In recent years, China’s cryptographic standards have gained significant traction on the global stage, with algorithms like SM2, SM3, and SM4 setting the standard for secure communications within Chinese regulatory frameworks. Companies operating in or doing business with China must support these ciphers to meet compliance requirements and to ensure secure interoperability. However, until now, no commercially available HSM solutions offered support for the full suite of SM ciphers, meaning industries that rely on HSM offload for security—such as automotive, industrial, or aerospace—face significant integration challenges.
Enter wolfHSM, our generic Hardware Security Module (HSM) firmware framework, targeting automotive HSM platforms and beyond. wolfHSM provides a unified API for secure cryptography, object storage, and key management on devices with HSM coprocessors. wolfHSM enables applications to easily leverage a platform’s hardware-based root of trust and provides a streamlined abstraction for offloading all cryptography to the HSM coprocessor through the wolfCrypt API.
Built to support any algorithm provided by wolfCrypt, wolfHSM enables users to integrate a wide variety of cryptography, from established algorithms to the latest bleeding edge draft standards. This flexibility is a key differentiating factor of wolfHSM, setting it apart in a market where adaptability and cryptographic choice are becoming increasingly crucial. With existing HSM solutions, you are locked into a small set of supported algorithms with no opportunity to modify or update HSM capabilities. With wolfHSM, you can deploy any algorithm supported by wolfCrypt, and are able to seamlessly switch between algorithms as needed, ensuring that you’re always using the best tools for your security needs. Given this flexibility, new algorithms like the SM ciphers can be deployed on your HSM just as easily as standard algorithms like AES or SHA256.
Whether you’re specifically looking to integrate SM ciphers into your HSM-based application, or just need a solution that allows you keep your options open, wolfHSM has what you need. wolfHSM’s “out of the box” crypto-agility means that as new requirements arise, wolfHSM can quickly and easily adapt – securely and without overhauling your existing infrastructure.
wolfHSM supports standard automotive HSM platforms like the Infineon AURIX TC3xx, ST SPC58N, Renesas RH850, etc. but can be easily ported to run on any device.
Are SM ciphers on an HSM something you are interested in? Do you want to use SM ciphers on AURIX TC3xx HSM? Let us know! Reach out to us at facts@wolfSSL.com and we can discuss.
If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.
Download wolfSSL Now