Product Code Database
Example Keywords: science -playstation $83-126
barcode-scavenger
   » » Wiki: Wolfssl
Tag Wiki 'Wolfssl'.
Tag

WolfSSL
Search for wolfssl supported
 (

 C O N T E N T S 
Rank: 100%
Bluestar Bluestar Bluestar Bluestar Blackstar
  1. Wiki
  2. Comments
  3. Media

wolfSSL is a small, portable, embedded SSL/TLS library targeted for use by embedded systems developers. It is an open source implementation of TLS (SSL 3.0, TLS 1.0, 1.1, 1.2, 1.3, and DTLS 1.0, 1.2, and 1.3) written in the C programming language. It includes SSL/TLS client libraries and an SSL/TLS server implementation as well as support for multiple APIs, including those defined by SSL and TLS. wolfSSL also includes an compatibility interface with the most commonly used OpenSSL functions. wolfSSL – Embedded Communications Products

Platforms
wolfSSL is currently available for Microsoft Windows, , , Solaris, ESP32, ESP8266, , , , , , , , , , , , , Android, , and through DevKitPro support, , , variants, , , Micrium's MicroC/OS-II, , , , , , , , uTasker, uT-kernel, embOS, , , RIOT, CMSIS-RTOS, FROSTED, Green Hills INTEGRITY, Keil RTX, TOPPERS, PetaLinux, , and .

History
The genesis of wolfSSL dates to 2004. was available at the time, and was dual licensed under the OpenSSL License and the SSLeay license. OpenSSL: Source, License yaSSL, alternatively, was developed and dual-licensed under both a commercial license and the GPL. wolfSSL – License yaSSL offered a more modern API, commercial style developer support and was complete with an OpenSSL compatibility layer. The first major user of wolfSSL/CyaSSL/yaSSL was . Through bundling with MySQL, yaSSL has achieved extremely high distribution volumes in the millions.

In February 2019, , the creator of , was hired by the wolfSSL project to work on cURL. Daniel Stenberg, founder and Chief Architect of cURL, joins wolfSSL

Protocols
The wolfSSL lightweight SSL library implements the following protocols: wolfSSL – Docs | CyaSSL Manual – Chapter 4 (Features)
  • SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3
  • DTLS 1.0, DTLS 1.2, DTLS 1.3
  • Extensions: Server Name Indication (SNI), Maximum Fragment Length, Truncated , Application Layer Protocol Negotiation (ALPN), Extended Master Secret
  • Ciphersuites: ,
  • Post-quantum cryptography: ML-DSA added to sigAlgs, ML-KEM added to Supported Groups, QSH (deprecated and removed)
  • :
    • PKCS #1 - RSA Cryptography
    • PKCS #3 - Diffie-Hellman Key Agreement
    • PKCS #5 - Password-Based Encryption
    • PKCS #7 - Cryptographic Message Syntax (CMS)
    • PKCS #8 - Private-Key Information Syntax
    • PKCS #9 - Selected Attribute Types
    • PKCS #10 - Certificate signing request (CSR)
    • PKCS #11 - Cryptographic Token Interface
    • PKCS #12 - Certificate/Personal Information Exchange Syntax Standard

Protocol Notes:

  • SSL 2.0 – SSL 2.0 was deprecated (prohibited) in 2011 by RFC 6176. wolfSSL does not support it.
  • SSL 3.0 – SSL 3.0 was deprecated (prohibited) in 2015 by RFC 7568. In response to the , SSL 3.0 has been disabled by default since wolfSSL 3.6.6, but can be enabled with a compile-time option.
"wolfSSL 3.6.6 is Now Available".

Algorithms
wolfSSL uses the following cryptography libraries:

wolfCrypt
By default, wolfSSL uses the cryptographic services provided by wolfCrypt. wolfSSL – Docs | wolfSSL Manual – Chapter 10 (wolfCrypt Usage Reference) wolfCrypt Provides RSA, ECC, DSS, Diffie–Hellman, EDH, (deprecated and removed), DES, , AES (CBC, CTR, CCM, GCM), Camellia, IDEA, ARC4, HC-128, ChaCha20, MD2, MD4, MD5, SHA-1, SHA-2, SHA-3, BLAKE2, RIPEMD-160, Poly1305, Random Number Generation, Large Integer support, base 16/64 encoding/decoding, and post-quantum cryptographic algorithms: (certified under FIPS 203) and ML-DSA (certified under FIPS 204).

wolfCrypt also includes support for the recent X25519 and Ed25519 algorithms.

wolfCrypt acts as a back-end crypto implementation for several popular software packages and libraries, including MIT Kerberos Kerberos: The Network Authentication Protocol (where it can be enabled using a build option).

NTRU
CyaSSL+ includes NTRU CryptoLabs public key encryption. The addition of NTRU in CyaSSL+ was a result of the partnership between yaSSL and Security Innovation. NTRU works well in mobile and embedded environments due to the reduced bit size needed to provide the same security as other public key systems. In addition, it's not known to be vulnerable to quantum attacks. Several cipher suites utilizing NTRU are available with CyaSSL+ including AES-256, RC4, and HC-128.

Hardware Integration
Secure Element Support
wolfSSL supports the following :

  • STMicroelectronics STSAFE
  • Microchip CryptoAuthentication ATECC508A
  • NXP EdgeLock SE050 Secure Element

Technology Support
wolfSSL supports the following hardware technologies:
  • SGX (Software Guard Extensions) wolfSSL – wolfSSL with Intel® SGX - Intel SGX allows a smaller attack surface and has been shown to provide a higher level of security for executing code without a significant impact on performance.

Hardware Encryption Support
The following tables list wolfSSL's support for using various devices' hardware encryption with various algorithms.
+AES cipher modes !Device !AES-GCM !AES-CCM !AES-CBC !AES-ECB !AES-CTR
Intel AES-NI (Xeon and Core processor families)AllAllAllAllAll
Freescale Cryptographic Accelerator and Assurance Module (CAAM) AllAllAllAll
Freescale Coldfire SEC (NXP MCF547X and MCF548X) All
Freescale Kinetis MMCAU K50, K60, K70, and K80 (ARM Cortex-M4 core)AllAllAllAll
STMicroelectronics STM32 F1, F2, F4, L1, W Series (ARM Cortex - M3/M4) All All
Cavium NITROX (III/V PX processors) All
Microchip PIC32 MX/MZ (Embedded Connectivity)All All All
Texas Instruments TM4C1294 (ARM Cortex-M4F)AllAllAllAllAll
Nordic NRF51 (Series SoC family, 32-bit ARM Cortex M0 processor core) 128-bit
ARMv8All All All
Intel QuickAssist TechnologyAll All
Freescale NXP LTCAllAllAllAllAll
Xilinx Zynq UltraScale+256-bit
Renesas RX65N (R5F565NEHDFB)All All
Renesas RX72N (RTK5RX72N0C00000BJ)All All
Renesas RX MPU (R5F571MLDDFC)All All
Renesas Synergy DK-S7G2 128-bit

- "All" denotes 128, 192, and 256-bit supported block sizes

+ cipher modes !Device !DES-CBC !DES-ECB !3DES-CBC
Freescale Coldfire SEC (NXP MCF547X and MCF548X)64 bit 192 bit
Freescale Kinetis MMCAU K50, K60, K70, and K80 (ARM Cortex-M4 core)64 bit 192 bit
STMicroelectronics STM32 F1, F2, F4, L1, W Series (ARM Cortex - M3/M4)64 bit64 bit (encrypt)192 bit
Cavium NITROX (III/V PX processors)192 bit
Microchip PIC32 MX/MZ (Embedded Connectivity)64 bit 192 bit
Texas Instruments TM4C1294 (ARM Cortex-M4F)64 bit 192 bit
+ !Device !RC4 !ChaCha20
AVX1/AVX2 (Intel and AMD x86) Supported
Cavium NITROX (III/V PX processors)2048 bit max.
+ support !Device !MD5 !SHA1 !SHA2 !SHA-256 !SHA-384 !SHA-512
AVX1/AVX2 (Intel and AMD x86) SupportedSupportedSupported
Freescale Kinetis MMCAU K50, K60, K70, and K80 (ARM Cortex-M4 core)SupportedSupported Supported
STMicroelectronics STM32 F1, F2, F4, L1, W Series (ARM Cortex - M3/M4)SupportedSupported
Microchip PIC32 MX/MZ (Embedded Connectivity)SupportedSupported Supported
ARMv8 Supported
Intel QuickAssist TechnologySupportedSupportedSupported
Freescale NXP LTC Supported Supported
Xilinx Zynq UltraScale+ Supported
Renesas Synergy DK-S7G2 Supported Supported
Renesas RX65N (R5F565NEHDFB) Supported Supported
Renesas RX72N (RTK5RX72N0C00000BJ)Supported Supported Supported
Renesas RX MPU (R5F571MLDDFC) SupportedSupportedSupported
+Key operations: generation and exchange, elliptic curve cryptography !Device !RSA !ECC !ECC-DHE !X25519 !Ed25519
Cavium NITROX (III/V PX processors)512–4096 bitNIST Prime 192, 224, 256, 384, 521
Microchip/ Atmel ATECC508A (compatible with any MPU or MCU including: Atmel SMART and AVR MCUs) 256 bit (NIST-P256)
Intel QuickAssist Technology512–4096 bit128, 256 bit
Freescale NXP LTC512 - 4096 bit128, 256 bit128, 256 bit256 bit256 bit
Xilinx Zynq UltraScale+2048–4096 bit
+MAC algorithms !Device !HMAC-MD5 !HMAC-SHA1 !HMAC-SHA2 !HMAC-SHA256 !SHA-3 !Poly1305
AVX1/AVX2 (Intel and AMD x86) Supported
Cavium NITROX (III/V PX processors)SupportedSupported SupportedSupported
Microchip PIC32 MX/MZ (Embedded Connectivity)SupportedSupported Supported
Intel QuickAssist Technology SupportedSupported
Renesas RX65N (R5F565NEHDFB)Supported Supported
Renesas RX72N (RTK5RX72N0C00000BJ)
Renesas RX MPU (R5F571MLDDFC)Supported Supported
Renesas Synergy DK-S7G2 Supported
+Random number generation !Device !RNG
STMicroelectronics STM32 F1, F2, F4, L1, W Series (ARM Cortex - M3/M4)Supported
Cavium NITROX (III/V PX processors)Supported
Nordic NRF51 (Series SoC family, 32-bit ARM Cortex M0 processor core)Supported

Certifications
wolfSSL supports the following certifications:

Licensing
wolfSSL is dual licensed:
  • Licensed under the GPL-2.0-or-later license. This is good for GPL open source projects and evaluation.
  • Licensed under a commercial non-GPL license. This comes with additional support and maintenance packages and is priced at 7,500 USD per product or SKU as of 2025.

See also
  • Transport Layer Security
  • Comparison of TLS implementations
  • Comparison of cryptography libraries
  • Network Security Services

External links

: , ,
Page 1 of 1
1
Page 1 of 1
1

Account

Social:
Pages:  ..   .. 
Items:  .. 
Click to view the UPC Scavenger App on google play.

Navigation

General: Atom Feed Atom Feed  .. 
Help:  ..   .. 
Category:  ..   .. 
Media:  ..   .. 
Posts:  ..   ..   .. 

Statistics

Page:  .. 
Summary:  .. 
1 Tags
10/10 Page Rank
5 Page Refs