSL’s solutions can help you navigate these complexities effectively. Check it out: Medical Device Security: Key Strategies for Cyber Security and Data Protection In the rapidly evolving medical device sector, ensuring the security and integrity of devices is paramount. […]
Read MoreMore TagChanges to Maximum Alternative Names Macro in wolfSSL
In the 5.7.2 release, a new macro WOLFSSL_MAX_ALT_NAMES was introduced to limit the maximum number of allowed subject alternative names to a default value of 128 to prevent a possible denial of service attack. Unfortunately, after the release, some commonly used certificates were brought to our attention that have more than 128 subject alternative names. […]
Read MoreMore TagFIPS 140-3 and SHA-1 Retirement
In December 2022, NIST announced that the venerable SHA-1 algorithm, introduced in 1995, is at end-of-life. While wolfSSL does not use or recommend SHA-1 for new designs, we implement and support it in our products. With the NIST announcement, that will soon change for new FIPS 140 submissions, as we too will retire SHA-1. The […]
Read MoreMore TagwolfProvider Release 1.0.0
wolfSSL is proud to announce the release of wolfProvider 1.0.0. This release is the first official support for being a Provider for OpenSSL 3.x. Intended for use by customers who want to have a FIPS validated module, but are already invested in using OpenSSL. The provider gives drop-in replacements for the cryptographic algorithms used by […]
Read MoreMore Tag