FCL
Free Cryptographic Library
Release Notes

Release Notes

Revision Date Description
A 04/12/2016 Initial Release
B 03/01/2017 Add Debug Box
Refine interrupt handling discussion
Introduce event management
Refine key management
C 02/02/2017 Clarifications in the security architecture description
D 19/05/2017 Reflect latest modifications
E 19/06/2017 Improvements, see note 1 below
F 16/07/2017 Addition of security guidelines

Note 1: Revision E improvements vs v1.1 UL release

mbed-OS improvements:

  • Addition of MAX32552 support & rework of file layout in target/ folder
  • Non security related bug fixes in Maxim drivers and performance improvements.
  • Rework of the linker file to adapt to separate box signature mechanism
  • Some adjustments in the Maxim startup files

uVisor's improvements:

  • Upgrade from 0.26.2-24 to 0.27
  • Support for separate box signature (see related section in the main documentation)
  • New API to get signing key of a box (hence it's privilege)
  • Support for MAX32552
  • Fix of Makefiles for correct multiple target support
  • Improvement of debug messages in the debug version
  • Add hook to implement ACL verification and enforcement at box loading time depending on signing key
  • Add handling of NMI faults

Deeptrust API's improvements:

Globally:

  • Support for separate box signature
  • Reorganize folders
  • Isolate crypto buffers
  • Add key manager & crypto services
  • Separation between core firmware, firmware level boxes, trusted boxes, and other boxes

PCI services:

  • Addition of a watchdog to automatically clear the PIN if not used
  • Forcibly flush the PIN after use
  • Keep crypto working buffer private (used to be visible from several boxes)
  • Erase buffers containing sensitive data after use: data_hash.data_val, issuer_public_key
  • Other minor bug fixes

Secure Sandbox services:

  • Add a trace capability to catch security issues, and capability to add user handling for such events
  • Add secure RTC control
  • Add automatic reset every 24h
  • Evolutions in keypad handling and display following MAX32552 support addition
  • Buffers containing keypad/touchscreen entries are now correctly kept as private
  • Support of power management