ML-DSA and ML-KEM Support for TPM 2.0 Library Specification v1.85 Quantum-Safe TPM Operations Are on the Way wolfSSL is excited to announce that post-quantum cryptography (PQC) support is coming to wolfTPM. wolfTPM will be among the first TPM 2.0 libraries to implement the newly-published TCG TPM 2.0 Library Specification v1.85, which adds the NIST-standardized post-quantum […]
Read MoreMore TagMonth: May 2026
wolfTPM Firmware TPM (fwTPM) Post-Quantum Release: Portable Software TPM 2.0 with ML-DSA and ML-KEM Support
Post-Quantum Firmware TPM Is Here wolfTPM’s firmware TPM (fwTPM) is available with post-quantum cryptography support added through the TCG TPM 2.0 Library Specification v1.85. fwTPM is wolfSSL’s portable software TPM 2.0 implementation, built on wolfCrypt and intended for products that need a TPM 2.0 interface without a discrete TPM chip. The post-quantum work merged in […]
Read MoreMore TagRSA-PSS Support for PKCS#7 SignedData in wolfSSL
PKCS#7, standardized as Cryptographic Message Syntax (CMS) in RFC 5652, is a common format for signing structured data. Signed firmware updates, signed configuration packages, and certificate-based authentication workflows all rely on PKCS#7 SignedData to ensure integrity and authenticity.wolfSSL now supports RSA-PSS (RSASSA-PSS) signatures in PKCS#7 SignedData, for both generation and verification. This lets applications move […]
Read MoreMore TagTPM 2.0 Sealing Policies with wolfTPM: PCR Policies, Policy Authorize, and NV Storage for TPM 2.0 Secrets
Background: TPM 2.0 Sealing and PCR Policies TPM 2.0 sealing binds a secret to a set of Platform Configuration Register (PCR) values. The TPM will only release the secret when the current PCR state matches what was recorded at seal time. This is the foundation for measured boot, disk encryption key protection, and platform attestation. […]
Read MoreMore TagBringing wolfHSM to STM32H5 TrustZone: Production-Grade HSM on a Cortex-M33
From Automotive HSM to IoT When most people hear about Hardware Security Modules, they tend to think of the automotive industry. wolfHSM has spent years proving itself on Infineon AURIX TC3xx, ST SPC58, and similar high-end automotive parts, where a dedicated HSM core stands guard over keys, signing, and secure boot inside vehicles shipping at […]
Read MoreMore TagThe First Firmware TPM with Post-Quantum Cryptography
ML-DSA and ML-KEM for Software TPM 2.0 on Embedded Targets A First in Embedded Security: Post-Quantum Firmware TPM wolfSSL is excited to announce that our firmware TPM (fPM), a software TPM 2.0 implementation built on wolfCrypt, will be among the first firmware TPMs with post-quantum cryptography support, implementing the new TCG TPM 2.0 Library Specification […]
Read MoreMore TagLive Webinar – wolfIP: Deterministic TCP/IP for Safety-Critical Embedded Systems
Many TCP/IP stacks rely on dynamic memory allocation, background threads, and unpredictable resource usage, making them difficult to analyze, certify, and deploy in constrained embedded systems. Join us for the first official webinar introducing wolfIP, a compact and deterministic TCP/IP stack designed specifically for embedded, real-time, and safety-critical environments. Register now: wolfIP: Deterministic TCP/IP for […]
Read MoreMore TagSecure Networking on STM32H5 with the wolfIP TCP/IP Stack
Run secure TCP/IP networking on STM32H5 microcontrollers without exceeding MCU resource limits. Join our webinar to see how the STM32H5 microcontroller and the wolfIP TCP/IP stack work together to enable secure networking on constrained MCU systems. Register now: Secure Networking on STM32H5 with the wolfIP TCP/IP Stack Date: May 6 | 9 AM PT The […]
Read MoreMore TagExpanded AIA Support in wolfSSL
We recently added new functionality that improves how wolfSSL handles Authority Information Access (AIA) certificate data. AIA is an X.509 certificate extension that tells clients where to find related validation resources, typically OCSP responder URLs (for revocation status checks) and CA Issuers URLs (for downloading issuer certificates), defined in RFC 4325. In practice, this helps […]
Read MoreMore Tagwolfssl-wolfcrypt Rust Crate Version 1.1.0 Released with FIPS Support
We are excited to announce the immediate availability of version 1.1.0 of the wolfssl-wolfcrypt Rust crate! This update is a big milestone, bringing official support for wolfSSL FIPS-enabled cryptography to the Rust ecosystem. Getting started with wolfSSL? Download the latest libraries here and start exploring. Key Highlights The new version focuses on providing robust, validated […]
Read MoreMore Tag