wolfTPM Release 4.0.0 (Apr 22, 2026)

Summary

Major release with three new features:

1. Firmware TPM 2.0 (fwTPM): a portable TPM 2.0 command processor built on wolfCrypt, usable as a replacement for a discrete TPM chip or as a CI/development replacement for external simulators.
2. SPDM secured transport: secure vendor-defined TCG command communication with Nuvoton NPCT75x and Nations NS350 TPM modules.
3. ST33KTPM2X firmware update: automatic format detection for both Generation 1 (non-LMS) and Generation 2 (LMS-signed) ST33KTPM firmware.

Also includes new seal/unseal examples, additional platform/HAL support, extensive security hardening (Fenrir and Coverity), CI sanitizer coverage, and deprecation of OPENSTM32.

Detail

• Firmware TPM 2.0 (fwTPM) implementation (PR #474)
  • Portable TPM 2.0 server built on wolfCrypt (RSA, ECC, SHA, AES, HMAC)
  • 105/113 TPM 2.0 v1.38 commands implemented (93%)
  • Socket transport (Microsoft TPM simulator protocol) and TIS transport
  • File-based or HAL-callback NV storage; HAL abstraction for IO
  • New configure options: --enable-fwtpm and --enable-fwtpm-only
  • New feature macros: FWTPM_NO_NV, FWTPM_NO_ATTESTATION, FWTPM_NO_POLICY, FWTPM_NO_DA
  • Full CI coverage: fwtpm-test.yml (11 matrix entries), fuzz.yml (weekly + per-PR smoke)
  • macOS and Windows build support with network-namespace isolation for Linux CI
• SPDM secured transport for Nuvoton NPCT75x and Nations NS350 (PR #458)
  • Generic WOLFTPM_SPDM_TCG guard replaces per-vendor conditionals
  • Vendor-defined TCG commands with VdCode validation
  • PSK mode and identity-key mode with auto-connect
  • Hardware test CI workflow split across self-hosted runners
  • Added spdm_ctrl utility (renamed from spdm_demo)
• STMicro ST33KTPM2X firmware update with LMS support (PR #446)
  • New st33_fw_update example tool for ST33KTPM firmware updates
  • Automatic firmware format detection based on TPM firmware version from fwVerMinor
  • Generation 1 firmware (< 512, e.g. 9.257): Non-LMS format, 177-byte manifest, ECC-only
  • Generation 2 firmware (>= 512, e.g. 9.512): LMS format, 2697-byte manifest with embedded LMS signature (LMS mandatory)
  • No manual format selection required - manifest size chosen automatically
  • See examples/firmware/README.md "ST33 Firmware Update" for usage
• Seal/unseal examples with PCR, PolicyAuthorize, and NV policies (PR #464)
  • Seal/unseal with PCR and policy authorization
  • NV-based seal example with real parameter encryption (XOR and AES-CFB)
  • New seal-test.yml CI workflow
• Platform and HAL additions
  • Raspberry Pi 4 hardware SPI support (PR #451)
  • U-Boot HAL (tpm_io_uboot.c)
  • Espressif ESP-IDF HAL SPI
  • Linux auto-detection between /dev/tpmX and direct SPI at runtime
• Configure behavior change
  • On Linux x86_64/aarch64, --enable-fwtpm and --enable-swtpm now
    default to enabled when no hardware path is selected, so plain
    ./configure && make check works out of the box without external
    simulators
  • New --enable-spi intent flag: pass it for hardware SPI builds to
    suppress the swTPM/fwTPM auto-enable defaults (mutually exclusive
    with --enable-i2c)
  • --disable-wolfcrypt now auto-disables fwTPM (fwTPM requires
    wolfCrypt) so the legacy ./configure --disable-wolfcrypt && make
    works without also passing --disable-fwtpm
• Crypto callback and signing
  • TPM support for wc_SignCert_cb callback API (PR #450)
  • Fix for wolfTPM2_SignHash to return padded r/s, improved ECDSA P521 handling, added ECDSA tests with crypto callbacks (ZD20777)
• Security hardening
  • Fenrir findings addressed across tpm2_wrap, tpm2_packet, tpm2_asn, NV, session auth, SPDM, and fwtpm paths
  • ForceZero on sensitive stack buffers (auth passwords, keyBlob, ECC/RSA private material, symmetric seeds, derived identity digests, NV read/write buffers, PSS padded buffers, session auth)
  • Constant-time export for ECDH shared secret and ECC signature r/s
  • Removed short-circuit OR in auth paths (HMAC verification, policy digest checks, ticket HMAC, ticket cpHashA, policy NV, PolicyPassword, credential unwrap, RSA-PKCS1v1.5)
  • Bounds checks for TPM2_Packet_AppendPCR count/sizeofSelect, ASN.1 BIT STRING length, X.509 version, BER indefinite length, wolfTPM2_UnloadHandles handle-range overflow
  • NULL-deref guards in wolfTPM2_LoadRsaPrivateKey_ex, wolfTPM2_LoadEccPrivateKey, wolfTPM2_NVCreateAuthPolicy, wolfTPM2_EncryptDecryptBlock (reject NULL IV for non-ECB, oversized IV)
  • Scaled AES key size to RSA key strength in wolfTPM2_ImportRsaPrivateKeySeed; scaled session AES key size to match authHash in wolfTPM2_StartSession
  • Return BUFFER_E instead of silently truncating auth values in wolfTPM2_SetAuth, wolfTPM2_CreateKey, wolfTPM2_ChangeAuthKey, wolfTPM2_SetAuthHandleName, wolfTPM2_CreatePrimaryKey_ex, wolfTPM2_CreateLoadedKey, wolfTPM2_PolicyPassword
  • Removed sensitive auth and key material from debug output; added WOLFTPM_DEBUG_SECRETS opt-in macro for developer-only printing
  • Moved auth size mismatch check outside DEBUG_WOLFTPM guard so it executes in all builds
• Coverity and static analysis
  • New Coverity CI workflow (PR #444)
  • Fixed H-35, M-74, M-75 (PR #465)
  • DEADCODE CID 900621 and related fixes
• CI improvements
  • Added ASan and UBSan sanitizers (PR #454)
  • Pedantic gcc and pedantic clang build matrices
  • macOS CI for fwTPM
  • Windows build support for fwTPM
  • Split hardware SPDM CI across multiple self-hosted runners
  • Added unit tests for name/hash KATs, KDFa test vectors (ATH/SECRET/DUPLICATE labels), ParamEnc/Dec roundtrip, persistent-handle range checks, ComputeName, HashNvPublic, PolicyHash boundary, policy auth value offset
• Marshaling and packet fixes
  • TPM_ALG_NULL handling for inScheme serialization in Certify, CertifyCreation, Quote, GetSessionAuditDigest, GetCommandAuditDigest, GetTime, NV_Certify
  • Added TPM2_Packet_AppendSymmetric/ParseSymmetric for SYMCIPHER case
  • Fixed ECC ECDAA scheme serialization missing count field, RSA RSAES spurious hashAlg, TPM2_Sign ECDAA count
  • Added SM3_256 and SHA3 digest sizes to TPM2_GetHashDigestSize
  • Added ECSCHNORR and SM2 signature serialization
  • Added kdf field to TPMT_KEYEDHASH_SCHEME XOR serialization
  • Added TPM2_Packet_ParseSensitive counterpart and roundtrip test
  • Documented pub->size mutation side effect in TPM2_Packet_AppendPublic
• Bug fixes
  • Fixed TLS ECDH curve mismatch in CI (PR #473)
  • Added missing unistd.h include causing regressions in wolfBoot tpmtools (PR #471)
  • Avoid nanosleep on non-Linux builds (PR #472)
  • Fixed MAX_CONTEXT_SIZE stack buffer in CSR PEM using heap for small-stack builds (PR #460)
  • Fixed AddressSanitizer warning for overlapping memcpy (use memmove) in wolfTPM2_USE_SW_ECDHE path
  • Proper guarding for LINUX_DEV, SWTPM, and WINAPI (PR #466)
  • Added error returns in TPM2_IoCb_Zephyr_I2C
  • Improved error logging when wolfTPM2_Init fails
  • Used mp_to_unsigned_bin_len (not _ct) for portability across wolfSSL builds
• Deprecated / removed
  • OPENSTM32 platform support removed (PR #479)

wolfTPM Release 3.10.0 (Dec 4, 2025)

Summary

This release includes important bug fixes for password handling, hash algorithm selection, and TLS shutdown. Enhanced CMake support with TPM module selection. Improved Linux TPM resource manager handling. Security improvements for HMAC validation and payload length checks. Various build system improvements and test enhancements.

Detail

• Fixes for minor Coverity reports (PR #441)
• Fixed critical bug in password handling (PR #439)
  • Fixed wolfTPM2_SetKeyAuthPassword that was truncating password to 2 bytes (bug introduced in PR #427 and release v3.9.2)
  • Added test to catch this and verified no other similar issues exist
• Added Espressif HAL SPI support (PR #386)
• Enhanced CMake support and TPM module selection (PR #438)
  • Added CMake support for choosing a TPM module
  • Finished CMake options to sync with configure
  • Further improvements to CMake interfaces and test scripts
• Security improvements for TPM response validation (PR #437)
  • Validate TPM2_GetProductInfo payload length to avoid signed underflow and out-of-bounds access
  • Enforce TPM response HMAC length checks to reject zero-length or mismatched response HMACs for authenticated sessions
• Added Linux TPM Resource Manager support (PR #435, #434)
  • Added persistent access to /dev/tpmrmX (enabled with WOLFTPM_USE_TPMRM)
  • Fixed TPM Linux read() error return code handling
• Fixed crypto callback and hash algorithm selection (PR #433)
  • Fixed crypto callback to return CRYPTOCB_UNAVAILABLE when a TPM key is not set
  • Fixed to use curve type to determine hash type not digest size
• Improved signature verification hash detection (PR #432)
  • Fixed TPM2_VerifySignature to detect correct hash algorithm
  • Added more test cases for signature verification
• Improved TLS bidirectional shutdown (PR #431)
  • Improved the TLS bidirectional shutdown
  • Fixed for missing WC_PK_TYPE_RSA_GET_SIZE in older releases
• Fixed CMake lock options (PR #430)
  • Fixed backward yes/no logic of WOLFTPM_NO_LOCK_DEFAULT
  • Fixed if check statement of WOLFTPM_NO_LOCK
  • Updated default logic for WOLFTPM_NO_LOCK depending on state of WOLFTPM_SINGLE_THREADED
• Build system and testing improvements
  • Added new make cppcheck option with fixes for cppcheck
  • Fixed issue with possible use of uninitialized rc in TPM2_GetNonceNoLock
  • Fixed for build and testing with --enable-infineon=9670 with additional build tests
  • Support for swtpm port arguments
  • Split up the make tests into matrix (improve test time)
• Various spelling fixes and code cleanup

wolfTPM Release 3.9.2 (July 30, 2025)

Summary

This release includes a security fix for possible buffer overflow in RSA key export functionality. It also adds new key wrapping API's to support exporting the encrypted private key along with crypto callback improvements. Fixes to support TPM2 signing/verification with smaller digest input sizes. Addition of a new HMAC example. Switch to GPLv3.

Vulnerabilities

[Medium CVE-2025-7844]: wolfTPM library wrapper function wolfTPM2_RsaKey_TpmToWolf copies external data to a fixed-size stack buffer without length validation potentially causing stack-based buffer overflow

Exporting a TPM based RSA key larger than 2048 bits from the TPM could overrun a stack buffer if the default MAX_RSA_KEY_BITS=2048 is used. If your TPM 2.0 module supports RSA key sizes larger than 2048 bit and your applications supports creating or importing an RSA private or public key larger than 2048 bits and your application calls wolfTPM2_RsaKey_TpmToWolf on that key, then a stack buffer could be overrun. If the MAX_RSA_KEY_BITS build-time macro is set correctly (RSA bits match what TPM hardware is capable of) for the hardware target, then a stack overrun is not possible.

Fixed in PR #427.

Detail

• Improvements for key creation and exporting encrypted private key (PR #428)
  • Added helpers for importing external private keys and creating encrypted key blobs (see wolfTPM2_CreateRsaKeyBlob and wolfTPM2_CreateEccKeyBlob)
  • Added support for crypto callback key generation that exports encrypted private portion (see TpmCryptoDevCtx.ecdsaKey)
  • Added a few missing FIPS unlock/lock on private key access (required with wolfCrypt FIPS)
  • Improved crypto callback key generation hash algorithm selection
  • Fixed WOLFTPM2_USE_SW_ECDHE build option and added CI tests
  • Cleaned up the user_settings.h logic between wolfTPM and wolfSSL.
• Fixed buffer overrun and security issues (PR #427)
  • Fixed possible buffer overrun issues with RSA key export where wolfCrypt max key size doesn't match TPM support (see CVE-2025-7844)
  • Fixed RSA encrypt/decrypt buffer size check logic
  • Fixed TPM2_GetWolfRng to ensure NULL is set on RNG init error
  • Added better defaults for SLB9672/SLB9673
  • Fixed LABEL_MAX_BUFFER and removed duplicate MAX_ECC_KEY_BYTES
  • Implemented address sanitizer CI test
• Improved the detection of maximum HASH_COUNT (PR #426 and #427)
• Enhanced HMAC support with persistent keys (PR #422)
  • Added example for HMAC with persistent key (see examples/wrap/hmac)
• Improved crypto callback functionality (PR #421)
  • Added support for crypto callback WC_PK_TYPE_RSA_GET_SIZE
  • Fixed crypto callback fallback to software when no TPM key is setup
  • Fixed for WC_RNG change to add pid_t and added detection of HAVE_GETPID
• Enhanced thread safety and CMake support (PR #417, #420)
  • Fixed missing TPM2_ReleaseLock in TPM2_GetProductInfo
  • Refactored TPM2_GetNonce to support non-locking version for internal use
  • Improved CMake support for single threading, mutex locking and active thread local storage
  • Fixed CMake logic for WOLFTPM_NO_ACTIVE_THREAD_LS
  • Improved gActiveTPM detection for needing thread local
• Improved TPM signing and verification (PR #418)
  • Fixed logic for signing with input digest smaller than key size
  • Improved input digest size logic for TPM2_Sign and TPM2_Verify
  • Added test case with interop for signing
  • Exposed TPM2_ASN_TrimZeros
• Enhanced parsing and testing (PR #419)
  • Fixed TPM2_ParsePublic size argument
• Improved documentation (PR #424, #425)
  • Added TCG TPM to the SWTPM documentation
• Fixed build system issues (PR #423)
  • Fixed bug in configure.ac which breaks in Alpine

wolfTPM Release 3.9.1 (May 21, 2025)

Post release fixes (PR #415)

• Fixed commercial release bundle (missing tpm2_asn.h).
• Fixed wolfTPM DLL revision (was not updated in v3.9.0).
• Added make distcheck to GitHub CI.

wolfTPM Release 3.9.0 (May 14, 2025)

Summary

Added Zephyr Project support, U-Boot bootloader support, improved thread safety with mutex protection, and various bug fixes. Added support for optional authentication password in keygen and improved ASN.1 certificate parsing.

Detail

• Added Zephyr Project Port support (PR #395)
  • Added support for Zephyr RTOS integration
  • Added example for Zephyr TPM usage
• Added U-Boot bootloader support (PR #398)
  • Added support for Das U-Boot bootloader integration
  • Added documentation for U-Boot usage
• Improved thread safety and mutex protection (PR #410)
  • Added global mutex for concurrent thread usage
  • Added support for pthread static mutex with older wolfSSL versions
  • Added build option WOLFTPM_NO_ACTIVE_THREAD_LS to remove thread local on gActiveTPM
• Added keygen optional authentication password support (PR #409)
  • Added -auth=<yourpassword> option to keygen
  • Added test cases for AIK and default key generation
• Improved ASN.1 certificate parsing (PR #404, #408)
  • Added WOLFTPM2_NO_ASN build option
  • Refactored ASN.1 parsing for RSA certificates
  • Fixed ASN.1 certificate parsing issues
• Added EK Certificate Verification with TPM only (PR #394)
  • Added support for verifying EK certificates without wolfCrypt
  • Added example for ST33KTPM2X
• Fixed various issues:
  • Fixed possible handle leak in bench example (PR #412)
  • Fixed issue with wolfTPM2_Init_ex handling of TPM_RC_INITIALIZE (PR #401)
  • Fixed CSR version handling (PR #406)
  • Fixed location for TPM simulator /tmp (PR #398)
  • Fixed spelling and debug issues (PR #398)
  • Fixed run_examples.sh run.out location variable (PR #401)
• Added new API TPM2_GetHierarchyDesc for getting hierarchy descriptions (PR #410)
• Added test case for TPM2_GetAlgId (PR #398)
• Added missing doxygen documentation for public APIs (PR #401)
• Cleanups for autogen.sh and build system improvements (PR #396)

wolfTPM Release 3.8.0 (Jan 7, 2025)

Summary

Fixes for session auth on key bind and password policy. Added NV extend example used with Bus_Protection_Guidance. New wolfTPM2_NVExtend wrapper and example. Added new NV policy write/read wrapper API's used with policy auth

Detail

• Fixed issue with auth session binding. (PR #389)
• Fixed possible missing wc_GetPkcs8TraditionalOffset. (PR #392)
• Fixed issue with wolfTPM2_PolicyHash where input digest could be too large. (PR #389)
• Added example for NV extend based on the TCG "bus protection guidance". (PR #389)
• Added support for building wolfTPM against older wolfCrypt (like v4.7.0) including CI test. (PR #390)
• Added HAL IO support for Microchip I2C bit-bang (PR #340)
• Created separate tool (./examples/management/tpmclear) for performing the TPM2_Clear (don't use args in wrap_test). (PR #391)
• Switched wolfTPM2_LoadSymmetricKey to default to the WOLFTPM2_WRAP_DIGEST for hash algorithm and not default to SHA1 for some sizes. (PR #388)
• Improved TPM NV write debug logging to show before. (PR #392)
• Cleanup the SensitiveToPrivate function stack variables. (PR #388)
• Cleanup comments on EK/SRK. (PR #388)
• Various spellings, tabs, execute bit on .c and formatting. (PR #386, #388, #392)

wolfTPM Release 3.6.0 (Nov 5, 2024)

Summary

Release includes minor bug fixes and new features such as TPM provisioning of IDevID/IAK, improved capabilities parsing, new TPM2_Certify example, new wolfTPM2_CreatePrimaryKey_ex API for creation ticket and tested support with Nations NS350 TPM.

Detail

• Fixed issue with TPM2_SetupPCRSel and added test cases. (PR #372)
• Fixed RC_WARN error codes (broken in commit f983525). (PR #378)
• Fixed issue with RSA/ECC symmetric field (should only be populated with restricted/decrypt) (PR #375)
• Fixed examples/keygen/keygen -sym= argument. (PR #372)
• Fixed building wolfCrypt/wolfTPM without ECC or RSA and added tests. (PR #371)
• Fixed file descriptor check for /dev/tpm0 (PR #366)
• Fixed STM32 GPIO SPI CS control to use pin number as bit offset, not direct value (PR #380)
• Fixed issues building with no filesystem. (PR #374)
• Added support for parsing all capabilities from (TPM2_GetCapability) (PR #383)
• Added support for creation of IDevID or IAK with examples/keygen/create_primary. (PR #369)
• Added support for Nations NS350. (PR #382)
• Added example for TPM2_Certify (see examples/attestation/certify) (PR #369)
• Added new wolfTPM2_CreatePrimaryKey_ex and WOLFTPM2_PKEY that supports returning creation ticket/hash. (PR #369)
• Added key templates for initial device (IDevID) and attestation keys (IAK). (PR #369)
• Added new build option for TPM provisioning (--enable-provisioning on by default). (PR #369)
• Added simple capabilities example (examples/wrap/caps) (PR #382)
• Added example to manual verify quote with ECC signature. (PR #379)
• Added tests for policy seal/unseal with multiple PCR's. (PR #377)
• Added -alg argument for PCR extend (PR #383)
• Added helper to get wolfCrypt hash type TPM2_GetTpmHashType (PR #384)
• Added new policy hash helper API wolfTPM2_PolicyHash (PR #369)
• Added documentation for /dev/tpm0 permissions (PR #366)
• Improved the TPM TLS examples for use with WOLFTPM_MFG_IDENTITY (PR #376)
• Moved PTHREAD definition from options.h to config.h (avoids possible re-declaration issue) PR (#381)
• Switched handle/nvIndex string parsing to use strtoul. (PR #369)
• Various spelling and documentation cleanups. (PR #366 / PR #373)

wolfTPM Release 3.4.0 (July 30, 2024)

Summary

Added Endorsement Key Certificate support. Added support for NV read/write with policy. Added policy password support. Refactor of the session authentication structures.

Detail

• Added EK Certificate Support (PR #360)
  • Added new API's wolfTPM2_GetKeyTemplate_EK and wolfTPM2_GetKeyTemplate_EK for getting EK public templates used for generating the EK primary key.
  • Added examples/endorsement/get_ek_certs for showing how to retrieve and validate the manufacturers endorsement key certificates.
• Improvements to auth handling to support Policy Password and Policy Auth Value (PR #350)
  • Refactor to eliminate confusing cast between TPMS_AUTH_COMMAND and TPM2_AUTH_SESSION.
  • Support for policy auth value and policy password.
  • Add new NV policy write/read API's wolfTPM2_NVWriteAuthPolicy and wolfTPM2_NVReadAuthPolicy.
• Fixed ST33KTPM IAK/IDevID provisioning NV indexes. (PR #361)
• Fixed TLS example build issues with wolfSSL not having crypto callback or PK callback enabled. (PR #360)
• Fixed CSR version (use version 0) (PR #359)
• Fixed issue with Doxygen generation of wolfTPM due to doxybook2 crashing on unnamed enum. (PR #357)
• Fixed HMAC session save last (not typically used) (PR #355)
• Fixed Infineon I2C HAL gating logic (PR #347)
• Added documentation for IAK/IDevID build options. (PR #361)
• Added support for Espressif IDE (see IDE/Espressif) (PR #321)
• Added tests for create_primary (PR #345)
• Improved software TPM (docs/SWTPM.md) documentation (PR #348)

wolfTPM Release 3.2.0 (Apr 24, 2024)

Summary

Added TPM Firmware update support (Infineon SLB9672/SLB9673). Added support for pre-provisioned device identity keys/certificates (STMicro ST33). Fixed issue with sealing secret to prevent userWithAuth by default. Expanded the TPM get capabilities support.

Detail

• Added new API wolfTPM2_NVCreateAuthPolicy for allowing NV creation with policy (PR #344)
• Added Infineon firmware update recovery support (PR #342)
• Added support for Infineon Firmware upgrade (PR #339)
  • Added support for Infineon SLB9672/SLB9673 Firmware upgrade (see examples/firmware/README.md)
  • Added Infineon Modus Toolbox support. See wolfssl/IDE/Infineon/README.md for setup instructions.
  • Added support for Infineon CyHal I2C support.
  • Added Firmware extraction tool
  • Added Firmware update example application examples/firmware/ifx_fw_update.
  • Added support for vendor capabilities TPM_CAP_VENDOR_PROPERTY.
  • Added XSLEEP_MS macro for firmware update delay.
  • Added support for getting key group id, operational mode and update counts.
  • Added support for abandoning an update.
  • Added support for firmware update done, but not finalized
  • Added Infineon CyHal SPI support.
  • Fixed auto-detect to not define SLB9672/SLB9673.
• Fixed TLS examples to not use openssl compatibility macros (PR #341)
• Added ST33 support for pre-provisioned device identity key and certificate (PR #336)
  • Added support for pre-provisioned TPM using the "TPM 2.0 Keys for Device Identity and Attestation" specification. See build macro: WOLFTPM_MFG_IDENTITY.
  • Added example for using TPM pre-provisioned device identity to TLS client example.
  • Fixed ST33 vendor command to enable command codes (TPM2_SetCommandSet) (it requires platform auth to be set).
  • Added benchmarks for new ST33KTPM2XI2C.
  • Fixed 0x1XX error code parsing.
  • Fixed ST33 part descriptions.
  • Updated example certificates.
• Fixes for building wolfTPM examples with NO_FILESYSTEM (PR #338)
• Fixed crypto callback hashing return code initialization (PR #334)
• Updated documentation for Infineon SLB9673 (I2C) (PR #337)
• Fixed Documentation references for generated user manual (PR #335)
• Fixed netdb.h include (PR #333)
• Fixes for building with "-Wpedantic" (PR #332)
• Added new API wolfTPM2_GetHandles to get list of handles from the TPM capabilities. (PR #328)
• Fixed config.h, which should only be included from .c files, not headers. (PR #330/#331)
• Fixed CMake tests (PR #329)
• Fixed and improved secret sealing/unsealing (PR #327)
  • Do not set userWithAuth by default when creating sealed objects. That flag allows password auth for the sealed object. Without the flag it only allows policy auth.
  • Allow setting policy auth with flags.
  • Fix secret_unseal to use policy session and valid sealed name.
  • Added expected failure test cases for seal/unseal with policy.
  • Improve the run_examples.sh script
• Improved types for htons and byte swap (PR #326)
  • Match byte swap logic with wolfSSL (use WOLF_ALLOW_BUILTIN).
  • Remove unused XHTONS and arpa/inet.h.
• Improved STMicro product naming (PR #325)
• Improved the STM32Cube template (PR #324)
  • Setup so next pack can add small stack and transport options: WOLFTPM_CONF_SMALL_STACK and WOLFTPM_CONF_TRANSPORT (0=SPI, 1=I2C).
• Fixed build error with missing wc_RsaKeyToPublicDer_ex (PR #323)
• Improved the ECC macro checks for wc_EccPublicKeyToDer (PR #323)
• Added PKCS7 ECC support to example (PR #322)
  • Added wrapper function to export TPM public key as DER/ASN.1 or PEM.
  • Fixed for crypto callback ECC sign to handle getting keySz for unknown cases (like PKCS7 without privateKey set).
• Added expanded key template and cleanups (PR #321)
  • Fixed mixed variable declaration.
  • Added _ex version for GetKeyTemplate RSA/ECC to allow setting all template parameters.

wolfTPM Release 3.1.0 (Dec 29, 2023)

Summary

Support for using TLS PK callbacks with TPM for ECC and RSA. Improved the crypto callback support and added RSA Key generation. Fixed issues with endorsement hierarchy. Added Windows Visual Studio solution and project for wolfTPM. Improved the STM32 HAL IO callback options and logging.

Detail

• Removed use of error-ssl.h in library proper. (PR #308)
• Fixed CSR crypto callback to use a different (not default) devId to avoid conflict. (PR #310)
• Added TPM crypto callback support for RSA key generation (PR #311)
• Fixed and improved for ECC crypto callbacks (PR #311)
  • Allow import of wolf ECC marked as private only (ECC_PRIVATEKEY_ONLY).
  • Improve the ECC key import scheme for signing.
  • Improve logic for finding TPM curve in ECC key generation. A call to wc_ecc_make_key can use curve_id 0 (to detect), but we can get it from the "dp".
  • Properly translate a TPM ECC signature verify error for compatibility.
  • Support ECC KeyGen for signing or derive based on callback context eccKey or ecdhKey population.
  • Fix to make sure leading ECC sign leading zeros are removed when not required.
  • Fix leading zero issue on ECC verify.
• Cleanup KDF function return code checking to avoid scan-build warning. (PR #311)
• Fixed ECC encrypt secret integrity check failed due to zero pad issue. (PR #311)
• Fixed wolfTPM2_GetRng possibly not returning an initialized WC_RNG. (PR #311)
• Fixed TLS bidirectional shutdown socket issue to to port collision with SWTPM. (PR #311)
• Fixed policy_sign issue when r or s is less than key size (needs zero padding). (PR #311)
• Fixed building wolfCrypt without PEM to DER support. (PR #311)
• Added support for TLS PK callbacks with ECC and RSA Sign using PKCSv1.5 and PSS padding (PR #312)
  • Fixed building wolfTPM without crypto callbacks.
  • Fixed building/running with FIPS.
  • Cleanup TLS PK callback RSA PSS padding.
  • Cleanup TLS server/client.
  • Added server -i option to keep running unless failure.
  • Added TLS server option -self to use the self signed certs.
  • Added tests for the TLS PK with TPM.
• Added CMakeList.txt to autoconf, so its in the "make dist" commercial bundles. (PR #313)
• Fixed HAL IO prototype to match (TPM2HalIoCb and TPM2_IoCb) and cast warnings. (PR #313)
• Added support for getting the keyblob sizes if buffer is NULL. (PR #315)
• Added tests for keyblob buffer export/import. (PR #315)
• Added Windows Visual Studio project for wolfTPM. Added GitHub Actions to test it. (PR #316)
• Added support for overriding the PORT/PIN for the STM32 Cube HAL. (PR #314)
• Fixed ECC sign with key that is marked for sign and decrypt detect the ECDSA hash algorithm. (PR #317)
• Fixes for compiler type warnings. (PR #318)
• Added WOLFTPM_NO_LOCK. (PR #318)
• Improved STM IO options/logging. (PR #318)
• Fixed attestation with endorsement key (PR #320)
  • Enabled the broken endorsement tests.
  • Improved TPM2_GetRCString error rendering to correctly resolve RC_WARN.
    • Added error debug for parameter, session and handle number.
    • Refactor line length / alignment.
    • Removed duplicate "success".
  • Removed the WOLFTPM2_KEYBLOB.name (deprecated). It is/has been moved to handle.name.
  • Fixed native test TPM2_PolicyPCR.
  • Fixed CMake build broken, since cryptocb refactor in PR #304.
  • Added CI tests for CMake.