WolfSSL
/
wolfBoot
mirror of https://github.com/wolfSSL/wolfBoot.git
1
0
Fork 0
Code Issues Releases Wiki Activity
1,533 Commits
29 Branches
28 Tags
20 MiB
Commit Graph

216 Commits (cmakeImage)

Author SHA1 Message Date
Daniel Fedai Larsen f7cd3f9b4e Add support for more flash sizes in W25QxxxJV series 2024-04-17 07:27:51 +02:00
Daniele Lacamera da5b73817e Update wolfPKCS11 to v1.3.0. Fixed doc 2024-04-16 16:24:31 +02:00
David Garske 1db41896e2
Merge pull request #431 from danielinux/update-wolfssl-v5.7.0 
Updated submodules: wolfSSL-v5.7.0 + wolfTPM latest
 2024-04-11 17:00:27 +02:00
Daniele Lacamera 737ecaf338 wolfBoot partition size on stm32c0-lms: 10KB 
With gcc < 13, LMS setup won't fit in 8KB (overflow of 32B).
 2024-04-11 11:45:42 +02:00
Daniele Lacamera 655ba461ac Added more configuration options for stm32c0 2024-04-11 11:27:56 +02:00
Jim Norton 7b0f78d488 Updated documentation. 2024-04-05 08:52:03 +02:00
David Garske 574f42ad83 Add support for wolfBoot_success() from test-app. 2024-03-29 11:51:26 -07:00
David Garske 49699bcc03 Add example for larger wolfBoot partition scheme (all partitions 40KB). Added instructions for debugging. 2024-03-29 11:39:40 -07:00
David Garske 61d24ab857 Added test-app code to change LED color based on version. Improved documentation. Minor code cleanups. 2024-03-29 11:10:30 -07:00
Daniele Lacamera dfc53df909 Added support for NXP MCXA153 2024-03-29 10:25:08 +01:00
David Garske e8ce553ce8 Change the STM32U5 default image header size to resolve vector table alignment issues with the Cortex-M33. ZD 17661 2024-03-15 21:10:43 +01:00
David Garske 5ecd2f749d Cleaned up TLV example and simulator output. Moved `wolfBoot_find_header` to the public header. 2024-03-08 12:15:23 -08:00
David Garske 2826f70ca7 Improve documentation for new custom TLV. 2024-03-08 11:38:46 +01:00
David Garske e3669245d5
Merge pull request #411 from miyazakh/renesas_rz2 
Support wolfBoot on Renesas RZN2L
 2024-03-01 20:22:11 -08:00
David Garske 5ba777c748 Add documentation for ECC P-521. 2024-03-01 12:28:07 -08:00
Hideki Miyazaki b92509a438 add RZN2L to Targets.md 
clean up
 2024-03-01 07:17:17 +09:00
Daniele Lacamera 304e0e876e Added sign option `--custom-tlv-buffer` 2024-02-29 17:29:29 +01:00
Daniele Lacamera 43f7730576 Added support for custom TLVs in manifest header 2024-02-29 17:29:29 +01:00
David Garske 11017d8af2
Merge pull request #405 from MulattoKid/mimxrt1040evk_support 
Add support for MIMXRT1042XJM5B
 2024-02-15 15:02:09 -08:00
David Garske 8a7c6933a4
Merge pull request #407 from danielinux/dualbank_swap_fork_bootloader_once 
DUALBANK: fork_bootloader should only execute once
 2024-02-15 09:06:08 -08:00
Daniele Lacamera c70c8a470d Added support for Microchip SAM E51 2024-02-15 17:30:11 +01:00
Daniele Lacamera c25497eba9 DUALBANK: fork_bootloader should only execute once 
fork_bootloader() should perform a physical copy of
the bootloader to its partition in the second bank only
if the content of the two partitions does not already match.
 2024-02-15 16:55:33 +01:00
Daniel Fedai Larsen 0f25c80114 Add support for MIMXRT1042XJM5B 2024-02-13 11:50:21 +01:00
David Garske 85b59634a1 Peer review feedback. 2024-02-12 19:54:12 +01:00
David Garske 57b4ee2bbc Adjust NXP T1024 flash layout, so existing device tree location does not have to move. 2024-02-12 19:54:12 +01:00
David Garske 5808b4c59e Fix for T1024 CPU core clock calculation. 2024-02-12 19:54:12 +01:00
David Garske 4408eeaa74 Fixes for sealing/unsealing: 
* Fix for sealing policy, which was not being set on creation.
* Fix to clear the userWithAuth bit requiring policy
* Updated wolfTPM submodule with changes in https://github.com/wolfSSL/wolfTPM/pull/327
 2024-02-03 10:09:03 -08:00
Daniele Lacamera 4564588b69 Preparing release v2.0.2 2023-12-29 11:31:48 +01:00
David Garske cd9370bd95 Fix link in TPM docs. 2023-12-05 15:14:51 -08:00
Daniele Lacamera 0d614fc669 Added custom DCD for i.mx-RT10XX 2023-11-16 09:56:44 +01:00
Daniele Lacamera 091c036b6c Improve documentation for x86 targets 
+ fix qemu's make_hd.sh script
 2023-11-06 17:15:38 +01:00
jordan 8dcf0de87e XMSS wolfBoot support: cleanup PQ.md doc. 2023-11-06 14:31:05 +01:00
jordan 79aadb5cc1 XMSS wolfBoot support. 2023-11-06 14:31:05 +01:00
David Garske 758eda1ad4 Add support for sealing/unsealing a secret with auth. 2023-10-25 13:24:27 +02:00
David Garske a6fc952328 Improve C0/G0 secure hide protection feature documentation. 2023-10-13 14:34:01 +02:00
David Garske c4dfa3f986 PR cleanups based on peer review. Fixes to support < 10KB wolfBoot for either RSA2048 or ED25519. Partition scheme allows 10KB application partition or (6KB actual due to NVM write once). Made space using NO_MPU=1, RAM_CODE=0, USE_SLOW_SHA256 and !FLASH_SECURABLE_MEMORY_SUPPORT. 2023-10-13 14:34:01 +02:00
Bill Phipps a1d584b838 STM32C0 support 2023-10-13 14:34:01 +02:00
David Garske eb2978ab7f TPM sealing cleanups. If using simulator don't extend the unseal PCR to prevent further access. Added `WOLFBOOT_NO_UNSEAL_PCR_EXTEND` option to prevent locking of PCR by random extend. Improvements to the `policy_sign` tool (example usage, ecc384 support). 2023-10-06 13:34:37 -07:00
David Garske 3e8d6fb061 Added NXP IFC NOR Flash erase/write. 2023-10-06 15:28:16 +02:00
David Garske b3e2fb9ddd NXP T1024 wolfBoot support: 
* Added DDR4 w/ECC.
* Added L2 and L2 CPC SRAM support
* Added platform SRAM 160KB support
* Added support for core timers (timebase) and platform clock.
* Added IFC driver with erase/write
* Added stage 1 loader to relocate wolfBoot to DDR
* Added CPLD, QUICC, FMAN and MP drivers
* Added eSPI driver for TPM.
* Added hal_early_init instead of calling ddr_init directly.
* Fixes for device tree (DTB) loading with update_ram and PPC boot.
* Fixes for relocating CCSRBAR to upper.
* Fixes for interrupt offsets.
 2023-10-06 15:28:16 +02:00
David Garske 56be972c9e Spelling and add TODO's for testing new keytool features. 2023-09-28 10:06:07 -07:00
Daniele Lacamera eba3f6514c keygen: Added --id {list} option, updated docs 2023-09-28 17:28:32 +02:00
Daniele Lacamera 18cf8dee56 Added documentation 2023-09-28 17:28:32 +02:00
Daniele Lacamera 900b646336 Added STM32-TZ documentation 2023-09-21 08:31:30 +02:00
Daniele Lacamera b8a5a6243d Cleanup, config rename, documentation 2023-09-21 08:31:30 +02:00
Daniele Lacamera 6ce0bbf013 Stm32l5 configuration: increase wolfboot partition 
Bootloader partition expanded to 48KB to accommodate assembly
optimizations in wolfBoot.
 2023-09-20 13:49:57 +02:00
David Garske 6dbe4a0129 Refactor to allow using seal/unseal without image header. Just pass the public key hint and policy directly. 2023-09-12 12:26:48 +02:00
David Garske 05b83544fb Fixes based on peer review. Add output of signed policy to file (append .sig). Tested successfully with multiple PCRs. In example unlock_disk extend PCR with random value after unseal to prevent unsealing after boot. 2023-09-12 12:26:48 +02:00
David Garske 2349a68e76 Added support for storing sealed blobs into NV. Refactor the TPM signature verify to use existing load public key function and generic verify hash TPM function. Added support for RSA sign with ASN.1 encoding (Example: `SIGN=RSA2048ENC`). 2023-09-12 12:26:48 +02:00
David Garske 490286be7d Support for sealing/unseal a secret based on an externally signed PCR policy. 
* Added new `WOLFBOOT_TPM_SEAL` and `WOLFBOOT_TPM_SEAL_NV_BASE` config options.
* Added new `tools/tpm/policy_create` tool for assisting with creation of a policy digest. The sign keytool `--policy=file` signs the policy.
* Added new `WOLFBOOT_TPM_VERIFY` option to enable offloading of the asymmetric verification to the TPM. By default wolfCrypt will be used.
* Added example seal/unseal to update_flash for ARCH_SIM.
* Renamed `WOLFBOOT_TPM_KEYSTORE_NV_INDEX` to `WOLFBOOT_TPM_KEYSTORE_NV_BASE` to support multiple public keys.
* Refactored most TPM code into tpm.c.
* Refactored the keystore ROT to use new `wolfBoot_check_rot` API.
* Refactored the sign keytool to have a sign_digest function to allow signing firmware and policy for sealing/unsealing.
* Fix for make distclean && make using the wrong key tools.
 2023-09-12 12:26:48 +02:00