Integrate wolfHAL into wolfBoot. Provide stm32wb example.

[AlexLanzano]

Summary

NOTE: my original PR for wolfHAL integration is here #674 . I have since closed it since I made some significant refactors.

Adds wolfHAL as an alternative HAL backend
for wolfBoot, with STM32WB as the first supported target.

Motivation

wolfBoot's existing HAL implementations hardcode board-specific configuration
(clock speeds, flash geometry, pin assignments) directly in the driver code via
macros and register values. When a customer needs to bring up wolfBoot on custom
hardware using the same MCU family, they must either modify the existing HAL
source or duplicate it — even if the only differences are clock parameters or pin
mappings. In some cases, the required configuration macros may not even be present
in the existing implementation.

wolfHAL separates the driver logic (per MCU family, maintained upstream) from
the board configuration (per board, owned by the customer). With this
integration, porting wolfBoot to a new board in a supported MCU family reduces to
creating a single board config file (hal/boards/<board>.c) with clock parameters,
flash geometry, and pin assignments — no driver code changes required.

Since wolfHAL drivers are maintained as a standalone library, the same drivers used
by wolfBoot can be reused in the application firmware and other wolfSSL projects
(e.g. wolfHAL, wolfTPM, wolfMQTT), giving customers a consistent hardware
abstraction across their entire stack.

Changes

• hal/wolfhal_stm32wb.c — wolfBoot HAL implementation using wolfHAL's
  STM32WB drivers. Maps hal_flash_write/erase/lock/unlock to wolfHAL
  flash driver calls, with RAMFUNCTION support for RAM_CODE=1.

• hal/boards/stm32wb_nucleo.c — board configuration for STM32WB55 Nucleo.
  Defines device instances for clock (64 MHz PLL from MSI), flash, and optionally
  GPIO/UART (DEBUG_UART=1).

• hal/stm32wb.ld — linker script updated with build-time placeholders for
  conditional EXCLUDE_FILE rules, enabling the wolfHAL flash driver to be placed
  in RAM when RAM_CODE=1.

• arch.mk — new wolfhal_stm32wb target block with wolfHAL include paths,
  WHAL_CFG_DIRECT_CALLBACKS for zero-overhead driver dispatch, and conditional
  RAM_CODE linker script substitutions.

• test-app/app_wolfhal_stm32wb.c — test application demonstrating wolfHAL
  GPIO (LED) and UART usage alongside wolfBoot update mechanism.

• test-app/Makefile — test-app compiles its own board object with
  -DDEBUG_UART so the clock vtable includes GetRate for UART baud rate
  calculation, independent of the bootloader's DEBUG_UART setting. Also adds
  -ffunction-sections -fdata-sections to all test apps for gc-sections support.

• docs/wolfHAL.md — integration guide covering board setup, new MCU family
  porting, RAM_CODE support, and test application details.

• CI — added wolfhal_stm32wb_test build job.

Image Size (vs stock stm32wb, flash bytes)

Config	Stock	wolfHAL	Delta
Base	22696	22972	+276
+DEBUG_UART	24344	25192	+848
+RAM_CODE	23872	24268	+396

[Copilot]

Pull request overview

Integrates wolfHAL as an alternate wolfBoot HAL backend, adding an STM32WB55 Nucleo example plus build/linker plumbing to support optional RAM-based flash driver execution.

Changes:

• Added STM32WB wolfHAL-based HAL and a Nucleo board configuration (clock/flash, optional GPIO/UART).
• Updated STM32WB linker script + build system to support RAM_CODE=1 via build-time linker-script placeholders.
• Added a wolfHAL STM32WB test app, documentation, submodule, and CI build job.

Reviewed changes

Copilot reviewed 12 out of 12 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
test-app/app_wolfhal_stm32wb.c	New bare-metal STM32WB55 Nucleo test app using wolfHAL GPIO/UART with wolfBoot update flow.
test-app/Makefile	Adds section GC flags and wolfHAL STM32WB target object list + board object build rule.
lib/wolfHAL	Adds wolfHAL submodule pointer.
hal/wolfhal_stm32wb.c	New wolfHAL-backed STM32WB wolfBoot HAL implementation (flash ops + optional UART).
hal/stm32wb.ld	Adds build-time placeholders to move wolfHAL flash driver into RAM when RAM_CODE=1.
hal/boards/stm32wb_nucleo.c	New STM32WB55 Nucleo wolfHAL board configuration (clock/flash, optional UART).
docs/wolfHAL.md	New integration guide documenting targets/boards, RAM_CODE mechanism, and test app.
config/examples/wolfhal_stm32wb_nucleo.config	New example config selecting wolfHAL STM32WB + Nucleo board.
arch.mk	Adds wolfhal_stm32wb target block and defaults for linker placeholder substitutions.
Makefile	Extends linker-script generation to substitute wolfHAL-related placeholders.
.gitmodules	Registers wolfHAL submodule.
.github/workflows/test-configs.yml	Adds CI build job for the new example config.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The encryption key material is compiled into the binary unconditionally (even when EXT_ENCRYPTED is not enabled) and is a non-static writable global. To reduce accidental key exposure and avoid bloating non-encrypted builds, gate the definition with #if EXT_ENCRYPTED (matching its use site), and make it static const so it lands in read-only memory and is not externally visible.

Suggested change

	char enc_key[] = "0123456789abcdef0123456789abcdef"
	"0123456789abcdef";
	#if EXT_ENCRYPTED
	static const char enc_key[] = "0123456789abcdef0123456789abcdef"
	"0123456789abcdef";
	#endif