In December 2022, NIST announced that the venerable SHA-1 algorithm, introduced in 1995, is at end-of-life. While wolfSSL does not use or recommend SHA-1 for new designs, we implement and support it in our products. With the NIST announcement, that will soon change for new FIPS 140 submissions, as we too will retire SHA-1. The ..read more

wolfSSL is proud to announce the release of wolfProvider 1.0.0. This release is the first official support for being a Provider for OpenSSL 3.x. Intended for use by customers who want to have a FIPS validated module, but are already invested in using OpenSSL. The provider gives drop-in replacements for the cryptographic algorithms used by ..read more

In case you missed the news, wolfSSL Inc., a globally renowned leader in cryptography and network security solutions, is thrilled to announce the world’s first SP800 140Br1 compliant FIPS 140-3 Validation Certificate #4718 for wolfSSL’s wolfCrypt module. EDMONDS, Wash., July 16, 2024 /PRNewswire-PRWeb/ — wolfSSL, INC., has partnered with AEGISOLVE, INC., on this unprecedented automated pilot program. Aegisolve is accredited by the National Voluntary Laboratory Accreditation Program (NVLAP Lab Code: 200802-0) for Cryptographic and Security Testing to assess and validate cryptographic based sec ..read more

It is Christmas in July! The summer release of wolfSSH is here, version 1.4.18! Version 1.4.18 brings with it bug fixes, new features, and some enhancements as well! New features in this release include new algorithms and a memory configuration option. We also have a nice round of enhancements which range from channel setup callbacks, better testing, improved portability, and more! New Features wolfSSL style static memory pool allocation support. Ed25519 public key support. Banner option for wolfSSHd configuration. Non-blocking socket support to the example SCP client. Improvements Document ..read more

wolfSSL is currently the leader in embedded FIPS certificates. With current FIPS 140-3 validated certificate #4718 for the wolfCrypt Cryptographic Module, wolfSSL is thrilled to hold the world’s first SP800-140Br1-compliant FIPS 140-3 Validation Certificate. Join the wolfSSL team as we cover all things FIPS 140-3. We will cover the current transition to FIPS 140-3, its importance for cybersecurity, as well as how wolfSSL is implementing it in our products. Watch the video: Everything You Need to Know about FIPS 140-3 FIPS 140-3 is the third revision of the Federal Information Processing Standa ..read more

Doing FIPS responsibly since 2014! FIPS is a set of standards, detailed in Special Publications, that need to be met to be awarded a FIPS validation/certification published on the NIST website. A FIPS certificate, with the product listed in the certificate, is required to sell product(s) to medical, federal, or military agencies and is often required by some private sector entities as well. The typical FIPS certification process is as follows: You send us your hardware and toolchain We run the initial tests which ensure the cryptography module behaves according to specification given your spe ..read more

Doing FIPS responsibly since 2014! INTRO (wolfSSL FIPS service(s)): (skip to next paragraph for “What is FIPS”) FIPS is rightly viewed as a complex process with a steep entry learning curve. Lucky for customers of wolfSSL Inc. our management and engineering team have taken the time to learn the documentation surrounding the topic and developed all the tooling necessary to complete FIPS validation testing of the wolfCrypt cryptographic module in coordination with an NVLAP accredited FIPS lab. In order to FIPS validate a new product or operating environment (OE), wolfSSL asks for simply a custom ..read more

This week we are tackling the question: what is the difference between FIPS 140-2 and FIPS 140-3? wolfSSL is currently the leader in embedded FIPS certificates. The wolfCrypt module holds the world’s first SP800-140Br1 FIPS 140-3 validated certificate #4718. We always strive to keep our users up to date on the latest standards! With various specification updates, the newest standard of FIPS 140-3 will include the hardware module, firmware module, software module, hybrid-software module, and hybrid-firmware module and will have no restriction as to the level at which a hybrid module may be vali ..read more

We are thrilled to announce a landmark achievement in cybersecurity! wolfSSL has obtained the world’s first SP800-140Br1 FIPS 140-3 validated certificate #4718. This milestone is a testament to our commitment to providing top-notch security solutions. To celebrate, wolfSSL Senior Software Engineer, Kaleb Himes, is hosting an exciting webinar, “World’s first SP800-140Br1 FIPS 140-3 validated certificate #4718”, on July 18th at 10am PT! Register today for “World’s first SP800-140Br1 FIPS 140-3 validated certificate #4718” This Webinar Will Cover: World’s first SP800-140Br1 FIPS 140-3 validated ..read more

The lwIP project is a great, lightweight TCP/IP stack implementation, with widespread use in the embedded world. Users of lwIP and wolfSSL know that we have long supported an lwIP integration, which allows wolfSSL to handle the TLS layer while lwIP handles network input/output. Similarly, we support a wolfSentry integration with lwIP, that allows wolfSentry to function as a dynamic firewall and IDPS for lwIP. But what if you wanted to combine lwIP with IPSec? Furthermore, what if you wanted wolfCrypt to handle the IPSec cryptographic operations in such a combination? If you’re curious about lw ..read more