Secure boot architectures require more than just the presence of a TPM; they require a high-performance communication interface and a mechanism for lifecycle management. wolfSSL has updated wolfTPM and U-Boot to support native Hardware SPI communication and direct TPM 2.0 firmware updates for the Raspberry Pi 4. These changes move away from generic software-based implementations, […]
Read MoreMore TagCategory: wolfTPM
Announcing wolfTPM Firmware TPM (fTPM) Support
wolfSSL is excited to announce firmware TPM (fTPM) support in wolfTPM — a production-ready, open-source, embedded firmware TPM 2.0 implementation built on wolfCrypt. wolfTPM fTPM fills a critical gap in embedded security: teams that need software-based TPM services on MCUs and SoCs can now use an open-source implementation with commercial support, portable platform integration, and […]
Read MoreMore TagWhat Is the Difference Between HSM, TPM, Secure Enclave, and Secure Element or Hardware Root of Trust?
HSMs, TPMs, Secure Enclaves, and Secure Elements are all dedicated security components that exist to service other devices. While at a high level they have similar security goals and intentions (e.g. private key isolation), they are not the same things, and they do have important differences. This blog post will guide the reader through what […]
Read MoreMore TagMake Your TPM Speak PKCS#11: Enable Hardware-Backed Keys Without Rewriting Your App
Trusted Platform Modules (TPMs) are widely available on modern platforms and provide a strong hardware-based root of trust for cryptographic keys. At the same time, many applications already rely on the PKCS#11 API to interact with Hardware Security Modules (HSMs) and other secure key stores. Bridging these two worlds allows developers to take advantage of […]
Read MoreMore TagwolfTPM Prepares for the Post Quantum Era
Enabling CNSA 2.0 Compliance with ML-DSA and ML-KEM in Hardware Security Modules The cryptographic landscape is rapidly evolving. With quantum computing advancing from theoretical to practical, organizations worldwide are racing to protect their systems against future quantum threats. The NSA’s Commercial National Security Algorithm Suite 2.0 (CNSA 2.0) has set clear timelines for transitioning to […]
Read MoreMore TagwolfTPM – Seamless Firmware Updates for STMicroelectronics ST33 TPMs
Maintaining the security and longevity of embedded systems requires the ability to update firmware reliably and securely. wolfSSL is excited to announce the addition of comprehensive firmware upgrade support for STMicroelectronics ST33KTPM2X modules within wolfTPM. This latest enhancement simplifies the complex process of Field Upgrades for ST33 TPMs, providing a unified API that handles version […]
Read MoreMore TagwolfTPM – Add TPM 2.0 v1.85 PQC Post-Quantum Support
As the cybersecurity landscape prepares for the advent of quantum computing, the Trusted Platform Module (TPM) ecosystem is evolving to meet these new challenges. wolfSSL is proud to announce that wolfTPM now includes initial support for the TPM 2.0 Library Specification v1.85, bringing Post-Quantum Cryptography (PQC) capabilities to your hardware-backed security workflows. This update introduces […]
Read MoreMore TagwolfTPM 3.10.0 Release: Security Fix, ESP32 Support & Improved Resource Management
wolfTPM 3.10.0 delivers a critical security fix, expanded embedded platform support, and enterprise-grade TPM resource management—empowering developers to build secure, scalable IoT and edge computing solutions with hardware-backed cryptography. Password Handling Fix A bug in the wolfTPM2_SetKeyAuthPassword() function introduced in v3.9.2 has been resolved. This API, primarily used by the C# wrapper, was incorrectly truncating […]
Read MoreMore TagKeystores and Secure Elements supported by wolfSSL
When looking to store your cryptographic secrets, it is important to have a good platform to store them on. Even more important is the ease of accessing and using those secrets. With wolfTPM, we have support for all TPM 2.0 APIs. Additionally we provide the following wrappers: Key Generation/Loading RSA encrypt/decrypt ECC sign/verify ECDH NV […]
Read MoreMore TagHow to Make Your TPM Talk PKCS11
TPM vs HSM, what’s the difference? Check out this blog post for more detailed. In a nutshell, TPMs are typically a dedicated chip included along side a main (host) processor and used for securing a single consumer electronics device. HSMs are external devices that can be used across multiple devices and systems, offering advanced cryptographic […]
Read MoreMore Tag