wolfBoot Changelog

Below you will find the wolfBoot ChangeLog documenting the changes that took place with each release of wolfBoot since the project’s beginning in 2018.

wolfBoot 1.10


  • Delta updates: expanded documentation + bug fixes
  • Support Ed448 for signature verification
  • Hardware support:
    • Secure memory mode for STM32G0
    • Fix for STM32L5 in dual-bank mode
    • UEFI support: wolfBoot as EFI application on x86_64
    • Fixed self-update in Cortex-R5
    • Fixed HW support regressions in PSOC-6 build

wolfBoot 1.9


  • Delta/incremental updates
  • Fixes for key tools
  • Updates IAR IDE project
  • Documentation updates and fixes
  • API function names to match code
  • STM32L5 updates
  • Hardware support
    • New HAL: STM32L4
    • TMS570LC43xx: Use `NVM_FLASH_WRITEONCE` for update progress and fix stack pointer initialization

wolfBoot 1.8


  • Use SP math for RSA4096
  • Updated RSA to use inline operation and disable OAEP padding
  • Memory model: removed dependency on XMALLOC/XFREE for ECC and RSA operations
  • Added option WOLFBOOT_SMALL_STACK with hardcoded compile-time buffers
  • Added option SIGN=NONE to disable secure boot at compile time
  • Fix self-update documentation
  • Added test cases for configuration option combinations
  • Hardware support
    • New ARCH: PowerPC
    • New ARCH: ARM Cortex-R
    • New HAL: NXP T2080
    • New HAL: TI TMS570LC435
    • STM32H7: Correct BANK2 offset

wolfBoot 1.7.1


  • Added support for measured boot via TPM
  • Support for TZEN on Cortex-m33
  • Added option to disable backup/fallback
  • Added option FLAGS_HOME to store UPDATE flags in the BOOT partition
  • Zynq: added support for eFuse
  • Zynq: improved debugging
  • Xilinx: support for BSP QSPI driver
  • Updated user documentation
  • Extend coverage of automatic non-regression tests running on Jenkins
  • Fix wolfTPM integration: use custom settings
  • Fix Fallback operations when encryption is enabled
  • Fix DUALBANK mode on STM32L5xx
  • Fix maximum image size check
  • Fix in STM32H7 driver: workaround for error correction in flash writing
  • Hardware support
    • New ARCH: ARMv8-m (Cortex-m33)
    • New HAL: STM32L5xx
    • New HAL: NXP iMX-RT1060
    • SPI driver: STM32L0x3
    • Uart driver: STM32L0x3

wolfBoot 1.6


  • Support for encryption of external partitions
  • Support for MPU on ARM Cortex-M platforms
  • Support for using an RSA signature that includes ASN.1 encoded header
  • Support for bootloader updates from external flash: SPI functions can run from RAM
  • Added TPM RSA verify support
  • Added option to use software SHA in combination with TPM
  • Fix logic in emergency updates
  • Fix loop logic in bootloader update
  • Fix manifest header boundary checks (prevents parser overflows)
  • Improve sanity checks for aligned fields in manifest header
  • Add unit tests against manifest header parser
  • Fix Ed25519 signing tool
  • Fix RSA keygen tool
  • wolfTPM integration: improvements and bugfixes
  • Fix configuration and documentation for STM32WB
  • Fix alignment of trailers in NVM_WRITEONCE mode
  • Fix uint16_t index overflow on platforms with very small flash pages
  • Fix for building C key tools on windows (Cygwin/MinGW/Visual Studio)
  • Fix in LPC driver: correct page alignment in flash write
  • Hardware support
  • New HAL: Cypress psoc6
  • Support for psoc6 Hardware crypto accelerator
  • SPI driver: Nordic nRF52

wolfBoot 1.5


  • RSA 4096 bit digital signature verification
  • SHA3
  • Portable C key management tools
  • Improved integration with Microsoft Windows
    • Visual Studio solution for key management tools
  • Support to compile with IAR
    • Fixed incompatible code
    • added IAR example project
  • New architecture: ARMv8 (64-bit)
    • ARM Cortex-A boot code compatible with TrustZone
    • Linux staging and device tree support
  • External flash abstraction
    • remote update partition accessed via UART
  • Hardware support
    • New HAL: raspberry-pi
    • New HAL: Xilinx Zynq+
    • New HAL: NXP LPC54xx

wolfBoot 1.4


  • TPM2.0 support
  • Integration with wolfTPM
  • Extended STM32 SPI driver to support dual TPM/FLASH communication
  • Tested on STM32 with Infineon 9670
  • RSA 2048 bit digital signature verification
  • Hardware support
  • New HAL: STM32H7

wolfBoot 1.3


  • New configuration mechanism based on make config, helps creating and storing target-specific configurations
  • Configuration examples provided for a number of existing platforms
  • fix bug in self-update mechanism when SPI flash is in use
  • Introduced support for hardware-assisted signature verification, using public-key hardware accelerators
    • Added support for STM32 PKA (e.g. STM32WB55)
    • Added support for Kinetis/Freescale PKHA (e.g. Kinetis K82F)

wolfBoot 1.2


  • Added support for multiple architectures
  • key generation and signing tools rewritten in python for portability
  • Added compile-time option to move flash-writing functions to RAM
  • Introduced the possibility for the bootloader to update itself
  • Fixed compile issues on macOS and WSL
  • Hardware support:
    • Added RV32 RISC-V architecture
    • Added hardware-assisted dual-bank support on STM32F76x/77x
    • new HAL: RV32 FE310 (SiFive HiFive-1)
    • new HAL: STM32L0
    • new HAL: STM32G0
    • new HAL: STM32F7
    • new HAL: STM32WB

wolfBoot 1.1


  • Added support for ECC-256 DSA
  • Added support for external (e.g. SPI) flash for Update/swap
  • Anti-rollback protection via version number
  • Hardware support
  • Added compile options for Cortex-M0
  • new HAL: Atmel SamR21
  • new HAL: TI cc26x2
  • new HAL: NXP/Freescale Kinetis SDK
  • Improved sign/update tools compatibility (windows)

wolfBoot 1.0.0


This is the initial release of wolfBoot. Please see the README for more details.