WolfSSL
/
wolfBoot
mirror of https://github.com/wolfSSL/wolfBoot.git
1
0
Fork 0
Code Issues Releases Wiki Activity
2,067 Commits
29 Branches
27 Tags
18 MiB
Commit Graph

551 Commits (master)

Author SHA1 Message Date
Daniele Lacamera 076cd1d6c4 Fix for unit test failing 2025-03-04 18:20:46 +01:00
Daniele Lacamera a195efe608 Avoid enforcing alignment on stack for IAR 2025-02-27 16:46:26 +01:00
Daniele Lacamera 3dc152cf1d Added ENCRYPT_CACHE= config option 2025-02-12 10:48:23 +01:00
David Garske 4c2d2b7e6e Add support for Armored mode with IAR. Currently only supports ECDSA and Cortex-M. ZD19190 2025-02-05 16:06:18 +01:00
David Garske c2a85fbf32
Merge pull request #535 from bigbrett/tc3xx-ads1.10.6-prjupdates 
TC3xx: Fixes for ADS 1.10.6
 2025-01-20 10:44:19 -08:00
jordan e2db8d58c4 Remove external ext_lms, ext_xmss pq integrations. 2025-01-20 16:38:24 +01:00
Brett Nicholas a22a9b1686 tc3xx: fix wolfBoot-tc3xx project and wbaurixtool.sh to properly generate macros for non-HSM projects 2025-01-08 12:20:06 -07:00
Daniele Lacamera afcdefa733 Sign: use manifest header to retrieve base version 2024-12-30 16:36:00 +01:00
David Garske acb9d832eb Fixes for Xilinx Zynq UltraScale+ MPSoC: 
* Fixes to support wolfBoot native make and gcc-arm cross compiler. ZD 18159
* Adjust wolfBoot linker script to not use 0 base, instead use end of DDR - 1MB.
* Fixed QSPI bare-metal driver for multi-sector and read return code.
* Fixed issue with Xilinx XMSS IMAGE_HEADER_SIZE in documentation. It should be 5000 bytes.
* Performance optimizations for QSPI:
  - Allow configuration of SPI clock.
  - Improve GSPI FIFO TX/RX fill.
* Added support for FAST_MEMCPY that supports an aligned 32-bit.
* Added Flattened uImage Tree (FIT) image (FDT format).
* Added Aarch64 support for FDT fixups.
* Added Aarch64 startup to support EL2 with cache/MMU.
* Added documentation about exception levels
* Moved zynqmp registers to header.
* Fix printf uart_writenum "buf" len.
* Updated fdt-parser to support saving off larger data images.
 2024-12-30 15:36:43 +01:00
Marco Oliverio 7008f68707 kontron-vx3060-s2: simplify example, add build test, improve docs 2024-12-19 20:12:16 +01:00
Marco Oliverio 834a712350 fsp: move TempRamInitExit and later APIs in stage2 
To avoid using Flash memory after TempRamInitExit. This protects against
malicious modification/injection of the flash after Cache-As-RAM is
disabled.
 2024-12-19 20:12:16 +01:00
John Bland b52c9387aa update footprint 2024-12-17 14:46:24 +01:00
Brett Nicholas 638787e296 cast malloc result 2024-12-16 19:12:23 +01:00
Brett Nicholas 0d18b25a2e fix keytools public key der export to use ml-dsa level passed as env var 2024-12-16 19:12:23 +01:00
Brett Nicholas 4b8e4b7907 Additional fixes for new keytool features introduced in #521 2024-12-16 19:12:23 +01:00
Brett Nicholas ceffc788dd - support for wolfHSM ML-DSA on simulator and AURIX (DMA only) 
- consolidate AURIX scripts into wbaurixtool.sh
- documentation updates
 2024-12-16 19:12:23 +01:00
David Garske fae36f2adf Reserve enough size for the ML-DSA public key in gen. 2024-12-05 14:44:30 -08:00
David Garske 6bed80fbc2 ML-DSA default is level 2. The keytools must be able to support all ML-DSA levels at run-time using `ML_DSA_LEVEL` environment variable. wolfBoot needs to be built with the correct level specified in the .config. 2024-12-05 14:25:43 -08:00
David Garske 4991eabb18 Peer review fixes. Default to ML-DSA level 2. 2024-12-05 13:39:47 -08:00
David Garske 8cdefaae20 Fix to remove ext_XMS artifact from keytools Makefile. Caused mingw readdir error. 2024-12-05 10:45:52 -08:00
David Garske eddf0bd234 Progress getting the Windows tools to build. 2024-12-05 08:36:02 -08:00
Daniele Lacamera 51eff3e71d Adjusted size for ML_DSA build 2024-12-03 15:03:45 +01:00
Daniele Lacamera 5ab661677f keygen: removed compile-time parameters (lms, xmss) 2024-12-03 14:58:49 +01:00
Daniele Lacamera d5e402ebde Removing compile-time parameters from keygen 2024-12-03 14:50:54 +01:00
Daniele Lacamera 7132a13545 Complete generic sign 2024-12-03 11:10:16 +01:00
Daniele Lacamera 04d2ecd246 Remove dependency from PQC parameters. Speed up tests. 2024-12-02 18:55:32 +01:00
Daniele Lacamera 05d0e92ecf Removed forced inflation of header size in `sign` 2024-12-02 14:07:43 +01:00
Daniele Lacamera d3935774d9 Fix header size in hybrid mode 2024-12-02 12:03:32 +01:00
Daniele Lacamera 10cdc5408a Add env variable to unit test 2024-11-28 11:06:16 +01:00
Daniele Lacamera 75efbd9cfb Removed all compile-time dependency from keytools 2024-11-26 13:17:00 +01:00
Daniele Lacamera 97fb3b68af Test: add IMAGE_HEADER_SIZE to sign command 2024-11-26 11:17:35 +01:00
Daniele Lacamera 93866f7376 Use minimum 512B of header with delta updates 2024-11-26 11:04:09 +01:00
Daniele Lacamera 6c8aafe09d Remove keytools dependency on IMAGE_HEADER_SIZE. 
- Added getenv() to override the value at runtime
- Removed doc on old python tools
 2024-11-26 10:57:06 +01:00
David Garske bf4c8017dd Test: adding action to build keytools on windows. 
* Update key tools VS project to 2022.
* Fix a few warnings in sign.c
* Fix issues with windows already having min/max.
* Fix (workaround) issue with key tools needing WOLFBOOT_SECTOR_SIZE.
 2024-11-25 14:38:29 -08:00
Daniele Lacamera 3a69b0e41a Don't fail if the image contains no base sha 
+ Added --no-base-sha option to sign
 2024-11-22 11:58:17 +01:00
Daniele Lacamera 7347f334b3 Delta update: check sha digest of base image 
Only allow delta update if the sha digest of the base image matches the
expected value. This is to prevent the delta update from being applied
to an image that is not the expected base image, even if the version
matches.

The mismatch should never happen in real-life scenarios, but it is to check
for false positives during integration, testing and development.
 2024-11-21 14:28:40 +01:00
Brett Nicholas f9cbc57795 review feedback 2024-11-13 09:52:49 +01:00
Brett Nicholas 78e4275f99 Initial wolfHSM support for simulator and AURIX TC3xx 2024-11-13 09:52:49 +01:00
David Garske aec2809212 Cleanups after hybrid signing PR. 2024-10-31 11:23:52 +01:00
David Garske b333317047
Merge pull request #510 from danielinux/hybrid-auth 
Support for hybrid authentication (two ciphers)
 2024-10-30 09:22:34 -07:00
jordan c4f87c6ad8 tools renode: fix ext_LMS and ext_XMSS sign arg check. 2024-10-30 15:08:57 +01:00
jordan cfd65a8ee8 tools renode: reset SIGN_ARGS. 2024-10-30 15:08:57 +01:00
Daniele Lacamera 4743ec06c1 Reviewer comments: fixed typos, less verbose sign 
Removed some debug leftovers
 2024-10-30 13:17:09 +01:00
Daniele Lacamera d7a45db083 Added benchmark for Hybrid modes 2024-10-30 13:17:09 +01:00
Daniele Lacamera cc447ea879 Support for hybrid authentication (2 ciphers) 2024-10-30 13:17:06 +01:00
Daniele Lacamera f90197044a Added missing symbol to compile tpmtools 2024-10-30 10:28:21 +01:00
Daniele Lacamera 72a0aa3853 Added Benchmark script. Added ARMASM support. 2024-10-24 21:20:09 +02:00
Daniele Lacamera 668f117c30 LMS: adjusted footprint size 2024-10-21 15:15:15 +02:00
jordan b97abd4ace Add ML-DSA support. 2024-10-14 10:13:52 +02:00
Daniele Lacamera c115ed3f15 Updated footprint limits 2024-10-11 10:30:46 +02:00