WolfSSL
/
wolfBoot
mirror of https://github.com/wolfSSL/wolfBoot.git
1
0
Fork 0
Code Issues Releases Wiki Activity
2,127 Commits
29 Branches
28 Tags
20 MiB
Commit Graph

561 Commits (2d6cf95c20d19a09d87881345f4149d10f5af340)

Author SHA1 Message Date
Brett Nicholas d689656a71 Add support for wolfHSM cert chain verification on TC3xx 2025-05-30 11:15:56 -06:00
Brett Nicholas 23cf367c38 review feedback: remove use of unused intermediate variable 2025-05-28 12:24:26 -06:00
Brett Nicholas be9b21dddc Fix test sizes for wolfSSL updates 2025-05-28 11:38:28 -06:00
Brett Nicholas 7660bf66f8 Add wolfHSM cert chain verification for ECC and RSA 2025-05-27 15:42:59 -06:00
Brett Nicholas 16e5b94e9d review comments 2025-05-09 19:06:33 -06:00
Brett Nicholas d49e507926 - Support external flash for elf scatter-loading 
- Support ELF scatter-loading on TC3xx
- Modify TC3xx HAL flash erase to support arbitrary offsets and sizes
- Realign partition size and addresses to support more efficient sector mass erase on update
 2025-05-08 08:50:26 -06:00
Daniele Lacamera d05d769e80 Fixes: footprint size increased 2025-04-30 11:49:15 +02:00
David Garske 8fff9cf3d7 Temp fix: `sign.c:67:5: error: implicit declaration of function '_chsize_s' [-Werror=implicit-function-declaration]` 2025-04-29 11:50:29 +02:00
David Garske b86d7fc308 Renesas RX minor fixes and documentation updates. Fix for malformed GNUC macro causing clock to not be setup properly when building with RX-GCC compiler. Fix warnings with using `%zu` on older GCC. 2025-04-29 11:50:29 +02:00
Daniele Lacamera 386a172587 Fix regressions detected by github workflows 2025-04-07 17:10:37 +02:00
Daniele Lacamera 076cd1d6c4 Fix for unit test failing 2025-03-04 18:20:46 +01:00
Daniele Lacamera a195efe608 Avoid enforcing alignment on stack for IAR 2025-02-27 16:46:26 +01:00
Daniele Lacamera 3dc152cf1d Added ENCRYPT_CACHE= config option 2025-02-12 10:48:23 +01:00
David Garske 4c2d2b7e6e Add support for Armored mode with IAR. Currently only supports ECDSA and Cortex-M. ZD19190 2025-02-05 16:06:18 +01:00
David Garske c2a85fbf32
Merge pull request #535 from bigbrett/tc3xx-ads1.10.6-prjupdates 
TC3xx: Fixes for ADS 1.10.6
 2025-01-20 10:44:19 -08:00
jordan e2db8d58c4 Remove external ext_lms, ext_xmss pq integrations. 2025-01-20 16:38:24 +01:00
Brett Nicholas a22a9b1686 tc3xx: fix wolfBoot-tc3xx project and wbaurixtool.sh to properly generate macros for non-HSM projects 2025-01-08 12:20:06 -07:00
Daniele Lacamera afcdefa733 Sign: use manifest header to retrieve base version 2024-12-30 16:36:00 +01:00
David Garske acb9d832eb Fixes for Xilinx Zynq UltraScale+ MPSoC: 
* Fixes to support wolfBoot native make and gcc-arm cross compiler. ZD 18159
* Adjust wolfBoot linker script to not use 0 base, instead use end of DDR - 1MB.
* Fixed QSPI bare-metal driver for multi-sector and read return code.
* Fixed issue with Xilinx XMSS IMAGE_HEADER_SIZE in documentation. It should be 5000 bytes.
* Performance optimizations for QSPI:
  - Allow configuration of SPI clock.
  - Improve GSPI FIFO TX/RX fill.
* Added support for FAST_MEMCPY that supports an aligned 32-bit.
* Added Flattened uImage Tree (FIT) image (FDT format).
* Added Aarch64 support for FDT fixups.
* Added Aarch64 startup to support EL2 with cache/MMU.
* Added documentation about exception levels
* Moved zynqmp registers to header.
* Fix printf uart_writenum "buf" len.
* Updated fdt-parser to support saving off larger data images.
 2024-12-30 15:36:43 +01:00
Marco Oliverio 7008f68707 kontron-vx3060-s2: simplify example, add build test, improve docs 2024-12-19 20:12:16 +01:00
Marco Oliverio 834a712350 fsp: move TempRamInitExit and later APIs in stage2 
To avoid using Flash memory after TempRamInitExit. This protects against
malicious modification/injection of the flash after Cache-As-RAM is
disabled.
 2024-12-19 20:12:16 +01:00
John Bland b52c9387aa update footprint 2024-12-17 14:46:24 +01:00
Brett Nicholas 638787e296 cast malloc result 2024-12-16 19:12:23 +01:00
Brett Nicholas 0d18b25a2e fix keytools public key der export to use ml-dsa level passed as env var 2024-12-16 19:12:23 +01:00
Brett Nicholas 4b8e4b7907 Additional fixes for new keytool features introduced in #521 2024-12-16 19:12:23 +01:00
Brett Nicholas ceffc788dd - support for wolfHSM ML-DSA on simulator and AURIX (DMA only) 
- consolidate AURIX scripts into wbaurixtool.sh
- documentation updates
 2024-12-16 19:12:23 +01:00
David Garske fae36f2adf Reserve enough size for the ML-DSA public key in gen. 2024-12-05 14:44:30 -08:00
David Garske 6bed80fbc2 ML-DSA default is level 2. The keytools must be able to support all ML-DSA levels at run-time using `ML_DSA_LEVEL` environment variable. wolfBoot needs to be built with the correct level specified in the .config. 2024-12-05 14:25:43 -08:00
David Garske 4991eabb18 Peer review fixes. Default to ML-DSA level 2. 2024-12-05 13:39:47 -08:00
David Garske 8cdefaae20 Fix to remove ext_XMS artifact from keytools Makefile. Caused mingw readdir error. 2024-12-05 10:45:52 -08:00
David Garske eddf0bd234 Progress getting the Windows tools to build. 2024-12-05 08:36:02 -08:00
Daniele Lacamera 51eff3e71d Adjusted size for ML_DSA build 2024-12-03 15:03:45 +01:00
Daniele Lacamera 5ab661677f keygen: removed compile-time parameters (lms, xmss) 2024-12-03 14:58:49 +01:00
Daniele Lacamera d5e402ebde Removing compile-time parameters from keygen 2024-12-03 14:50:54 +01:00
Daniele Lacamera 7132a13545 Complete generic sign 2024-12-03 11:10:16 +01:00
Daniele Lacamera 04d2ecd246 Remove dependency from PQC parameters. Speed up tests. 2024-12-02 18:55:32 +01:00
Daniele Lacamera 05d0e92ecf Removed forced inflation of header size in `sign` 2024-12-02 14:07:43 +01:00
Daniele Lacamera d3935774d9 Fix header size in hybrid mode 2024-12-02 12:03:32 +01:00
Daniele Lacamera 10cdc5408a Add env variable to unit test 2024-11-28 11:06:16 +01:00
Daniele Lacamera 75efbd9cfb Removed all compile-time dependency from keytools 2024-11-26 13:17:00 +01:00
Daniele Lacamera 97fb3b68af Test: add IMAGE_HEADER_SIZE to sign command 2024-11-26 11:17:35 +01:00
Daniele Lacamera 93866f7376 Use minimum 512B of header with delta updates 2024-11-26 11:04:09 +01:00
Daniele Lacamera 6c8aafe09d Remove keytools dependency on IMAGE_HEADER_SIZE. 
- Added getenv() to override the value at runtime
- Removed doc on old python tools
 2024-11-26 10:57:06 +01:00
David Garske bf4c8017dd Test: adding action to build keytools on windows. 
* Update key tools VS project to 2022.
* Fix a few warnings in sign.c
* Fix issues with windows already having min/max.
* Fix (workaround) issue with key tools needing WOLFBOOT_SECTOR_SIZE.
 2024-11-25 14:38:29 -08:00
Daniele Lacamera 3a69b0e41a Don't fail if the image contains no base sha 
+ Added --no-base-sha option to sign
 2024-11-22 11:58:17 +01:00
Daniele Lacamera 7347f334b3 Delta update: check sha digest of base image 
Only allow delta update if the sha digest of the base image matches the
expected value. This is to prevent the delta update from being applied
to an image that is not the expected base image, even if the version
matches.

The mismatch should never happen in real-life scenarios, but it is to check
for false positives during integration, testing and development.
 2024-11-21 14:28:40 +01:00
Brett Nicholas f9cbc57795 review feedback 2024-11-13 09:52:49 +01:00
Brett Nicholas 78e4275f99 Initial wolfHSM support for simulator and AURIX TC3xx 2024-11-13 09:52:49 +01:00
David Garske aec2809212 Cleanups after hybrid signing PR. 2024-10-31 11:23:52 +01:00
David Garske b333317047
Merge pull request #510 from danielinux/hybrid-auth 
Support for hybrid authentication (two ciphers)
 2024-10-30 09:22:34 -07:00