wolfCrypt FIPS Module

The CMVP has issued FIPS 140-2 Certificate #2425 for the wolfCrypt Module developed by wolfSSL Inc.

Many people are curious about how wolfSSL (formerly CyaSSL) compares to OpenSSL and what benefits there are to using an SSL/TLS library that has been optimized to minimize size and maximize speed.  OpenSSL is free and presents no initial costs to begin using, but wolfSSL provides you with more flexibility, an easier integration of SSL/TLS into your existing platform, current standards support, consistent and regular bug fixes, and much more – all provided under a very easy-to-use license model.

The outline below highlights the key differences between wolfSSL and OpenSSL.

Memory Usage

With a 20-100kB build size and runtime memory usage between 1-36kB, wolfSSL can be up to 20 times smaller than OpenSSL.  In an environment where footprint size is critical or a large cloud environment where memory usage per connection makes a big impact on the performance and success of a project, wolfSSL is an optimal SSL and cryptography solution.

Standards Support

wolfSSL is up-to-date with the most recent standards:  TLS 1.2 and DTLS 1.2.  With the recently-presented crack in TLS 1.0, your project should use either TLS 1.1 or TLS 1.2 for maximum security - both of which wolfSSL fully supports on both the client and server side.  The wolfSSL team is dedicated to supporting new standards as they become available in the future, keeping wolfSSL always up-to-date.

Progressive Ciphers

wolfSSL is progressive with support for new secure and high-performance ciphers.  wolfSSL includes some of the best current ciphers for streaming media support, including the HC-128 and RABBIT stream ciphers.  Standard ciphers are supported, including EDH on both the client and server side.  wolfSSL recently added support for BLAKE2b, one of the SHA-3 finalists as well. wolfSSL’s underlying cryptography library is called wolfCrypt.


wolfSSL is backed by an outstanding company who cares about its users and about their security, and who actively works to support, improve and expand the library.  The wolfSSL team is based in Bozeman, Portland, and Seattle, and is always willing to help.

Ease of Use

OpenSSL is burdened with truckloads of legacy code that are difficult to maintain and keep up to date.  wolfSSL was written from the beginning with modularity and maintenance in mind.  Because of this mindset, wolfSSL has been developed with a simple and documented API, easy-to-use abstraction layers for OS, Custom I/O, and Standard C library, and clear usage examples.


wolfSSL is the leading SSL/TLS library for real-time, mobile, embedded, and enterprise systems, by virtue of its breadth of platform support and successful implementations.  With a long list of supported platforms out of the box, your time to market can be decreased dramatically by using wolfSSL.  OpenSSL requires porting to many platforms, which can cost your team both time and money.


wolfSSL is dual licensed under both the GPLv2 as well as a commercial license, where OpenSSL is available only under their unique license from multiple sources.

wolfSSL is powered by the wolfCrypt library. A FIPS 140-2 Level 1 certificate is expected to be issued in 1Q2015 for wolfCrypt. For additional information, visit our FIPS FAQ page or contact [email protected]


wolfSSL was written from the ground up and is maintained and developed by the original developers.  Available directly by phone, email or the wolfSSL product support forums, your questions are answered quickly and accurately to help you make progress on your project as quickly as possible.

wolfSSL (formerly CyaSSL) vs. OpenSSL

Copyright 2016 wolfSSL Inc.  All rights reserved.


Please feel free to contact us with any questions you might have.

wolfSSL 3.9.10

Release 3.9.10 includes medium level vulnerability fix, configure option changes, extended master secret support, ARMv8 support, and more.

embedded ssl

General Questions

Regarding yaSSL, wolfSSL, wolfCrypt, or wolfCrypt FIPS porting or questions.

+1 425 245 8247



Licensing Questions

Open source or commercial license questions or inquiries.



Relative to all wolfSSL Products.


Support Forums:

Questions? +1 (425) 245-8247