WolfSSL
/
wolfBoot
mirror of https://github.com/wolfSSL/wolfBoot.git
1
0
Fork 0
Code Issues Releases Wiki Activity
2,150 Commits
29 Branches
28 Tags
20 MiB
Commit Graph

92 Commits (b79be86a56e8afa7ad76fa2346443b41e30ed92d)

Author SHA1 Message Date
David Garske b79be86a56 Fix for `NO_SWAP_EXT=1` with encryption enabled. Peer review fixes. 2025-06-16 19:05:49 +02:00
David Garske 73fc193931 Portability fixes with include < vs ". Added `NO_SWAP_EXT` to allow support for onboard flash swap sector. Added `WOLFSSL_NO_CT_OPS` for ECDSA verify only. Added `WC_NO_DEFAULT_DEVID` to help with code size reduction. 2025-06-16 19:05:49 +02:00
David Garske 8e6b0af105 Added Renesas RX TSIP encrypted updates support using AES CTR. Requires https://github.com/wolfSSL/wolfssl/pull/8854 2025-06-16 19:05:49 +02:00
David Garske 9451b47628 Fix for Renesas TSIP key types. Fix for Renesas RX .keystore location in linker script. Fix for wolfBoot as library with Renesas to make sure crypto hardware is initialized and setup. Add forced alignment on additional buffers used for flash read/write. 2025-06-16 19:05:49 +02:00
David Garske 487efc606d Improvements for portability using older gcc 4.8.2. Make sure wolfboot.h includes the `wolfBoot_verify_*` API's. Fixed issue with parsing headers when `#include` is `# include`. 2025-06-16 19:05:49 +02:00
Daniele Lacamera d587a793c0 Added WOLFSSL_PUBLIC_MP to user_settings when PKCS11 is enabled. 2025-04-30 13:45:08 +02:00
David Garske 271ae4c2f0 Improving matrix. 2025-04-29 11:50:29 +02:00
David Garske b6179a2780 Fixing test-lib matrix. 2025-04-29 11:50:29 +02:00
Brett Nicholas ceffc788dd - support for wolfHSM ML-DSA on simulator and AURIX (DMA only) 
- consolidate AURIX scripts into wbaurixtool.sh
- documentation updates
 2024-12-16 19:12:23 +01:00
Brett Nicholas 78e4275f99 Initial wolfHSM support for simulator and AURIX TC3xx 2024-11-13 09:52:49 +01:00
Daniele Lacamera cc447ea879 Support for hybrid authentication (2 ciphers) 2024-10-30 13:17:06 +01:00
Daniele Lacamera 72a0aa3853 Added Benchmark script. Added ARMASM support. 2024-10-24 21:20:09 +02:00
Daniele Lacamera 07bdae680a ARMASM. Macros for clocks+gpios. Set MAC pins. 2024-10-14 10:14:48 +02:00
jordan b97abd4ace Add ML-DSA support. 2024-10-14 10:13:52 +02:00
Daniele Lacamera 8386a503f8 Added NO_WOLFSSL_MALLOC 2024-10-11 20:48:34 +02:00
jordan 42f92ebedb user_settings: default to NO_ASN if NO_RSA defined. 2024-09-13 15:58:24 -05:00
David Garske 9e17315d49 Fixes for building wolfBoot with XMSS/LMS. 2024-08-14 18:06:12 +02:00
David Garske 3687851f75 Xilinx zynqmp documentation cleanups. Fixes for building with Eclipse wildcard .c include pains. 2024-08-14 18:06:12 +02:00
David Garske 3444c47fdb * Added support for RX65N and RX72N with native Makefile and RX ELF GCC compiler. 
* Added initialization of the clocks and UART driver.
   - wolfBoot uses on chip high speed oscillator (HOCO) at (120MHz RX65N and 240Mhz for RX72N).
* Added RX RSPI and QSPI driver support with external SPI flash
* Improve documentation and fix spelling errors.
* Added .srec (s-record) format support
* Added RX TSIP support for ECDSA (requires https://github.com/wolfSSL/wolfssl/pull/7685).
* Allow custom implementation of `get_trailer_at`, `set_trailer_at` and `set_partition_magic` using `CUSTOM_PARTITION_TRAILER`
 2024-07-17 06:08:31 +02:00
Daniele Lacamera 11ce50f6c1 Removed debug print, added PKCS11_SMALL, fixes 2024-07-09 10:22:43 -07:00
Daniel Pouzzner 441200f469 fix: support DEBUG=0 build 
* build lib/wolfssl/wolfcrypt/src/logging.o unconditionally,
* gate debug printing in do_tpm_selftest() appropriately,
* initialize top_address in src/boot_x86_fsp.c:start() to fix -Wmaybe-uninitialized,
* and add __attribute__((used)) to static src/x86/exceptions.c:common_exception_handler() and _timer_handler() implementations to accommodate asm-only calling;
* fix parallel make: add dependency of stage1/loader_stage1.bin on wolfboot.elf.
* add -ffreestanding -static flags to avoid gcc compiler optimize strings functions

Co-authored-by: Daniel Pouzzner <douzzer@wolfssl.com>
 2024-06-19 09:47:06 +02:00
Daniele Lacamera 4dda0571c7 Fix building PKCS11 Trustzone with any auth algo 2024-05-29 15:05:56 +02:00
David Garske 027c6847e5
Merge pull request #443 from wolfSSL/x86_fsp_backport 
x86 fsp backport
 2024-05-09 07:46:56 -07:00
Daniele Lacamera 3ec982109c STM32H5: added support for TrustZone 
- Unified TZ support for STM32L5, STM32H5, STM32U5
- Fixed/added example configuration files
- Expanded documentation
- Added new configurations to automated tests
 2024-05-09 16:33:40 +02:00
Marco Oliverio a98e74fa33 fix: user_settings.h: fix typo in ECC521 defines 2024-04-29 12:50:37 +02:00
Marco Oliverio 7f4db8247c user_settings: allow multiples HAVE_ECC* defines 2024-04-23 10:42:07 +02:00
David Garske a37a816693
Merge pull request #433 from danielinux/gpl3 
Update license GPL2 -> GPL3
 2024-04-16 10:36:10 -07:00
Daniele Lacamera fce6149cf8 Update license GPL2 -> GPL3 2024-04-16 16:46:15 +02:00
Daniele Lacamera da5b73817e Update wolfPKCS11 to v1.3.0. Fixed doc 2024-04-16 16:24:31 +02:00
Daniele Lacamera 25c8356a6b safety: panic() when calling random stub 2023-10-09 11:13:42 +02:00
David Garske 9cf947282c * Fix for building on MacOS (new keystore section issues). 
* Fix for library.o workaround.
* Added new `WOLFBOOT_DEBUG_MALLOC` option to help diagnosing malloc failures.
 2023-09-28 17:27:23 +02:00
Marco Oliverio 559f07f11e user_settings: tpm: reduce MMIO pooling delay 2023-09-28 13:12:26 +02:00
Marco Oliverio fa7bb89edb ahci: add support for disk unlocking based on tpm sealed secret 2023-09-28 13:12:26 +02:00
Marco Oliverio aaa66e7980 user_settings.h: remove redundant XTPM_WAIT() definition 2023-09-28 13:12:26 +02:00
Daniele Lacamera b8a5a6243d Cleanup, config rename, documentation 2023-09-21 08:31:30 +02:00
Daniele Lacamera 291adfe87d Fixed merge of user_settings with new TPM logic 2023-09-21 08:31:28 +02:00
Daniele Lacamera ed0357289c Fixed NS flash access + flash write unlock + misc 
- non-secure flash area increased to cover BOOT+UPDATE partitions
- call unlock/lock functions before accessing pkcs11 store for writing
- Enabled more features in application wolfcrypt front-end
- Fixed compiler w4rnings
 2023-09-21 08:28:23 +02:00
Daniele Lacamera bcbb0c2cfe Rebased on latest master 2023-09-21 08:28:23 +02:00
Daniele Lacamera fd862cbd8f Working PKCS11 test. 
Temporarily removed some features so the image fits in 64Kb
 2023-09-21 08:28:09 +02:00
Daniele Lacamera 20e8b021b5 Added NS wrappers for PKCS11 API 2023-09-21 07:57:18 +02:00
Daniele Lacamera f7d6c17685 TZ: PKCS11 wrappers via wolfPKCS11 in S world 2023-09-21 07:57:18 +02:00
Daniele Lacamera fd809c5b69 Expanded WCS interface 
- Added TRNG driver for STM32L5
- Link with correct objects in test-app
- Expanded wc_callable interface
 2023-09-21 07:57:18 +02:00
Daniele Lacamera 61ea65747b Added secure functions to set/provision key slots 2023-09-21 07:57:18 +02:00
Daniele Lacamera c7c90cd2cc Back-end calls for ecc sign/verify/getpublic 2023-09-21 07:57:18 +02:00
Daniele Lacamera 9bf80ab8cd Initial draft: wolfcrypt secure mode 2023-09-21 07:57:18 +02:00
David Garske 490286be7d Support for sealing/unseal a secret based on an externally signed PCR policy. 
* Added new `WOLFBOOT_TPM_SEAL` and `WOLFBOOT_TPM_SEAL_NV_BASE` config options.
* Added new `tools/tpm/policy_create` tool for assisting with creation of a policy digest. The sign keytool `--policy=file` signs the policy.
* Added new `WOLFBOOT_TPM_VERIFY` option to enable offloading of the asymmetric verification to the TPM. By default wolfCrypt will be used.
* Added example seal/unseal to update_flash for ARCH_SIM.
* Renamed `WOLFBOOT_TPM_KEYSTORE_NV_INDEX` to `WOLFBOOT_TPM_KEYSTORE_NV_BASE` to support multiple public keys.
* Refactored most TPM code into tpm.c.
* Refactored the keystore ROT to use new `wolfBoot_check_rot` API.
* Refactored the sign keytool to have a sign_digest function to allow signing firmware and policy for sealing/unsealing.
* Fix for make distclean && make using the wrong key tools.
 2023-09-12 12:26:48 +02:00
David Garske 95b0d9090d Fixes for building TPM keystore with arch x86_64. 2023-08-24 16:38:20 +02:00
David Garske 6ea1a1e4a5 Added GitHub action build tests for NXP parts (iMX RT, Kinetis and LPC). 2023-08-21 11:08:48 +02:00
David Garske 0ee918f9f6 Fixes for simulator malloc/free. Fix for RSA encrypt missing `wc_RsaPublicEncrypt_ex`. 2023-08-17 13:43:58 +02:00
David Garske 103503cf8a Fixes to get WOLFBOOT_TPM_KEYSTORE working with ECC SRK and Parameter Encryption. 2023-08-17 13:43:58 +02:00