The Renesas Starter Kit+ for RX65N-2MB is now qualified for Amazon FreeRTOS. This port updates the PKCS #11 portable layer, demo projects, and tests.
- Improvement to reduce the size of a pthread object and make the object user allocatable from stack.
- Add FreeRTOS+TCP support for the Renesas Starter Kit+ for RX65N-2MB.
- Add FreeRTOS Kernel support for the Renesas Starter Kit+ for RX65N-2MB.
- Update license information.
- Add PKCS #11 support for the Renesas Starter Kit+ for RX65N-2MB.
- Note that the random number generation solution in this port is provided for demonstration purposes only. See the comment in lib/third_party/mcu_vendor/renesas/amazon_freertos_common/entropy_hardware_poll.c for more information.
- Update license information.
The MediaTek MT7697 System on Chip (SoC) is now qualified for Amazon FreeRTOS. You can take advantage of Amazon FreeRTOS features and benefits using the MediaTek MT7697Hx Development Kit available from MediaTek Labs. This development board contains the MT7697 SoC, which includes an Arm Cortex-M4 MCU, low power 1T1R 802.11 b/g/n Wi-Fi, Bluetooth 4.2 subsystem and power management unit.
Amazon FreeRTOS support for the MediaTek MT7697Hx-Dev-Kit includes for the first time support for the Lightweight TCP / IP network stack (lwIP). This flexibility will support customer choice in identifying the best TCP stack solution for IoT devices.
- Update to flush ARP cache when then network is down.
- Delete extra include headers.
- Add PKCS #11 support for the MediaTek MT7697Hx-Dev-Kit.
- Update documentation.
- Add Secure Sockets support for lwIP.
- Update documentation.
- Add Wi-Fi support for the MediaTek MT7697Hx-Dev-Kit.
- Remove warnings in Device Defender Demo build.
- Fix post-build command and python script for generating OTA factory image for Mac users.
- Update formatting and build warnings.
- Fix bug in retrieving code signature verification certificate.
- Fix bug in retrieving code signature verification certificate.
- Update Amazon FreeRTOS with port files, demo projects, and tests for the Xilinx Zynq-7000 based MicroZed Industrial IoT Bundle
- Upgrade to mbedTLS version 2.13.1.
- Minor bug fixes.
- Update the Zynq-7000 portable layer for receive descriptor alignment.
Update mbedTLS-based PKCS #11, and PKCS #11 PAL. These changes have been made to more closely align with the PKCS #11 standard, respond to feedback from users and partners, and make it easy for users to go to production from a prototype. Applications calling into PKCS #11 functions directly (rather than indirectly via an Amazon provided secure sockets or TLS layer) may experience breaking changes.
- C_Initialize handles initialization of randomness in an effort to minimize entropy generation (or seed access) every time sessions are created and destroyed. To protect random values, thread safety has been enabled in mbedTLS.
- C_SignInit and C_VerifyInit utilize the key handle that is passed in, rather than the first key found in order to comply with the PKCS #11 standard
- C_FindObject APIs no longer instantiate keys from the aws_clientcredential_keys.h header file if keys are not found. This removes the dependency of PKCS #11 on values that will be unique per-device (a transition step for enabling production-scale provisioning). Note that calling vDevModeKeyProvisioning() is now necessary to provision the device.
- C_FindObject PKCS #11 objects can be looked up by CKA_LABEL, in order to provide a standard-compliant object lookup. Note that pkcs11configFILE_NAME_* configurations have been removed from aws_pkcs11_config.h, see aws_pkcs11.h for pkcs11configLABEL_* defines to access labels, and aws_pkcs11_pal.c for pkcs11palFILE_NAME_* defines.
- C_FindObject and C_GetAttributeValue accept different attribute arguments.
- C_CreateObject requires DER encoded certificates and keys instead of PEM formatted and object attributes required for creating objects have changed. Note that vDevModeKeyProvisioning() has been updated to supply required attributes and convert inputs from DER to PEM if necessary.
- C_GenerateKeyPair now stores keys in non-volatile memory.
- C_Finalize is no longer invoked by helper functions to prevent threads from interfering with each other's PKCS #11 instances.
- Some error codes have been changes to better match the PKCS #11 standard.
- aws_tls.c and PKCS #11 AFQP tests have updates to reflect these changes.
- mbedTLS-based PKCS #11 V1.0.5
- TLS V1.1.3
- Breaking changes were made to PAL PKCS #11 functions in order to transition from file-centric API to object handle and object label based API.
- PKCS #11 PAL for ESP32-DevKitC ESP-WROVER-KIT V1.0.1
- PKCS #11 PAL for XMC4800 IoT Kit V1.0.1
- PKCS #11 PAL for Curiosity PIC32MZEF V1.0.4
- PKCS #11 PAL for LPC54018 IoT Module V1.0.3
- PKCS #11 PAL for Windows Simulator V1.0.3
- PKCS #11 PAL for STM32L4 Discovery kit IoT node V1.0.3
- PKCS #11 PAL for Xilinx Zynq MicroZed V1.0.0 (new)
- Updates to match behavior of mbedTLS-based PKCS #11.
- mbedTLS added to support conversion between DER and PEM objects. Note that after provisioning the device, mbedTLS and provisiong PKCS #11 functions may be removed to reduce code size.
- PKCS #11 PAL for CC3220SF-LAUNCHXL V1.0.3
- The OTA PALs for the Curiosity PIC32MZEF and ESP32-DevKitC ESP-WROVER-KIT boards have been modified to utilize PKCS #11 API to retrieve code signing keys, rather than calling into PKCS #11 PAL functions.
- OTA PAL for Curiosity PIC32MZEF V1.0.1
- OTA PAL for ESP32-DevKitC ESP-WROVER-KIT V1.0.1
- Minor update to handle PKCS #11 error codes.
- Update formatting.
- Fix the license header from Secure Socket to Secure Sockets.
- Bug fix to support Amazon Trust Services endpoints. For more information, please see https://aws.amazon.com/blogs/iot/aws-iot-core-ats-endpoints/.
- Remove duplicate file name definitions. See aws_secure_sockets_config.h for file name defines.
- Minor bug fixes.
Update Amazon FreeRTOS with port files, demo projects, and tests for the Infineon XMC4800 IoT Connectivity Kit.
Incorporate an update to Espressif's ESP-IDF which improves the implementation of pthread.
Resolve several warnings in the MPLAB project builds, and update the projects to no longer assume that the XC32 compiler is in the host computer's path.
Move a few utilities to the root-level 'tools/' directory, from the 'tests/common/tools/' and 'demos/common/tools/' directories.
Improve consistency of Hungarian Notation usage, update a number of methods to use 'void' instead of an empty argument list, and update the style guide.
Add POSIX functions including time
, localtime_r
, and strftime
.
Update Device Defender code to use the same 'lib/' and 'include/' directory structures as the other libraries.
Update the Amazon FreeRTOS Qualification Program's documentation to reflect updated directory structures.
None
- Update Amazon FreeRTOS Windows Simulator to use ECDSA/SHA-256 for OTA image verification.
The demo bootloader supports Amazon FreeRTOS over-the-air (OTA) update by implementing firmware version checking, cryptographic signature verification, and application self-test. The firmware verification includes verifying the authenticity and integrity of the new firmware received over the air. The bootloader verifies the cryptographic signature of the application before boot. The elliptic-curve digital signature algorithm (ECDSA) with SHA256 is used. The utilities provided can be used to generate a signed application that can be flashed on the device. This enables signature verification of the initial image.
The over-the-air (OTA) updates feature of Amazon FreeRTOS is now generally available. The release includes enhancements to the OTA Agent and changes to the OTA Portable Abstraction Layer (PAL) interface.
Update for API changes for OTA general availability release.
Update for API changes for OTA general availability release.
Update for API changes for OTA general availability release.
Update for API changes for OTA general availability release.
Enhancements and API changes for OTA general availability release.
None
- Multiple security improvements and fixes in packet parsing routines, DNS caching, and TCP sequence number and ID generation.
- Disable NBNS and LLMNR by default.
- Add TCP hang protection by default.
- Improve security in Amazon FreeRTOS Secure Sockets usage of mbedTLS and ALPN.
We thank Ori Karliner of Zimperium zLabs Team for reporting these issues.
None
- Updates to OTA Beta to incorporate a new API for the OTA service. This API is not compatible with the API used in the original OTA Beta released on Dec. 20th.
- Add a "reference bootloader" for use in the OTA process. This bootloader is for use with the Microchip MCU.
- Update AFQP documentation. For more info on the changes to AFQP, reference the Revision History of the "Amazon FreeRTOS Qualification Program Developer Guide" in the "tests" directory.
- Add a demo to illustrate the operation of Device Defender for the Windows Simulator and Microchip PIC32MZEF MCU.
- Address an issue where the "Hello World" demo did not build with TI CCS 7.3 in AFR 1.3.0 when downloaded from OCW.
This release of AFR has support for vendors who wish to have their ports qualified for Amazon FreeRTOS through the Amazon FreeRTOS Qualification Program (AFQP). This is the first public release of AFQP tests and documentation. A new top level "tests" directory is added to support this functionality. AFQP documents are available in "tests" directory. Learn more.
AWS IoT Device Defender is an AWS IoT security service that allows users to audit the configuration of their devices, monitor connected devices to detect abnormal behavior, and to mitigate security risks. It gives you the ability to enforce consistent security policies across your AWS IoT device fleet and respond quickly when devices are compromised. Device side support of this feature is part of this release. Devices supported are WinSim and Microchip PIC32MZEF. Learn more.
This release includes version 1.0.0 of FreeRTOS+POSIX. FreeRTOS+POSIX is a POSIX compatibility layer that allows existing POSIX applications to run without modifications of FreeRTOS. This release supports POSIX threads, mutexes, barriers, condition variables, semaphores, message queues, clocks, timers, and error numbers. While most of the POSIX functions are implemented and up to specification, limitations in the FreeRTOS kernel precluded the standard implementations of certain functions. The functions which differ from the POSIX specification are identified in their header files. Currently, FreeRTOS+POSIX is only used by drivers of the TI CC3220SF.
- Add Idle tick counter interface
- Rename posix/ to FreeRTOS_POSIX/
- Fix issues raised by the Coverity scan
- Fix a typo ulRxWindowLength -> ulTxWindowLength in FreeRTOS_Sockets.c
- Fix strncmp length in FreeRTOS_DNS.c
- Fix styling in FreeRTOS_ARP.c
- Fix a spelling typo ";east" -> "least" (response from a pull request)
- Add auto check of network interfaces for WinSim
- Move MQTT metrics to agent
- Reduce the number of warnings generated
- Change project baudrate setting to resolve AFQP test failures
- Update to latest NXP driver to address AFQP 1.0 test failures
- Update to new Inventek driver to resolve AFQP 1.0 test failures
- Change Microchip network param to use a direct address instead of a section to reduce the size of the binary image to allow OTA to continue working.
- Reduce number of warnings generated.
- Add fixes for Demo and DHCP.
- Update for release of AFQP 1.0
- Update for release of AFQP 1.0
- Update the Texas Instruments SimpleLink CC3220SF SDK from version 1.40.01.00 to version 2.10.00.04.
- Fix the MQTT Echo Demo (Hello World Demo) to avoid truncating received strings.
- Modify the Getting Started scripts to check if the AWS CLI is configured.
- Update comments for SimpleLink CC3220SF SDK version 2.10.00.04.
- Fix NXP MCUXpresso project build failure on Linux.
- Add support for Espressif's ESP32-DevKitC and ESP-WROVER-KIT.
- Add Espressif ESP32 network interface support.
- Implement C_DigestInit, C_DigestUpdate, and C_DigestFinal for SHA-256.
- Implement C_GenerateKeyPair for non-persistent ECDSA P256.
- Add support for Espressif's ESP32-DevKitC and ESP-WROVER-KIT.
- Bug fix to ensure that WIFI_ConnectAP() switches to the network parameters input, even when already connected to a different set.
- Add support for Espressif's ESP32-DevKitC and ESP-WROVER-KIT.
- Upgrade to mbedTLS version 2.8.
- Add MCUXpresso IDE demo project for the NXP LPC54018 IoT Module.
- Minor updates due to mbedTLS crypto interface changes.
- Fix a bug where re-transmission and duplicated TCP packets would create a computation underflow as well as a memory leak.
- Add new public function FreeRTOS_UpdateMACAddress() to allow changing the MAC address after FreeRTOS_IPInit. Sometimes the device MAC address is not available at the time FreeRTOS_IPInit() is called, so it needs to be changed afterward.
- Remove non-cryptographic rand() implementation.
- Remove a static variable in functions prvGetHostByName() and prvCreateDNSSocket() to make them threadsafe.
- Provide a helpful error message if the Greengrass Discovery JSON does not fit in the supplied buffer.
- Bug fix to avoid socket leak if MQTT Connect fails after a successful TCP connection.
- Add support for disabling subscription management feature by defining the macro mqttconfigENABLE_SUBSCRIPTION_MANAGEMENT as 0.
- Update for PKCS #11 PAL layer API changes.
- Minor restructuring of file locations.
- Minor changes to enable test integration.
- Minor restructuring of file locations.
- Combine the mbedTLS based PKCS #11 implementation from Curiosity PIC32MZEF, LPC54018 IoT Module, Windows Simulator, and STM32L4 Discovery kit IoT node into a single file.
- Add support for public key verification of signatures.
- Fix to free context structures on session failure.
- Update C_OpenSession to use CKF_SERIAL_SESSION flag.
- Create port specific functions for certificate and key access: PKCS11_PAL_SaveFile(), PKCS11_PAL_ReadFile(), PKCS11_PAL_ReleaseFileData().
- Create port specific functions for certificate and key access: PKCS11_PAL_SaveFile(), PKCS11_PAL_ReadFile(), PKCS11_PAL_ReleaseFileData().
- Create port specific functions for certificate and key access: PKCS11_PAL_SaveFile(), PKCS11_PAL_ReadFile(), PKCS11_PAL_ReleaseFileData().
- Create port specific functions for certificate and key access: PKCS11_PAL_SaveFile(), PKCS11_PAL_ReadFile(), PKCS11_PAL_ReleaseFileData().
- PKCS #11 implementation for TI based on mbedTLS moved into this file.
- Combine Secure Sockets implementation for Curiosity PIC32MZEF and Windows Simulator into a single file.
- Fix return value of SOCKETS_Socket on error.
- Attempting to create an unsupported UDP socket now triggers an assert.
- Add cryptographic random number generator function for TCP sequence numbers.
- Update the Socket structure to keep track of a connection attempt and added support of the ECONN error.
- Fix minor bug in SOCKETS_Recv().
- Fix return value of SOCKETS_Close on error.
- Secure sockets printing is now controlled independently using the SOCKETS_PRINT macro. SOCKETS_PRINT prints TI driver error codes.
- Change names of configuration constants to be consistent with FreeRTOS style.
- Support AWS IoT Just-in-Time Registration (JITR) by sending optional client-issuer certificate.
- Use CKF_SERIAL_SESSION flag with PKCS #11.
- Update for setting the MAC Address in WIFI_On() by using new FreeRTOS+TCP function FreeRTOS_UpdateMACAddress().
- Redefine printing and assert stubs used in the Wi-Fi driver code.
- Add implementation of WIFI_GetMAC().
- Add implementation of WIFI_IsConnected().
- Minor bug fixes.
- Add implementation of WIFI_IsConnected().
- Fix max DNS name length redefinition.
- Fix compiler errors in MCUXpresso IDE.
- Minor bug fixes.
- Add implementation of WIFI_IsConnected().
- Add NULL pointer checks throughout.
- Minor bug fixes.
- Add implementation of WIFI_IsConnected().
- Add NULL pointer checks throughout.
- Minor bug fixes.
- Fix TI IAR project build failure.
- Formatting update.
- Beta release of the OTA Update support for the Microchip Curiosity PIC32MZEF.
- Add support for the management of OTA update code signing keys.
- Update to conditionally compile the entire file.
- Add an IAR IDE demo project for the Texas Instruments CC3220SF-LAUNCHXL.
- Add Wi-Fi support for the Microchip Curiosity PIC32MZEF.
- Improve NULL variable check in buffer management.
- Minor bug fix checking for a NULL pointer.
- Update to support NULL OTA file handles.
- Update to support NULL OTA file handles.
- Add a dummy variable to a previously empty structure to fix IAR compiler errors.
- Formatting update.
- Update to print SimpleLink driver-specific error codes when debugging.
- Add error handling for non-blocking sockets.
- Update socket option to return an error if security options are specified after a connection.
- Update such that Wi-Fi disconnection waits until the link is down before returning.
- Fix error in attempting to overwrite a const memory.
- Update to send all data until an error is received.
- Add support for ALPN. ALPN allows MQTT traffic to be sent to the AWS IoT broker over port 443 instead of 8883.
- Send a FAILED status from agent when a file too large for the platform is received.
- Rename some files.
- Add developer mode key provisioning support.
- Add support for ALPN.
- Add support for ALPN.
- Remove unnecessary server certificate storage on the client side.
- Remove unnecessary global synchronization semaphore.
- Update for other small bugs.
- Fix error handling bugs.
- Require client tokens.
- Update for other small bugs.
- Add support for ALPN.
- Fix compiler warning for the Microchip Curiosity PIC32MZEF.
- Add support for the Microchip Curiosity PIC32MZEF.
- Minor bug fixes to allow Linux and C++ builds.
- Reformat console display messages in order to better facilitate demos and debugging.
- The MQTT Agent now processes commands between successive socket reads to enable faster command handling, especially when the connected socket is receiving data continuously.
- Beta release of OTA Update library for Amazon FreeRTOS. Includes support for the Texas Instruments CC3220SF-LAUNCHXL and Windows Simulator.
- Add support for the Microchip Curiosity PIC32MZEF.
- Add support for the Microchip Curiosity PIC32MZEF.
- Fix bugs in the Secure Sockets implementation for the NXP LPC54018 IoT Module.
- Fix compiler warning for the Microchip Curiosity PIC32MZEF.
- Change the Wi-Fi Connection timeout to 10 seconds.