wolfTPM v4.1.0 delivers the post-quantum upgrade path we promised in v4.0.0, alongside a major round of firmware TPM (fwTPM) hardening. It delivers three headline capabilities:
- TPM 2.0 v1.85 Post-Quantum Cryptography: ML-DSA and ML-KEM native and in the fwTPM.
- fwTPM Hardening: Dictionary Attack protection to the TCG spec, SPDM secured transport, and session, policy, and NV fixes.
- Runtime TPM Locality Control: select locality 0-4 at runtime with a single API call.
All of it runs on the same wolfCrypt engine trusted in FIPS 140-3 and DO-178C DAL A deployments.
Feature 1: TPM 2.0 v1.85 Post-Quantum Cryptography
v4.0.0 shipped with post-quantum support listed as coming soon. It is here. The fwTPM now implements the TPM 2.0 v1.85 post-quantum algorithms: ML-DSA sign/verify and ML-KEM encapsulate/decapsulate, with seed handling to TCG Phase B, ML-DSA primary keys via TPM2_CreateLoaded, PQC parameter encryption in the examples, and dedicated PQC CI and fuzz coverage.
Build Only What You Use
Post-quantum keys and code are large, so v4.1.0 adds layered build macros to trim the PQC footprint to the operations you actually perform:
--enable-pqc # lean ML-DSA + ML-KEM subset --enable-mldsa[=all|sign-only|verify-only|no] --enable-mlkem[=all|enc|dec|no] --disable-hash-mldsa
–enable-pqc now selects the lean PQC subset, while –enable-v185 remains the full specification build. Per-algorithm (WOLFTPM_MLDSA, WOLFTPM_MLKEM) and per-operation macros each have a matching WOLFTPM_NO_* opt-out. New _ex session, OAEP, and PQC-hash wrappers round out the API, and the build enforces a wolfSSL v5.8.0+ PQC floor with upstream-drift CI.
Feature 2: fwTPM Hardening
The firmware TPM introduced in v4.0.0 received a major round of work to close the gap with discrete hardware.
Dictionary Attack Protection to the TCG Spec
- noDA honored on objects (TPMA_OBJECT_noDA), not just NV indices.
- failedTries persisted in NV, including the non-orderly-shutdown +1 penalty.
- recoveryTime self-heal and separate lockoutRecovery, with DA properties reported via TPM2_GetCapability.
- New wrappers wolfTPM2_DictionaryAttackLockReset and wolfTPM2_DictionaryAttackParameters, a da_check example, and a CI retry harness.
Sessions, Policy, and NV
- Transient state kept across command-port reconnects.
- continueSession set in the password-auth response, and PolicyAuthorize zero-ticket handling.
- Append-only NV journal for write-once flash ports.
- Optional transparent TPM_RC_RETRY handling for TPMs that momentarily report busy. Opt in via TPM2_SetCommandRetries or -DWOLFTPM_MAX_RETRIES=N.
- SPDM secured transport extended to the fwTPM, and FIPS 140-3 capability reporting.
Feature 3: Runtime TPM Locality Control
TPM locality lets a platform distinguish measurements made by trusted early boot code (DRTM) from ordinary software. The new wolfTPM2_SetLocality(dev, locality) API selects locality 0-4 at runtime, and the PCR reset example takes a -loc=n flag. It works on the TIS/SPI driver and the fwTPM over socket and TIS/SHM; platforms without a locality interface cleanly return NOT_COMPILED_IN.
The fwTPM per-PCR locality enforcement was replaced with a single source-of-truth table matching the TCG PC Client profile. Behavior change: DRTM PCRs 17-22 can no longer be extended from locality 0, exactly as the specification requires.
Other v4.1.0 Release Improvements
- New crypto-primitive examples (getrandom, hash, AES, ECDH) and a WOLFTPM2_ECC_DEFAULT_CURVE option.
- Optional hardware-reset HAL: –enable-hal-reset pulses the nRST line via the Linux GPIO char device.
- Freestanding builds via WOLFTPM_NO_STD_HEADERS for bare-metal targets without a standard C library.
- SBOM generation (make sbom): CycloneDX and SPDX documents for EU Cyber Resilience Act (CRA) compliance.
- Fixed TPM_CAP_ALGS / TPM_CAP_COMMANDS capability paging, and Nations NS350 example fixes.
- Extensive security hardening: automated Fenrir review, Coverity fixes across the fwTPM paths, and CodeQL/Semgrep review gates.
- CI and build improvements: expanded CMake tests, a GHCR container image, and nightly fuzzing.
Getting Started
git clone https://github.com/wolfSSL/wolfTPM.git cd wolfTPM git checkout v4.1.0 ./configure --enable-fwtpm --enable-pqc make && make check
- Release notes: github.com/wolfSSL/wolfTPM/releases/tag/v4.1.0
- Changelog: ChangeLog.md
- Examples: examples/ directory, including the new da_check, PCR-locality, and crypto-primitive demos.
For commercial licensing, FIPS 140-3 integration, DO-178C DAL A qualification kits, custom HAL ports, or help deploying TPM 2.0 v1.85 post-quantum, contact facts@wolfSSL.com or +1 425 245 8247.
Download wolfSSL Now

