wolfBoot

Commit Graph

Author	SHA1	Message	Date
David Garske	b3e2fb9ddd	NXP T1024 wolfBoot support: * Added DDR4 w/ECC. * Added L2 and L2 CPC SRAM support * Added platform SRAM 160KB support * Added support for core timers (timebase) and platform clock. * Added IFC driver with erase/write * Added stage 1 loader to relocate wolfBoot to DDR * Added CPLD, QUICC, FMAN and MP drivers * Added eSPI driver for TPM. * Added hal_early_init instead of calling ddr_init directly. * Fixes for device tree (DTB) loading with update_ram and PPC boot. * Fixes for relocating CCSRBAR to upper. * Fixes for interrupt offsets.	2023-10-06 15:28:16 +02:00
Daniele Lacamera	dd8fb02e7c	keytools: Added tests for new features	2023-09-29 14:54:08 +02:00
David Garske	56be972c9e	Spelling and add TODO's for testing new keytool features.	2023-09-28 10:06:07 -07:00
David Garske	9cf947282c	* Fix for building on MacOS (new keystore section issues). * Fix for library.o workaround. * Added new `WOLFBOOT_DEBUG_MALLOC` option to help diagnosing malloc failures.	2023-09-28 17:27:23 +02:00
Daniele Lacamera	291adfe87d	Fixed merge of user_settings with new TPM logic	2023-09-21 08:31:28 +02:00
David Garske	e3f97f401e	Fix for ROT with no auth. Add test case for it.	2023-09-15 07:25:01 +02:00
David Garske	c04960c097	Fix simulator to not just while(1) on panic, which causes CI to spin/timeout (instead exit with error). Fix ROT logic and make sure read error code gets passed up stack.	2023-09-12 12:26:48 +02:00
David Garske	2349a68e76	Added support for storing sealed blobs into NV. Refactor the TPM signature verify to use existing load public key function and generic verify hash TPM function. Added support for RSA sign with ASN.1 encoding (Example: `SIGN=RSA2048ENC`).	2023-09-12 12:26:48 +02:00
David Garske	490286be7d	Support for sealing/unseal a secret based on an externally signed PCR policy. * Added new `WOLFBOOT_TPM_SEAL` and `WOLFBOOT_TPM_SEAL_NV_BASE` config options. * Added new `tools/tpm/policy_create` tool for assisting with creation of a policy digest. The sign keytool `--policy=file` signs the policy. * Added new `WOLFBOOT_TPM_VERIFY` option to enable offloading of the asymmetric verification to the TPM. By default wolfCrypt will be used. * Added example seal/unseal to update_flash for ARCH_SIM. * Renamed `WOLFBOOT_TPM_KEYSTORE_NV_INDEX` to `WOLFBOOT_TPM_KEYSTORE_NV_BASE` to support multiple public keys. * Refactored most TPM code into tpm.c. * Refactored the keystore ROT to use new `wolfBoot_check_rot` API. * Refactored the sign keytool to have a sign_digest function to allow signing firmware and policy for sealing/unsealing. * Fix for make distclean && make using the wrong key tools.	2023-09-12 12:26:48 +02:00
jordan	e23d450e45	LMS wolfBoot support.	2023-09-06 07:57:10 +02:00
David Garske	19424c86c9	Added optional `WOLFBOOT_TPM_KEYSTORE_AUTH` for build-time NV auth.	2023-08-22 07:12:05 +02:00
John Bland	131df548e6	Merge branch 'master' into nvm-encrypt-configs	2023-08-21 10:13:46 -04:00
David Garske	6ea1a1e4a5	Added GitHub action build tests for NXP parts (iMX RT, Kinetis and LPC).	2023-08-21 11:08:48 +02:00
John Bland	032fa172ec	remove missing test	2023-08-21 01:39:31 -04:00
John Bland	c32f05c9fb	add configs for NVM_FLASH_WRITEONCE with encription, FLAGS_HOME, and invert. the powerfail test will fail for these configs to show the problem	2023-08-21 01:26:55 -04:00
David Garske	701674be4f	Merge pull request #343 from jpbland1/add-nvm-configs add combinations of NVM_FLASH_WRITEONCE config tests	2023-08-17 07:02:51 -07:00
David Garske	9ca58248e4	Adding GitHub Action for testing TPM features.	2023-08-17 13:43:58 +02:00
John Bland	baac5cc120	revert unready tests	2023-08-17 01:42:27 -04:00
John Bland	9fa6bb3ade	add combinations of NVM_FLASH_WRITEONCE config tests	2023-08-15 17:06:48 -04:00
John Bland	f5a2e23de6	remove unready test	2023-08-15 12:53:41 -04:00
John Bland	20184d2b24	add test to demonstrate that NVM_FLASH_WRITEONCE is calling nvm_select_fresh_sector on a potentially external partition, which will fail and crashes the simulator. the next commit will hold the fix	2023-08-15 02:57:46 -04:00
David Garske	7638bfb479	Merge pull request #333 from danielinux/update-submodules Updated submodules to latest versions	2023-08-03 08:07:08 -07:00
Daniele Lacamera	ac20d3ae85	Disabled test RSA3072+FASTMATH - renode target ran out of memory when running RSA verify	2023-08-03 09:55:52 +02:00
John Bland	f11ae239f9	fix bad genrsa statement	2023-07-28 07:55:16 +02:00
John Bland	de1da2c6ca	add distclean to rsa test	2023-07-28 07:55:16 +02:00
John Bland	4f4d59e2a3	fix bad trigger on test	2023-07-28 07:55:16 +02:00
John Bland	fd08d321e2	fix bad openssl commands, remove redundant test	2023-07-28 07:55:16 +02:00
John Bland	517cf6b9b8	update sign to decode keys instead of assuming they're raw add a github workflow for testing external partition signing	2023-07-28 07:55:16 +02:00
John Bland	1e3f30a1c6	add github action for encryption with delta updates	2023-05-17 19:39:00 +02:00
Daniele Lacamera	46ea4923d1	Build tests: change ubuntu repository	2023-05-15 14:57:27 +02:00
Daniele Lacamera	39d8eedc61	Added sim-encrypt tests to github workflow	2023-05-15 11:54:37 +02:00
John Bland	b94249f8f7	correctly identify a forward powerfail vs a revert powerfail and add an exception to wolfBoot_delta_update when a revert gets interrupted since the version will change in the middle of the update process	2023-04-22 06:13:53 +02:00
John Bland	14ec346e1c	before calling wolfBoot_delta_update, check if the 0th sector has been changed with the update partition still being in IMG_STATE_UPDATING state. the state still being IMG_STATE_UPDATING means that a delta update started and that the version may have been switched over, in which case wolfBoot_current_firmware_version() >= wolfBoot_update_firmware_version() no longer tells us if we need to perform an inverse operation on it's own. also removes part of the update powerfail test that does checks for the previous version without triggering a rollback	2023-04-21 20:31:58 +02:00
Daniele Lacamera	56a1158241	Disable DELTA/powerfail test	2023-03-21 18:03:38 +01:00
Daniele Lacamera	9759773f9d	Added simulator tests with delta updates	2023-03-21 18:03:38 +01:00
Daniele Lacamera	49c6b46456	Fixed make commands in workflows	2023-03-21 18:03:38 +01:00
Daniele Lacamera	7e9ecbad50	Added github action for powerfail tests	2023-03-21 18:03:38 +01:00
David Garske	6f12975bc5	Merge pull request #289 from danielinux/gh-action-rsa4096 Parallelize renode tests execution, remove unfeasible test, add compile-time check for large stack usage	2023-03-21 10:01:17 -07:00
Daniele Lacamera	8c47d5c496	Disable TFM+RSA4096 test	2023-03-21 17:05:48 +01:00
Daniele Lacamera	40bd66dd96	Parallel memory/sha renode tests	2023-03-21 16:44:52 +01:00
Daniele Lacamera	c36819ad0b	Run 4 unit tests made out of unit-extflash.c - clear text test of ext_flash_check r/w/erase - Aes128 - Aes256 - ChaCha	2023-03-14 08:57:15 +01:00
Daniele Lacamera	3910ef7da9	Action name updated	2023-03-14 08:57:15 +01:00
Daniele Lacamera	645a310e26	Added libcheck installation to workflow for unit t	2023-03-14 08:57:15 +01:00
Daniele Lacamera	0b06efd347	Added unit test for encrypted external flash	2023-03-14 08:57:14 +01:00
David Garske	8dd0ee347f	Support for the STM32 OCTOSPI peripheral.	2023-02-02 12:11:23 -08:00
David Garske	034fa093da	Add the new example configurations to the tests.	2022-12-29 18:27:40 +01:00
David Garske	4c4fab7612	Expand build tests for aarch64 and ppc. Fixes for some minor build errors uncovered.	2022-12-28 22:47:27 +01:00
David Garske	005df0949d	Disabled builds that have requirements not supported yet. Fixed L0 build.	2022-12-28 19:15:50 +01:00
David Garske	8662f2539a	Adding build tests for all ARM based example configs.	2022-12-28 19:15:50 +01:00
Daniele Lacamera	186027b122	Github workflows: new test scripts Moved most of the commands inside the renode container. Updated docker image to compile and run all tools, wolfboot and test image within the renode container.	2022-12-13 16:45:57 +01:00

1 2

64 Commits (5a7665a9e3462ecd81c606e8e5cfdea84a281d21)