PRODUCTS

wolfTPM Portable TPM 2.0 Library

Trusted Platform Module (TPM, also known as ISO/IEC 11889) is an international standard for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys. Computer programs can use a TPM to authenticate hardware devices, since each TPM chip has a unique and secret RSA key burned in as it is produced.

wolfTPM is a portable TPM 2.0 project, designed for embedded use. It is highly portable, due to having been written in native C, having a single IO callback for SPI hardware interface, no external dependencies, and its compacted code with low resource usage.

Due to wolfTPM's portability, it is generally very easy to compile on new platforms.  If your desired platform is not listed as supported or you would like assistance porting wolfTPM, please contact wolfSSL at facts@wolfssl.com.

Download Now
Get the latest open source GPLv2 version now!

Version:  1.8.0
Release Date: 04/28/2020
View ChangeLog

Highlights

  • Provides all TPM 2.0 API’s in compliance with the specification.
  • Uses the TPM Interface Specification (TIS) to communicate over SPI.
  • Includes wrappers for Key Generation, RSA encrypt/decrypt, ECC sign/verify and ECDH, NV, Hashing/Hmac, and AES.

Portable

  • Native C code designed for embedded use.
  • Single IO callback for hardware SPI interface.
  • No external dependencies.
  • Compact code size and minimal memory use.

Platform and Language Support

wolfTPM is built for maximum portability and is generally very easy to compile on new platforms.  If your desired platform is not listed under the supported operating environments, please contact us.

wolfTPM supports the C programming language as a primary interface. If you have interest in using wolfTPM in another programming language that it does not currently supported, please contact us.

Commercial Support

Support packages for wolfTPM are available on an annual basis directly from wolfSSL.  With three different package options, you can compare them side-by-side and choose the package that best fits your specific needs.  Please see our Support Packages page for more details or contact us with any questions.

wolfSSL Training Course

Interested in getting trained by security experts on subjects related to wolfSSL and SSL/TLS?  Learn more.

Features

  • This implementation provides all TPM 2.0 API’s in compliance with the specification.
  • This uses the TPM Interface Specification (TIS) to communicate over SPI.
  • The design allows for easy portability to different platforms:
    • Native C code designed for embedded use.
    • Single IO callback for hardware SPI interface.
    • No external dependencies.
    • Compact code size and minimal memory use.
  • Examples for the Raspberry Pi and STM32 with CubeMX.
  • Includes example code for:
    • Most TPM2 native API’s
    • All TPM2 wrapper API's
    • PKCS#7
    • Certificate Signing Request (CSR)
    • TLS Client
    • TLS Server
    • Benchmarking TPM algorithms and TLS
  • Includes wrappers for Key Generation, RSA encrypt/decrypt, ECC sign/verify, ECDH, NV, Hashing/Hmac, and AES.
  • Testing done using the following TPM 2.0 modules:
    • Infineon OPTIGA (TM) Trusted Platform Module 2.0 SLB 9670
    • LetsTrust Compact Raspberry Pi TPM 2.0 board based on Infineon SLB 9670
    • ST ST33TP* TPM 2.0 module (SPI and I2C)
    • Microchip ATTPM20
    • Nations Technologies Inc. TPM 2.0
  • Symmetric AES encrypt/decrypt

Supported Chipmakers

Supported Operating Environments

  • Platform support for Raspberry Pi, STM32 with CubeMX, Atmel ASF and Barebox.
  • If you would like to test wolfTPM on another environment, let us know and we’ll be happy to support you.

Device Identification

Device identification details for supported platforms:

Infineon SLB9670: TIS: TPM2: Caps 0x30000697, Did 0x001b, Vid 0x15d1, Rid 0x10 Mfg IFX (1), Vendor SLB9670, Fw 7.85 (4555), FIPS 140-2 1, CC-EAL4 1

ST ST33TP SPI TPM2: Caps 0x1a7e2882, Did 0x0000, Vid 0x104a, Rid 0x4e Mfg STM (2), Vendor , Fw 74.8 (1151341959), FIPS 140-2 1, CC-EAL4 0

Microchip ATTPM20 TPM2: Caps 0x30000695, Did 0x3205, Vid 0x1114, Rid 0x 1 Mfg MCHP (3), Vendor , Fw 512.20481 (0), FIPS 140-2 0, CC-EAL4 0

Nations Technologies Inc. TPM 2.0 module Mfg NTZ (0), Vendor Z32H330, Fw 7.51 (419631892), FIPS 140-2 0, CC-EAL4 0

Licensing and Ordering:

wolfTPM is dual licensed under both the GPLv2 and commercial licensing.  For more information, please see the following links.