WolfSSL
/
wolfBoot
mirror of https://github.com/wolfSSL/wolfBoot.git
1
0
Fork 0
Code Issues Releases Wiki Activity
2,114 Commits
29 Branches
28 Tags
20 MiB
Commit Graph

87 Commits (7c81d6a6f1c48c0fbff91785435f86c6ff5db906)

Author SHA1 Message Date
Daniele Lacamera d587a793c0 Added WOLFSSL_PUBLIC_MP to user_settings when PKCS11 is enabled. 2025-04-30 13:45:08 +02:00
David Garske 271ae4c2f0 Improving matrix. 2025-04-29 11:50:29 +02:00
David Garske b6179a2780 Fixing test-lib matrix. 2025-04-29 11:50:29 +02:00
Brett Nicholas ceffc788dd - support for wolfHSM ML-DSA on simulator and AURIX (DMA only) 
- consolidate AURIX scripts into wbaurixtool.sh
- documentation updates
 2024-12-16 19:12:23 +01:00
Brett Nicholas 78e4275f99 Initial wolfHSM support for simulator and AURIX TC3xx 2024-11-13 09:52:49 +01:00
Daniele Lacamera cc447ea879 Support for hybrid authentication (2 ciphers) 2024-10-30 13:17:06 +01:00
Daniele Lacamera 72a0aa3853 Added Benchmark script. Added ARMASM support. 2024-10-24 21:20:09 +02:00
Daniele Lacamera 07bdae680a ARMASM. Macros for clocks+gpios. Set MAC pins. 2024-10-14 10:14:48 +02:00
jordan b97abd4ace Add ML-DSA support. 2024-10-14 10:13:52 +02:00
Daniele Lacamera 8386a503f8 Added NO_WOLFSSL_MALLOC 2024-10-11 20:48:34 +02:00
jordan 42f92ebedb user_settings: default to NO_ASN if NO_RSA defined. 2024-09-13 15:58:24 -05:00
David Garske 9e17315d49 Fixes for building wolfBoot with XMSS/LMS. 2024-08-14 18:06:12 +02:00
David Garske 3687851f75 Xilinx zynqmp documentation cleanups. Fixes for building with Eclipse wildcard .c include pains. 2024-08-14 18:06:12 +02:00
David Garske 3444c47fdb * Added support for RX65N and RX72N with native Makefile and RX ELF GCC compiler. 
* Added initialization of the clocks and UART driver.
   - wolfBoot uses on chip high speed oscillator (HOCO) at (120MHz RX65N and 240Mhz for RX72N).
* Added RX RSPI and QSPI driver support with external SPI flash
* Improve documentation and fix spelling errors.
* Added .srec (s-record) format support
* Added RX TSIP support for ECDSA (requires https://github.com/wolfSSL/wolfssl/pull/7685).
* Allow custom implementation of `get_trailer_at`, `set_trailer_at` and `set_partition_magic` using `CUSTOM_PARTITION_TRAILER`
 2024-07-17 06:08:31 +02:00
Daniele Lacamera 11ce50f6c1 Removed debug print, added PKCS11_SMALL, fixes 2024-07-09 10:22:43 -07:00
Daniel Pouzzner 441200f469 fix: support DEBUG=0 build 
* build lib/wolfssl/wolfcrypt/src/logging.o unconditionally,
* gate debug printing in do_tpm_selftest() appropriately,
* initialize top_address in src/boot_x86_fsp.c:start() to fix -Wmaybe-uninitialized,
* and add __attribute__((used)) to static src/x86/exceptions.c:common_exception_handler() and _timer_handler() implementations to accommodate asm-only calling;
* fix parallel make: add dependency of stage1/loader_stage1.bin on wolfboot.elf.
* add -ffreestanding -static flags to avoid gcc compiler optimize strings functions

Co-authored-by: Daniel Pouzzner <douzzer@wolfssl.com>
 2024-06-19 09:47:06 +02:00
Daniele Lacamera 4dda0571c7 Fix building PKCS11 Trustzone with any auth algo 2024-05-29 15:05:56 +02:00
David Garske 027c6847e5
Merge pull request #443 from wolfSSL/x86_fsp_backport 
x86 fsp backport
 2024-05-09 07:46:56 -07:00
Daniele Lacamera 3ec982109c STM32H5: added support for TrustZone 
- Unified TZ support for STM32L5, STM32H5, STM32U5
- Fixed/added example configuration files
- Expanded documentation
- Added new configurations to automated tests
 2024-05-09 16:33:40 +02:00
Marco Oliverio a98e74fa33 fix: user_settings.h: fix typo in ECC521 defines 2024-04-29 12:50:37 +02:00
Marco Oliverio 7f4db8247c user_settings: allow multiples HAVE_ECC* defines 2024-04-23 10:42:07 +02:00
David Garske a37a816693
Merge pull request #433 from danielinux/gpl3 
Update license GPL2 -> GPL3
 2024-04-16 10:36:10 -07:00
Daniele Lacamera fce6149cf8 Update license GPL2 -> GPL3 2024-04-16 16:46:15 +02:00
Daniele Lacamera da5b73817e Update wolfPKCS11 to v1.3.0. Fixed doc 2024-04-16 16:24:31 +02:00
Daniele Lacamera 25c8356a6b safety: panic() when calling random stub 2023-10-09 11:13:42 +02:00
David Garske 9cf947282c * Fix for building on MacOS (new keystore section issues). 
* Fix for library.o workaround.
* Added new `WOLFBOOT_DEBUG_MALLOC` option to help diagnosing malloc failures.
 2023-09-28 17:27:23 +02:00
Marco Oliverio 559f07f11e user_settings: tpm: reduce MMIO pooling delay 2023-09-28 13:12:26 +02:00
Marco Oliverio fa7bb89edb ahci: add support for disk unlocking based on tpm sealed secret 2023-09-28 13:12:26 +02:00
Marco Oliverio aaa66e7980 user_settings.h: remove redundant XTPM_WAIT() definition 2023-09-28 13:12:26 +02:00
Daniele Lacamera b8a5a6243d Cleanup, config rename, documentation 2023-09-21 08:31:30 +02:00
Daniele Lacamera 291adfe87d Fixed merge of user_settings with new TPM logic 2023-09-21 08:31:28 +02:00
Daniele Lacamera ed0357289c Fixed NS flash access + flash write unlock + misc 
- non-secure flash area increased to cover BOOT+UPDATE partitions
- call unlock/lock functions before accessing pkcs11 store for writing
- Enabled more features in application wolfcrypt front-end
- Fixed compiler w4rnings
 2023-09-21 08:28:23 +02:00
Daniele Lacamera bcbb0c2cfe Rebased on latest master 2023-09-21 08:28:23 +02:00
Daniele Lacamera fd862cbd8f Working PKCS11 test. 
Temporarily removed some features so the image fits in 64Kb
 2023-09-21 08:28:09 +02:00
Daniele Lacamera 20e8b021b5 Added NS wrappers for PKCS11 API 2023-09-21 07:57:18 +02:00
Daniele Lacamera f7d6c17685 TZ: PKCS11 wrappers via wolfPKCS11 in S world 2023-09-21 07:57:18 +02:00
Daniele Lacamera fd809c5b69 Expanded WCS interface 
- Added TRNG driver for STM32L5
- Link with correct objects in test-app
- Expanded wc_callable interface
 2023-09-21 07:57:18 +02:00
Daniele Lacamera 61ea65747b Added secure functions to set/provision key slots 2023-09-21 07:57:18 +02:00
Daniele Lacamera c7c90cd2cc Back-end calls for ecc sign/verify/getpublic 2023-09-21 07:57:18 +02:00
Daniele Lacamera 9bf80ab8cd Initial draft: wolfcrypt secure mode 2023-09-21 07:57:18 +02:00
David Garske 490286be7d Support for sealing/unseal a secret based on an externally signed PCR policy. 
* Added new `WOLFBOOT_TPM_SEAL` and `WOLFBOOT_TPM_SEAL_NV_BASE` config options.
* Added new `tools/tpm/policy_create` tool for assisting with creation of a policy digest. The sign keytool `--policy=file` signs the policy.
* Added new `WOLFBOOT_TPM_VERIFY` option to enable offloading of the asymmetric verification to the TPM. By default wolfCrypt will be used.
* Added example seal/unseal to update_flash for ARCH_SIM.
* Renamed `WOLFBOOT_TPM_KEYSTORE_NV_INDEX` to `WOLFBOOT_TPM_KEYSTORE_NV_BASE` to support multiple public keys.
* Refactored most TPM code into tpm.c.
* Refactored the keystore ROT to use new `wolfBoot_check_rot` API.
* Refactored the sign keytool to have a sign_digest function to allow signing firmware and policy for sealing/unsealing.
* Fix for make distclean && make using the wrong key tools.
 2023-09-12 12:26:48 +02:00
David Garske 95b0d9090d Fixes for building TPM keystore with arch x86_64. 2023-08-24 16:38:20 +02:00
David Garske 6ea1a1e4a5 Added GitHub action build tests for NXP parts (iMX RT, Kinetis and LPC). 2023-08-21 11:08:48 +02:00
David Garske 0ee918f9f6 Fixes for simulator malloc/free. Fix for RSA encrypt missing `wc_RsaPublicEncrypt_ex`. 2023-08-17 13:43:58 +02:00
David Garske 103503cf8a Fixes to get WOLFBOOT_TPM_KEYSTORE working with ECC SRK and Parameter Encryption. 2023-08-17 13:43:58 +02:00
David Garske 69adb25496 wolfBoot TPM improvements: 
* Added TPM SPI wait state support and debug logging.
* Added platform auth ownership (change platform password to random value before boot). Can be disabled using `WOLFBOOT_TPM_NO_CHG_PLAT_AUTH`.
* Added parameter encryption support.
* Added TPM based root of trust based on https://github.com/wolfSSL/wolfTPM/pull/276
* Removed the TPM hashing feature (not practical).
* Fixed RSA with wolfTPM build.
* Fixed cleanup wolfTPM objects on make clean.
 2023-08-17 13:43:58 +02:00
Marco Oliverio 9aee0b4cdd TPM: support WOLFTPM_MMIO 2023-07-24 18:12:13 +00:00
Daniele Lacamera efa28e3787 x86_64: support SP_MATH on x86_64 architecture 
Signed-off-by: Marco Oliverio <marco@wolfssl.com>
 2023-07-24 18:12:13 +00:00
David Garske 1d6c421b41 Disable dynamic stack for SP math and SP math all. 2023-07-05 18:34:42 +02:00
Daniele Lacamera 17b948bd25 Added WOLFSSL_SP_NO_DYN_STACK to user_settings.h 2023-07-05 18:34:42 +02:00