We are excited to announce wolfHAL, a new open-source project from wolfSSL. wolfHAL is a lightweight, OS-agnostic, compiler-agnostic hardware abstraction layer (HAL) for embedded targets, written in portable C. It sits between your application and the silicon, exposing a clean, uniform API for talking to peripherals such as GPIO, UART, SPI, I2C, DMA, flash, timers, RNG, cryptographic accelerators, and Ethernet, without your code ever needing to know which vendor’s registers are underneath.
A hardware abstraction layer (HAL) is exactly what the name suggests: a thin software layer that hides the device-specific details of a piece of hardware behind a generic interface. Instead of poking registers directly, your application calls whal_Uart_Send() or whal_Flash_Write(), and wolfHAL dispatches that call to the correct driver for the chip you are building for. Move to a different MCU and the application code stays the same. You only swap the board configuration and link against a different driver.
Why use wolfHAL?
- Portable application code: wolfHAL presents one uniform API across every supported platform. Code written against whal_Spi_*, whal_Gpio_*, or whal_Flash_* builds and runs unchanged when you retarget to a different MCU. Porting becomes a board-configuration exercise, not an application rewrite.
- No vendor lock-in: Because your application depends on the wolfHAL API rather than a particular vendor’s SDK, you are free to choose silicon on its merits, such as cost, availability, power, and performance, instead of staying on a part because that is where your driver code happens to live.
- Small, auditable, dependency-free C: wolfHAL is a source-level library with no dependencies beyond a C compiler and the standard stdint.h and stddef.h headers. There is no RTOS requirement and no heavyweight framework to pull in. That makes it a good fit for security-sensitive and certification-bound projects, where a small, reviewable codebase matters.
- Open source: Many vendor SDKs and HALs arrive as closed-source code or pre-compiled binary blobs that you cannot inspect, audit, or fix. wolfHAL is fully open source, so every driver is right there to read. When you hit a bug you can debug it down to the register access yourself instead of filing a ticket and waiting for the vendor’s next release, and security teams can review exactly what touches the hardware rather than trusting a black box. You are also free to study how a peripheral is brought up, extend a driver for your own needs, and contribute improvements back.
- We maintain the drivers, you focus on your application: Reading reference manuals and bringing up peripheral drivers is painstaking, error-prone work. wolfHAL lets the wolfSSL team carry that burden. We write and test the drivers against real hardware, so your engineers can spend their time on the product you are actually building.
Key Features
- Zero-overhead abstraction: This is the heart of wolfHAL: abstraction without an abstraction tax. By default, wolfHAL dispatches API calls through a per-device function-pointer table (a vtable), which lets multiple drivers of the same peripheral type, such as on-chip flash and an external SPI NOR flash, coexist in one build. But when an application uses only a single driver of a given type, it can opt into direct API mapping to bypass the vtable entirely, and into a single-instance mode that bakes the device’s base address and configuration in at compile time. With both enabled, the compiler can inline the call straight down to the register access and discard the unused dispatch layer, so the portability costs you nothing in code size or cycles on the hot path. You get a clean, portable API in source, and lean, direct hardware access in the compiled binary.
- OS-agnostic: wolfHAL makes no assumptions about a scheduler or operating system. It runs bare-metal, and it runs equally well underneath an RTOS.
- Compiler-agnostic: Plain, portable C with no compiler-specific extensions required, so it builds across GCC, Clang, and vendor toolchains.
- Hardware test framework: wolfHAL ships with a test suite that runs on real hardware. Each peripheral type has generic tests that exercise the common API plus platform-specific tests for vendor quirks, and external peripherals (SPI NOR flash, SD cards, IMUs, and the like) plug into the same framework.
- Ready-to-use example board configurations: Reference board support packages for a wide range of development boards are included, covering startup code, clock and peripheral initialization, linker scripts, and build configuration, so you can build and run on day one and use them as templates for your own hardware.
- Low overhead, top to bottom: Beyond the dispatch layer, wolfHAL is designed for the realities of embedded targets: no dynamic allocation in the core driver model, a tiny dependency footprint, and configuration options that let the compiler strip out everything you are not using.
Supported Platforms
wolfHAL already supports a broad range of Arm Cortex-M targets, spanning Cortex-M0 through Cortex-M55, with reference board configurations for each:
| Board | Platform | CPU |
|---|---|---|
| Microchip PIC32CZ CA Curiosity Ultra | PIC32CZ | Cortex-M7 |
| ST NUCLEO-C031C6 | STM32C0 | Cortex-M0+ |
| ST NUCLEO-F091RC | STM32F0 | Cortex-M0 |
| ST NUCLEO-F302R8 | STM32F3 | Cortex-M4 |
| WeAct BlackPill STM32F411 | STM32F4 | Cortex-M4 |
| ST NUCLEO-L152RE | STM32L1 | Cortex-M3 |
| ST NUCLEO-H563ZI | STM32H5 | Cortex-M33 |
| ST NUCLEO-U5A5ZJ-Q | STM32U5 | Cortex-M33 |
| ST NUCLEO-N657X0-Q | STM32N6 | Cortex-M55 |
| ST NUCLEO-WB55RG | STM32WB | Cortex-M4 |
| ST NUCLEO-WB05KZ | STM32WB0 | Cortex-M0+ |
| ST NUCLEO-WBA55CG | STM32WBA | Cortex-M33 |
Across these platforms, wolfHAL provides a growing catalog of peripheral device types, including:
- Communication: UART, SPI, I2C, Ethernet (MAC and PHY)
- GPIO and timers: GPIO, general-purpose timers, watchdogs
- Storage: on-chip flash, SPI NOR flash, block devices (SD/SDHC)
- Cryptography: hardware AES, hashing, public-key acceleration (PKA), and RNG
- System: clock trees, power management, DMA, inter-processor communication (IPC), and interrupt handling
- Sensors: an extensible sensor model, including IMU support
New platforms and peripheral types are being added on an ongoing basis, and the driver model is built to make porting to a new chip a well-defined, repeatable task.
How wolfHAL Fits Into the wolfSSL Ecosystem
wolfHAL was born out of the same need that drives the rest of our product line: secure, portable, well-tested embedded software. It is being woven into the wolfSSL ecosystem as a common hardware foundation.
Support for wolfHAL has already been merged into wolfBoot, our secure bootloader, giving wolfBoot a clean, uniform way to reach the underlying hardware across targets.
Integration is also in progress across several other wolfSSL products:
- wolfCrypt, to drive hardware cryptographic accelerators and RNG through a common interface.
- wolfHSM, our hardware security module framework.
- wolfTPM, our portable TPM 2.0 stack.
- wolfIP, our lightweight TCP/IP stack, which can sit on top of wolfHAL’s Ethernet drivers.
As these integrations land, wolfHAL becomes the shared hardware layer that lets the entire wolfSSL stack move between platforms with minimal friction.
Can I Use wolfHAL Outside of the wolfSSL Ecosystem?
Yes. While wolfHAL is a natural fit beneath our other products, it is designed and built as a general-purpose hardware abstraction layer, not a wolfSSL-only component. There is nothing in wolfHAL that ties it to the rest of the stack. You can drop it into any embedded C project that needs portable, dependable peripheral drivers, whether or not you use any other wolfSSL software.
Getting Started
wolfHAL is available now. The source, reference board configurations, examples, and documentation are all in the repository, and the included Getting Started guide walks through integrating wolfHAL into a bare-metal project from scratch, from adding the sources to wiring up your first board.
- Repository: github.com/wolfSSL/wolfHAL
- Getting Started guide: see docs/getting_started.md in the repository
If you have questions about wolfHAL, would like to see support for a particular microcontroller, or want to discuss how it fits into your project, please reach out. You can contact us at facts@wolfssl.com, call us at +1 425 245 8247, or open an issue on the repository. We would love to hear what you build with it.
Download wolfSSL Now