Here at wolfSSL we always stay on top of our customer’s requirements. By now you’ve heard us talk about the NSA’s (National Security Agency) CNSA 2.0 (Commercial National Security Algorithm Suite 2.0) ad nauseum. Well, let’s focus in on it again and zero in on that first line: It states that for Software and Firmware […]
Read MoreMore TagCategory: wolfBoot
wolfBoot for CNSA 2.0 Secure Boot on Zynq UltraScale+ MPSoC
Executive Summary Problem: Zynq UltraScale+ MPSoC secure boot authenticates the FSBL with RSA-4096 in immutable BootROM. CNSA 2.0 requires post-quantum algorithms for long-term software and firmware verification. RSA-4096 is not quantum-resistant, so the BootROM cannot be the final CNSA 2.0 firmware-authentication answer. Solution: Use wolfBoot as the system-level post-quantum authorization layer. Keep AMD secure boot […]
Read MoreMore TagwolfBoot Now Supports the NXP Kinetis KL26 with Post-Quantum LMS Signatures
wolfSSL is pleased to announce that wolfBoot, our secure bootloader, now ships with support for the NXP Kinetis KL26 family (MKL26Z128), a Cortex-M0+ part running at 48 MHz with 128 KB of flash and 16 KB of SRAM. The port has been validated on the FRDM-KL26Z development board. Post-Quantum Secure Boot on a Cost-Constrained Part […]
Read MoreMore TagwolfHSM Now Supports the Infineon AURIX™ TC4xx
We’re excited to announce that wolfHSM now supports Infineon’s AURIX™ TC4xx. We have wolfHSM running on the TC4xx, and an initial release is coming soon. This brings wolfSSL’s portable, open-source HSM framework to Infineon’s next-generation AURIX platform, the successor to the widely deployed TC3xx family. Why AURIX TC4xx? Infineon’s AURIX™ TC4xx is the next generation […]
Read MoreMore TagwolfBoot Now Supports the STM32G4
wolfBoot, the secure bootloader from wolfSSL, has a new target: ST’s STM32G4 family of mixed-signal Cortex-M4F microcontrollers. The port has been validated on the NUCLEO-G491RE board (STM32G491RET6: 512 KB flash, 96 KB SRAM, 170 MHz). Why the STM32G4 The G4 family lands in a sweet spot for industrial and motor-control designs: enough FPU and DSP […]
Read MoreMore TagwolfBoot adds support for the Xilinx Zynq-7000 (ZC702)
We are pleased to announce that wolfBoot now ships an upstream port for the AMD/Xilinx Zynq-7000 SoC, verified end-to-end on the ZC702 Evaluation Kit (XC7Z020). The port covers QSPI cold-boot, SD-card cold-boot, JTAG-loaded development, and signed Linux/U-Boot payload chain-loading. All of this comes from a single TARGET=zynq7000 build target. This rounds out wolfBoot’s Xilinx coverage. […]
Read MoreMore TagwolfBoot now support fTPM as Root of Trust in TrustZone
With wolfBoot 2.8.0, TrustZone became an increasingly important part of the platform’s security model. That release expanded wolfBoot’s ability to place cryptographic services inside secure TrustZone enclaves, including PKCS#11 support via wolfPKCS11, and PSA Crypto with DICE attestation through wolfPSA. In both cases, the benefit is clear: sensitive cryptographic operations and security-critical state can live […]
Read MoreMore TagHW Crypto Support for the NXP LPC55S69
wolfSSL announces wolfBoot / wolfCrypt support for hardware crypto acceleration in the NXP LPC55S69, available now in the following PR’s: wolfBoot: #757, #773 wolfSSL (wolfCrypt): #10278 This includes TRNG, SHA1, SHA-256, AES-CBC, AES-ECB, AES-OFB, AES-CFB, and AES-CTR. AES supports key sizes of 128, 192, and 256. About the NXP LPC55S69 The LPC55S69 is a general-purpose […]
Read MoreMore TagOTA Demonstrator with wolfBoot, wolfTPM and wolfMQTT
Our new demonstrator is available on GitHub. This demonstrator showcases a secure over-the-air (OTA) firmware update workflow using wolfSSL components and a software TPM. It integrates: wolfBoot for secure boot loader wolfTPM for root of trust wolfMQTT for update delivery wolfSSL / wolfCrypt for secure communication and verification The demo runs on Linux and can […]
Read MoreMore TagwolfBoot Support for the NXP LPC55S69
wolfSSL announces wolfBoot support for the NXP LPC55S69, available now in PR #713. With Secure Boot, TrustZone-M, and an industry-standard cryptographic API, your non-secure application can be rapidly developed for a secure world. About the NXP LPC55S69 The LPC55S69 is a general purpose edge computing device, with dual ARM Cortex-M33 cores running up to 150 […]
Read MoreMore Tag