With the myriad of options available for a bootloader today many integrators try and fail to find the most secure and flexible bootloader with the smallest footprint. To help put an end to this search we will be going over wolfBoot’s many advantages compared to its competitors to make clear why wolfBoot is the best fit for your application.
Supported Signature Verification Algorithms
Signature verification in secure boot is the process of verifying and authenticating a boot image using a signature and public key provided by a signing authority. Out of the box Das U-Boot supports RSA image signature verification using SHA-1 or SHA-256 digests. U-Boot can be extended to include any algorithm you wish but that requires the additional effort of including or writing an external crypto library that will inflate code size and increase the time it takes to get a working product.
WolfBoot was built using wolfCrypt, our small embeddable crypto library that powers all of our products, and leverages it to support a wide range of signature verification options including ED25519, ECC and RSA. It does not support the outdated SHA-1 but instead supports the modern SHA-256, SHA-384 and SHA3 hashing algorithms and because its free software can also be extended as you wish.
Encrypted Boot Partition
Both wolfBoot and U-Boot support encrypted images but wolfBoot supports both AES and CHACHA encryption while U-Boot only supports AES.
Beauty and the Bloat
U-Boot has many unnecessary features for a secure bootloader, including a command line interface and a full TCP/IP networking stack. These features increase the amount of code, which increases the number of potential bugs, the size of the image and creates a larger attack surface to compromise your system.
WolfBoot was built by security experts and thus was designed to boot into the application image as fast and securely as possible. By constraining wolfBoot to the essentials we are able to keep code size down leading to less bugs in the first place and less attack vectors open to compromise your system. Keeping code size down leaves more room for such features in the application image where they belong.
Porting U-Boot to a new system is a complicated process as U-Boot takes responsibility for bringing up the system’s peripherals ahead of the OS being loaded. WolfBoot takes a hands off approach and leaves those tasks to the application image, making it system and OS agnostic. Getting wolfBoot running on a new target only requires adding a new Hardware Abstraction Layer (HAL) file for setting the clock up and reading and writing flash. HALs are straightforward to write with the right documentation and usually come in under 600 lines of code.
Interruptible Update Process
While both U-Boot and wolfBoot support image updates, only wolfBoot has an interruptible update process that allows it to complete an update even in the event of a power failure during the update. In this event of an unfortunately timed power failure this makes the difference between a working board and a paperweight.
In addition to being interrupt safe, wolfBoot also has the additional feature of delta updates, which chunks and strips an updated image down to only the parts that differ from the last image. WolfBoot will then apply this new image to the old one as a patch, which leads to significantly smaller update images that save space in environments where flash memory is scarce.
FIPS (Federal Information Processing Standards) is a cryptography standard that firms who deal with the United States government are often required to comply with in order to sell to them. WolfCrypt is FIPS compliant (when built with the correct options) and therefore wolfBoot is FIPS compliant without any additional work required, saving a lot of time on compliance. U-Boot on the other hand uses a standalone cryptography library that would need to be manually replaced with a fips compliant library, which is a costly and time consuming process.
In addition to FIPS, wolfCrypt, and by extension wolfBoot, is DO-178 Certifiable. DO-178 is a strict aviation standard that the FAA (Federal Aviation Administration) and EASA (European Union Aviation Safety Agency) require for software components that run inside aircraft approved to fly in their airspace. WolfSSL itself is DO-178 DAL A certified on numerous operating environments and our expert DO-178 engineers are available for consulting to help get your operating environment certified. U-Boot’s standalone cryptography library would need to be brought through the certification process from scratch or an external library would need to be swapped out for a certifiable one.
If you need need a secure and flexible bootloader, with the smallest footprint, wolfSSL can help. Please contact our team at firstname.lastname@example.org to get the conversation started!