• Firmware TPM (fwTPM) – a portable TPM 2.0 built on wolfCrypt.

• SPDM Secured Transport – encrypted host-to-TPM communication.

• ST33 TPM 2.0 Firmware Update – new update tool for STMicro ST33KTPM2X.

All three are powered by the same wolfCrypt engine trusted in FIPS 140-3 and DO-178C DAL A deployments.

Feature 1: Firmware TPM (fwTPM)
The fwTPM is a portable TPM 2.0 command processor. It is implemented entirely on top of wolfCrypt. It covers 105 of 113 commands in the TPM 2.0 v1.38 specification (93%). The full object, session, policy, attestation, PCR, and NV families are included.

Use it as a drop-in replacement for a discrete TPM chip. Or use it in CI as a replacement for external simulators like the Microsoft TPM simulator and IBM swTPM.

Why It Matters

• Reduce BOM and physical attack surface. Parts that never shipped with a TPM can now gain TPM services. No extra chip. No exposed bus.

• Portability. The same fwTPM runs on a Cortex-M in TrustZone, a dedicated RPU on an MPSoC, a hardened RISC-V core, or an FPGA soft core.

• Supply-chain integrity. Your TPM becomes part of your signed firmware image. No separate silicon vendor in the trust path.

• Same crypto you already trust. RSA, ECC, SHA-2/3, AES, and HMAC all come from the FIPS 140-3 wolfCrypt module, qualifiable to DO-178C DAL A for avionics.

Where fwTPM Runs

fwTPM is designed to live in an isolated execution environment. Proven homes include:

• Microchip PolarFire SoC (MPFS250T) – Run in FPGA with Mi-V RISC-V soft-core or run in a dedicated core (E51 Monitor or U54)

• Arm TrustZone-M. Reference port on STMicro STM32H5 (NUCLEO-H563ZI). TrustZone-M gives isolated code, data, flash, and crypto peripherals.

• AMD/Xilinx Zynq UltraScale+ MPSoC and Versal Gen 1 / Gen 2. Multiple deployment options on the same part: Arm TrustZone on the APU, a dedicated Cortex-R5F (UltraScale+) or R52 (Versal Gen 2) on the RPU, or a MicroBlaze V (RISC-V) soft core.

• AMD Spartan UltraScale+ (MicroBlaze V or Cortex-M1 soft core)

• Altera Agilex 5 (Nios V soft core). TPM functionality entirely inside programmable logic.

Integration

• Transports: Socket mssim or swtpm (auto detected), shared memory IO and register-level TIS for bare-metal SPI, I2C or UART.

• NV storage: File-backed on hosted systems. HAL callback for embedded flash. TLV journal format suits wear-levelled flash.

• Footprint knobs: Features can be disabled if not required to reduce code size. Attestation, Policy, NV, Credential, Dictionary Attack.

Feature 2: SPDM Secured Transport
When a TPM speaks to its host over a PCB trace, that trace is attackable. SPDM closes the gap. Commands and responses ride over a vendor-defined TCG channel. The channel is encrypted with AES-256-GCM and integrity-checked on every packet.

What’s New

• Vendors: Nuvoton NPCT75x and Nations Technologies NS350. (More coming soon)

• Session modes:
  

  • Identity-key mode over ECDH P-384, on both NPCT75x and NS350.

  • PSK mode on NS350.

• Auto-connect with SPDM-only lock-down. Once locked, wolfTPM establishes the encrypted session on every open. Plaintext commands are rejected.

• New spdm_ctrl utility. Full lifecycle: enable, disable, provision PSK, clear PSK, lock, unlock.

Why It Matters
Anywhere the TPM is physically accessible – servers in colocation, defense platforms, medical devices, industrial controllers, in-vehicle ECUs – SPDM closes the last-inch attack surface.

Feature 3: ST33 TPM 2.0 Firmware Update
STMicro’s ST33KTPM2X introduced a new Generation 2 firmware format using LMS signing. wolfTPM v4.0.0 adds the st33_fw_update example tool for supporting firmware updates on older Gen 1 and newer Gen 2 firmware versions. See examples/firmware/README.md for usage.

Other v4.0.0 Release Improvements

New HALs

• Raspberry Pi 4 hardware SPI

• U-Boot (tpm_io_uboot.c)

• Espressif ESP-IDF SPI

• Linux auto-detection between /dev/tpmX and direct SPI

Hardening

• Fenrir and Coverity findings addressed across tpm2_wrap, tpm2_packet, tpm2_asn, NV, session auth, SPDM, and fwTPM paths.

• ForceZero on every sensitive stack buffer.

• Constant-time export for ECDH shared secrets and ECC signature r/s.

• Short-circuit OR removed from all auth paths.

• Bounds checks and NULL-deref guards across ASN.1, PCR, and key-load code.

CI

• ASan and UBSan sanitizer jobs.

• Pedantic gcc and clang matrices.

• macOS and Windows fwTPM builds.

• Weekly libFuzzer plus per-PR smoke.

Coming Soon: TPM 2.0 v1.85 Post-Quantum

Right behind this release. Post-quantum algorithms from TPM 2.0 v1.85 are landing in both the fwTPM server and the wolfTPM client library:

• ML-KEM (Kyber) for key encapsulation

• ML-DSA (Dilithium) for signatures

Why now? Harvest-Now-Decrypt-Later (HNDL) mitigation for long-lived device identity keys. Deploy fwTPM today. Get a drop-in PQC upgrade path without respinning silicon.

Getting Started

git clone https://github.com/wolfSSL/wolfTPM.git
cd wolfTPM
git checkout v4.0.0
./configure --enable-fwtpm
make && make check

• Source and tag: https://github.com/wolfSSL/wolfTPM (tag v4.0.0)

• Changelog: ChangeLog.md

• fwTPM deep-dive: src/fwtpm/README.md

• SPDM deep-dive: src/spdm/README.md

• ST33 firmware update: examples/firmware/README.md

For commercial licensing, FIPS 140-3 integration, DO-178C DAL A qualification kits, custom HAL ports, or early access to the v1.85 PQC branch, contact facts@wolfssl.com or +1 425 245 8247.

Download wolfSSL Now