wolfCrypt as an engine for OpenSSL

As many people know, the OpenSSL project is struggling with FIPS, and their new FIPS release is not expected until mid 2021. The version of OpenSSL that supports FIPS is now in End Of Life and is no longer supported.

This means that OpenSSL users will not have a supported FIPS Object Module for over a year. This is a big issue for companies that rely on security! If there is a bug in the FIPS Object Module, you will need to fix it and revalidate on your own.

To fill this breach, wolfSSL has integrated our FIPS certified crypto module with OpenSSL as an OpenSSL engine. This means that:

  1. OpenSSL users can get a supported FIPS solution, with packages available up to the 24×7 level,
  2. The new wolfCrypt FIPS solution also supports the TLS 1.3 algorithms, so your package can support TLS 1.3,
  3. You can support hardware encryption with your package, as the new wolfCrypt solution has full hardware encryption support.

Additionally, should you be using one of the OpenSSL derivatives like BoringSSL, we can also support you.

Finally, we will be submitting our FIPS 140-3 module to NIST in September 2020, which is the earliest available date for submissions.

If you have any questions or run into any issues, contact us at facts@wolfssl.com, or call us at +1 425 245 8247.

We love you.

Team wolfSSL