* Added new `WOLFBOOT_TPM_SEAL` and `WOLFBOOT_TPM_SEAL_NV_BASE` config options.
* Added new `tools/tpm/policy_create` tool for assisting with creation of a policy digest. The sign keytool `--policy=file` signs the policy.
* Added new `WOLFBOOT_TPM_VERIFY` option to enable offloading of the asymmetric verification to the TPM. By default wolfCrypt will be used.
* Added example seal/unseal to update_flash for ARCH_SIM.
* Renamed `WOLFBOOT_TPM_KEYSTORE_NV_INDEX` to `WOLFBOOT_TPM_KEYSTORE_NV_BASE` to support multiple public keys.
* Refactored most TPM code into tpm.c.
* Refactored the keystore ROT to use new `wolfBoot_check_rot` API.
* Refactored the sign keytool to have a sign_digest function to allow signing firmware and policy for sealing/unsealing.
* Fix for make distclean && make using the wrong key tools.
* Added ELF32 and ELF64 loader support (config `ELF=1` or build option `WOLFBOOT_ELF`).
* Add ELF support to `update_ram.c` loader.
* Add support for loading entire flash image to RAM when `EXT_FLASH=1` and `NO_XIP=1` (or `WOLFBOOT_USE_RAMBOOT`).
* Added QUICC Engine support to load microcode and enable.
* Add multiple core support for NXP P1021.
* Fixes to resolve first stage boot ROM relocation.
- Implemented temporary workaround to resolve stack traps.
* Added PPC GOT relocation support.
* Fix for the PPC `isr_empty` handler address.
* Fix to allow stack to use DDR by having assembly setup DDR TLB. After relocating wolfBoot use stack on DDR.
* Cleanup wolfBoot output.
- Only remove extra .bin/.elf created unless `make distclean` is used.
- Don't output the key grep test (only check result).
- Adjust build order (first stage, wolfboot, test app, key, sign test app and factory).
- Fix to make sure linker script is rebuilt before objects.
Sample NXP P1021 Output:
```
Relocating BOOT ROM to DDR
Loading wolfBoot to DDR
Jumping to full wolfBoot
wolfBoot HAL Init
Flash Init: Ret 0, ID 0x76207620
QE: Length 63732, Count 1
QE: uploading 'Microcode for P1021 r1.0' version 0.0.1
QE: Traps 0
MP: Starting core 2 (spin table 0xFFFFF240)
Versions: Boot 1, Update 0
Trying Boot partition at 0x200000
Loading header 512 bytes to 0x1DFFFE00
Loading image 3170724 bytes to 0x1E000000
Image size 3170724
Firmware Valid
Loading elf at 0x1E000000
Found valid elf32 (big endian)
Booting at 0x6000
```
* Added Aarch64 boot/startup support
* Added configuration templates for Raspberry Pi 3 and Xilinx ZynqMP UltraScale+
* Added Xilinx Zynq QSPI bare-metal Driver
* Added `NO_XIP` option for full `ext_flash_*` API on all partitions
* Added Xilinx SDK Project Template
* Added support for DTS image partitions
* Added wolfBoot signing tool in Native C (`tools/keytools/sign.c`).
* Added libwolfboot functions `int wolfBoot_fallback_is_possible(void);` and `int wolfBoot_dualboot_candidate(void);`
* Performance improvement to only hash application firmware image once
David Garske
jordan
Daniele Lacamera
Daniele Lacamera
Dimitar Tomov