WolfSSL
/
wolfBoot
mirror of https://github.com/wolfSSL/wolfBoot.git
1
0
Fork 0
Code Issues Releases Wiki Activity
995 Commits
29 Branches
28 Tags
20 MiB
Commit Graph

995 Commits (371ff3bb9e932a47624b8c0b170f8538acee7f8c)

Author SHA1 Message Date
John Bland 371ff3bb9e add documentation for using --policy-signed 2023-04-18 17:29:27 -04:00
John Bland 9648f527a2 update tpm seal and unseal code to use new seal 
arguments and reset out the PCR values so they're not impacted by previous calls
 2023-04-17 18:15:40 -04:00
John Bland 79e2f43b68 add TPM pubkey sealing doc and update code based on pr comments 2023-04-14 01:55:14 -04:00
John Bland f71108442c switch wolftpmPcrArray to uint8_t and return negative versions of tpm errors 2023-04-12 23:49:58 -04:00
John Bland 1e93b3d042 add policy signed header to sign.c 2023-04-12 13:36:03 -04:00
John Bland 7dd97be63c update policy sealing logic based on pr comments 2023-04-12 11:20:46 -04:00
John Bland 76fb8feac2 add missing error check unseal call 2023-04-11 12:26:42 -04:00
John Bland 3fbc99d36e wolfTPM pubkey storage with policy based access restriction 
this update uses the tpm to retreive the public key used to validate the image that will boot and restricts access to that key by tpm policy. when the image is updated it's signature is used to extend the PCR and when the image is loaded it's signature must match what was sealed in order to get the public key from the tpm. enabling this option is done by setting WOLFBOOT_TPM_KEYSTORE in .config
 2023-04-11 11:46:21 -04:00
billphipps 27c079b04c Correct spacing. 2023-03-23 06:04:35 +01:00
billphipps 310efc468c Update to check if the initial bytes are erased, then no update is 
present.
 2023-03-23 06:04:35 +01:00
David Garske f31634d2de
Merge pull request #290 from danielinux/test-failsafe-sim 
Add power failure tests via simulator
 2023-03-21 10:22:26 -07:00
Daniele Lacamera 56a1158241 Disable DELTA/powerfail test 2023-03-21 18:03:38 +01:00
Daniele Lacamera d99f14045a Add 16KB random data at the end of the image 2023-03-21 18:03:38 +01:00
Daniele Lacamera 9759773f9d Added simulator tests with delta updates 2023-03-21 18:03:38 +01:00
Daniele Lacamera 49c6b46456 Fixed make commands in workflows 2023-03-21 18:03:38 +01:00
Daniele Lacamera e39ce78b30 Fix fprintf format string warning 2023-03-21 18:03:38 +01:00
Daniele Lacamera 7e9ecbad50 Added github action for powerfail tests 2023-03-21 18:03:38 +01:00
Daniele Lacamera 887f96c7b0 Fix fprintf warnings 2023-03-21 18:03:38 +01:00
Daniele Lacamera 57a8fb30f1 Added test scripts 2023-03-21 18:03:38 +01:00
Daniele Lacamera 6aa5c114e5 Added option to sim target to simulate powerfails 2023-03-21 18:03:38 +01:00
Daniele Lacamera 96bf93838f Allow NVM_FLASH_WRITEONCE code to run in 64bit sim 2023-03-21 18:03:38 +01:00
David Garske 6f12975bc5
Merge pull request #289 from danielinux/gh-action-rsa4096 
Parallelize renode tests execution, remove unfeasible test, add compile-time check for large stack usage
 2023-03-21 10:01:17 -07:00
Daniele Lacamera 43fa7b17f1 Added WOLFBOOT_HUGE_STACK option 
The option can be enabled to use RSA4096 with fast math.
 2023-03-21 17:06:22 +01:00
Daniele Lacamera 8c47d5c496 Disable TFM+RSA4096 test 2023-03-21 17:05:48 +01:00
Daniele Lacamera 40bd66dd96 Parallel memory/sha renode tests 2023-03-21 16:44:52 +01:00
Daniele Lacamera 8e74db2f27 Eliminate sigset warning in test-expect-version 2023-03-21 16:44:52 +01:00
Marco Oliverio b502eef4a7
Merge pull request #292 from danielinux/fix_keystore_size 
keygen.c: fixed size of exported binary keystore
 2023-03-20 11:44:58 +01:00
Daniele Lacamera ab6cd52e7c keygen.c: fixed size of exported binary keystore 2023-03-20 09:10:53 +01:00
Marco Oliverio 3fa27842c6
Merge pull request #288 from danielinux/encryption-unit-tests 
Encryption unit tests
 2023-03-14 17:45:31 +01:00
Daniele Lacamera cd7e4e10fc Fixed after reviewer's comments 2023-03-14 16:12:40 +01:00
Daniele Lacamera c36819ad0b Run 4 unit tests made out of unit-extflash.c 
- clear text test of ext_flash_check r/w/erase
- Aes128
- Aes256
- ChaCha
 2023-03-14 08:57:15 +01:00
Daniele Lacamera 3910ef7da9 Action name updated 2023-03-14 08:57:15 +01:00
Daniele Lacamera 645a310e26 Added libcheck installation to workflow for unit t 2023-03-14 08:57:15 +01:00
Daniele Lacamera e9ad9e3080 Fixes to encrypted updates functions 
- use correct buffer size for the NONCE
- ext_flash_encrypt_write: do not encrypt when writing to last sector of
  update partition
 2023-03-14 08:57:15 +01:00
Daniele Lacamera 0b06efd347 Added unit test for encrypted external flash 2023-03-14 08:57:14 +01:00
Marco Oliverio 51e6a1a28c
Merge pull request #287 from danielinux/nvm-block-fix 
Fix NVM_FLASH_WRITEONCE redundancy
 2023-03-13 19:26:25 +01:00
Daniele Lacamera b401dae331 Fix NVM_FLASH_WRITEONCE redundancy 
Address of non-selected block to erase was shifted by one block
 2023-03-13 10:37:48 +01:00
David Garske 16bc109c06
Merge pull request #282 from danielinux/update-ram-decrypt 
Allow encrypted images in MMU targets
 2023-03-09 12:16:45 -08:00
Daniele Lacamera 99980348dd Update MAIN_TARGET for raspberry pi builds 2023-03-09 18:38:48 +01:00
Daniele Lacamera 2f2a6d416d Support encrypted images in MMU targets 2023-03-09 16:31:29 +01:00
David Garske cb1eaff8e8 Support for SP math with AARCH64 when hardware supports it. 2023-03-09 07:05:24 +01:00
Brett Nicholas 6dacae2945 removed imx_rt10xx_nor files from codebase and replaced with SDK reference 2023-03-06 17:31:48 +01:00
Brett Nicholas 0759c1e7cd changed comment style and copyright year 2023-03-06 17:31:48 +01:00
Brett Nicholas a943e9defc updated to include RT1064 2023-03-06 17:31:48 +01:00
Brett Nicholas b6cf7f94a9 removed local path to SDK from compiler include path 2023-03-06 17:31:48 +01:00
Brett Nicholas 680ce5f8e8 first commit - test app boots on MIMXRT1064-EVK 2023-03-06 17:31:48 +01:00
David Garske fa483a460a Fix docker tests in github actions by running the test as root in docker 2023-03-06 16:25:06 +01:00
David Garske 919d33d7b5 Increase the QSPI timeout to accommodate release build optimizations. 2023-03-06 16:25:06 +01:00
David Garske 80ac15693c Fixed STM32H7 UART 5. Added CMake support for DEBUG_UART. Adjust example config to use correct QSPI offsets for update partition. 2023-03-06 16:25:06 +01:00
David Garske 40f2f82dd7 Add support for UART5. 2023-02-02 12:11:23 -08:00