diff --git a/.github/workflows/test-wolfhsm-simulator.yml b/.github/workflows/test-wolfhsm-simulator.yml index 6cee7367d3..342af1acaa 100644 --- a/.github/workflows/test-wolfhsm-simulator.yml +++ b/.github/workflows/test-wolfhsm-simulator.yml @@ -54,7 +54,8 @@ jobs: with: repository: wolfssl/wolfHSM-examples # Make sure to update this when the wolfHSM submodule is updated! - ref: wolfHSM-v1.1.0 + #ref: wolfHSM-v1.1.0 + ref: 3e03bd4d4a8439ed4a8a9577823c89e4c37eb9be path: wolfHSM-examples - name: Build example POSIX TCP server diff --git a/README.md b/README.md index fbe5616167..4823271342 100644 --- a/README.md +++ b/README.md @@ -685,3 +685,35 @@ Use `make keysclean` to delete keys and regenerate. * wolfPKCS11 latest * wolfHSM latest +### V 2.5.0 - (2025-05-05) + * New hardware targets + * RP2350 (Raspberry Pi Pico 2, ARM Cortex-M33 with TrustZone) + * NXP MCXA153 + * NXP MCXW716 + * STM32F1 series (STM32F103 “Blue Pill” board) + * Improvements to supported targets + * Xilinx UltraScale+ (ZynqMP) + * Added hardware-accelerated SHA3 hashing via the CSU engine + * Added support for enabling JTAG at runtime when `CSU_DEBUG` is set + * Introduced support for the device’s PUF (Physically Unclonable Function) for unique key generation and secure key storage (requires eFuses) + * Renesas RX + * Added option for TSIP hardware crypto engine + * Infineon TriCore (AURIX TC3xx) + * Updated IDE project files for ARM Developer Studio 1.10.6, fixing build issues and ensuring support for latest toolchain + * Fix to support write operations spanning over multiple sectors + * New features and improvements + * Added support for non-contiguous elf sections, scattered elf firmware loading and verification. + * PQC: Simplified LMS/XMSS integration, deprecated support for third-party libraries + * Support to build wolfBoot as a static library (`libwolfboot.a`) for easier integration and testing of the bootloader logic in custom workflows + * Extended support for ARMORED glitch mitigations to the IAR toolchain + * CMake build refactoring, extended support to more targets + * Various documentation and configuration improvements + * Bug fixes + * Fix alignment enforcement on IAR compiler + * Fix build error on Windows in key generation tool (`_chsize_s` declaration issue in `sign.c`) + * Updated modules + * wolfSSL v5.8.0 + * wolfTPM v3.9.0 + * wolfPKCS11 latest + * wolfHSM latest + diff --git a/include/user_settings.h b/include/user_settings.h index 10d2c8b705..299bbf3baf 100644 --- a/include/user_settings.h +++ b/include/user_settings.h @@ -144,6 +144,7 @@ extern int tolower(int c); # define WOLFSSL_HAVE_SP_ECC # endif +#define WOLFSSL_PUBLIC_MP /* Curve */ # if defined(WOLFBOOT_SIGN_ECC256) || defined(WOLFCRYPT_SECURE_MODE) || \ diff --git a/include/wolfboot/version.h b/include/wolfboot/version.h index 2ad645e24c..f363b0508d 100644 --- a/include/wolfboot/version.h +++ b/include/wolfboot/version.h @@ -29,8 +29,8 @@ extern "C" { #endif -#define LIBWOLFBOOT_VERSION_STRING "2.4.0" -#define LIBWOLFBOOT_VERSION_HEX 0x02040000 +#define LIBWOLFBOOT_VERSION_STRING "2.5.0" +#define LIBWOLFBOOT_VERSION_HEX 0x02050000 #ifndef WOLFBOOT_VERSION #define WOLFBOOT_VERSION LIBWOLFBOOT_VERSION_HEX diff --git a/lib/wolfHSM b/lib/wolfHSM index 6ce59d6da3..ea4c3db1e0 160000 --- a/lib/wolfHSM +++ b/lib/wolfHSM @@ -1 +1 @@ -Subproject commit 6ce59d6da341eed9ad41ae383b8246121dc788a8 +Subproject commit ea4c3db1e05b878f39c107b375c4c57ac93ab35a diff --git a/lib/wolfPKCS11 b/lib/wolfPKCS11 index 7808688fde..bbbb2fda18 160000 --- a/lib/wolfPKCS11 +++ b/lib/wolfPKCS11 @@ -1 +1 @@ -Subproject commit 7808688fdeb05150496a10ae6c4de4f797b9d6b0 +Subproject commit bbbb2fda18abd89d81e4a3e308164a218edae17a diff --git a/lib/wolfTPM b/lib/wolfTPM index 6e1205b1e1..0cd21b53c4 160000 --- a/lib/wolfTPM +++ b/lib/wolfTPM @@ -1 +1 @@ -Subproject commit 6e1205b1e11e600c31e4a14764331e33def7beb4 +Subproject commit 0cd21b53c48e9e4aa05652fe20badcc4883c7f33 diff --git a/lib/wolfssl b/lib/wolfssl index 239b85c804..b077c81eb6 160000 --- a/lib/wolfssl +++ b/lib/wolfssl @@ -1 +1 @@ -Subproject commit 239b85c80438bf60d9a5b9e0ebe9ff097a760d0d +Subproject commit b077c81eb635392e694ccedbab8b644297ec0285 diff --git a/tools/test.mk b/tools/test.mk index 19672a883b..b1dc04273a 100644 --- a/tools/test.mk +++ b/tools/test.mk @@ -990,9 +990,9 @@ test-size-all: make keysclean make test-size SIGN=ED25519 LIMIT=11448 NO_ARM_ASM=1 make keysclean - make test-size SIGN=ECC256 LIMIT=17968 NO_ARM_ASM=1 + make test-size SIGN=ECC256 LIMIT=17988 NO_ARM_ASM=1 make clean - make test-size SIGN=ECC256 NO_ASM=1 LIMIT=13512 NO_ARM_ASM=1 + make test-size SIGN=ECC256 NO_ASM=1 LIMIT=13536 NO_ARM_ASM=1 make keysclean make test-size SIGN=RSA2048 LIMIT=11232 NO_ARM_ASM=1 make clean @@ -1002,9 +1002,9 @@ test-size-all: make clean make test-size SIGN=RSA4096 NO_ASM=1 LIMIT=12096 NO_ARM_ASM=1 make keysclean - make test-size SIGN=ECC384 LIMIT=17536 NO_ARM_ASM=1 + make test-size SIGN=ECC384 LIMIT=17556 NO_ARM_ASM=1 make clean - make test-size SIGN=ECC384 NO_ASM=1 LIMIT=14904 NO_ARM_ASM=1 + make test-size SIGN=ECC384 NO_ASM=1 LIMIT=14924 NO_ARM_ASM=1 make keysclean make test-size SIGN=ED448 LIMIT=13464 NO_ARM_ASM=1 make keysclean @@ -1018,7 +1018,7 @@ test-size-all: make keysclean make test-size SIGN=XMSS XMSS_PARAMS='XMSS-SHA2_10_256' \ IMAGE_SIGNATURE_SIZE=2500 IMAGE_HEADER_SIZE?=4096 \ - LIMIT=8252 NO_ARM_ASM=1 + LIMIT=8292 NO_ARM_ASM=1 make keysclean make clean make test-size SIGN=ML_DSA ML_DSA_LEVEL=2 LIMIT=20168 \