ContextQMD
Back to Zephyr

wolfTPM

doc/develop/manifest/external/wolftpm.rst

4.4.03.1 KB
Original Source

.. _external_module_wolftpm:

wolfTPM #######

Introduction

wolfTPM is a lightweight, portable TPM 2.0 library optimized for embedded systems, RTOS environments, and resource-constrained devices. It provides a full TPM 2.0 implementation including support for cryptographic operations, key generation, secure storage, and attestation.

wolfTPM has been integrated as a Zephyr module with CMake and Kconfig support, making it simple to include TPM functionality in any Zephyr-based project. The module supports device tree integration for I2C communication with TPM devices - you can configure the I2C bus by setting WOLFTPM_ZEPHYR_I2C_BUS in user_settings.h to the node describing the I2C bus on your device. I2C speed can be configured with WOLFTPM_ZEPHYR_I2C_SPEED.

wolfTPM is dual licensed under GPLv3 and commercial licenses.

GitHub Repository: wolfTPM Repository_

Requirements

  • :ref:external_module_wolfssl for cryptographic operations

Usage with Zephyr

Add wolfTPM as a project to your west.yml:

.. code-block:: yaml

manifest: remotes: # <your other remotes> - name: wolftpm url-base: https://github.com/wolfssl projects: # <your other projects> - name: wolftpm path: modules/crypto/wolftpm revision: v3.10.0 remote: wolftpm

.. note::

The revision shown above is an example. Check the wolfTPM Repository_ releases page for the latest release tag to ensure you are using the desired version.

Update west's modules:

.. code-block:: bash

west update

Now west recognizes wolftpm as a module, and will include its Kconfig and CMakeLists.txt in the build system.

Sample Applications

wolfTPM includes two sample applications for Zephyr:

  • wolftpm_wrap_test - tests core TPM wrapper functionality
  • wolftpm_wrap_caps - displays TPM capabilities

Both examples build and run successfully on qemu_x86, providing a solid foundation for development.

Configuration

The module uses a user_settings.h configuration file that can be customized to match project-specific requirements. For I2C communication with TPM devices, configure:

  • WOLFTPM_ZEPHYR_I2C_BUS - set to the device tree node describing your I2C bus
  • WOLFTPM_ZEPHYR_I2C_SPEED - set the I2C line speed

Additional Resources

For more regarding the usage of wolfTPM with Zephyr, please refer to the wolfTPM Zephyr Example Usage_ and the wolfTPM Zephyr Announcement_.

For application code examples in Zephyr, please refer to the wolfSSL NXP AppCodeHub_.

For wolfTPM API documentation, please refer to the wolfTPM Documentation_.

Reference

.. target-notes::

.. _wolfTPM Repository: https://github.com/wolfSSL/wolfTPM

.. _wolfTPM Zephyr Example Usage: https://github.com/wolfSSL/wolfTPM/blob/master/zephyr/README.md

.. _wolfSSL NXP AppCodeHub: https://github.com/wolfSSL/nxp-appcodehub

.. _wolfTPM Documentation: https://www.wolfssl.com/documentation/manuals/wolftpm/

.. _wolfTPM Zephyr Announcement: https://www.wolfssl.com/wolftpm-support-for-zephyr-rtos/