uncategorized wolftpm

Announcing wolfTPM v4.0.0

shizuka

wolfTPM v4.0.0 is our largest release to date. It delivers three headline capabilities:

**Firmware TPM (fwTPM)** - a portable TPM 2.0 built on wolfCrypt.

**SPDM Secured Transport** - encrypted host-to-TPM communication.

**ST33 TPM 2.0 Firmware Update** - new update tool for STMicro ST33KTPM2X.

All three are powered by the same wolfCrypt engine trusted in FIPS 140-3 and DO-178C DAL A deployments.

Feature 1: Firmware TPM (fwTPM)

The fwTPM is a portable TPM 2.0 command processor. It is implemented entirely on top of wolfCrypt. It covers 105 of 113 commands in the TPM 2.0 v1.38 specification (93%). The full object, session, policy, attestation, PCR, and NV families are included.

Use it as a drop-in replacement for a discrete TPM chip. Or use it in CI as a replacement for external simulators like the Microsoft TPM simulator and IBM swTPM.

Why It Matters

**Reduce BOM and physical attack surface**. Parts that never shipped with a TPM can now gain TPM services. No extra chip. No exposed bus.

**Portability**. The same fwTPM runs on a Cortex-M in TrustZone, a dedicated RPU on an MPSoC, a hardened RISC-V core, or an FPGA soft core.

**Supply-chain integrity**. Your TPM becomes part of your signed firmware image. No separate silicon vendor in the trust path.

**Same crypto you already trust**. RSA, ECC, SHA-2/3, AES, and HMAC all come from the FIPS 140-3 wolfCrypt module, qualifiable to DO-178C DAL A for avionics.

Where fwTPM Runs

fwTPM is designed to live in an isolated execution environment. Proven homes include:

**Microchip PolarFire SoC (MPFS250T)** - Run in FPGA with Mi-V RISC-V soft-core or run in a dedicated core (E51 Monitor or U54)

**Arm TrustZone-M**. Reference port on STMicro STM32H5 (NUCLEO-H563ZI). TrustZone-M gives isolated code, data, flash, and crypto peripherals.

**AMD/Xilinx Zynq UltraScale+ MPSoC and Versal Gen 1 / Gen 2**. Multiple deployment options on the same part: Arm TrustZone on the APU, a dedicated Cortex-R5F (UltraScale+) or R52 (Versal Gen 2) on the RPU, or a MicroBlaze V (RISC-V) soft core.

**AMD Spartan UltraScale+** (MicroBlaze V or Cortex-M1 soft core)

**Altera Agilex 5** (Nios V soft core). TPM functionality entirely inside programmable logic.

Integration

**Transports**: Socket mssim or swtpm (auto detected), shared memory IO and register-level TIS for bare-metal SPI, I2C or UART.

**NV storage**: File-backed on hosted systems. HAL callback for embedded flash. TLV journal format suits wear-levelled flash.

**Footprint knobs**: Features can be disabled if not required to reduce code size. Attestation, Policy, NV, Credential, Dictionary Attack.

Feature 2: SPDM Secured Transport

When a TPM speaks to its host over a PCB trace, that trace is attackable. SPDM closes the gap. Commands and responses ride over a vendor-defined TCG channel. The channel is encrypted with AES-256-GCM and integrity-checked on every packet.

What’s New

**Vendors**: Nuvoton NPCT75x and Nations Technologies NS350. (More coming soon)

**Session modes**:

Identity-key mode over ECDH P-384, on both NPCT75x and NS350.

PSK mode on NS350.

**Auto-connect with SPDM-only lock-down**. Once locked, wolfTPM establishes the encrypted session on every open. Plaintext commands are rejected.

**New spdm_ctrl utility**. Full lifecycle: enable, disable, provision PSK, clear PSK, lock, unlock.

Why It Matters

Anywhere the TPM is physically accessible - servers in colocation, defense platforms, medical devices, industrial controllers, in-vehicle ECUs - SPDM closes the last-inch attack surface.

Feature 3: ST33 TPM 2.0 Firmware Update

STMicro’s ST33KTPM2X introduced a new Generation 2 firmware format using LMS signing. wolfTPM v4.0.0 adds the st33_fw_update example tool for supporting firmware updates on older Gen 1 and newer Gen 2 firmware versions. See examples/firmware/README.md for usage.

Other v4.0.0 Release Improvements

New HALs

Raspberry Pi 4 hardware SPI

U-Boot (tpm_io_uboot.c)

Espressif ESP-IDF SPI

Linux auto-detection between /dev/tpmX and direct SPI

Hardening

Fenrir and Coverity findings addressed across tpm2_wrap, tpm2_packet, tpm2_asn, NV, session auth, SPDM, and fwTPM paths.

ForceZero on every sensitive stack buffer.

Constant-time export for ECDH shared secrets and ECC signature r/s.

Short-circuit OR removed from all auth paths.

Bounds checks and NULL-deref guards across ASN.1, PCR, and key-load code.

CI

ASan and UBSan sanitizer jobs.

Pedantic gcc and clang matrices.

macOS and Windows fwTPM builds.

Weekly libFuzzer plus per-PR smoke.

Coming Soon: TPM 2.0 v1.85 Post-Quantum

Right behind this release. Post-quantum algorithms from TPM 2.0 v1.85 are landing in both the fwTPM server and the wolfTPM client library:

**ML-KEM (Kyber)** for key encapsulation

**ML-DSA (Dilithium)** for signatures

Why now? Harvest-Now-Decrypt-Later (HNDL) mitigation for long-lived device identity keys. Deploy fwTPM today. Get a drop-in PQC upgrade path without respinning silicon.

Getting Started


git clone https://github.com/wolfSSL/wolfTPM.git
cd wolfTPM
git checkout v4.0.0
./configure --enable-fwtpm
make && make check


Source and tag: [https://github.com/wolfSSL/wolfTPM](https://github.com/wolfSSL/wolfTPM) (tag v4.0.0)

[Changelog](https://github.com/wolfSSL/wolfTPM/blob/master/ChangeLog.md): ChangeLog.md

[fwTPM deep-dive](https://github.com/wolfSSL/wolfTPM/blob/master/src/fwtpm/README.md): src/fwtpm/README.md

[SPDM deep-dive](https://github.com/wolfSSL/wolfTPM/blob/master/src/spdm/README.md): src/spdm/README.md

[ST33 firmware update](https://github.com/wolfSSL/wolfTPM/blob/master/examples/firmware/README.md): examples/firmware/README.md

For commercial licensing, FIPS 140-3 integration, DO-178C DAL A qualification kits, custom HAL ports, or early access to the v1.85 PQC branch, contact facts@wolfssl.com or +1 425 245 8247.

Download wolfSSL Now