wolfSSL · LinuxJedi · May 18, 2026 · May 13, 2026
diff --git a/.github/workflows/stm32-test-suite.yml b/.github/workflows/stm32-test-suite.yml
@@ -32,5 +32,8 @@ jobs:
       - name: Build smoke firmware (U5)
         run: make -C STM32Sim/firmware/smoke-test-u5
 
+      - name: Build smoke firmware (MP135)
+        run: make -C STM32Sim/firmware/smoke-test-mp135
+
       - name: cargo test
         run: cargo test --manifest-path STM32Sim/stm32-sim/Cargo.toml --release
diff --git a/.github/workflows/stm32-wolfcrypt-test-mp135.yml b/.github/workflows/stm32-wolfcrypt-test-mp135.yml
@@ -0,0 +1,39 @@
+name: STM32Sim wolfCrypt test (MP135)
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: ['**']
+  workflow_dispatch:
+
+jobs:
+  wolfcrypt-test:
+    name: wolfCrypt on STM32Sim MP135
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Checkout simulator-stm32
+        uses: actions/checkout@v4
+        with:
+          path: simulator-stm32
+
+      - name: Checkout wolfSSL
+        uses: actions/checkout@v4
+        with:
+          repository: wolfSSL/wolfssl
+          ref: master
+          path: wolfssl
+
+      - name: Build stm32sim-wolfcrypt image
+        run: |
+          docker build \
+            -t stm32sim-wolfcrypt:ci \
+            -f simulator-stm32/STM32Sim/Dockerfile.wolfcrypt \
+            simulator-stm32/STM32Sim
+
+      - name: Run MP135 wolfCrypt test on stm32-sim
+        run: |
+          docker run --rm \
+            -v "${{ github.workspace }}/wolfssl:/opt/wolfssl:ro" \
+            stm32sim-wolfcrypt:ci \
+            run-wolfcrypt-mp135.sh
diff --git a/README.md b/README.md
@@ -36,11 +36,18 @@ its `hal/posix/tcp/` HAL.
 ## STM32Sim
 
 The [STM32Sim](STM32Sim/) is a Unicorn-Engine-based simulator for STM32
-microcontrollers focused on the on-chip cryptographic accelerators
-(CRYP/AES, HASH, RNG, PKA) that wolfSSL uses. It is intended to replace
-the Renode-based CI flow for wolfSSL on STM32 targets and to close the
-gaps Renode has in hardware-crypto modelling (HASH peripheral, full AES
-mode set, PKA).
+microcontrollers and application processors focused on the on-chip
+cryptographic accelerators (CRYP/AES, HASH, RNG, PKA) that wolfSSL
+uses. It is intended to replace the Renode-based CI flow for wolfSSL
+on STM32 targets and to close the gaps Renode has in hardware-crypto
+modelling (HASH peripheral, full AES mode set, PKA). Currently
+supported targets:
+
+- **STM32H753** (Cortex-M7, HAL v1)
+- **STM32U575 / U585** (Cortex-M33 with TrustZone, HAL v2, PKA v2)
+- **STM32MP135** (Cortex-A7 with MMU, runs out of DDR with no
+  internal flash; CRYP1/HASH1/RNG1/PKA modelled, including SHA3 and
+  SHAKE on HASH1)
 
 ## PIC32MZSim
 

diff --git a/STM32Sim/Dockerfile.wolfcrypt b/STM32Sim/Dockerfile.wolfcrypt
@@ -9,18 +9,20 @@
 # the Free Software Foundation; either version 3 of the License, or
 # (at your option) any later version.
 
-# Builds the wolfCrypt-on-STM32 firmwares (H753 and U585) that today
-# run under Renode CI, then runs them through stm32-sim instead. The
-# wolfSSL source tree is expected to be mounted at /opt/wolfssl at
-# runtime (the GitHub workflow does `docker run -v $(pwd):/opt/wolfssl
-# ...`). Default CMD runs the H7 firmware; override with
-# `run-wolfcrypt-u5.sh` for U585.
+# Builds the wolfCrypt-on-STM32 firmwares (H753, U585, MP135) that
+# today run under Renode CI, then runs them through stm32-sim
+# instead. The wolfSSL source tree is expected to be mounted at
+# /opt/wolfssl at runtime (the GitHub workflow does
+# `docker run -v $(pwd):/opt/wolfssl ...`). Default CMD runs the H7
+# firmware; override with `run-wolfcrypt-u5.sh` or
+# `run-wolfcrypt-mp135.sh` for the other targets.
 # Image contents:
 #   - arm-none-eabi-gcc cross toolchain
 #   - CMSIS_5, cmsis-device-h7, STM32CubeH7 v1.11.2 (vendored under /opt)
 #   - cmsis-device-u5, STM32CubeU5 (vendored under /opt)
+#   - STM32CubeMP13 (vendored under /opt for the MP135 build)
 #   - stm32-sim runner binary (built from this same repo)
-#   - run-wolfcrypt-h7.sh and run-wolfcrypt-u5.sh entrypoints
+#   - run-wolfcrypt-{h7,u5,mp135}.sh entrypoints
 
 # =============================================================================
 # Stage 1: build stm32-sim (Rust)
@@ -76,7 +78,15 @@ RUN git clone --depth 1 \
             /opt/STM32CubeU5 \
          && cd /opt/STM32CubeU5 \
          && git submodule update --init --recursive --depth 1)) \
- && find /opt/STM32CubeH7 /opt/STM32CubeU5 -name '.git' -prune -exec rm -rf {} + \
+ && (git clone --depth 1 --recurse-submodules \
+        https://github.com/STMicroelectronics/STM32CubeMP13.git \
+        /opt/STM32CubeMP13 \
+     || (git clone --depth 1 \
+            https://github.com/STMicroelectronics/STM32CubeMP13.git \
+            /opt/STM32CubeMP13 \
+         && cd /opt/STM32CubeMP13 \
+         && git submodule update --init --recursive --depth 1)) \
+ && find /opt/STM32CubeH7 /opt/STM32CubeU5 /opt/STM32CubeMP13 -name '.git' -prune -exec rm -rf {} + \
  && rm -rf /opt/cmsis-device-h7/.git /opt/cmsis-device-u5/.git /opt/CMSIS_5/.git
 
 COPY --from=sim-builder /app/stm32-sim/target/release/stm32-sim /usr/local/bin/stm32-sim
@@ -88,13 +98,18 @@ COPY --from=sim-builder /app/stm32-sim/target/release/stm32-sim /usr/local/bin/s
 # disable because Renode could not model them.
 COPY firmware/wolfcrypt-test-h7/ /opt/firmware-h7/
 COPY firmware/wolfcrypt-test-u5/ /opt/firmware-u5/
+COPY firmware/wolfcrypt-test-mp135/ /opt/firmware-mp135/
 
 COPY scripts/run-wolfcrypt-h7.sh /usr/local/bin/run-wolfcrypt-h7.sh
 COPY scripts/run-wolfcrypt-u5.sh /usr/local/bin/run-wolfcrypt-u5.sh
-RUN chmod +x /usr/local/bin/run-wolfcrypt-h7.sh /usr/local/bin/run-wolfcrypt-u5.sh
+COPY scripts/run-wolfcrypt-mp135.sh /usr/local/bin/run-wolfcrypt-mp135.sh
+RUN chmod +x /usr/local/bin/run-wolfcrypt-h7.sh \
+             /usr/local/bin/run-wolfcrypt-u5.sh \
+             /usr/local/bin/run-wolfcrypt-mp135.sh
 
 ENV WOLFSSL_ROOT=/opt/wolfssl
 
 # Default entrypoint runs the H7 wolfCrypt test. Override by passing
-# `run-wolfcrypt-u5.sh` as the command for the U585 build.
+# `run-wolfcrypt-u5.sh` (U585) or `run-wolfcrypt-mp135.sh` (MP135) as
+# the command for the other targets.
 CMD ["run-wolfcrypt-h7.sh"]
diff --git a/STM32Sim/README.md b/STM32Sim/README.md
@@ -26,16 +26,17 @@ track on its own schedule.
 ## Architecture
 
 We use [Unicorn Engine](https://www.unicorn-engine.org/) (QEMU-derived)
-for ARM Cortex-M CPU emulation, and provide our own MMIO peripheral
-models in Rust. The repo is a Cargo workspace under
-[`stm32-sim/`](stm32-sim):
+for ARM CPU emulation, and provide our own MMIO peripheral models in
+Rust. The Cortex-M targets boot in Thumb/MCLASS mode; the MP135
+target boots in ARM mode as a Cortex-A7 (with MMU). The repo is a
+Cargo workspace under [`stm32-sim/`](stm32-sim):
 
 ```
 stm32-sim/
   core/          CPU + MMIO bus + ELF loader + Runner
   peripherals/   USART, RCC, RNG, CRYP, HASH, PKA
-  chips/         STM32H753 / STM32U575 / STM32U585 chip configurations
-                 (memory map + peripheral wiring)
+  chips/         STM32H753 / STM32U575 / STM32U585 / STM32MP135 chip
+                 configurations (memory map + peripheral wiring)
   runner-bin/    `stm32-sim` CLI binary
 ```
 
@@ -50,18 +51,26 @@ even though three chips might present three different DIN/HR layouts.
 
 ## Status
 
-Both **STM32H753** (Cortex-M7, HAL v1, no PKA) and **STM32U575**
-(Cortex-M33, HAL v2, PKA v2) chip targets boot, run firmware, and
-drive their on-chip cryptographic peripherals end-to-end:
-
-| Peripheral | H7 (v1) | U5 (v2) |
-|------------|---------|---------|
-| USART      | OK      | OK      |
-| RCC        | stub    | stub    |
-| RNG        | OK      | OK      |
-| CRYP/AES   | ECB/CBC/CTR/GCM (HAL-driven) | ECB/CBC/CTR/GCM |
-| HASH       | SHA-1/224/256, MD5 (HAL-driven, hardware HMAC mode supported) | SHA-1/224/256, MD5 |
-| PKA        | n/a     | ECC mul (P-256/P-384), RSA modexp, mod arithmetic |
+**STM32H753** (Cortex-M7, HAL v1, no PKA), **STM32U575/U585**
+(Cortex-M33, HAL v2, PKA v2), and **STM32MP135** (Cortex-A7,
+HAL v2 with the H7-style CRYP block, PKA v2) chip targets all boot,
+run firmware, and drive their on-chip cryptographic peripherals end-
+to-end:
+
+| Peripheral | H7 (v1)                          | U5 (v2)            | MP135                                 |
+|------------|----------------------------------|--------------------|---------------------------------------|
+| USART      | OK                               | OK                 | OK (UART4)                            |
+| RCC        | stub                             | stub               | stub                                  |
+| RNG        | OK                               | OK                 | OK (RNG1)                             |
+| CRYP/AES   | ECB/CBC/CTR/GCM (HAL-driven)     | ECB/CBC/CTR/GCM    | ECB/CBC/CTR/GCM (CRYP1, aliased CRYP) |
+| HASH       | SHA-1/224/256, MD5               | SHA-1/224/256, MD5 | SHA-1/224/256, MD5, SHA-384/512, SHA3-224/256/384/512, SHAKE-128/256 (HASH1) |
+| PKA        | n/a                              | ECC mul (P-256/P-384), RSA modexp, mod arithmetic | same as U5 |
+
+The MP135 is bare-metal Cortex-A7 with no internal flash. The firmware
+links at the DDR base (0xC0000000); the simulator maps DDR as plain
+RAM and the ELF loader writes segments straight there, so no DDR_Init
+helper is needed. The firmware enables a flat 1 MiB-section MMU map
+during early boot to mirror the real-hardware path.
 
 The peripheral register adapters are split into `v1.rs` (H7 / HAL v1)
 and `v2.rs` (U5 / HAL v2) modules sharing the same cryptographic
@@ -90,6 +99,7 @@ toolchain:
 ```sh
 make -C firmware/smoke-test-h7
 make -C firmware/smoke-test-u5
+make -C firmware/smoke-test-mp135
 ```
 
 ## Running

diff --git a/STM32Sim/firmware/smoke-test-mp135/Makefile b/STM32Sim/firmware/smoke-test-mp135/Makefile
@@ -0,0 +1,36 @@
+# Makefile for the STM32Sim MP135 smoke-test firmware.
+#
+# Copyright (C) 2026 wolfSSL Inc.
+
+CROSS    ?= arm-none-eabi-
+CC       := $(CROSS)gcc
+OBJCOPY  := $(CROSS)objcopy
+SIZE     := $(CROSS)size
+
+CFLAGS   := -mcpu=cortex-a7 -marm -mfpu=neon-vfpv4 -mfloat-abi=hard \
+            -O0 -g -ffreestanding -nostartfiles -Wall -Wextra \
+            -fno-common -ffunction-sections -fdata-sections
+ASFLAGS  := -mcpu=cortex-a7 -marm -mfpu=neon-vfpv4 -mfloat-abi=hard \
+            -g -ffreestanding
+LDFLAGS  := -mcpu=cortex-a7 -marm -mfpu=neon-vfpv4 -mfloat-abi=hard \
+            -nostartfiles -Wl,--gc-sections -T smoke.ld -Wl,-Map,smoke.map
+
+OBJS     := startup.o mmu.o main.o
+TARGET   := smoke.elf
+
+all: $(TARGET)
+
+$(TARGET): $(OBJS) smoke.ld
+	$(CC) $(LDFLAGS) -o $@ $(OBJS)
+	$(SIZE) $@
+
+%.o: %.c
+	$(CC) $(CFLAGS) -c -o $@ $<
+
+%.o: %.S
+	$(CC) $(ASFLAGS) -c -o $@ $<
+
+clean:
+	rm -f $(OBJS) $(TARGET) smoke.map
+
+.PHONY: all clean