Category: wolfSSL/ wolfCrypt

wolfSSL is excited to announce that wolfSSL version 5.8.4 now supports Renesas Flexible Software Package (FSP) v6.1.0 for the RA6M3 and RA6M4 microcontroller platforms. Download wolfSSL → The Renesas RA6M3 and RA6M4 MCUs feature high-performance Arm Cortex cores with TrustZone technology and utilize the Flexible Software Package built on FreeRTOS. The open FSP ecosystem is […]

We’re pleased to announce improvements to wolfSSL’s Windows CE support through PR #8709, which addresses critical compatibility issues when building with Visual Studio 2008 for Windows CE 6.0 and 7.0 platforms. Download wolfSSL → Background Windows CE (Windows Embedded Compact) remains an important platform for many embedded and industrial applications, particularly in legacy systems requiring […]

Affected Users: Users of wolfSSL builds that use the C implementation of Curve25519 for private key operations. This does not affect builds using assembly-optimized implementations (ARM or Intel), the small footprint Curve25519 build, or hardware offload implementations. Summary: A potential side-channel vulnerability was identified in the C implementation of Curve25519 private key operations in wolfSSL. […]

wolfSSL 5.8.2 has enhanced the wc_PKCS12_create() function to support modern AES encryption algorithms for PKCS#12 files. This update enables stronger security for protecting private keys and certificates. What Changed PKCS#12 files are commonly used to store cryptographic objects like private keys, certificates, and certificate chains. wolfSSL 5.8.2 supports modern AES encryptions for PKCS#12 instead of […]

Affected Users: Applications using wolfSSL’s OpenSSL compatibility layer before wolfSSL version 5.8.2 that call both RAND_bytes() and fork() operations. This does not affect internal TLS operations or applications that do not explicitly use RAND_bytes(). Summary: A vulnerability was discovered in wolfSSL’s OpenSSL compatibility layer where the RAND_poll() function was not behaving as expected, leading to […]

Affected Users: Users performing ECC or Ed25519 signature verification operations on devices that may be susceptible to fault injection attacks, particularly in security-critical applications such as secure boot implementations. Summary: A potential vulnerability to fault injection attacks was identified in wolfSSL’s ECC and Ed25519 signature verification operations. Fault injection is a sophisticated physical attack technique […]

Affected Users: Anyone using wolfSSL on Apple platforms with versions after 5.6.4 and before 5.8.0, specifically when built with WOLFSSL_SYS_CA_CERTS and WOLFSSL_APPLE_NATIVE_CERT_VALIDATION enabled (default for non-macOS Apple targets when using autotools or CMake). Summary: When using system CA certificates and Apple native certificate validation on Apple platforms, the native trust store verification routine incorrectly overrides […]

The wolfSSL team is pleased to announce that the Ada language wrapper for wolfSSL version 5.8.0 is now prepared for inclusion in the Alire package index. This update represents an important milestone in making wolfSSL’s industry-leading cryptographic library more accessible to the Ada programming community through their native package management ecosystem. For those unfamiliar with […]