Category: wolfTPM

wolfTPM’s firmware TPM (fTPM) now includes an SPDM responder in fwtpm_server, adding an authenticated, encrypted transport between a host and the software TPM 2.0. It supports both TCG certificate mode and DMTF DSP0274 pre-shared-key (PSK) mode, and is merged in PR #510. A TPM for Environments Without Hardware TPM Support The fTPM is a full […]

Read MoreMore Tag

wolfTPM’s firmware TPM (fTPM) is a pure-software, TPM 2.0-compliant module that runs on any 32-bit or larger MCU or co-processor. No discrete TPM chip required. No I2C/SPI bus to manage. Same TPM2_* API on the application side as a hardware TPM, but the TPM logic is yours to place, isolate, and certify alongside the rest […]

Read MoreMore Tag

wolfTPM supports any TPM 2.0 compliant TPM as well as TPM 2.0 modules on all AMD Xilinx platforms, including ZynqMP UltraScale+, Versal Gen 1 and Gen 2, Zynq-7000, and Kria SOM. It enables measured boot and a strong hardware root of trust, and includes standard TPM features such as secret sealing for encrypted file systems, […]

Read MoreMore Tag

Post-Quantum Support Is Here wolfTPM is available with post-quantum cryptography support added through the TCG TPM 2.0 Library Specification v1.85. ML-DSA (FIPS 204) signing and ML-KEM (FIPS 203) key encapsulation are now supported by the wolfTPM client library against any v1.85-capable TPM 2.0 target. The work merged in PR #445. New v1.85 Commands The following […]

Read MoreMore Tag

Full Release Overview wolfTPM’s firmware TPM (fTPM) is available with full TCG TPM 2.0 Library Specification v1.85 post-quantum support. This release adds the eight new v1.85 commands, the ML-DSA and ML-KEM algorithm structures, and supporting infrastructure (examples, unit tests, NIST ACVP known-answer-tests, a libFuzzer harness) to wolfSSL’s portable software TPM 2.0 implementation. The work merged […]

Read MoreMore Tag

When looking to store your cryptographic secrets, it is important to have a good platform to store them on. Even more important is the ease of accessing and using those secrets. With wolfTPM, we have support for all TPM 2.0 APIs. Additionally, we provide the following wrappers: Key Generation/Loading RSA encrypt/decrypt ECC sign/verify ECDH NV […]

Read MoreMore Tag

ML-DSA and ML-KEM Support for TPM 2.0 Library Specification v1.85 Quantum-Safe TPM Operations Are on the Way wolfSSL is excited to announce that post-quantum cryptography (PQC) support is coming to wolfTPM. wolfTPM will be among the first TPM 2.0 libraries to implement the newly-published TCG TPM 2.0 Library Specification v1.85, which adds the NIST-standardized post-quantum […]

Read MoreMore Tag

Post-Quantum Firmware TPM Is Here wolfTPM’s firmware TPM (fwTPM) is available with post-quantum cryptography support added through the TCG TPM 2.0 Library Specification v1.85. fwTPM is wolfSSL’s portable software TPM 2.0 implementation, built on wolfCrypt and intended for products that need a TPM 2.0 interface without a discrete TPM chip. The post-quantum work merged in […]

Read MoreMore Tag

Background: TPM 2.0 Sealing and PCR Policies TPM 2.0 sealing binds a secret to a set of Platform Configuration Register (PCR) values. The TPM will only release the secret when the current PCR state matches what was recorded at seal time. This is the foundation for measured boot, disk encryption key protection, and platform attestation. […]

Read MoreMore Tag