WolfSSL
/
wolfBoot
mirror of https://github.com/wolfSSL/wolfBoot.git
1
0
Fork 0
Code Issues Releases Wiki Activity
2,153 Commits
29 Branches
28 Tags
20 MiB
Commit Graph

366 Commits (master)

Author SHA1 Message Date
David Garske 3c2c26bf3a Fixes for IAR. Switch to new `src/keystore.c` for keys. Fixes for building keytools in Visual Studio. 2022-07-26 09:34:53 +02:00
Daniele Lacamera 5252ac2f68 Added default sector size to raspi3.config 
(mandatory to compile sign.c)
 2022-07-21 21:28:17 +02:00
Daniele Lacamera 93dd53ac0f Fixed support for raspberry-pi 2022-07-21 20:18:34 +02:00
Daniele Lacamera c4ca592f43 Fixed rpi load address, do_boot jump 2022-07-21 20:18:34 +02:00
Daniele Lacamera 9605dd283f Fixes for test cases using keystore 2022-07-19 15:33:29 +02:00
Daniele Lacamera 513163a77b Added "ARMORED" check for part id flags mask 2022-07-19 15:32:28 +02:00
Daniele Lacamera 1e11f3081b keygen.c : exporting keystore also in binary format 2022-07-19 15:32:28 +02:00
Daniele Lacamera 1542a15c90 Keystore: array of public keys generated by keygen 2022-07-19 15:32:28 +02:00
Daniele Lacamera acfdd1f676 Added support for RSA3072 2022-05-31 12:13:34 +02:00
Daniele Lacamera 063c21430c Added partition ID. Extended sign manual 2022-05-24 13:31:50 +02:00
David Garske 6068a8047c wolfBoot improvements (from elms): 
* Add `WOLFBOOT_DUALBOOT` for dynamic fallback
* Refactor header field parsing
* Cleanup compiler warnings and logic extra check
* Option to leave out partition based functions
* Add `WOLFBOOT_FIXED_PARTITIONS` enable using partition enum and related functions
* Wrap all delta update references
* Update raspberry documentation
* EFI refactoring
* Add `keytools_check` target
* Add "library" target
 2022-05-20 08:06:07 +02:00
Daniele Lacamera acd96323a2 Prepare release 1.11 2022-05-05 07:28:21 +02:00
Daniele Lacamera f04889ee29 Added SHA2-384 support for integrity checks 2022-04-06 09:41:37 +02:00
Daniele Lacamera d06178c3a8 Added new signature algo: ECC384 2022-04-01 12:21:42 -07:00
Daniele Lacamera a017e482b9 Removed dead code after reviewer's comments 2022-03-23 09:19:33 +01:00
Daniele Lacamera 7b7282e74d Added comment as suggested by reviewer. 2022-03-17 12:10:57 +01:00
Daniele Lacamera 986855ce0a Review's feedback 2022-03-17 11:53:49 +01:00
Daniele Lacamera 4527347173 Error if attempting to build ARMORED on not-arm-gcc 2022-03-17 10:48:49 +01:00
Daniele Lacamera 73fe84c55c Fixed version check armor, add no-downgrade tests 2022-03-16 11:19:05 +01:00
Daniele Lacamera 0684245187 Added canary vars around signature_ok flag, improved checks 2022-03-15 12:36:24 +01:00
Daniele Lacamera 0665eeff67 Reverted 'return -1' fix; removed _update() optim. 2022-03-14 18:14:50 +01:00
Daniele Lacamera a72715caa3 Improved "return -1" in version check 2022-03-14 17:58:43 +01:00
Daniele Lacamera 028d184b17 Added armored image version, improve armor 2022-03-14 17:45:47 +01:00
Daniele Lacamera 32ecb5c3b6 Added pre-boot sanity check 2022-03-14 16:04:11 +01:00
Daniele Lacamera 75fb9f70e3 Fixed ECC with no armor 2022-03-14 15:22:04 +01:00
Daniele Lacamera 9ac4a6d365 Armored signature verification back-end 2022-03-14 15:12:36 +01:00
Daniele Lacamera 5a15fe1138 Added armored panic() function form arm cortex-m 2022-03-14 13:06:13 +01:00
Daniele Lacamera 61275ec9dd Update Chacha ENCRYPT_BLOCK_SIZE to match IV ctr 2022-02-07 16:35:25 +01:00
Marco Oliverio 0f9613837a libwolfboot: make crypto_*() functions public 2022-02-07 15:03:08 +01:00
Daniele Lacamera 43a5a38629 Fixes to AES-CTR encryption after testing 2022-01-31 16:46:09 +01:00
Daniele Lacamera 5551666e08 Draft: added AES encryption support 2022-01-28 20:26:59 +01:00
Daniele Lacamera b3ada3a265 Version up to 1.10.0000 2022-01-10 17:35:27 +01:00
Daniele Lacamera 2e7b63eae5 Adding support for ED448 verification 2021-12-13 12:05:37 +01:00
Marco Oliverio a187442455 support booting EFI application on x86_64 architecture 
Co-authored-by: Daniele Lacamera <daniele@wolfssl.com>
 2021-11-30 18:43:50 +01:00
Daniele Lacamera f26dd61e23 Fixed delta updates from external devices (+ test) 2021-10-07 14:32:51 +02:00
Daniele Lacamera aaf780fae9 Added test for delta-update-ext 2021-10-07 14:32:51 +02:00
Daniele Lacamera 922c17f1cc Draft: integrate delta updates with external flash support 2021-10-07 14:32:48 +02:00
Elms d302c633c2 TMS570LC43xx: flash updates and init stack pointer 
- cleanup warnings and rework exceptions to be more robust
 - CORTEX R5: Initialization of stack pointer
 - updates to F021 flash from testing
 - sync options for command line build with IDE
 2021-10-07 01:45:18 -07:00
Daniele Lacamera aba428b243 Changed bitrate for uart_flash tests 2021-08-24 10:00:04 +02:00
Daniele Lacamera 012bba3ce3 Fixed after review comments 2021-08-20 10:10:51 +02:00
Daniele Lacamera 39ee01a948 Added roll-back feature via inverse patch 2021-08-17 15:44:34 +02:00
Daniele Lacamera 3b0c434a13 Added missing header delta.h 2021-08-16 12:00:39 +02:00
Daniele Lacamera b74a4f69e2 Changed delta mechanism + added key tool diff function 2021-08-16 11:59:45 +02:00
Daniele Lacamera 13541ec046 Delta updates, draft update mechanism with hdr replacement 2021-08-16 11:56:13 +02:00
Daniele Lacamera 7ff1887ad7 Initial delta code + HDR tag for manifest 2021-08-16 11:54:27 +02:00
Daniele Lacamera 572414fba6 Use library version as default WOLFBOOT_VERSION 2021-07-19 17:02:40 +02:00
David Garske 64661ef08c Add wolfBoot library version. 2021-07-19 07:53:08 -07:00
David Garske d38de3b432 Update copyright year 2021-07-19 07:50:02 -07:00
Daniele Lacamera 45570e6c21 Fixes for USE_FAST_MATH 2021-07-13 18:09:20 +02:00
Daniele Lacamera 4c4d7d69f8 Add support for WOLFBOOT_SMALL_STACK 2021-07-09 10:15:37 +02:00
Daniele Lacamera f2bab09777 Added support for SIGN=NONE 2021-06-28 13:52:00 +02:00
Elms 1a33885cfb handle big endianess with header 2021-05-14 09:38:31 +02:00
David Garske 7793433b3a Updated RSA to use inline operation and disable OAEP padding. This allows removal of the XMALLOC/XFREE SP code. Once PR https://github.com/wolfSSL/wolfssl/pull/3918 is merged we can update submodule. 2021-03-26 16:38:08 +01:00
David Garske c14e70a12c Changed RSA4096 to use SP math. Fix to disable dynamic stacks `WOLFSSL_SP_NO_DYN_STACK`. Added G0 details. Update submodules. 2021-03-26 16:38:08 +01:00
Daniele Lacamera 3516620f1a fix wolfTPM option 2021-01-26 09:07:03 +01:00
Dimitar Tomov bf74ba9cb4 Added ifndef to wolfTPM specific build settings for wolfCrypt 
Signed-off-by: Dimitar Tomov <dimi@wolfssl.com>
 2021-01-26 08:13:26 +01:00
Dimitar Tomov 2f3fc6600b Latest wolfTPM has Parameter Encryption that requires HMAC and AES support 
* Add new src/tpm2_param_enc object for wolfTPM
* Enable wolfcrypt HMAC support required for TPM2.0 KDFa
* Enable wolfcrypt AES support required for AES CFB parameter encryption

Signed-off-by: Dimitar Tomov <dimi@wolfssl.com>
 2021-01-26 08:13:26 +01:00
Daniele Lacamera 82da68028b Fix fallback using encryption by storing the key after swaping 
partitions
 2021-01-11 13:07:07 +01:00
Glenn Ergeerts 3682e66818 stm32l0: add support for external SPI flash 2020-11-19 13:30:14 +01:00
David Garske 4706d2f126 Peer review fixes. Fixes for SHA3 and RSA4096 in makefiles. Fixes for Xilinx SDK excludes. Cleanup of the printf to use the built-in facilities (`wolfBoot_printf`). 2020-11-12 10:47:32 +01:00
Daniele Lacamera 4e27d9197f Added compile-time option to invert FLAGS logic (FLAGS_INVERT=1) 2020-11-03 11:05:14 +01:00
Daniele Lacamera 72eb2c205b Relocate sector flags in FLAGS_HOME mode to a constant location 2020-10-16 10:29:19 +02:00
Daniele Lacamera 533fa9b4a2 Added RAMFUNCTION tag to SPI flash functions 2020-07-06 10:13:52 +02:00
Daniele Lacamera f3f27ae2cb Fixed ChaCha20 IV usage/setting. Test/docs updated. 2020-06-18 11:12:01 +02:00
Daniele Lacamera 53bf4d04db Encrypt: API design 2020-06-16 17:50:55 +02:00
Daniele Lacamera 1d24d326b1 Experimental: chacha20 encryption for external partitions 2020-06-16 17:50:55 +02:00
Daniele Lacamera aa3fb3fab0 Changed set|get_sector_flag argument to uint16_t 
On some platforms with very small sector size this index could overflow
 2020-05-29 08:19:18 +02:00
David Garske 2560bdc6d7 Added TPM RSA verify support. Added support for using software SHA-256 hasing with TPM because its much faster. (Note: to use TPM for hashing define `WOLFBOOT_HASH_TPM`). 2020-05-25 08:28:02 -07:00
Daniele Lacamera f3d0d8fc83 PSoC6 support: updated configuration, docs added to Targets.md, revert 
custom NVM_CACHE_SIZE
 2020-05-20 06:53:00 -07:00
Daniele Lacamera 3db37a6b5c Updated NVM_CACHE_SIZE to match different configurations. 
Progress on psoc6 HAL, fixed memory mapping and test app
 2020-05-20 06:53:00 -07:00
Daniele Lacamera f7da6c5f6e Added SPI support for nrf52 2020-05-19 18:16:17 +02:00
Daniele Lacamera aaa5f962e6 minor changes after code review 2020-04-07 16:39:37 +02:00
Daniele Lacamera 92e1f632c1 Removed magic numbers for bitrate 2020-04-03 20:24:13 +02:00
Daniele Lacamera f04aac6a9f Added missing include file 2020-04-03 20:19:45 +02:00
David Garske e7446c570f Fixes for Device Tree (DTS) handling. Updated documentation. 2020-03-06 15:33:41 -08:00
David Garske 2867025ae5 Fixes for handling U-Boot image and DTS. Moved the Xilinx SDK project target settings into target.h. 2020-03-05 15:39:22 -08:00
David Garske c0b534edd7 wolfBoot Aarch64 support (Xilinx Zynq and Raspberry Pi): 
* Added Aarch64 boot/startup support
* Added configuration templates for Raspberry Pi 3 and Xilinx ZynqMP UltraScale+
* Added Xilinx Zynq QSPI bare-metal Driver
* Added `NO_XIP` option for full `ext_flash_*` API on all partitions
* Added Xilinx SDK Project Template
* Added support for DTS image partitions
* Added wolfBoot signing tool in Native C (`tools/keytools/sign.c`).
* Added libwolfboot functions `int wolfBoot_fallback_is_possible(void);` and `int wolfBoot_dualboot_candidate(void);`
* Performance improvement to only hash application firmware image once
 2020-03-04 12:04:46 -08:00
Daniele Lacamera d33c5acac8 Added support for SHA3 2020-01-07 20:35:31 +01:00
Daniele Lacamera c847529698 Added RSA-4096 bit support 2020-01-07 11:32:09 +01:00
Chris Conlon 1f57ad9f39 update copyright to 2020 2020-01-03 15:36:00 -08:00
David Garske 79277d60ce Progress on expanding STM32WB testing support. Including external SPI/TPM and RSA. Fixes to prevent STM32WB macro collisions with PKA. Makefile improvements for combinations of PKA, SIGN and WOLFTPM. 2019-12-20 19:08:31 +01:00
Daniele Lacamera 25455744b6 Make Stm32 SPI driver more generic to reuse on other STM32 platforms 2019-12-20 19:08:31 +01:00
David Garske 041ca75793 Added support for TPM2.0 module via wolfTPM. Tested with STM32F4. Build using `make SIGN=ECC256 WOLFTPM=1`. 2019-12-17 10:59:11 -08:00
David Garske 6ed1e5ca5f Fixes for external SPI build options. 2019-12-17 10:38:18 -08:00
David Garske ac9e2b8647 Updated SP build options and stack usage warning. 2019-12-17 09:44:02 -08:00
David Garske fae6a974c8 Adds RSA support to wolfBoot using "SIGN=RSA2048". Includes RSA signing script tool in Python and instructions. 2019-12-17 09:44:02 -08:00
Daniele Lacamera 0b822cefbb Fixes to kinetis K82F 2019-11-11 14:27:16 -08:00
Daniele Lacamera ca9ffbab7c Configuration (via .config), single entry point for options 2019-10-10 20:39:25 +02:00
Daniele Lacamera 1970fbdd2e Fix for header type on SPI flash 2019-09-19 08:44:55 +02:00
Daniele Lacamera 34def41dd1 Added support for STM32F7 + DUALBANK_SWAP hw-assisted support 2019-07-17 11:37:43 -07:00
David Garske 33e3607e21 Updates to documentation for RISC-V addresses. Added link to wolfBoot-examples repo. Revert target.h changes. 2019-06-10 17:58:31 +02:00
David Garske 0f00f8e700 SiFive HiFive (FE310) RISC-V support 
* HiFive1 HAL Support for PLL Clock, UART, RTC and Flash QSPI Erase/Write.
* HiFive1 update demo application for accepting firmware updates over UART.
* Added test-update-server application for pushing firmware image over UART.
* Fixes for building with `make SIGN=ECC256`.
* Improvements to wolfCrypt `user_settings.h`.
* General library cleanup (license headers and formatting)
* Updated the wolfSSL submodule to latest.
* Documentation updates including new `Targets.md` section for hardare instructions.
 2019-06-07 13:08:15 -07:00
Daniele Lacamera 2ef5e47d61 Added test for bootloader update 2019-04-29 20:32:04 +02:00
Daniele Lacamera fc547e4a25 wolfBoot can update itself when compiled with RAM_CODE=1 
- Added wolfBoot version
- Added extra 16bit header tag to identify the image type and authentication
- Implemented optional in-ram self-update of the bootloader, with version control
and authentication mechanism (not fail-safe)
 2019-04-29 20:32:04 +02:00
Daniele Lacamera 937e9d46fb Introducing RAMCODE tag to transfer functions to RAM 
- Moved functions in the flash write path to RAM, so their execution
does not depend on flash access

- RAMCODE can be enabled via "make RAM_CODE=1"
 2019-04-29 20:32:04 +02:00
Daniele Lacamera b918014203 Multi-platform test application, added K82 to Kinetis port 2019-04-04 16:31:45 +02:00
Daniele Lacamera b5fd49a82a Initial experimental support for RISC-V 
- New Makefile to support multiple architectures
- Separate architecture-specific start-up files
- Stub for a hifive1 HAL port
 2019-04-01 14:01:14 +02:00
Daniele Lacamera 6324e8fe37 [CI] SPI tests fixed 2019-03-18 12:21:44 +01:00
Daniele Lacamera 630a10eafa Automated tests for EXT_FLASH/SPI_FLASH 2019-03-15 11:16:34 +01:00
Daniele Lacamera 7f60f68474 Faster sector copy 2019-03-10 09:48:06 +01:00
Daniele Lacamera bfa3f50a60 Restored target.h for default test 2019-02-15 14:45:27 +01:00
Daniele Lacamera 503b008cf5 New feature: allow swapping from external memory (e.g. SPI flash) 2019-02-15 13:41:06 +01:00
Daniele Lacamera 07db864ab1 EXT flash support: image header mapping 2019-02-13 13:08:32 +01:00
Daniele Lacamera 3a455383a1 STM32F4 Test application: modified to turn a led on early at boot to measure 
boot time.
 2019-01-22 11:58:42 +01:00
Daniele Lacamera 41c60f4bd2 Ecc256 signature verification with sp-math support, work in progress 2019-01-21 05:28:59 +01:00
Daniele Lacamera 61bbfef35c Separated library functions for in-app use 2018-11-22 16:22:30 +01:00
Daniele Lacamera ce98d46cb3 Separate include file for application access 2018-11-22 16:13:50 +01:00
Daniele Lacamera 9403c711ad Update mechanism implemented, ed25519 signing tool changed 2018-11-22 15:47:41 +01:00
Daniele Lacamera 6b3dfe2e69 Removed dependency on bootutil. Starting from a new clean-room update design 2018-11-21 07:00:35 +01:00
Daniele Lacamera 2819d6a184 Added 'flash_area_get_image_buildnum' to retrieve build # 2018-10-30 21:29:31 +01:00
Daniele Lacamera 32c4cb7abe Reverted target.h to default configuration 2018-10-26 12:19:28 +02:00
Daniele Lacamera 6f203a84c3 Fixed upgrade in OVERWRITE_ONLY mode 2018-10-26 12:15:25 +02:00
Daniele Lacamera 62fcc55285 Simplified code structure, got rid of some configuration defines 2018-10-23 12:14:50 +02:00
Daniele Lacamera 7f02df51c9 Added SWAP=0 option, fixed some warnings 2018-10-21 10:04:50 +02:00
Daniele Lacamera efa8d63200 Using 0x20000 as start of primary partition in the example 2018-10-15 07:39:52 +02:00
Daniele Lacamera ec66c47375 First version of the bootloader 2018-10-11 12:23:58 +02:00