Draft:wolfTPM

wolfTPM
wolfTPM
Developer	David Garske
Initial release	February 6, 2018
Stable release	v3.9.2 / 30 July, 2025
Written in	C language
Operating system	Multi-platform
Type	Security library
License	GPL-3.0-or-later or proprietary license
Website	www.wolfssl.com/products/wolftpm/

Submission declined on 5 December 2025 by Royiswariii (talk).

This draft's references do not show that the subject qualifies for a Wikipedia article. In summary, the draft needs multiple published sources that are:

in-depth (not just passing mentions about the subject)
reliable
secondary
independent of the subject

Make sure you add references that meet these criteria before resubmitting. Learn about mistakes to avoid when addressing this issue. If no additional references exist, the subject is not suitable for Wikipedia.

This submission appears to read more like an advertisement than an entry in an encyclopedia. Encyclopedia articles need to be written from a neutral point of view, and should refer to a range of independent, reliable, published sources, not just to materials produced by the creator of the subject being discussed. This is important so that the article can meet Wikipedia's verifiability policy and the notability of the subject can be established. If you still feel that this subject is worthy of inclusion in Wikipedia, please rewrite your submission to comply with these policies.

If you would like to continue working on the submission, click on the "Edit" tab at the top of the window.
If you have not resolved the issues listed above, your draft will be declined again and potentially deleted.
If you need extra help, please ask us a question at the AfC Help Desk or get live help from experienced editors.
Please do not remove reviewer comments or this notice until the submission is accepted.

Where to get help

If you need help editing or submitting your draft, please ask us a question at the AfC Help Desk or get live help from experienced editors. These venues are only for help with editing and the submission process, not to get reviews.
If you need feedback on your draft, or if the review is taking a lot of time, you can try asking for help on the talk page of a relevant WikiProject. Some WikiProjects are more active than others so a speedy reply is not guaranteed.

How to improve a draft

Wikipedia:Contributing to Wikipedia – a basic overview on how to edit Wikipedia.
Help:Wikitext – how to use the markup
Help:Referencing for beginners – how to include references
Wikipedia:Article development – how to develop your article
Wikipedia:Writing better articles – how to improve your article
Wikipedia:Verifiability – make sure your article includes reliable third-party sources

You can also browse Wikipedia:Featured articles and Wikipedia:Good articles to find examples of Wikipedia's best writing on topics similar to your proposed article.

Improving your odds of a speedy review

To improve your odds of a faster review, tag your draft with relevant WikiProject tags using the button below. This will let reviewers know a new draft has been submitted in their area of interest. For instance, if you wrote about a female astronomer, you would want to add the Biography, Astronomy, and Women scientists tags.

Add tags to your draft

Editor resources

Easy tools: Citation bot (help) | Advanced: Fix bare URLs

Declined by Royiswariii 2 days ago. Last edited by InternetArchiveBot 2 days ago. Reviewer: Inform author.

Resubmit

Please note that if the issues are not fixed, the draft will be declined again.

Submission declined on 8 November 2025 by HitroMilanese (talk).

This draft's references do not show that the subject qualifies for a Wikipedia article. In summary, the draft needs multiple published sources that are:

in-depth (not just passing mentions about the subject)
reliable
secondary
independent of the subject

Make sure you add references that meet these criteria before resubmitting. Learn about mistakes to avoid when addressing this issue. If no additional references exist, the subject is not suitable for Wikipedia.

Declined by HitroMilanese 29 days ago.

Submission declined on 31 October 2025 by Pythoncoder (talk).

This draft's references do not show that the subject qualifies for a Wikipedia article. In summary, the draft needs multiple published sources that are:

in-depth (not just passing mentions about the subject)
reliable
secondary
independent of the subject

Make sure you add references that meet these criteria before resubmitting. Learn about mistakes to avoid when addressing this issue. If no additional references exist, the subject is not suitable for Wikipedia.

Declined by Pythoncoder 36 days ago.

Comment: It's more like an advertisement and failed per WP:GNG. ROY is WAR Talk! 03:27, 5 December 2025 (UTC)

Comment: The new sources are good, but more would always help. Ping me if you're fine with it as it is, or if you want to add more sources ping me when you're done monkey_smashing^keyboards (talk) 21:34, 4 December 2025 (UTC)

Comment: Additional references in independent and reliable sources are needed to demonstrate notability per WP:GNG. Please remove references from GitHub, they are not useful while establishing notability. Hitro talk 11:22, 8 November 2025 (UTC)

Comment: These are not the sort of sources we are looking for, we need entirely independent, reliable sources. Theroadislong (talk) 21:26, 31 October 2025 (UTC)

Comment: Needs more secondary sources. —pythoncoder (talk | contribs) 18:31, 31 October 2025 (UTC)

wolfTPM is a portable, open-source software stack that implements the Trusted Platform Module (TPM 2.0) specification for embedded and general-purpose platforms.^[3]

It provides full TPM 2.0 API, backward compatibility, and a minimal dependency design suitable for Linux, Windows, real-time operating systems (RTOS), and bare-metal environments.^[4]

Development and Design

wolfTPM is written in the C programming language and organized as a layered library with hardware transport interfaces, TPM command handling, and optional wrapper functions for common cryptographic operations such as key generation, signing, and attestation.^[5]

wolfTPM is designed as a portable TPM 2.0 software stack for embedded systems, implemented in native C with a low resource footprint.^[6]

The stack provides the full set of TPM 2.0 commands along with example code for common use cases.^[3]

wolfTPM includes wrapper functions for RSA, ECC, ECDH, AES, and key-generation operations.^[6]

It supports communication with discrete TPM 2.0 devices over interfaces such as SPI and I²C and can integrate with the wolfSSL cryptographic library to enable hardware-backed key protection in TLS 1.3 connections.^[7]

The library uses a single I/O callback for SPI communication with TPM hardware and has no external dependencies.^[6]

wolfTPM has been used with SPI-connected TPM 2.0 modules on Raspberry Pi hardware, relying on the TPM2 Software Stack and ESAPI for command transport.^[8]

The implementation includes support for vendor-specific TPM extensions, allowing device manufacturers to expose additional low-level commands for embedded use cases.^[3]

A comparative study of TPM 2.0 software stacks found wolfTPM to be the only tested implementation supporting vendor-specific low-level TPM commands.^[3]

wolfTPM has also been applied in prototype communication systems where TPM 2.0 features were used for secure key handling and authentication within Modbus-based networks.^[9]

wolfTPM has been integrated into embedded systems research, including implementations on STM32 microcontrollers and the FreeRTOS real-time operating system to implement TPM-based secure boot and communication mechanisms.^[10]

Platforms

The library provides hardware interface examples for TPM 2.0 modules from Infineon, STMicroelectronics, Microchip, NSING Technologies, and Nuvoton, with reference ports available for platforms such as Raspberry Pi, STM32 CubeMX, Atmel ASF, Xilinx, and Infineon TriCore.^[4]

Independent comparisons report that wolfTPM includes native support for Linux, Windows, Raspberry Pi, and STM32 platforms.^[3]

wolfTPM has been integrated with Raspberry Pi systems using SPI-connected TPM 2.0 modules for authentication and signing workflows.^[8] wolfTPM has also been used with the Infineon OPTIGA SLB 9670, an SPI-connected TPM 2.0 module commonly paired with Raspberry Pi hardware.^[11]

Its hardware abstraction layer (HAL) design allows developers to adapt the stack to additional TPM devices or custom I/O interfaces through a single callback mechanism.^[4]

Protocols

The library implements the complete TPM 2.0 API set in accordance with the official specification. Supported operations include key creation, sealing and unsealing, non-volatile memory management, attestation, and certificate-signing-request generation.^[5]

It also provides wrapper APIs for higher-level workflows such as TLS key usage and measured-boot implementations.^[7]

wolfTPM enables integration of TPM functionality into the wolfSSL cryptographic library for TLS 1.3 client–server communication.^[12]

Supported cryptographic primitives include RSA, ECC (including ECDH), AES, and HMAC.^[5] Research systems using wolfTPM have employed its support for ECC key generation and ECDSA signing, including NIST P-256 curves for authentication workflows.^[8]

Security

In October 2025, a vulnerability identified as CVE-2025-7844 was reported in wolfTPM, involving improper handling of TPM command input under certain conditions. The issue was listed by both the U.S. National Vulnerability Database (NVD) and the Cybersecurity and Infrastructure Security Agency (CISA) and was patched in later releases of the library.^[13]^[14]

Licensing

wolfTPM is open source and dual licensed under both the GNU GPL-3.0-or-later and commercial licensing.^[15]

References

^ "wolfTPM ChangeLog". GitHub.
^ "wolfTPM release note". GitHub.
^ ^a ^b ^c ^d ^e Pirker, Martin (2024). A Brief Reflection on Trusted Platform Module Support (PDF). SCITEPRESS.
^ ^a ^b ^c "wolfTPM".
^ ^a ^b ^c "wolfTPM Documentation" (PDF).
^ ^a ^b ^c Olivier Gilles, David Faura, and Daniel Gracia Pérez (2023). Securing communication on the field: Protecting geo-distributed computing in an untrusted environment (PDF). CEUR-WS.{{cite conference}}: CS1 maint: multiple names: authors list (link)
^ ^a ^b Securing communication on the field: Protecting geo-distributed computing in an untrusted Environment (PDF). CEUR-WS. 2024.
^ ^a ^b ^c "Cryptographic Considerations for Automation and SCADA Systems Using Trusted Platform Modules". Sensors. 19 (19). MDPI: 4191. 2019.
^ "Implementation of TPM 2.0 Functions for Secure Communication in Industrial Systems". Sensors. MDPI. 2019.
^ Henrique Trevisan (2025). Estudo do TPM e RTOS para segurança cibernética em conversores estáticos (Thesis) (in Portuguese). Universidade do Estado de Santa Catarina (UDESC).
^ Bogdan Groza, Horatiu Gurban, Lucian Popa, Adriana Berdich, and Pal-Stefan Murvay (2019). Car-to-Smartphone Interactions: Experimental Setup, Risk Analysis and Security Technologies.{{cite conference}}: CS1 maint: multiple names: authors list (link)
^ "Securing IIoT communications using OPC UA PubSub and Trusted Platform Modules". Journal of Systems Architecture. 2022.
^ "CISA Weekly Bulletin SB25-223". Cybersecurity and Infrastructure Security Agency. 2025-10-31. Archived from the original on 2025-09-15. Retrieved 2025-11-08.
^ "wolfTPM Release Notes". GitHub. Retrieved 2025-11-05.
^ "wolfTPM License Information".

[wolfTPM-ChangeLog-1] "wolfTPM ChangeLog". GitHub.

[2] "wolfTPM release note". GitHub.

[scitepress2024-3] Pirker, Martin (2024). A Brief Reflection on Trusted Platform Module Support (PDF). SCITEPRESS.

[wolfTPM-4] "wolfTPM".

[wolfTPMdoc-5] "wolfTPM Documentation" (PDF).

[msec2020-6] Olivier Gilles, David Faura, and Daniel Gracia Pérez (2023). Securing communication on the field: Protecting geo-distributed computing in an untrusted environment (PDF). CEUR-WS.{{cite conference}}: CS1 maint: multiple names: authors list (link)

[ceur2024-7] Securing communication on the field: Protecting geo-distributed computing in an untrusted Environment (PDF). CEUR-WS. 2024.

[mdpi2019-8] "Cryptographic Considerations for Automation and SCADA Systems Using Trusted Platform Modules". Sensors. 19 (19). MDPI: 4191. 2019.

[9] "Implementation of TPM 2.0 Functions for Secure Communication in Industrial Systems". Sensors. MDPI. 2019.

[10] Henrique Trevisan (2025). Estudo do TPM e RTOS para segurança cibernética em conversores estáticos (Thesis) (in Portuguese). Universidade do Estado de Santa Catarina (UDESC).

[hal2019-11] Bogdan Groza, Horatiu Gurban, Lucian Popa, Adriana Berdich, and Pal-Stefan Murvay (2019). Car-to-Smartphone Interactions: Experimental Setup, Risk Analysis and Security Technologies.{{cite conference}}: CS1 maint: multiple names: authors list (link)

[sciencedirect2022-12] "Securing IIoT communications using OPC UA PubSub and Trusted Platform Modules". Journal of Systems Architecture. 2022.

[13] "CISA Weekly Bulletin SB25-223". Cybersecurity and Infrastructure Security Agency. 2025-10-31. Archived from the original on 2025-09-15. Retrieved 2025-11-08.

[14] "wolfTPM Release Notes". GitHub. Retrieved 2025-11-05.

[15] "wolfTPM License Information".

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]

Development and Design

Platforms

Protocols

Security

Licensing

See Also

References