wolfBoot v1.15

ChangeLog

• Refactor powerfail-safe update for NVMs without consecutive write operations
• Support for SP math on AARCH64 targets
• Fixed keygen.c exported public key size
• Added more test cases and github actions
• Updated wolfSSL to v.5.6.0
• Hardware support:
  • OCTOSPI support (STM32)
  • Fixed STM32H7 UART, added UART debug
  • New HAL: Renesas RA6M4 (with IDE example projects)
  • New HAL: NXP i.MX-RT1064
  • Unified common code for NXP i.MX-RT10XX targets

wolfBoot v1.14

Changelog

• Added support for CMake build
• STM32U5: Support for external flash
• STM32H7: Support for QSPI flash
• Support for NXP QoriQ P1021
• Cleanups and improvements for DEOS support on t2080
• Docker tests: refactoring
• Github Actions: added build checks for most available configurations
• Updated wolfTPM to v.2.7.0
• Updated wolfCrypt to wolfSSL v.5.5.4

wolfBoot v1.13

Changelog

• Fixed IAR sign script
• Added support for encrypted self-update
• Support for NAII 68PPC2 with NXP T2080 on DEOS
• Fixed Xilinx QSPI support
• Fixed API usage in external flash support for SPI/UART
• Fixed bug in encrypted delta updates
• Updated wolfCrypt to wolfSSL submodule v5.5.3

wolfBoot v1.12

Changelog

• Encrypted delta updates
• Support RSA3072 signature verification
• Partition ID support to include custom additional images
• New format to store multiple public keys, using keystore
• Several fixes to keytools and IDE support
• Added new test cases
• Hardware support
  • New HAL: Simulated target for rapid tests

wolfBoot v1.11

Changelog

• Mitigation against fault-injections and glitching attacks
  (https://www.wolfssl.com/secure-boot-glitching-attacks/)
• Support AES128 and AES256 for update encryption
• Support ECC384 signature verification
• Support SHA2-384 for image hash
• Fixed alignment of delta update fields in manifest
• Image size propagated to sign tools
• Added test automation based on renode.io and github actions
• Hardware support
  • New HAL: STM32U5
  • New HAL: NXP i.MX-RT1050
  • Fix risc-V 32bit port (missing include)
  • Fix STM32L4 (VTOR alignments; clock setting clash in libwolfboot)
  • STM32H7: improve HAL and documentation

wolfBoot v1.10

Changelog

• Delta updates: expanded documentation + bug fixes
• Support Ed448 for signature verification
• Hardware support:
  • Secure memory mode for STM32G0
  • Fix for STM32L5 in dual-bank mode
  • UEFI support: wolfBoot as EFI application on x86_64
  • Fixed self-update in Cortex-R5
  • Fixed HW support regressions in PSOC-6 build

wolfBoot v1.9

Changelog

• Delta/incremental updates
• Fixes for key tools
• Updates IAR IDE project
• Documentation updates and fixes
  • API function names to match code
  • STM32L5 updates
• Hardware support
  • New HAL: STM32L4
  • TMS570LC43xx: Use NVM_FLASH_WRITEONCE for update progress and
    fix stack pointer initialization

wolfBoot v1.8

Changelog

• Use SP math for RSA4096
• Updated RSA to use inline operation and disable OAEP padding
• Memory model: removed dependency on XMALLOC/XFREE for ECC and RSA operations
• Added option WOLFBOOT_SMALL_STACK with hardcoded compile-time buffers
• Added option SIGN=NONE to disable secure boot at compile time
• Fix self-update documentation
• Added test cases for configuration option combinations
• Hardware support
  • New ARCH: PowerPC
  • New ARCH: ARM Cortex-R
  • New HAL: NXP T2080
  • New HAL: TI TMS570LC435
  • STM32H7: Correct BANK2 offset

wolfBoot v1.7.1

Changelog

• Added support for measured boot via TPM
• Support for TZEN on Cortex-m33
• Added option to disable backup/fallback
• Added option FLAGS_HOME to store UPDATE flags in the BOOT partition
• Zynq: added support for eFuse
• Zynq: improved debugging
• Xilinx: support for BSP QSPI driver
• Updated user documentation
• Extend coverage of automatic non-regression tests running on Jenkins
• Fix wolfTPM integration: use custom settings
• Fix Fallback operations when encryption is enabled
• Fix DUALBANK mode on STM32L5xx
• Fix maximum image size check
• Fix in STM32H7 driver: workaround for error correction in flash writing
• Hardware support
  • New ARCH: ARMv8-m (Cortex-m33)
  • New HAL: STM32L5xx
  • New HAL: NXP iMX-RT1060
  • SPI driver: STM32L0x3
  • Uart driver: STM32L0x3

wolfBoot v1.6

Release Notes:

• Support for encryption of external partitions
• Support for MPU on ARM Cortex-M platforms
• Support for using an RSA signature that includes ASN.1 encoded header
• Support for bootloader updates from external flash: SPI functions can run from RAM
• Added TPM RSA verify support
• Added option to use software SHA in combination with TPM
• Fix logic in emergency updates
• Fix loop logic in bootloader update
• Fix manifest header boundary checks (prevents parser overflows)
• Improve sanity checks for aligned fields in manifest header
• Add unit tests against manifest header parser
• Fix Ed25519 signing tool
• Fix RSA keygen tool
• wolfTPM integration: improvements and bugfixes
• Fix configuration and documentation for STM32WB
• Fix alignment of trailers in NVM_WRITEONCE mode
• Fix uint16_t index overflow on platforms with very small flash pages
• Fix for building C key tools on windows (Cygwin/MinGW/Visual Studio)
• Fix in LPC driver: correct page alignment in flash write
• Hardware support
  • New HAL: Cypress psoc6
  • Support for psoc6 Hardware crypto accelerator
  • SPI driver: Nordic nRF52