Month: April 2025

µITRON Support in wolfBoot

We regularly receive inquiries regarding µITRON support in wolfSSL products—and understandably so.

As a specification for real-time operating systems (RTOS), ITRON has led to a wide variety of implementations. These include open-source projects such as TOPPERS/ASP, as well as commercial RTOS offerings like eT-Kernel (by eSOL), µC3 (by eForce), and NORTi (by MISPO), among many others. In addition, many companies have developed and deployed their own in-house RTOS implementations based on the µITRON specification.

As a result, although these systems are often described as “µITRON-compliant,” in practice they tend to include proprietary extensions or slight modifications. This has given rise to a diverse ecosystem of µITRON derivatives, each with its own unique features.

wolfSSL products are designed to support µITRON, including these many derivative implementations. This includes products such as wolfBoot, which typically require a higher degree of platform-specific integration. The high portability of wolfSSL—including wolfBoot—is the result of extensive experience supporting a broad range of RTOS and general-purpose operating systems, along with carefully localized platform-dependent code.

With commercial-grade technical support backed by wolfSSL’s proven portability technology, customers can confidently integrate wolfSSL products into their µITRON-based systems—regardless of the variant—ensuring robust, secure, and reliable operation.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

wolfCrypt Takes Over libgcrypt

We are pleased to announce the start of an official wolfSSL project to port wolfCrypt FIPS into libgcrypt. This initiative aims to replace the underlying cryptography in applications using libgcrypt with wolfCrypt’s certified algorithms. With wolfCrypt already achieving FIPS 140-3 certification, applications using libgcrypt’s API can immediately be deployed in environments that require certified cryptography, such as government, military, finance, and medical applications. This port not only enhances security but also saves developers significant time and effort. For developers, this integration means they can focus on building their applications without the burden of transitioning applications to meet cryptographic compliance. By using wolfCrypt, developers can ensure that their applications meet the highest security standards without the need for extensive testing and validation of multiple cryptographic libraries. This project also provides a seamless way to explore and evaluate wolfCrypt for future projects, offering a pathway to potentially transition applications to natively use wolfCrypt.

Furthermore, this effort has significant implications for Linux distributions, which often incorporate a wide array of cryptographic dependencies, such as libgcrypt, to provide comprehensive functionality to many packages. By ensuring that all cryptographic dependencies use a consistent cryptography provider like wolfCrypt, distributions can maintain uniform security standards across the entire system and applications. This consistency is crucial for reducing complexity and potential vulnerabilities that arise from using multiple cryptographic libraries. It simplifies the management of cryptographic standards and reduces the risk of incompatibilities or security gaps, particularly in environments where security and compliance are paramount.

For more details or questions about this effort, please reach out to facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

Secure Boot Support for Nordic nRF5340: Firmware Update for Dual-Core Systems

We’re thrilled to announce that wolfBoot now supports the powerful Nordic nRF5340 dual-core SoC, bringing enterprise-grade security to your IoT applications. This cutting-edge microcontroller combines robust security features with high performance, making it an ideal choice for modern IoT deployments.

Key Features

  • Dual-Core Architecture
    • Application Core:
      • Cortex-M33 at 128MHz with TrustZone
      • 1MB Flash and 512KB RAM
    • Network Core:
      • Cortex-M33 at 64MHz
      • 256KB Flash and 64KB RAM
  • wolfBoot Signature Options
    • RSA (2048/3072/4096)
    • ECC (256/384/521)
    • ED25519/ED448
    • PQC: ML-DSA/LMS/XMSS
    • Hybrid PQC schemes
  • Hardware based root of trust

Implementation Details

Our reference implementation uses the Nordic nRF5340-DK development kit with external QSPI flash for secure update storage. We’ve also enabled delta (differential) updates to optimize bandwidth usage on constrained networks. Simply enable this feature with DELTA_UPDATES=1.

Communication Setup

The DK board features two virtual COM ports for debugging:

  • Application Core: UART0=P0.20
  • Network Core: UART0=P1.01

The application core manages network core updates through IPC and shared memory, ensuring seamless coordination between both cores.

Getting Started

For detailed build instructions and example output from an update, visit our documentation.

Important Notes

  • Network core updates must be signed with –id 2 and placed in the application core update partition
  • Coming soon: Hardware-based root of trust using the UICR key storage region

Testing Tools

We’ve provided helpful testing scripts in our GitHub repository. The build_flash.sh script automates the process of:

  • Creating internal and external flash images
  • Signing each with version 2
  • Placing updates in external flash
  • Triggering updates (equivalent to calling wolfBoot_update_trigger())

Support

For questions or assistance, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

wolfTPM supports NSING Technologies NS350

wolfTPM is a portable, open-source TPM 2.0 stack with backward API compatibility, designed for embedded use. It is highly portable, and has native support for Linux and Windows. RTOS and bare metal environments can take advantage of a single IO callback for SPI hardware interface, no external dependencies, and compact code size with low resource usage.

wolfTPM has been supporting NSING Technologies Z32H330TC and recently added support for NS350 starting from wolfTPM 3.6.0.

The NS350 series are NSING’s new generation of high-security, high-performance, and cost-effective TPM 2.0 security chips that offer significant improvements in both technical performance and security. The NS350 devices are all Common Criteria (EAL4+) certified.

The users of NS350 can take advantage of wolfTPM’s API wrappers to help with complex TPM operations like attestation and cryptographic processes like the generation of Certificate Signing Request (CSR) using a TPM. We have a multitude of examples to help accelerate your integration.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247

Download wolfSSL Now

Posts navigation

1 2