wolfBoot Changelog

(11/9/2021)

• Delta/incremental updates
• Fixes for key tools
• Updates IAR IDE project
• Documentation updates and fixes
• API function names to match code
• STM32L5 updates
• Hardware support
  • New HAL: STM32L4
  • TMS570LC43xx: Use `NVM_FLASH_WRITEONCE` for update progress and fix stack pointer initialization

(07/19/2021)

• Use SP math for RSA4096
• Updated RSA to use inline operation and disable OAEP padding
• Memory model: removed dependency on XMALLOC/XFREE for ECC and RSA operations
• Added option WOLFBOOT_SMALL_STACK with hardcoded compile-time buffers
• Added option SIGN=NONE to disable secure boot at compile time
• Fix self-update documentation
• Added test cases for configuration option combinations
• Hardware support
  • New ARCH: PowerPC
  • New ARCH: ARM Cortex-R
  • New HAL: NXP T2080
  • New HAL: TI TMS570LC435
  • STM32H7: Correct BANK2 offset

(02/03/2021)

• Added support for measured boot via TPM
• Support for TZEN on Cortex-m33
• Added option to disable backup/fallback
• Added option FLAGS_HOME to store UPDATE flags in the BOOT partition
• Zynq: added support for eFuse
• Zynq: improved debugging
• Xilinx: support for BSP QSPI driver
• Updated user documentation
• Extend coverage of automatic non-regression tests running on Jenkins
• Fix wolfTPM integration: use custom settings
• Fix Fallback operations when encryption is enabled
• Fix DUALBANK mode on STM32L5xx
• Fix maximum image size check
• Fix in STM32H7 driver: workaround for error correction in flash writing
• Hardware support
  • New ARCH: ARMv8-m (Cortex-m33)
  • New HAL: STM32L5xx
  • New HAL: NXP iMX-RT1060
  • SPI driver: STM32L0x3
  • Uart driver: STM32L0x3

(08/25/2020)

• Support for encryption of external partitions
• Support for MPU on ARM Cortex-M platforms
• Support for using an RSA signature that includes ASN.1 encoded header
• Support for bootloader updates from external flash: SPI functions can run from RAM
• Added TPM RSA verify support
• Added option to use software SHA in combination with TPM
• Fix logic in emergency updates
• Fix loop logic in bootloader update
• Fix manifest header boundary checks (prevents parser overflows)
• Improve sanity checks for aligned fields in manifest header
• Add unit tests against manifest header parser
• Fix Ed25519 signing tool
• Fix RSA keygen tool
• wolfTPM integration: improvements and bugfixes
• Fix configuration and documentation for STM32WB
• Fix alignment of trailers in NVM_WRITEONCE mode
• Fix uint16_t index overflow on platforms with very small flash pages
• Fix for building C key tools on windows (Cygwin/MinGW/Visual Studio)
• Fix in LPC driver: correct page alignment in flash write
• Hardware support
• New HAL: Cypress psoc6
• Support for psoc6 Hardware crypto accelerator
• SPI driver: Nordic nRF52

(04/28/2020)

• RSA 4096 bit digital signature verification
• SHA3
• Portable C key management tools
• Improved integration with Microsoft Windows
  • Visual Studio solution for key management tools
• Support to compile with IAR
  • Fixed incompatible code
  • added IAR example project
• New architecture: ARMv8 (64-bit)
  • ARM Cortex-A boot code compatible with TrustZone
  • Linux staging and device tree support
• External flash abstraction
  • remote update partition accessed via UART
• Hardware support
  • New HAL: raspberry-pi
  • New HAL: Xilinx Zynq+
  • New HAL: NXP LPC54xx

(01/06/2020)

• TPM2.0 support
• Integration with wolfTPM
• Extended STM32 SPI driver to support dual TPM/FLASH communication
• Tested on STM32 with Infineon 9670
• RSA 2048 bit digital signature verification
• Hardware support
• New HAL: STM32H7

(11/13/2019)

• New configuration mechanism based on make config, helps creating and storing target-specific configurations
• Configuration examples provided for a number of existing platforms
• fix bug in self-update mechanism when SPI flash is in use
• Introduced support for hardware-assisted signature verification, using public-key hardware accelerators
  • Added support for STM32 PKA (e.g. STM32WB55)
  • Added support for Kinetis/Freescale PKHA (e.g. Kinetis K82F)

(08/01/2019)

• Added support for multiple architectures
• key generation and signing tools rewritten in python for portability
• Added compile-time option to move flash-writing functions to RAM
• Introduced the possibility for the bootloader to update itself
• Fixed compile issues on macOS and WSL
• Hardware support:
  • Added RV32 RISC-V architecture
  • Added hardware-assisted dual-bank support on STM32F76x/77x
  • new HAL: RV32 FE310 (SiFive HiFive-1)
  • new HAL: STM32L0
  • new HAL: STM32G0
  • new HAL: STM32F7
  • new HAL: STM32WB

(03/27/2019)

• Added support for ECC-256 DSA
• Added support for external (e.g. SPI) flash for Update/swap
• Anti-rollback protection via version number
• Hardware support
• Added compile options for Cortex-M0
• new HAL: Atmel SamR21
• new HAL: TI cc26x2
• new HAL: NXP/Freescale Kinetis SDK
• Improved sign/update tools compatibility (windows)