wolfTPM Release v4.0.0 Prep

.github/workflows/make-test-swtpm.yml

@@ -49,6 +49,11 @@ jobs:
             wolftpm_config: --enable-swtpm --disable-wrapper --disable-fwtpm
             test_command: "./examples/native/native_test"
 
+          # No examples (compile-only; examples disabled so no test_command)
+          - name: no-examples
+            wolftpm_config: --enable-swtpm --disable-examples --disable-fwtpm
+            test_command: "true"
+
           # Small stack
           - name: smallstack
             wolftpm_config: --enable-swtpm --enable-smallstack --disable-fwtpm
@@ -72,6 +77,10 @@ jobs:
           # STMicro ST33KTPM2
           - name: st33ktpm2
             wolftpm_config: --enable-st33 --disable-fwtpm
+          # STMicro ST33KTPM2 over I2C (compile-only, no hardware in CI)
+          - name: st33ktpm2-i2c
+            wolftpm_config: --enable-st33 --enable-i2c --disable-fwtpm
+            test_command: "true"
           # STMicro ST33KTPM2
           - name: st33ktpm2 firmware
             wolftpm_config: --enable-st33 --enable-firmware --disable-fwtpm

.github/workflows/release-checks.yml

@@ -0,0 +1,135 @@
+name: Release Checks
+
+# Gates intended to mirror the wolfTPM release procedure:
+#   - C++ build with CC=g++ (proves headers are C++-safe for consumers)
+#   - scan-build --status-bugs (Clang static analysis)
+# Both run on every PR and every push to release branches so regressions are
+# caught at PR time instead of during release prep.
+
+on:
+  push:
+    branches: [ 'master', 'main', 'release/**', 'rel_v*_prep' ]
+  pull_request:
+    branches: [ '**' ]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  build_wolfssl:
+    name: Build wolfSSL
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    steps:
+      - name: Checkout wolfSSL
+        uses: actions/checkout@v4
+        with:
+          repository: wolfssl/wolfssl
+          path: wolfssl
+          ref: master
+
+      - name: Build wolfSSL
+        working-directory: ./wolfssl
+        run: |
+          ./autogen.sh
+          ./configure --enable-wolftpm --enable-pkcallbacks --enable-keygen \
+              --prefix=/tmp/wolfssl-install \
+              CFLAGS="-DWC_RSA_NO_PADDING"
+          make -j$(nproc)
+          make install
+
+      - name: Tar install dir
+        run: tar -zcf wolfssl-install.tgz -C /tmp wolfssl-install
+
+      - name: Upload wolfSSL install
+        uses: actions/upload-artifact@v4
+        with:
+          name: wolfssl-release-checks
+          path: wolfssl-install.tgz
+          retention-days: 1
+
+  cxx_build:
+    name: C++ build (CC=g++)
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    needs: build_wolfssl
+    steps:
+      - name: Checkout wolfTPM
+        uses: actions/checkout@v4
+
+      - name: Download wolfSSL
+        uses: actions/download-artifact@v4
+        with:
+          name: wolfssl-release-checks
+
+      - name: Install wolfSSL
+        run: |
+          sudo tar -xzf wolfssl-install.tgz -C /tmp
+          sudo ldconfig /tmp/wolfssl-install/lib
+
+      - name: Build wolfTPM with g++ (default config)
+        run: |
+          ./autogen.sh
+          ./configure CC=g++ \
+              --with-wolfcrypt=/tmp/wolfssl-install
+          make -j$(nproc)
+
+      - name: Build wolfTPM with g++ (--enable-fwtpm)
+        run: |
+          make distclean
+          ./configure CC=g++ --enable-fwtpm \
+              --with-wolfcrypt=/tmp/wolfssl-install
+          make -j$(nproc)
+
+      - name: Show log on errors
+        if: failure()
+        run: cat config.log
+
+  scan_build:
+    name: scan-build (clang static analysis)
+    runs-on: ubuntu-latest
+    timeout-minutes: 15
+    needs: build_wolfssl
+    steps:
+      - name: Install clang tools
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y clang-tools
+
+      - name: Checkout wolfTPM
+        uses: actions/checkout@v4
+
+      - name: Download wolfSSL
+        uses: actions/download-artifact@v4
+        with:
+          name: wolfssl-release-checks
+
+      - name: Install wolfSSL
+        run: |
+          sudo tar -xzf wolfssl-install.tgz -C /tmp
+          sudo ldconfig /tmp/wolfssl-install/lib
+
+      - name: scan-build default configuration
+        run: |
+          ./autogen.sh
+          scan-build --status-bugs ./configure \
+              --with-wolfcrypt=/tmp/wolfssl-install
+          scan-build --status-bugs -o scan-results-default make -j$(nproc)
+
+      - name: scan-build with --enable-fwtpm
+        run: |
+          make distclean
+          scan-build --status-bugs ./configure --enable-fwtpm \
+              --with-wolfcrypt=/tmp/wolfssl-install
+          scan-build --status-bugs -o scan-results-fwtpm make -j$(nproc)
+
+      - name: Upload scan reports on failure
+        if: failure()
+        uses: actions/upload-artifact@v4
+        with:
+          name: scan-build-reports
+          path: |
+            scan-results-default/
+            scan-results-fwtpm/
+          retention-days: 7

CMakeLists.txt

@@ -1,6 +1,6 @@
 # CMakeList.txt
 #
-# Copyright (C) 2006-2025 wolfSSL Inc.
+# Copyright (C) 2006-2026 wolfSSL Inc.
 #
 # This file is part of wolfSSL. (formerly known as CyaSSL)
 #
@@ -21,7 +21,7 @@
 
 cmake_minimum_required(VERSION 3.16)
 
-project(wolfTPM VERSION 3.10.0 LANGUAGES C)
+project(wolfTPM VERSION 4.0.0 LANGUAGES C)
 
 set(CMAKE_RUNTIME_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/bin)
 set(WOLFTPM_DEFINITIONS)
@@ -638,7 +638,7 @@ file(REMOVE ${OPTION_FILE})
 file(APPEND ${OPTION_FILE} "/* wolftpm options.h\n")
 file(APPEND ${OPTION_FILE} " * generated from cmake configure options\n")
 file(APPEND ${OPTION_FILE} " *\n")
-file(APPEND ${OPTION_FILE} " * Copyright (C) 2006-2025 wolfSSL Inc.\n")
+file(APPEND ${OPTION_FILE} " * Copyright (C) 2006-2026 wolfSSL Inc.\n")
 file(APPEND ${OPTION_FILE} " *\n")
 file(APPEND ${OPTION_FILE} " * This file is part of wolfSSL.\n")
 file(APPEND ${OPTION_FILE} " *\n")

ChangeLog.md

@@ -1,5 +1,109 @@
 # Release Notes
 
+## wolfTPM Release 4.0.0 (Apr 22, 2026)
+
+**Summary**
+
+Major release with three new features:
+
+1. Firmware TPM 2.0 (fwTPM): a portable TPM 2.0 command processor built on wolfCrypt, usable as a replacement for a discrete TPM chip or as a CI/development replacement for external simulators.
+2. SPDM secured transport: secure vendor-defined TCG command communication with Nuvoton NPCT75x and Nations NS350 TPM modules.
+3. ST33KTPM2X firmware update: automatic format detection for both Generation 1 (non-LMS) and Generation 2 (LMS-signed) ST33KTPM firmware.
+
+Also includes new seal/unseal examples, additional platform/HAL support, extensive security hardening (Fenrir and Coverity), CI sanitizer coverage, and deprecation of OPENSTM32.
+
+**Detail**
+
+* Firmware TPM 2.0 (fwTPM) implementation (PR #474)
+  - Portable TPM 2.0 server built on wolfCrypt (RSA, ECC, SHA, AES, HMAC)
+  - 105/113 TPM 2.0 v1.38 commands implemented (93%)
+  - Socket transport (Microsoft TPM simulator protocol) and TIS transport
+  - File-based or HAL-callback NV storage; HAL abstraction for IO
+  - New configure options: `--enable-fwtpm` and `--enable-fwtpm-only`
+  - New feature macros: `FWTPM_NO_NV`, `FWTPM_NO_ATTESTATION`, `FWTPM_NO_POLICY`, `FWTPM_NO_DA`
+  - Full CI coverage: `fwtpm-test.yml` (11 matrix entries), `fuzz.yml` (weekly + per-PR smoke)
+  - macOS and Windows build support with network-namespace isolation for Linux CI
+* SPDM secured transport for Nuvoton NPCT75x and Nations NS350 (PR #458)
+  - Generic `WOLFTPM_SPDM_TCG` guard replaces per-vendor conditionals
+  - Vendor-defined TCG commands with VdCode validation
+  - PSK mode and identity-key mode with auto-connect
+  - Hardware test CI workflow split across self-hosted runners
+  - Added `spdm_ctrl` utility (renamed from `spdm_demo`)
+* STMicro ST33KTPM2X firmware update with LMS support (PR #446)
+  - New `st33_fw_update` example tool for ST33KTPM firmware updates
+  - Automatic firmware format detection based on TPM firmware version from `fwVerMinor`
+  - Generation 1 firmware (< 512, e.g. 9.257): Non-LMS format, 177-byte manifest, ECC-only
+  - Generation 2 firmware (>= 512, e.g. 9.512): LMS format, 2697-byte manifest with embedded LMS signature (LMS mandatory)
+  - No manual format selection required - manifest size chosen automatically
+  - See `examples/firmware/README.md` "ST33 Firmware Update" for usage
+* Seal/unseal examples with PCR, PolicyAuthorize, and NV policies (PR #464)
+  - Seal/unseal with PCR and policy authorization
+  - NV-based seal example with real parameter encryption (XOR and AES-CFB)
+  - New `seal-test.yml` CI workflow
+* Platform and HAL additions
+  - Raspberry Pi 4 hardware SPI support (PR #451)
+  - U-Boot HAL (`tpm_io_uboot.c`)
+  - Espressif ESP-IDF HAL SPI
+  - Linux auto-detection between `/dev/tpmX` and direct SPI at runtime
+* Configure behavior change
+  - On Linux x86_64/aarch64, `--enable-fwtpm` and `--enable-swtpm` now
+    default to enabled when no hardware path is selected, so plain
+    `./configure && make check` works out of the box without external
+    simulators
+  - New `--enable-spi` intent flag: pass it for hardware SPI builds to
+    suppress the swTPM/fwTPM auto-enable defaults (mutually exclusive
+    with `--enable-i2c`)
+  - `--disable-wolfcrypt` now auto-disables fwTPM (fwTPM requires
+    wolfCrypt) so the legacy `./configure --disable-wolfcrypt && make`
+    works without also passing `--disable-fwtpm`
+* Crypto callback and signing
+  - TPM support for `wc_SignCert_cb` callback API (PR #450)
+  - Fix for `wolfTPM2_SignHash` to return padded r/s, improved ECDSA P521 handling, added ECDSA tests with crypto callbacks (ZD20777)
+* Security hardening
+  - Fenrir findings addressed across tpm2_wrap, tpm2_packet, tpm2_asn, NV, session auth, SPDM, and fwtpm paths
+  - `ForceZero` on sensitive stack buffers (auth passwords, keyBlob, ECC/RSA private material, symmetric seeds, derived identity digests, NV read/write buffers, PSS padded buffers, session auth)
+  - Constant-time export for ECDH shared secret and ECC signature r/s
+  - Removed short-circuit OR in auth paths (HMAC verification, policy digest checks, ticket HMAC, ticket cpHashA, policy NV, PolicyPassword, credential unwrap, RSA-PKCS1v1.5)
+  - Bounds checks for `TPM2_Packet_AppendPCR` count/sizeofSelect, ASN.1 BIT STRING length, X.509 version, BER indefinite length, `wolfTPM2_UnloadHandles` handle-range overflow
+  - NULL-deref guards in `wolfTPM2_LoadRsaPrivateKey_ex`, `wolfTPM2_LoadEccPrivateKey`, `wolfTPM2_NVCreateAuthPolicy`, `wolfTPM2_EncryptDecryptBlock` (reject NULL IV for non-ECB, oversized IV)
+  - Scaled AES key size to RSA key strength in `wolfTPM2_ImportRsaPrivateKeySeed`; scaled session AES key size to match authHash in `wolfTPM2_StartSession`
+  - Return `BUFFER_E` instead of silently truncating auth values in `wolfTPM2_SetAuth`, `wolfTPM2_CreateKey`, `wolfTPM2_ChangeAuthKey`, `wolfTPM2_SetAuthHandleName`, `wolfTPM2_CreatePrimaryKey_ex`, `wolfTPM2_CreateLoadedKey`, `wolfTPM2_PolicyPassword`
+  - Removed sensitive auth and key material from debug output; added `WOLFTPM_DEBUG_SECRETS` opt-in macro for developer-only printing
+  - Moved auth size mismatch check outside `DEBUG_WOLFTPM` guard so it executes in all builds
+* Coverity and static analysis
+  - New Coverity CI workflow (PR #444)
+  - Fixed H-35, M-74, M-75 (PR #465)
+  - DEADCODE CID 900621 and related fixes
+* CI improvements
+  - Added ASan and UBSan sanitizers (PR #454)
+  - Pedantic gcc and pedantic clang build matrices
+  - macOS CI for fwTPM
+  - Windows build support for fwTPM
+  - Split hardware SPDM CI across multiple self-hosted runners
+  - Added unit tests for name/hash KATs, KDFa test vectors (ATH/SECRET/DUPLICATE labels), ParamEnc/Dec roundtrip, persistent-handle range checks, `ComputeName`, `HashNvPublic`, `PolicyHash` boundary, policy auth value offset
+* Marshaling and packet fixes
+  - `TPM_ALG_NULL` handling for `inScheme` serialization in Certify, CertifyCreation, Quote, GetSessionAuditDigest, GetCommandAuditDigest, GetTime, NV_Certify
+  - Added `TPM2_Packet_AppendSymmetric`/`ParseSymmetric` for SYMCIPHER case
+  - Fixed ECC ECDAA scheme serialization missing count field, RSA RSAES spurious hashAlg, `TPM2_Sign` ECDAA count
+  - Added SM3_256 and SHA3 digest sizes to `TPM2_GetHashDigestSize`
+  - Added ECSCHNORR and SM2 signature serialization
+  - Added `kdf` field to `TPMT_KEYEDHASH_SCHEME` XOR serialization
+  - Added `TPM2_Packet_ParseSensitive` counterpart and roundtrip test
+  - Documented `pub->size` mutation side effect in `TPM2_Packet_AppendPublic`
+* Bug fixes
+  - Fixed TLS ECDH curve mismatch in CI (PR #473)
+  - Added missing `unistd.h` include causing regressions in wolfBoot tpmtools (PR #471)
+  - Avoid nanosleep on non-Linux builds (PR #472)
+  - Fixed MAX_CONTEXT_SIZE stack buffer in CSR PEM using heap for small-stack builds (PR #460)
+  - Fixed AddressSanitizer warning for overlapping memcpy (use memmove) in wolfTPM2_USE_SW_ECDHE path
+  - Proper guarding for `LINUX_DEV`, `SWTPM`, and `WINAPI` (PR #466)
+  - Added error returns in `TPM2_IoCb_Zephyr_I2C`
+  - Improved error logging when `wolfTPM2_Init` fails
+  - Used `mp_to_unsigned_bin_len` (not `_ct`) for portability across wolfSSL builds
+* Deprecated / removed
+  - OPENSTM32 platform support removed (PR #479)
+
+
 ## wolfTPM Release 3.10.0 (Dec 4, 2025)
 
 **Summary**

IDE/Espressif/components/wolfssl/CMakeLists.txt

@@ -1,5 +1,5 @@
 #
-#  Copyright (C) 2006-2025 wolfSSL Inc.
+#  Copyright (C) 2006-2026 wolfSSL Inc.
 #
 #  This file is part of wolfTPM.
 #

IDE/Espressif/components/wolfssl/include/user_settings.h

@@ -1,6 +1,6 @@
 /* user_settings.h
  *
- * Copyright (C) 2006-2025 wolfSSL Inc.
+ * Copyright (C) 2006-2026 wolfSSL Inc.
  *
  * This file is part of wolfTPM.
  *

IDE/Espressif/components/wolftpm/CMakeLists.txt

@@ -1,6 +1,6 @@
 # wolfTPM cmake for Espressif component
 #
-#  Copyright (C) 2006-2025 wolfSSL Inc.
+#  Copyright (C) 2006-2026 wolfSSL Inc.
 #
 #  This file is part of wolfTPM.
 #

IDE/Espressif/main/include/main.h

@@ -1,6 +1,6 @@
 /*
  *
- * Copyright (C) 2006-2025 wolfSSL Inc.
+ * Copyright (C) 2006-2026 wolfSSL Inc.
  *
  * This file is part of wolfTPM.
  *

IDE/Espressif/main/main.c

@@ -1,6 +1,6 @@
 /* main.c
  *
- * Copyright (C) 2006-2025 wolfSSL Inc.
+ * Copyright (C) 2006-2026 wolfSSL Inc.
  *
  * This file is part of wolfTPM.
  *

IDE/VisualStudio/user_settings.h

@@ -1,6 +1,6 @@
 /* user_settings.h
  *
- * Copyright (C) 2006-2025 wolfSSL Inc.
+ * Copyright (C) 2006-2026 wolfSSL Inc.
  *
  * This file is part of wolfTPM.
  *

README.md

@@ -9,7 +9,7 @@ Portable TPM 2.0 project designed for embedded use.
 * Wrappers provided to simplify Key Generation/Loading, RSA encrypt/decrypt, ECC sign/verify, ECDH, NV, Hashing/HACM, AES, Sealing/Unsealing, Attestation, PCR Extend/Quote and Secure Root of Trust.
 * Testing done using TPM 2.0 modules from STMicro ST33 (SPI/I2C), Infineon OPTIGA SLB9670/SLB9672/SLB9673, Microchip ATTPM20, Nations Tech Z32H330TC/NS350 and Nuvoton NPCT650/NPCT750.
 * wolfTPM uses the TPM Interface Specification (TIS) to communicate either over SPI, or using a memory mapped I/O range.
-* On Linux, wolfTPM auto-detects between the kernel TPM driver (`/dev/tpmX`) and direct SPI access at runtime — a simple `./configure && make` works with either interface.
+* On Linux, wolfTPM auto-detects between the kernel TPM driver (`/dev/tpmX`) and direct SPI access at runtime - a simple `./configure && make` works with either interface.
 * wolfTPM can also use the Linux TPM kernel interface (`/dev/tpmX`) to talk with any physical TPM on SPI, I2C and even LPC bus.
 * Platform support for Raspberry Pi (Linux), MMIO, STM32 with CubeMX, Atmel ASF, Xilinx, QNX Infineon TriCore and Barebox.
 * The design allows for easy portability to different platforms:
@@ -204,7 +204,7 @@ make install
 ```text
 --enable-debug          Add debug code/turns off optimizations (yes|no|verbose|io) - DEBUG_WOLFTPM, WOLFTPM_DEBUG_VERBOSE, WOLFTPM_DEBUG_IO
                         WARNING: Define WOLFTPM_DEBUG_SECRETS manually (NOT enabled by default and NOT
-                        exposed via configure) to additionally print sensitive material — auth values,
+                        exposed via configure) to additionally print sensitive material - auth values,
                         session keys, bind keys, HMAC keys, hierarchy auth, and encryption secrets.
                         For developer debugging only. NEVER enable in production builds or on devices
                         that log stdout to persistent storage.