Keystores and Secure Elements supported by wolfSSL/wolfCrypt

When looking to store your cryptographic secrets, it is important to have a good platform to store them on. Even more important is the ease of accessing and using those secrets. With wolfTPM, we have already added support for the following platforms:

  • Raspberry Pi (Linux)
  • MMIO (Memory mapped IO)
  • STM32 with CubeMX
  • Atmel ASF
  • Xilinx (Ultrascale+ / Microblaze)
  • QNX
  • Infineon TriCore (TC2xx/TC3xx)
  • Barebox

These TPM (Trusted Platform Module) 2.0 modules are tested and running in the field:

  • Infineon OPTIGA SLB9670/SLB9672
  • Microchip ATTPM20
  • Nations Tech Z32H330TC
  • Nuvoton NPCT650/NPCT750

For direct Secure Element access, we have ports in wolfSSL for:

Wolfcrypt has support for the following:

For more detailed information on our supported hardware take a look at our Hardware Support list.

We also offer support for PKCS11 to interface to various HSMs like:

  • Infineon TriCore Aurix
  • Renesas RH850
  • ST SPC58

Wolfcrypt also gives support for PSA (Platform Security Architecture). This includes the following algorithms:

  • hashes: SHA-1, SHA-224, SHA-256
  • ECDH PK callbacks (P-256)
  • ECDSA PK callbacks (P-256)
  • RNG

Another product of interest could be wolfBoot, which – as the name suggests – is a bootloader that can use an HSM (Hardware Security Module) for validation and verification. It supports use of the ARM TrustZone technology. WolfBoot also supports all of the TPMs and secure elements listed above, as it inherits all of wolfCrypt’s capabilities. WolfBoot can also be used in an fTPM (Firmware TPM) environment where the bootloader code is running on the same device as the one providing TPM functionality.

If you have questions about any of the above, please contact us at, call us at +1 425 245 8247 or view our FAQ page.

Download wolfSSL Now