WolfSSL
/
wolfBoot
mirror of https://github.com/wolfSSL/wolfBoot.git
1
0
Fork 0
Code Issues Releases Wiki Activity
1,533 Commits
29 Branches
28 Tags
20 MiB
Commit Graph

66 Commits (cmakeImage)

Author SHA1 Message Date
David Garske a37a816693
Merge pull request #433 from danielinux/gpl3 
Update license GPL2 -> GPL3
 2024-04-16 10:36:10 -07:00
Daniele Lacamera fce6149cf8 Update license GPL2 -> GPL3 2024-04-16 16:46:15 +02:00
Daniele Lacamera da5b73817e Update wolfPKCS11 to v1.3.0. Fixed doc 2024-04-16 16:24:31 +02:00
Daniele Lacamera 25c8356a6b safety: panic() when calling random stub 2023-10-09 11:13:42 +02:00
David Garske 9cf947282c * Fix for building on MacOS (new keystore section issues). 
* Fix for library.o workaround.
* Added new `WOLFBOOT_DEBUG_MALLOC` option to help diagnosing malloc failures.
 2023-09-28 17:27:23 +02:00
Marco Oliverio 559f07f11e user_settings: tpm: reduce MMIO pooling delay 2023-09-28 13:12:26 +02:00
Marco Oliverio fa7bb89edb ahci: add support for disk unlocking based on tpm sealed secret 2023-09-28 13:12:26 +02:00
Marco Oliverio aaa66e7980 user_settings.h: remove redundant XTPM_WAIT() definition 2023-09-28 13:12:26 +02:00
Daniele Lacamera b8a5a6243d Cleanup, config rename, documentation 2023-09-21 08:31:30 +02:00
Daniele Lacamera 291adfe87d Fixed merge of user_settings with new TPM logic 2023-09-21 08:31:28 +02:00
Daniele Lacamera ed0357289c Fixed NS flash access + flash write unlock + misc 
- non-secure flash area increased to cover BOOT+UPDATE partitions
- call unlock/lock functions before accessing pkcs11 store for writing
- Enabled more features in application wolfcrypt front-end
- Fixed compiler w4rnings
 2023-09-21 08:28:23 +02:00
Daniele Lacamera bcbb0c2cfe Rebased on latest master 2023-09-21 08:28:23 +02:00
Daniele Lacamera fd862cbd8f Working PKCS11 test. 
Temporarily removed some features so the image fits in 64Kb
 2023-09-21 08:28:09 +02:00
Daniele Lacamera 20e8b021b5 Added NS wrappers for PKCS11 API 2023-09-21 07:57:18 +02:00
Daniele Lacamera f7d6c17685 TZ: PKCS11 wrappers via wolfPKCS11 in S world 2023-09-21 07:57:18 +02:00
Daniele Lacamera fd809c5b69 Expanded WCS interface 
- Added TRNG driver for STM32L5
- Link with correct objects in test-app
- Expanded wc_callable interface
 2023-09-21 07:57:18 +02:00
Daniele Lacamera 61ea65747b Added secure functions to set/provision key slots 2023-09-21 07:57:18 +02:00
Daniele Lacamera c7c90cd2cc Back-end calls for ecc sign/verify/getpublic 2023-09-21 07:57:18 +02:00
Daniele Lacamera 9bf80ab8cd Initial draft: wolfcrypt secure mode 2023-09-21 07:57:18 +02:00
David Garske 490286be7d Support for sealing/unseal a secret based on an externally signed PCR policy. 
* Added new `WOLFBOOT_TPM_SEAL` and `WOLFBOOT_TPM_SEAL_NV_BASE` config options.
* Added new `tools/tpm/policy_create` tool for assisting with creation of a policy digest. The sign keytool `--policy=file` signs the policy.
* Added new `WOLFBOOT_TPM_VERIFY` option to enable offloading of the asymmetric verification to the TPM. By default wolfCrypt will be used.
* Added example seal/unseal to update_flash for ARCH_SIM.
* Renamed `WOLFBOOT_TPM_KEYSTORE_NV_INDEX` to `WOLFBOOT_TPM_KEYSTORE_NV_BASE` to support multiple public keys.
* Refactored most TPM code into tpm.c.
* Refactored the keystore ROT to use new `wolfBoot_check_rot` API.
* Refactored the sign keytool to have a sign_digest function to allow signing firmware and policy for sealing/unsealing.
* Fix for make distclean && make using the wrong key tools.
 2023-09-12 12:26:48 +02:00
David Garske 95b0d9090d Fixes for building TPM keystore with arch x86_64. 2023-08-24 16:38:20 +02:00
David Garske 6ea1a1e4a5 Added GitHub action build tests for NXP parts (iMX RT, Kinetis and LPC). 2023-08-21 11:08:48 +02:00
David Garske 0ee918f9f6 Fixes for simulator malloc/free. Fix for RSA encrypt missing `wc_RsaPublicEncrypt_ex`. 2023-08-17 13:43:58 +02:00
David Garske 103503cf8a Fixes to get WOLFBOOT_TPM_KEYSTORE working with ECC SRK and Parameter Encryption. 2023-08-17 13:43:58 +02:00
David Garske 69adb25496 wolfBoot TPM improvements: 
* Added TPM SPI wait state support and debug logging.
* Added platform auth ownership (change platform password to random value before boot). Can be disabled using `WOLFBOOT_TPM_NO_CHG_PLAT_AUTH`.
* Added parameter encryption support.
* Added TPM based root of trust based on https://github.com/wolfSSL/wolfTPM/pull/276
* Removed the TPM hashing feature (not practical).
* Fixed RSA with wolfTPM build.
* Fixed cleanup wolfTPM objects on make clean.
 2023-08-17 13:43:58 +02:00
Marco Oliverio 9aee0b4cdd TPM: support WOLFTPM_MMIO 2023-07-24 18:12:13 +00:00
Daniele Lacamera efa28e3787 x86_64: support SP_MATH on x86_64 architecture 
Signed-off-by: Marco Oliverio <marco@wolfssl.com>
 2023-07-24 18:12:13 +00:00
David Garske 1d6c421b41 Disable dynamic stack for SP math and SP math all. 2023-07-05 18:34:42 +02:00
Daniele Lacamera 17b948bd25 Added WOLFSSL_SP_NO_DYN_STACK to user_settings.h 2023-07-05 18:34:42 +02:00
Daniele Lacamera 180d819d4a Added WOLFSSL_SP_NO_DYN_STACK 2023-07-05 18:34:42 +02:00
Hideki Miyazaki 5ed7390c40 reorganize folders under IDE/Renesas 2023-06-10 08:53:32 +02:00
Takashi Kojo 6393c48860 print partition info 2023-06-10 08:53:32 +02:00
Takashi Kojo def2a530e4 Simple boot 2023-06-10 08:53:32 +02:00
David Garske 69ca95eb94 Adds `factory_wstage1.bin` option to include first stage loader. Fix test-app verbose issue. 2023-04-21 16:41:00 +02:00
David Garske 553ec760fd NXP QorIQ refactor for shared PPC (e500 / e6500) registers 
* Fixes for e500 L1/L2 cache.
* Fixes for eLBC and DDR3 drivers on P1021.
* Fixes for LAW and TLB for P1021.
* Fix for the e500v2 core peripheral issues with data barrier / coherency safety.
* Support for SP math all (`SPMATHALL=1`).
* Support for stage 1 loader (`make stage1`).
 2023-04-21 16:41:00 +02:00
Daniele Lacamera 43fa7b17f1 Added WOLFBOOT_HUGE_STACK option 
The option can be enabled to use RSA4096 with fast math.
 2023-03-21 17:06:22 +01:00
David Garske cb1eaff8e8 Support for SP math with AARCH64 when hardware supports it. 2023-03-09 07:05:24 +01:00
David Garske 6d45564112 Test size increases. Improve user_settings.h ECC options. 2022-12-06 06:20:48 +01:00
David Garske 2fc899254f Cleanups for NXP T2080 DEOS support: 
* Expanded the NXP QorIQ T2080 documentation in `docs/Targets.md`.
* T2080 fixes for boot code placement and generation of .bin.
* T2080 UART driver cleanup.
* Improve bin-assemble fill speed and report items added.
* Make portability fixes to enable building in `mingw32-make`.
* Cleanup the `docs/Targets.md` sections and links.
* Cleanup execute bits on code files.
 2022-12-06 06:20:48 +01:00
Daniele Lacamera 5114e308ae Updated wolfSSL and wolfTPM submodules 2022-10-14 12:48:47 +02:00
Daniele Lacamera acfdd1f676 Added support for RSA3072 2022-05-31 12:13:34 +02:00
Daniele Lacamera f04889ee29 Added SHA2-384 support for integrity checks 2022-04-06 09:41:37 +02:00
Daniele Lacamera d06178c3a8 Added new signature algo: ECC384 2022-04-01 12:21:42 -07:00
Daniele Lacamera 5551666e08 Draft: added AES encryption support 2022-01-28 20:26:59 +01:00
Daniele Lacamera 2e7b63eae5 Adding support for ED448 verification 2021-12-13 12:05:37 +01:00
David Garske d38de3b432 Update copyright year 2021-07-19 07:50:02 -07:00
Daniele Lacamera 45570e6c21 Fixes for USE_FAST_MATH 2021-07-13 18:09:20 +02:00
Daniele Lacamera 4c4d7d69f8 Add support for WOLFBOOT_SMALL_STACK 2021-07-09 10:15:37 +02:00
David Garske 7793433b3a Updated RSA to use inline operation and disable OAEP padding. This allows removal of the XMALLOC/XFREE SP code. Once PR https://github.com/wolfSSL/wolfssl/pull/3918 is merged we can update submodule. 2021-03-26 16:38:08 +01:00
David Garske c14e70a12c Changed RSA4096 to use SP math. Fix to disable dynamic stacks `WOLFSSL_SP_NO_DYN_STACK`. Added G0 details. Update submodules. 2021-03-26 16:38:08 +01:00