WolfSSL is an embedded, lightweight cybersecurity software package for air force and defense applications. We have a long history of providing security for defense systems, and more recently, providing secure boot and secure communications for avionics.
Designed for optimal speed, portability, features, and standards compliance, the wolfSSL embedded TLS library is C-language-based, targeted at embedded, real-time operating systems (RTOS) and IoT. The underlying wolfCrypt cryptography implementations are rigorously tested to ensure the highest level of cybersecurity and performance.
wolfSSL cybersecurity software solutions for aviation and defense industries
With its Secure Socket Layer / Transport Layer Security (SSL/TLS) products and crypto library, wolfSSL is supporting cybersecurity designs in various sectors. In the avionics industry, wolfSSL supports complete RTCA DO-178C level A certification. For government consumers, wolfSSL has a strong history in FIPS 140-2, and is under testing for the upcoming FIPS 140-3.
wolfSSL supports industry standards up to the current TLS 1.3 and DTLS 1.2, is up to 20 times smaller than OpenSSL, benefits from a simple API, and includes an OpenSSL compatibility layer. It is backed by the robust wolfCrypt cryptography library, and includes customer support subscriptions up to 24×7 level. All products are open source, providing customers the freedom to look under the hood.
Since the beginning, wolfSSL’s engineering team has developed several embedded security products, including wolfCrypt with Federal Information Processing Standard (FIPS) validation, a FIPS-ready offering, MQTT (up to the v5.0 specification), SSHv2, TPM 2.0, the wolfBoot secure boot loader, as well as Java wrappers ( JCE/JSSE), and commercial support for cURL. These offerings are accompanied with support and maintenance plans up to the 24×7 level. Full-service consulting is also available, including the one-week ‘Kickstart’. Customers in need of a quick and effective initial start-up with crypto or SSL/TLS will benefit from this program.
The Kickstart program will build and test wolfSSL or wolfCrypt in your environment, with your compiler, TCP/IP stack, and operating system variant. It accelerates project development time and reduces project risk. wolfSSL is dual-licensed, meaning it can be shipped with your commercial products or licensed in open-source projects under GPLv2.
wolfCrypt FIPS Validated Cryptography Library
wolfCrypt is the self-contained, underlying library of algorithms within wolfSSL, which is written in ANSI C and supports the most popular algorithms and ciphers.
wolfCrypt is built to offer maximum portability and is generally easy to compile on new platforms. wolfCrypt is FIPS-validated, with FIPS 140-2 certificates #2425 and #3389, and upcoming FIPS 140-3. wolfSSL also offers FIPS-ready solutions, enabling customers to be prepared for FIPS without having to go through the arduous FIPS certification process until a customer requires it.
You can get a copy of the commercially licensed version of FIPS-ready to begin selling to non-FIPS customers today. This means that if future demand for FIPS presents itself, we simply validate your FIPS-ready product for direct or indirect sale into FIPS projects.
wolfBoot Secure Bootloader
wolfBoot is a portable, OS-agnostic, secure bootloader solution for 32-bit microcontrollers and IoT devices. The role of a secure bootloader is to ensure the prevention of the loading of malicious or unauthorized firmware on the target.
Our secure boot implementation utilizes wolfSSL’s underlying wolfCrypt module to provide signature authentication for firmware verification. It can run on any supported operating system, down to bare metal, and has DO-178C compliance support as well as FIPS 140-2 certification.
wolfSSH Client and Server Library
The wolfSSH library is a lightweight SSHv2 client and server library that can leverage a FIPS-validated wolfCrypt library when needed. Features include SCP, SFTP, multiple hashing functions, and both password and public key authentication support.
wolfSentry Embedded IDPS
wolfSentry is a universal, dynamic, embedded IDPS (intrusion detection and prevention system). At its core, it features an embedded firewall engine (both static and fully dynamic), with optimally efficient lookups. wolfSentry is dynamically configurable, and can arbitrarily associate user-defined events with user-defined actions, contextualized by connection attributes, tracking the evolution of the network transaction profile.
wolfSSL was founded in 2004 by Todd Ouska and Larry Stefonic, who realized there was no other open source, dual licensed embedded SSL library available. OpenSSL was available at the time, but many OpenSSL users wanted an alternative that was easily portable, smaller, faster, available under a clear commercial license, equipped with a clean and modern API, and offered commercial-style developer support.
Out of this market need, wolfSSL, complete with an OpenSSL compatibility layer, was born. The first major user of the wolfSSL library was MySQL, the world’s most popular open source database. Through bundling with successful and popular open source projects like MySQL, OpenWRT, Mongoose, cURL, Nginx, Apache, Lighttpd, OpenSSH, HostAP, wpa_supplicant, HAProxy, LOCKMA, StrongSwan, Python, Wireguard, and Ubuntu, wolfSSL has achieved extremely high distribution volumes and user adoption. Over two billion connections are currently secured by wolfSSL.
Today, wolfSSL products are successfully used in both open source and commercial projects. wolfSSL and wolfCrypt are included in avionics, defense, automotive, industrial, IP phones, mobile phones, routers, printers, credit card scanners and many types of network applications. For a list of open source projects in which our products have been included, please see our Community page. If your project is currently using wolfSSL, let us know.