Category: wolfBoot

We have added wolfBoot support for the new STM32C0. This is a low cost MCU similar to the STM32G0 based on a Cortex-M0 (48MHz). It is a very low cost general purpose 32-bit MCU with up to 32KB flash and 12KB RAM.

Our wolfBoot secure bootloader is the only solution available for this platform thanks to our small code size. Most STM32 parts are supported with wolfBoot out of the box.

The default STM32C0 configuration uses RSA 2048-bit and SHA2-256 and is less than 10KB. This leaves 10KB for the application partition, 10KB for the update partition and one 2KB sector for swap.

STM32C0 documentation and build steps can be found here.

See our video series with ST for a tutorial on using wolfBoot.

wolfBoot Features:

• Written in C for bare-metal use
• Small footprint to run on small embedded devices
• Memory safety (no malloc/free)
• Support for on-board or external SPI flash
• Simple partitioning and header scheme
• Abstracted HAL design for CPU speed and flash
• Bootloader handles swapping and loading of partitions
• Key tools for key generation/import and signing
• Encrypted updates
• Delta updates (only differences)

Signature algorithms supported:

• ECC (SECP256R1,SECP384R1)
• RSA (2048/3072/4096)
• ED25519
• ED448
• Post Quantum LMS and XMSS

Firmware image integrity using hash digest:

• SHA2-256
• SHA2-384
• SHA3-384

Flexible partition scheme determined at build-time:

• Bootloader (10-30KB)
• Application
• Update
• Swap (1 sector)
• And custom partition ID’s

Reliable Firmware update mechanism:

• Independent from the update transport mechanism
• Fallback to a previous version when the update fails
• Resume interrupted swap operations during update, in case of power failure

Support for STM hardware crypto acceleration:

• STM32 HASH/AES/PKA
• ST33TP* TPM 2.0 using wolfTPM
• STSAFE

If interested in trying our wolfBoot on the STM32C0 or curious about post-quantum signature support in wolfBoot please contact facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

wolfBoot currently support both Renesas RA6M4 and RX72N MCUs. Supporting other Renesas MCUs for wolfBoot should not be difficult. We are considering the addition of Renesas RZ/N2L support for wolfBoot, which will build on our existing support at the wolfSSL and wolfCrypt level for Renesas RZ/N2L.

The Renesas RZ/N2L uses a high-performance Arm Cortex-R52 core to easily add network functionality onto industrial equipment and machines. The RZ/N2L is supported by an open and flexible ecosystem concept – the Flexible Software Package (FSP), built on FreeRTOS – and is expandable to use other RTOS and middleware solutions.

If you are interested in wolfBoot support on the RZ/N2L or have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

wolfBoot v2.0.0 introduced support for the Intel x86-64 bit architecture by leveraging the Intel Firmware Support Package (Intel FSP) and several new exciting and interesting features: TPM integration, Multiboot2/ELF support, PCI support, AHCI support, SATA security features, and others.

On Intel x86_64, wolfBoot uses a dual stage design. In the first stage, It initializes the memory and the hardware with the help of Intel FSP. Intel FSP allows BIOS and bootloader developers to focus on the critical features and broad support without worrying about the hardware initialization details. After the memory and silicon initialization, wolfBoot enumerates and configures all PCI devices in the system.

In the second stage, when the hardware is up and ready, wolfBoot does the necessary steps to read, decrypt, verify, and safely boot the main application. We added support for AHCI controller, SATA disks and ATA security commands: the main application can now be stored in a password-locked hard drive!

In both stages, wolfBoot verifies each component loaded, either from system ROM or from the hard disk, plus the TPM support allows very interesting scenarios. First, it enables TPM-assisted measured boot: each component loaded into the system is “measured”, taking part in an integrity proof managed inside the TPM itself so that certain operations are allowed only if the system is in a trustful state. The TPM can store (“seal”) secrets that can be recovered (“unsealed”) only if the system is in a precise state. If compromised software is running on the target, the secret never leaves the TPM.

In wolfBoot we leverage this by sealing the disk password (randomly generated at the first boot) in the TPM and binding the unsealing to a precise state of the system. If the loaded components are compromised or if the disk is removed from the device for direct tampering, the disk can’t be unlocked at all!

Once the disk is unlocked, it’s time to load the application in the right place and communicate the current hardware situation before booting. wolfboot supports the Multiboot2 standards to communicate with the main application and it supports the Executable and Linkable Format (ELF) format, one of the most ubiquitous object file formats for binary distribution, to load the application in the right places into the memory. As it supports memory virtualization, the application can be loaded anywhere in the address space, even above the 4GB limit.

And, as always, all current features of wolfBoot such as verified boot, OTA firmware secure update with power-fail tolerance, delta updates, encrypted firmware, and post-quantum firmware verification, will be directly available on the Intel x86-64 architecture.

All these new features are supported on the VX3060 Kontron board and can be tested on QEMU, but new hardware will be supported soon. If you have a new Intel-based board you would like to have supported or for any other comments, feedback or questions, don’t hesitate to contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now