Announcing wolfHSM Integration with wolfBoot

    • We’re excited to announce that wolfBoot now supports integration with wolfHSM, bringing enhanced security features to our best-in-class secure bootloader solution on supported platforms. This enhancement positions wolfBoot as an even stronger tool for automotive and industrial applications with the highest security requirements.

    What are wolfBoot and wolfHSM?

    wolfBoot is our open-source, portable, OS-agnostic secure bootloader solution for 32-bit microcontrollers and beyond. It ensures that only authenticated firmware can run on your embedded device, providing a root of trust for your application..

    wolfHSM is our generic Hardware Security Module (HSM) firmware framework, providing a unified API for secure cryptography, object storage, and key management on HSM coprocessors. wolfHSM enables applications to easily leverage a platform’s hardware-based root of trust and provides a streamlined abstraction for offloading all cryptography to the HSM coprocessor through the wolfCrypt API.

    wolfHSM Integration with wolfBoot

    By integrating wolfHSM with wolfBoot, we’ve enhanced the security capabilities of our already secure bootloader with the following features:

    1. Secure Key Storage: Cryptographic keys are now stored securely on the wolfHSM server, never accessible to wolfBoot or user applications.
    2. Remote Cryptographic Operations: All cryptographic operations are offloaded as remote procedure calls to the wolfHSM server. Hardware acceleration for cryptographic algorithms is included when supported by the platform.
    3. Flexible Key Management: Keys can be updated or rotated on the wolfHSM server without requiring a wolfBoot update.

    Supported Platforms

    Currently, wolfBoot supports using wolfHSM on the following platforms:

    • wolfBoot simulator (using wolfHSM POSIX TCP transport)
    • Infineon AURIX TC3xx (shared memory transport)

    More platforms are in development. Don’t see your platform here? Reach out to us at facts@wolfSSL.com and we can discuss adding support!

    Getting Started

    To get started with wolfBoot + wolfHSM:

    • Check out the wolfHSM integration documentation for an overview of the configuration options and HAL requirements.
    • Consult your platform-specific wolfHSM documentation for instructions on configuring the wolfHSM server.
    • To test wolfHSM + wolfBoot using the simulator, simply follow the instructions here to build wolfBoot with wolfHSM support and run it against our example wolfHSM server.

    Give it a try and let us know what you think!

    If you have any questions about wolfBoot or wolfHSM, please reach out via email at facts@wolfSSL.com or call us at +1 425 245 8247 and we will be happy to assist you!

    Download wolfSSL Now