cjson
fuzzing
inputs
test1 test10 test11 test2 test3 test3.bu test3.uf test3.uu test4 test5 test6 test7 test8 test9library_config
cJSONConfig.cmake.in cJSONConfigVersion.cmake.in libcjson.pc.in libcjson_utils.pc.in uninstall.cmaketests
inputs
test1 test1.expected test10 test10.expected test11 test11.expected test2 test2.expected test3 test3.expected test4 test4.expected test5 test5.expected test6 test7 test7.expected test8 test8.expected test9 test9.expectedjson-patch-tests
.editorconfig .gitignore .npmignore README.md cjson-utils-tests.json package.json spec_tests.json tests.jsonunity
auto
colour_prompt.rb colour_reporter.rb generate_config.yml generate_module.rb generate_test_runner.rb parse_output.rb stylize_as_junit.rb test_file_filter.rb type_sanitizer.rb unity_test_summary.py unity_test_summary.rb unity_to_junit.pydocs
ThrowTheSwitchCodingStandard.md UnityAssertionsCheatSheetSuitableforPrintingandPossiblyFraming.pdf UnityAssertionsReference.md UnityConfigurationGuide.md UnityGettingStartedGuide.md UnityHelperScriptsGuide.md license.txtexamples
unity_config.hcurl
.github
scripts
cleancmd.pl cmp-config.pl cmp-pkg-config.sh codespell-ignore.words codespell.sh distfiles.sh pyspelling.words pyspelling.yaml randcurl.pl requirements-docs.txt requirements-proselint.txt requirements.txt shellcheck-ci.sh shellcheck.sh spellcheck.curl trimmarkdownheader.pl typos.sh typos.toml verify-examples.pl verify-synopsis.pl yamlcheck.sh yamlcheck.yamlworkflows
appveyor-status.yml checkdocs.yml checksrc.yml checkurls.yml codeql.yml configure-vs-cmake.yml curl-for-win.yml distcheck.yml fuzz.yml http3-linux.yml label.yml linux-old.yml linux.yml macos.yml non-native.yml windows.ymlCMake
CurlSymbolHiding.cmake CurlTests.c FindBrotli.cmake FindCares.cmake FindGSS.cmake FindGnuTLS.cmake FindLDAP.cmake FindLibbacktrace.cmake FindLibgsasl.cmake FindLibidn2.cmake FindLibpsl.cmake FindLibssh.cmake FindLibssh2.cmake FindLibuv.cmake FindMbedTLS.cmake FindNGHTTP2.cmake FindNGHTTP3.cmake FindNGTCP2.cmake FindNettle.cmake FindQuiche.cmake FindRustls.cmake FindWolfSSL.cmake FindZstd.cmake Macros.cmake OtherTests.cmake PickyWarnings.cmake Utilities.cmake cmake_uninstall.in.cmake curl-config.in.cmake unix-cache.cmake win32-cache.cmakedocs
cmdline-opts
.gitignore CMakeLists.txt MANPAGE.md Makefile.am Makefile.inc _AUTHORS.md _BUGS.md _DESCRIPTION.md _ENVIRONMENT.md _EXITCODES.md _FILES.md _GLOBBING.md _NAME.md _OPTIONS.md _OUTPUT.md _PROGRESS.md _PROTOCOLS.md _PROXYPREFIX.md _SEEALSO.md _SYNOPSIS.md _URL.md _VARIABLES.md _VERSION.md _WWW.md abstract-unix-socket.md alt-svc.md anyauth.md append.md aws-sigv4.md basic.md ca-native.md cacert.md capath.md cert-status.md cert-type.md cert.md ciphers.md compressed-ssh.md compressed.md config.md connect-timeout.md connect-to.md continue-at.md cookie-jar.md cookie.md create-dirs.md create-file-mode.md crlf.md crlfile.md curves.md data-ascii.md data-binary.md data-raw.md data-urlencode.md data.md delegation.md digest.md disable-eprt.md disable-epsv.md disable.md disallow-username-in-url.md dns-interface.md dns-ipv4-addr.md dns-ipv6-addr.md dns-servers.md doh-cert-status.md doh-insecure.md doh-url.md dump-ca-embed.md dump-header.md ech.md egd-file.md engine.md etag-compare.md etag-save.md expect100-timeout.md fail-early.md fail-with-body.md fail.md false-start.md follow.md form-escape.md form-string.md form.md ftp-account.md ftp-alternative-to-user.md ftp-create-dirs.md ftp-method.md ftp-pasv.md ftp-port.md ftp-pret.md ftp-skip-pasv-ip.md ftp-ssl-ccc-mode.md ftp-ssl-ccc.md ftp-ssl-control.md get.md globoff.md happy-eyeballs-timeout-ms.md haproxy-clientip.md haproxy-protocol.md head.md header.md help.md hostpubmd5.md hostpubsha256.md hsts.md http0.9.md http1.0.md http1.1.md http2-prior-knowledge.md http2.md http3-only.md http3.md ignore-content-length.md insecure.md interface.md ip-tos.md ipfs-gateway.md ipv4.md ipv6.md json.md junk-session-cookies.md keepalive-cnt.md keepalive-time.md key-type.md key.md knownhosts.md krb.md libcurl.md limit-rate.md list-only.md local-port.md location-trusted.md location.md login-options.md mail-auth.md mail-from.md mail-rcpt-allowfails.md mail-rcpt.md mainpage.idx manual.md max-filesize.md max-redirs.md max-time.md metalink.md mptcp.md negotiate.md netrc-file.md netrc-optional.md netrc.md next.md no-alpn.md no-buffer.md no-clobber.md no-keepalive.md no-npn.md no-progress-meter.md no-sessionid.md noproxy.md ntlm-wb.md ntlm.md oauth2-bearer.md out-null.md output-dir.md output.md parallel-immediate.md parallel-max-host.md parallel-max.md parallel.md pass.md path-as-is.md pinnedpubkey.md post301.md post302.md post303.md preproxy.md progress-bar.md proto-default.md proto-redir.md proto.md proxy-anyauth.md proxy-basic.md proxy-ca-native.md proxy-cacert.md proxy-capath.md proxy-cert-type.md proxy-cert.md proxy-ciphers.md proxy-crlfile.md proxy-digest.md proxy-header.md proxy-http2.md proxy-insecure.md proxy-key-type.md proxy-key.md proxy-negotiate.md proxy-ntlm.md proxy-pass.md proxy-pinnedpubkey.md proxy-service-name.md proxy-ssl-allow-beast.md proxy-ssl-auto-client-cert.md proxy-tls13-ciphers.md proxy-tlsauthtype.md proxy-tlspassword.md proxy-tlsuser.md proxy-tlsv1.md proxy-user.md proxy.md proxy1.0.md proxytunnel.md pubkey.md quote.md random-file.md range.md rate.md raw.md referer.md remote-header-name.md remote-name-all.md remote-name.md remote-time.md remove-on-error.md request-target.md request.md resolve.md retry-all-errors.md retry-connrefused.md retry-delay.md retry-max-time.md retry.md sasl-authzid.md sasl-ir.md service-name.md show-error.md show-headers.md sigalgs.md silent.md skip-existing.md socks4.md socks4a.md socks5-basic.md socks5-gssapi-nec.md socks5-gssapi-service.md socks5-gssapi.md socks5-hostname.md socks5.md speed-limit.md speed-time.md ssl-allow-beast.md ssl-auto-client-cert.md ssl-no-revoke.md ssl-reqd.md ssl-revoke-best-effort.md ssl-sessions.md ssl.md sslv2.md sslv3.md stderr.md styled-output.md suppress-connect-headers.md tcp-fastopen.md tcp-nodelay.md telnet-option.md tftp-blksize.md tftp-no-options.md time-cond.md tls-earlydata.md tls-max.md tls13-ciphers.md tlsauthtype.md tlspassword.md tlsuser.md tlsv1.0.md tlsv1.1.md tlsv1.2.md tlsv1.3.md tlsv1.md tr-encoding.md trace-ascii.md trace-config.md trace-ids.md trace-time.md trace.md unix-socket.md upload-file.md upload-flags.md url-query.md url.md use-ascii.md user-agent.md user.md variable.md verbose.md version.md vlan-priority.md write-out.md xattr.mdexamples
.checksrc .gitignore 10-at-a-time.c CMakeLists.txt Makefile.am Makefile.example Makefile.inc README.md adddocsref.pl address-scope.c altsvc.c anyauthput.c block_ip.c cacertinmem.c certinfo.c chkspeed.c connect-to.c cookie_interface.c crawler.c debug.c default-scheme.c ephiperfifo.c evhiperfifo.c externalsocket.c fileupload.c ftp-delete.c ftp-wildcard.c ftpget.c ftpgetinfo.c ftpgetresp.c ftpsget.c ftpupload.c ftpuploadfrommem.c ftpuploadresume.c getinfo.c getinmemory.c getredirect.c getreferrer.c ghiper.c headerapi.c hiperfifo.c hsts-preload.c htmltidy.c htmltitle.cpp http-options.c http-post.c http2-download.c http2-pushinmemory.c http2-serverpush.c http2-upload.c http3-present.c http3.c httpcustomheader.c httpput-postfields.c httpput.c https.c imap-append.c imap-authzid.c imap-copy.c imap-create.c imap-delete.c imap-examine.c imap-fetch.c imap-list.c imap-lsub.c imap-multi.c imap-noop.c imap-search.c imap-ssl.c imap-store.c imap-tls.c interface.c ipv6.c keepalive.c localport.c log_failed_transfers.c maxconnects.c multi-app.c multi-debugcallback.c multi-double.c multi-event.c multi-formadd.c multi-legacy.c multi-post.c multi-single.c multi-uv.c netrc.c parseurl.c persistent.c pop3-authzid.c pop3-dele.c pop3-list.c pop3-multi.c pop3-noop.c pop3-retr.c pop3-ssl.c pop3-stat.c pop3-tls.c pop3-top.c pop3-uidl.c post-callback.c postinmemory.c postit2-formadd.c postit2.c progressfunc.c protofeats.c range.c resolve.c rtsp-options.c sendrecv.c sepheaders.c sessioninfo.c sftpget.c sftpuploadresume.c shared-connection-cache.c simple.c simplepost.c simplessl.c smooth-gtk-thread.c smtp-authzid.c smtp-expn.c smtp-mail.c smtp-mime.c smtp-multi.c smtp-ssl.c smtp-tls.c smtp-vrfy.c sslbackend.c synctime.c threaded.c unixsocket.c url2file.c urlapi.c usercertinmem.c version-check.pl websocket-cb.c websocket-updown.c websocket.c xmlstream.cinternals
BUFQ.md BUFREF.md CHECKSRC.md CLIENT-READERS.md CLIENT-WRITERS.md CODE_STYLE.md CONNECTION-FILTERS.md CREDENTIALS.md CURLX.md DYNBUF.md HASH.md LLIST.md MID.md MQTT.md MULTI-EV.md NEW-PROTOCOL.md PEERS.md PORTING.md RATELIMITS.md README.md SCORECARD.md SPLAY.md STRPARSE.md THRDPOOL-AND-QUEUE.md TIME-KEEPING.md TLS-SESSIONS.md UINT_SETS.md WEBSOCKET.mdlibcurl
opts
CMakeLists.txt CURLINFO_ACTIVESOCKET.md CURLINFO_APPCONNECT_TIME.md CURLINFO_APPCONNECT_TIME_T.md CURLINFO_CAINFO.md CURLINFO_CAPATH.md CURLINFO_CERTINFO.md CURLINFO_CONDITION_UNMET.md CURLINFO_CONNECT_TIME.md CURLINFO_CONNECT_TIME_T.md CURLINFO_CONN_ID.md CURLINFO_CONTENT_LENGTH_DOWNLOAD.md CURLINFO_CONTENT_LENGTH_DOWNLOAD_T.md CURLINFO_CONTENT_LENGTH_UPLOAD.md CURLINFO_CONTENT_LENGTH_UPLOAD_T.md CURLINFO_CONTENT_TYPE.md CURLINFO_COOKIELIST.md CURLINFO_EARLYDATA_SENT_T.md CURLINFO_EFFECTIVE_METHOD.md CURLINFO_EFFECTIVE_URL.md CURLINFO_FILETIME.md CURLINFO_FILETIME_T.md CURLINFO_FTP_ENTRY_PATH.md CURLINFO_HEADER_SIZE.md CURLINFO_HTTPAUTH_AVAIL.md CURLINFO_HTTPAUTH_USED.md CURLINFO_HTTP_CONNECTCODE.md CURLINFO_HTTP_VERSION.md CURLINFO_LASTSOCKET.md CURLINFO_LOCAL_IP.md CURLINFO_LOCAL_PORT.md CURLINFO_NAMELOOKUP_TIME.md CURLINFO_NAMELOOKUP_TIME_T.md CURLINFO_NUM_CONNECTS.md CURLINFO_OS_ERRNO.md CURLINFO_POSTTRANSFER_TIME_T.md CURLINFO_PRETRANSFER_TIME.md CURLINFO_PRETRANSFER_TIME_T.md CURLINFO_PRIMARY_IP.md CURLINFO_PRIMARY_PORT.md CURLINFO_PRIVATE.md CURLINFO_PROTOCOL.md CURLINFO_PROXYAUTH_AVAIL.md CURLINFO_PROXYAUTH_USED.md CURLINFO_PROXY_ERROR.md CURLINFO_PROXY_SSL_VERIFYRESULT.md CURLINFO_QUEUE_TIME_T.md CURLINFO_REDIRECT_COUNT.md CURLINFO_REDIRECT_TIME.md CURLINFO_REDIRECT_TIME_T.md CURLINFO_REDIRECT_URL.md CURLINFO_REFERER.md CURLINFO_REQUEST_SIZE.md CURLINFO_RESPONSE_CODE.md CURLINFO_RETRY_AFTER.md CURLINFO_RTSP_CLIENT_CSEQ.md CURLINFO_RTSP_CSEQ_RECV.md CURLINFO_RTSP_SERVER_CSEQ.md CURLINFO_RTSP_SESSION_ID.md CURLINFO_SCHEME.md CURLINFO_SIZE_DELIVERED.md CURLINFO_SIZE_DOWNLOAD.md CURLINFO_SIZE_DOWNLOAD_T.md CURLINFO_SIZE_UPLOAD.md CURLINFO_SIZE_UPLOAD_T.md CURLINFO_SPEED_DOWNLOAD.md CURLINFO_SPEED_DOWNLOAD_T.md CURLINFO_SPEED_UPLOAD.md CURLINFO_SPEED_UPLOAD_T.md CURLINFO_SSL_ENGINES.md CURLINFO_SSL_VERIFYRESULT.md CURLINFO_STARTTRANSFER_TIME.md CURLINFO_STARTTRANSFER_TIME_T.md CURLINFO_TLS_SESSION.md CURLINFO_TLS_SSL_PTR.md CURLINFO_TOTAL_TIME.md CURLINFO_TOTAL_TIME_T.md CURLINFO_USED_PROXY.md CURLINFO_XFER_ID.md CURLMINFO_XFERS_ADDED.md CURLMINFO_XFERS_CURRENT.md CURLMINFO_XFERS_DONE.md CURLMINFO_XFERS_PENDING.md CURLMINFO_XFERS_RUNNING.md CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.md CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.md CURLMOPT_MAXCONNECTS.md CURLMOPT_MAX_CONCURRENT_STREAMS.md CURLMOPT_MAX_HOST_CONNECTIONS.md CURLMOPT_MAX_PIPELINE_LENGTH.md CURLMOPT_MAX_TOTAL_CONNECTIONS.md CURLMOPT_NETWORK_CHANGED.md CURLMOPT_NOTIFYDATA.md CURLMOPT_NOTIFYFUNCTION.md CURLMOPT_PIPELINING.md CURLMOPT_PIPELINING_SERVER_BL.md CURLMOPT_PIPELINING_SITE_BL.md CURLMOPT_PUSHDATA.md CURLMOPT_PUSHFUNCTION.md CURLMOPT_QUICK_EXIT.md CURLMOPT_RESOLVE_THREADS_MAX.md CURLMOPT_SOCKETDATA.md CURLMOPT_SOCKETFUNCTION.md CURLMOPT_TIMERDATA.md CURLMOPT_TIMERFUNCTION.md CURLOPT_ABSTRACT_UNIX_SOCKET.md CURLOPT_ACCEPTTIMEOUT_MS.md CURLOPT_ACCEPT_ENCODING.md CURLOPT_ADDRESS_SCOPE.md CURLOPT_ALTSVC.md CURLOPT_ALTSVC_CTRL.md CURLOPT_APPEND.md CURLOPT_AUTOREFERER.md CURLOPT_AWS_SIGV4.md CURLOPT_BUFFERSIZE.md CURLOPT_CAINFO.md CURLOPT_CAINFO_BLOB.md CURLOPT_CAPATH.md CURLOPT_CA_CACHE_TIMEOUT.md CURLOPT_CERTINFO.md CURLOPT_CHUNK_BGN_FUNCTION.md CURLOPT_CHUNK_DATA.md CURLOPT_CHUNK_END_FUNCTION.md CURLOPT_CLOSESOCKETDATA.md CURLOPT_CLOSESOCKETFUNCTION.md CURLOPT_CONNECTTIMEOUT.md CURLOPT_CONNECTTIMEOUT_MS.md CURLOPT_CONNECT_ONLY.md CURLOPT_CONNECT_TO.md CURLOPT_CONV_FROM_NETWORK_FUNCTION.md CURLOPT_CONV_FROM_UTF8_FUNCTION.md CURLOPT_CONV_TO_NETWORK_FUNCTION.md CURLOPT_COOKIE.md CURLOPT_COOKIEFILE.md CURLOPT_COOKIEJAR.md CURLOPT_COOKIELIST.md CURLOPT_COOKIESESSION.md CURLOPT_COPYPOSTFIELDS.md CURLOPT_CRLF.md CURLOPT_CRLFILE.md CURLOPT_CURLU.md CURLOPT_CUSTOMREQUEST.md CURLOPT_DEBUGDATA.md CURLOPT_DEBUGFUNCTION.md CURLOPT_DEFAULT_PROTOCOL.md CURLOPT_DIRLISTONLY.md CURLOPT_DISALLOW_USERNAME_IN_URL.md CURLOPT_DNS_CACHE_TIMEOUT.md CURLOPT_DNS_INTERFACE.md CURLOPT_DNS_LOCAL_IP4.md CURLOPT_DNS_LOCAL_IP6.md CURLOPT_DNS_SERVERS.md CURLOPT_DNS_SHUFFLE_ADDRESSES.md CURLOPT_DNS_USE_GLOBAL_CACHE.md CURLOPT_DOH_SSL_VERIFYHOST.md CURLOPT_DOH_SSL_VERIFYPEER.md CURLOPT_DOH_SSL_VERIFYSTATUS.md CURLOPT_DOH_URL.md CURLOPT_ECH.md CURLOPT_EGDSOCKET.md CURLOPT_ERRORBUFFER.md CURLOPT_EXPECT_100_TIMEOUT_MS.md CURLOPT_FAILONERROR.md CURLOPT_FILETIME.md CURLOPT_FNMATCH_DATA.md CURLOPT_FNMATCH_FUNCTION.md CURLOPT_FOLLOWLOCATION.md CURLOPT_FORBID_REUSE.md CURLOPT_FRESH_CONNECT.md CURLOPT_FTPPORT.md CURLOPT_FTPSSLAUTH.md CURLOPT_FTP_ACCOUNT.md CURLOPT_FTP_ALTERNATIVE_TO_USER.md CURLOPT_FTP_CREATE_MISSING_DIRS.md CURLOPT_FTP_FILEMETHOD.md CURLOPT_FTP_SKIP_PASV_IP.md CURLOPT_FTP_SSL_CCC.md CURLOPT_FTP_USE_EPRT.md CURLOPT_FTP_USE_EPSV.md CURLOPT_FTP_USE_PRET.md CURLOPT_GSSAPI_DELEGATION.md CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS.md CURLOPT_HAPROXYPROTOCOL.md CURLOPT_HAPROXY_CLIENT_IP.md CURLOPT_HEADER.md CURLOPT_HEADERDATA.md CURLOPT_HEADERFUNCTION.md CURLOPT_HEADEROPT.md CURLOPT_HSTS.md CURLOPT_HSTSREADDATA.md CURLOPT_HSTSREADFUNCTION.md CURLOPT_HSTSWRITEDATA.md CURLOPT_HSTSWRITEFUNCTION.md CURLOPT_HSTS_CTRL.md CURLOPT_HTTP09_ALLOWED.md CURLOPT_HTTP200ALIASES.md CURLOPT_HTTPAUTH.md CURLOPT_HTTPGET.md CURLOPT_HTTPHEADER.md CURLOPT_HTTPPOST.md CURLOPT_HTTPPROXYTUNNEL.md CURLOPT_HTTP_CONTENT_DECODING.md CURLOPT_HTTP_TRANSFER_DECODING.md CURLOPT_HTTP_VERSION.md CURLOPT_IGNORE_CONTENT_LENGTH.md CURLOPT_INFILESIZE.md CURLOPT_INFILESIZE_LARGE.md CURLOPT_INTERFACE.md CURLOPT_INTERLEAVEDATA.md CURLOPT_INTERLEAVEFUNCTION.md CURLOPT_IOCTLDATA.md CURLOPT_IOCTLFUNCTION.md CURLOPT_IPRESOLVE.md CURLOPT_ISSUERCERT.md CURLOPT_ISSUERCERT_BLOB.md CURLOPT_KEEP_SENDING_ON_ERROR.md CURLOPT_KEYPASSWD.md CURLOPT_KRBLEVEL.md CURLOPT_LOCALPORT.md CURLOPT_LOCALPORTRANGE.md CURLOPT_LOGIN_OPTIONS.md CURLOPT_LOW_SPEED_LIMIT.md CURLOPT_LOW_SPEED_TIME.md CURLOPT_MAIL_AUTH.md CURLOPT_MAIL_FROM.md CURLOPT_MAIL_RCPT.md CURLOPT_MAIL_RCPT_ALLOWFAILS.md CURLOPT_MAXAGE_CONN.md CURLOPT_MAXCONNECTS.md CURLOPT_MAXFILESIZE.md CURLOPT_MAXFILESIZE_LARGE.md CURLOPT_MAXLIFETIME_CONN.md CURLOPT_MAXREDIRS.md CURLOPT_MAX_RECV_SPEED_LARGE.md CURLOPT_MAX_SEND_SPEED_LARGE.md CURLOPT_MIMEPOST.md CURLOPT_MIME_OPTIONS.md CURLOPT_NETRC.md CURLOPT_NETRC_FILE.md CURLOPT_NEW_DIRECTORY_PERMS.md CURLOPT_NEW_FILE_PERMS.md CURLOPT_NOBODY.md CURLOPT_NOPROGRESS.md CURLOPT_NOPROXY.md CURLOPT_NOSIGNAL.md CURLOPT_OPENSOCKETDATA.md CURLOPT_OPENSOCKETFUNCTION.md CURLOPT_PASSWORD.md CURLOPT_PATH_AS_IS.md CURLOPT_PINNEDPUBLICKEY.md CURLOPT_PIPEWAIT.md CURLOPT_PORT.md CURLOPT_POST.md CURLOPT_POSTFIELDS.md CURLOPT_POSTFIELDSIZE.md CURLOPT_POSTFIELDSIZE_LARGE.md CURLOPT_POSTQUOTE.md CURLOPT_POSTREDIR.md CURLOPT_PREQUOTE.md CURLOPT_PREREQDATA.md CURLOPT_PREREQFUNCTION.md CURLOPT_PRE_PROXY.md CURLOPT_PRIVATE.md CURLOPT_PROGRESSDATA.md CURLOPT_PROGRESSFUNCTION.md CURLOPT_PROTOCOLS.md CURLOPT_PROTOCOLS_STR.md CURLOPT_PROXY.md CURLOPT_PROXYAUTH.md CURLOPT_PROXYHEADER.md CURLOPT_PROXYPASSWORD.md CURLOPT_PROXYPORT.md CURLOPT_PROXYTYPE.md CURLOPT_PROXYUSERNAME.md CURLOPT_PROXYUSERPWD.md CURLOPT_PROXY_CAINFO.md CURLOPT_PROXY_CAINFO_BLOB.md CURLOPT_PROXY_CAPATH.md CURLOPT_PROXY_CRLFILE.md CURLOPT_PROXY_ISSUERCERT.md CURLOPT_PROXY_ISSUERCERT_BLOB.md CURLOPT_PROXY_KEYPASSWD.md CURLOPT_PROXY_PINNEDPUBLICKEY.md CURLOPT_PROXY_SERVICE_NAME.md CURLOPT_PROXY_SSLCERT.md CURLOPT_PROXY_SSLCERTTYPE.md CURLOPT_PROXY_SSLCERT_BLOB.md CURLOPT_PROXY_SSLKEY.md CURLOPT_PROXY_SSLKEYTYPE.md CURLOPT_PROXY_SSLKEY_BLOB.md CURLOPT_PROXY_SSLVERSION.md CURLOPT_PROXY_SSL_CIPHER_LIST.md CURLOPT_PROXY_SSL_OPTIONS.md CURLOPT_PROXY_SSL_VERIFYHOST.md CURLOPT_PROXY_SSL_VERIFYPEER.md CURLOPT_PROXY_TLS13_CIPHERS.md CURLOPT_PROXY_TLSAUTH_PASSWORD.md CURLOPT_PROXY_TLSAUTH_TYPE.md CURLOPT_PROXY_TLSAUTH_USERNAME.md CURLOPT_PROXY_TRANSFER_MODE.md CURLOPT_PUT.md CURLOPT_QUICK_EXIT.md CURLOPT_QUOTE.md CURLOPT_RANDOM_FILE.md CURLOPT_RANGE.md CURLOPT_READDATA.md CURLOPT_READFUNCTION.md CURLOPT_REDIR_PROTOCOLS.md CURLOPT_REDIR_PROTOCOLS_STR.md CURLOPT_REFERER.md CURLOPT_REQUEST_TARGET.md CURLOPT_RESOLVE.md CURLOPT_RESOLVER_START_DATA.md CURLOPT_RESOLVER_START_FUNCTION.md CURLOPT_RESUME_FROM.md CURLOPT_RESUME_FROM_LARGE.md CURLOPT_RTSP_CLIENT_CSEQ.md CURLOPT_RTSP_REQUEST.md CURLOPT_RTSP_SERVER_CSEQ.md CURLOPT_RTSP_SESSION_ID.md CURLOPT_RTSP_STREAM_URI.md CURLOPT_RTSP_TRANSPORT.md CURLOPT_SASL_AUTHZID.md CURLOPT_SASL_IR.md CURLOPT_SEEKDATA.md CURLOPT_SEEKFUNCTION.md CURLOPT_SERVER_RESPONSE_TIMEOUT.md CURLOPT_SERVER_RESPONSE_TIMEOUT_MS.md CURLOPT_SERVICE_NAME.md CURLOPT_SHARE.md CURLOPT_SOCKOPTDATA.md CURLOPT_SOCKOPTFUNCTION.md CURLOPT_SOCKS5_AUTH.md CURLOPT_SOCKS5_GSSAPI_NEC.md CURLOPT_SOCKS5_GSSAPI_SERVICE.md CURLOPT_SSH_AUTH_TYPES.md CURLOPT_SSH_COMPRESSION.md CURLOPT_SSH_HOSTKEYDATA.md CURLOPT_SSH_HOSTKEYFUNCTION.md CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.md CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256.md CURLOPT_SSH_KEYDATA.md CURLOPT_SSH_KEYFUNCTION.md CURLOPT_SSH_KNOWNHOSTS.md CURLOPT_SSH_PRIVATE_KEYFILE.md CURLOPT_SSH_PUBLIC_KEYFILE.md CURLOPT_SSLCERT.md CURLOPT_SSLCERTTYPE.md CURLOPT_SSLCERT_BLOB.md CURLOPT_SSLENGINE.md CURLOPT_SSLENGINE_DEFAULT.md CURLOPT_SSLKEY.md CURLOPT_SSLKEYTYPE.md CURLOPT_SSLKEY_BLOB.md CURLOPT_SSLVERSION.md CURLOPT_SSL_CIPHER_LIST.md CURLOPT_SSL_CTX_DATA.md CURLOPT_SSL_CTX_FUNCTION.md CURLOPT_SSL_EC_CURVES.md CURLOPT_SSL_ENABLE_ALPN.md CURLOPT_SSL_ENABLE_NPN.md CURLOPT_SSL_FALSESTART.md CURLOPT_SSL_OPTIONS.md CURLOPT_SSL_SESSIONID_CACHE.md CURLOPT_SSL_SIGNATURE_ALGORITHMS.md CURLOPT_SSL_VERIFYHOST.md CURLOPT_SSL_VERIFYPEER.md CURLOPT_SSL_VERIFYSTATUS.md CURLOPT_STDERR.md CURLOPT_STREAM_DEPENDS.md CURLOPT_STREAM_DEPENDS_E.md CURLOPT_STREAM_WEIGHT.md CURLOPT_SUPPRESS_CONNECT_HEADERS.md CURLOPT_TCP_FASTOPEN.md CURLOPT_TCP_KEEPALIVE.md CURLOPT_TCP_KEEPCNT.md CURLOPT_TCP_KEEPIDLE.md CURLOPT_TCP_KEEPINTVL.md CURLOPT_TCP_NODELAY.md CURLOPT_TELNETOPTIONS.md CURLOPT_TFTP_BLKSIZE.md CURLOPT_TFTP_NO_OPTIONS.md CURLOPT_TIMECONDITION.md CURLOPT_TIMEOUT.md CURLOPT_TIMEOUT_MS.md CURLOPT_TIMEVALUE.md CURLOPT_TIMEVALUE_LARGE.md CURLOPT_TLS13_CIPHERS.md CURLOPT_TLSAUTH_PASSWORD.md CURLOPT_TLSAUTH_TYPE.md CURLOPT_TLSAUTH_USERNAME.md CURLOPT_TRAILERDATA.md CURLOPT_TRAILERFUNCTION.md CURLOPT_TRANSFERTEXT.md CURLOPT_TRANSFER_ENCODING.md CURLOPT_UNIX_SOCKET_PATH.md CURLOPT_UNRESTRICTED_AUTH.md CURLOPT_UPKEEP_INTERVAL_MS.md CURLOPT_UPLOAD.md CURLOPT_UPLOAD_BUFFERSIZE.md CURLOPT_UPLOAD_FLAGS.md CURLOPT_URL.md CURLOPT_USERAGENT.md CURLOPT_USERNAME.md CURLOPT_USERPWD.md CURLOPT_USE_SSL.md CURLOPT_VERBOSE.md CURLOPT_WILDCARDMATCH.md CURLOPT_WRITEDATA.md CURLOPT_WRITEFUNCTION.md CURLOPT_WS_OPTIONS.md CURLOPT_XFERINFODATA.md CURLOPT_XFERINFOFUNCTION.md CURLOPT_XOAUTH2_BEARER.md CURLSHOPT_LOCKFUNC.md CURLSHOPT_SHARE.md CURLSHOPT_UNLOCKFUNC.md CURLSHOPT_UNSHARE.md CURLSHOPT_USERDATA.md Makefile.am Makefile.incinclude
curl
Makefile.am curl.h curlver.h easy.h header.h mprintf.h multi.h options.h stdcheaders.h system.h typecheck-gcc.h urlapi.h websockets.hlib
curlx
base64.c base64.h basename.c basename.h dynbuf.c dynbuf.h fopen.c fopen.h inet_ntop.c inet_ntop.h inet_pton.c inet_pton.h multibyte.c multibyte.h nonblock.c nonblock.h snprintf.c snprintf.h strcopy.c strcopy.h strdup.c strdup.h strerr.c strerr.h strparse.c strparse.h timediff.c timediff.h timeval.c timeval.h version_win32.c version_win32.h wait.c wait.h warnless.c warnless.h winapi.c winapi.hvauth
cleartext.c cram.c digest.c digest.h digest_sspi.c gsasl.c krb5_gssapi.c krb5_sspi.c ntlm.c ntlm_sspi.c oauth2.c spnego_gssapi.c spnego_sspi.c vauth.c vauth.hvquic
curl_ngtcp2.c curl_ngtcp2.h curl_quiche.c curl_quiche.h vquic-tls.c vquic-tls.h vquic.c vquic.h vquic_int.hvtls
apple.c apple.h cipher_suite.c cipher_suite.h gtls.c gtls.h hostcheck.c hostcheck.h keylog.c keylog.h mbedtls.c mbedtls.h openssl.c openssl.h rustls.c rustls.h schannel.c schannel.h schannel_int.h schannel_verify.c vtls.c vtls.h vtls_int.h vtls_scache.c vtls_scache.h vtls_spack.c vtls_spack.h wolfssl.c wolfssl.h x509asn1.c x509asn1.hm4
.gitignore curl-amissl.m4 curl-apple-sectrust.m4 curl-compilers.m4 curl-confopts.m4 curl-functions.m4 curl-gnutls.m4 curl-mbedtls.m4 curl-openssl.m4 curl-override.m4 curl-reentrant.m4 curl-rustls.m4 curl-schannel.m4 curl-sysconfig.m4 curl-wolfssl.m4 xc-am-iface.m4 xc-cc-check.m4 xc-lt-iface.m4 xc-val-flgs.m4 zz40-xc-ovr.m4 zz50-xc-ovr.m4projects
OS400
.checksrc README.OS400 ccsidcurl.c ccsidcurl.h config400.default curl.cmd curl.inc.in curlcl.c curlmain.c initscript.sh make-docs.sh make-include.sh make-lib.sh make-src.sh make-tests.sh makefile.sh os400sys.c os400sys.hWindows
tmpl
.gitattributes README.txt curl-all.sln curl.sln curl.vcxproj curl.vcxproj.filters libcurl.sln libcurl.vcxproj libcurl.vcxproj.filtersvms
Makefile.am backup_gnv_curl_src.com build_curl-config_script.com build_gnv_curl.com build_gnv_curl_pcsi_desc.com build_gnv_curl_pcsi_text.com build_gnv_curl_release_notes.com build_libcurl_pc.com build_vms.com clean_gnv_curl.com compare_curl_source.com config_h.com curl_crtl_init.c curl_gnv_build_steps.txt curl_release_note_start.txt curl_startup.com curlmsg.h curlmsg.msg curlmsg.sdl curlmsg_vms.h generate_config_vms_h_curl.com generate_vax_transfer.com gnv_conftest.c_first gnv_curl_configure.sh gnv_libcurl_symbols.opt gnv_link_curl.com macro32_exactcase.patch make_gnv_curl_install.sh make_pcsi_curl_kit_name.com pcsi_gnv_curl_file_list.txt pcsi_product_gnv_curl.com readme report_openssl_version.c setup_gnv_curl_build.com stage_curl_install.com vms_eco_level.hscripts
.checksrc CMakeLists.txt Makefile.am badwords badwords-all badwords.txt cd2cd cd2nroff cdall checksrc-all.pl checksrc.pl cmakelint.sh completion.pl contributors.sh contrithanks.sh coverage.sh delta dmaketgz extract-unit-protos firefox-db2pem.sh installcheck.sh maketgz managen mdlinkcheck mk-ca-bundle.pl mk-unity.pl nroff2cd perlcheck.sh pythonlint.sh randdisable release-notes.pl release-tools.sh schemetable.c singleuse.pl spacecheck.pl top-complexity top-length verify-release wcurlsrc
.checksrc .gitignore CMakeLists.txt Makefile.am Makefile.inc config2setopts.c config2setopts.h curl.rc curlinfo.c mk-file-embed.pl mkhelp.pl slist_wc.c slist_wc.h terminal.c terminal.h tool_cb_dbg.c tool_cb_dbg.h tool_cb_hdr.c tool_cb_hdr.h tool_cb_prg.c tool_cb_prg.h tool_cb_rea.c tool_cb_rea.h tool_cb_see.c tool_cb_see.h tool_cb_soc.c tool_cb_soc.h tool_cb_wrt.c tool_cb_wrt.h tool_cfgable.c tool_cfgable.h tool_dirhie.c tool_dirhie.h tool_doswin.c tool_doswin.h tool_easysrc.c tool_easysrc.h tool_filetime.c tool_filetime.h tool_findfile.c tool_findfile.h tool_formparse.c tool_formparse.h tool_getparam.c tool_getparam.h tool_getpass.c tool_getpass.h tool_help.c tool_help.h tool_helpers.c tool_helpers.h tool_hugehelp.h tool_ipfs.c tool_ipfs.h tool_libinfo.c tool_libinfo.h tool_listhelp.c tool_main.c tool_main.h tool_msgs.c tool_msgs.h tool_operate.c tool_operate.h tool_operhlp.c tool_operhlp.h tool_paramhlp.c tool_paramhlp.h tool_parsecfg.c tool_parsecfg.h tool_progress.c tool_progress.h tool_sdecls.h tool_setopt.c tool_setopt.h tool_setup.h tool_ssls.c tool_ssls.h tool_stderr.c tool_stderr.h tool_urlglob.c tool_urlglob.h tool_util.c tool_util.h tool_version.h tool_vms.c tool_vms.h tool_writeout.c tool_writeout.h tool_writeout_json.c tool_writeout_json.h tool_xattr.c tool_xattr.h var.c var.htests
certs
.gitignore CMakeLists.txt Makefile.am Makefile.inc genserv.pl srp-verifier-conf srp-verifier-db test-ca.cnf test-ca.prm test-client-cert.prm test-client-eku-only.prm test-localhost-san-first.prm test-localhost-san-last.prm test-localhost.nn.prm test-localhost.prm test-localhost0h.prmdata
.gitignore DISABLED Makefile.am data-xml1 data1400.c data1401.c data1402.c data1403.c data1404.c data1405.c data1406.c data1407.c data1420.c data1461.txt data1463.txt data1465.c data1481.c data1705-1.md data1705-2.md data1705-3.md data1705-4.md data1705-stdout.1 data1706-1.md data1706-2.md data1706-3.md data1706-4.md data1706-stdout.txt data320.html test1 test10 test100 test1000 test1001 test1002 test1003 test1004 test1005 test1006 test1007 test1008 test1009 test101 test1010 test1011 test1012 test1013 test1014 test1015 test1016 test1017 test1018 test1019 test102 test1020 test1021 test1022 test1023 test1024 test1025 test1026 test1027 test1028 test1029 test103 test1030 test1031 test1032 test1033 test1034 test1035 test1036 test1037 test1038 test1039 test104 test1040 test1041 test1042 test1043 test1044 test1045 test1046 test1047 test1048 test1049 test105 test1050 test1051 test1052 test1053 test1054 test1055 test1056 test1057 test1058 test1059 test106 test1060 test1061 test1062 test1063 test1064 test1065 test1066 test1067 test1068 test1069 test107 test1070 test1071 test1072 test1073 test1074 test1075 test1076 test1077 test1078 test1079 test108 test1080 test1081 test1082 test1083 test1084 test1085 test1086 test1087 test1088 test1089 test109 test1090 test1091 test1092 test1093 test1094 test1095 test1096 test1097 test1098 test1099 test11 test110 test1100 test1101 test1102 test1103 test1104 test1105 test1106 test1107 test1108 test1109 test111 test1110 test1111 test1112 test1113 test1114 test1115 test1116 test1117 test1118 test1119 test112 test1120 test1121 test1122 test1123 test1124 test1125 test1126 test1127 test1128 test1129 test113 test1130 test1131 test1132 test1133 test1134 test1135 test1136 test1137 test1138 test1139 test114 test1140 test1141 test1142 test1143 test1144 test1145 test1146 test1147 test1148 test1149 test115 test1150 test1151 test1152 test1153 test1154 test1155 test1156 test1157 test1158 test1159 test116 test1160 test1161 test1162 test1163 test1164 test1165 test1166 test1167 test1168 test1169 test117 test1170 test1171 test1172 test1173 test1174 test1175 test1176 test1177 test1178 test1179 test118 test1180 test1181 test1182 test1183 test1184 test1185 test1186 test1187 test1188 test1189 test119 test1190 test1191 test1192 test1193 test1194 test1195 test1196 test1197 test1198 test1199 test12 test120 test1200 test1201 test1202 test1203 test1204 test1205 test1206 test1207 test1208 test1209 test121 test1210 test1211 test1212 test1213 test1214 test1215 test1216 test1217 test1218 test1219 test122 test1220 test1221 test1222 test1223 test1224 test1225 test1226 test1227 test1228 test1229 test123 test1230 test1231 test1232 test1233 test1234 test1235 test1236 test1237 test1238 test1239 test124 test1240 test1241 test1242 test1243 test1244 test1245 test1246 test1247 test1248 test1249 test125 test1250 test1251 test1252 test1253 test1254 test1255 test1256 test1257 test1258 test1259 test126 test1260 test1261 test1262 test1263 test1264 test1265 test1266 test1267 test1268 test1269 test127 test1270 test1271 test1272 test1273 test1274 test1275 test1276 test1277 test1278 test1279 test128 test1280 test1281 test1282 test1283 test1284 test1285 test1286 test1287 test1288 test1289 test129 test1290 test1291 test1292 test1293 test1294 test1295 test1296 test1297 test1298 test1299 test13 test130 test1300 test1301 test1302 test1303 test1304 test1305 test1306 test1307 test1308 test1309 test131 test1310 test1311 test1312 test1313 test1314 test1315 test1316 test1317 test1318 test1319 test132 test1320 test1321 test1322 test1323 test1324 test1325 test1326 test1327 test1328 test1329 test133 test1330 test1331 test1332 test1333 test1334 test1335 test1336 test1337 test1338 test1339 test134 test1340 test1341 test1342 test1343 test1344 test1345 test1346 test1347 test1348 test1349 test135 test1350 test1351 test1352 test1353 test1354 test1355 test1356 test1357 test1358 test1359 test136 test1360 test1361 test1362 test1363 test1364 test1365 test1366 test1367 test1368 test1369 test137 test1370 test1371 test1372 test1373 test1374 test1375 test1376 test1377 test1378 test1379 test138 test1380 test1381 test1382 test1383 test1384 test1385 test1386 test1387 test1388 test1389 test139 test1390 test1391 test1392 test1393 test1394 test1395 test1396 test1397 test1398 test1399 test14 test140 test1400 test1401 test1402 test1403 test1404 test1405 test1406 test1407 test1408 test1409 test141 test1410 test1411 test1412 test1413 test1414 test1415 test1416 test1417 test1418 test1419 test142 test1420 test1421 test1422 test1423 test1424 test1425 test1426 test1427 test1428 test1429 test143 test1430 test1431 test1432 test1433 test1434 test1435 test1436 test1437 test1438 test1439 test144 test1440 test1441 test1442 test1443 test1444 test1445 test1446 test1447 test1448 test1449 test145 test1450 test1451 test1452 test1453 test1454 test1455 test1456 test1457 test1458 test1459 test146 test1460 test1461 test1462 test1463 test1464 test1465 test1466 test1467 test1468 test1469 test147 test1470 test1471 test1472 test1473 test1474 test1475 test1476 test1477 test1478 test1479 test148 test1480 test1481 test1482 test1483 test1484 test1485 test1486 test1487 test1488 test1489 test149 test1490 test1491 test1492 test1493 test1494 test1495 test1496 test1497 test1498 test1499 test15 test150 test1500 test1501 test1502 test1503 test1504 test1505 test1506 test1507 test1508 test1509 test151 test1510 test1511 test1512 test1513 test1514 test1515 test1516 test1517 test1518 test1519 test152 test1520 test1521 test1522 test1523 test1524 test1525 test1526 test1527 test1528 test1529 test153 test1530 test1531 test1532 test1533 test1534 test1535 test1536 test1537 test1538 test1539 test154 test1540 test1541 test1542 test1543 test1544 test1545 test1546 test1547 test1548 test1549 test155 test1550 test1551 test1552 test1553 test1554 test1555 test1556 test1557 test1558 test1559 test156 test1560 test1561 test1562 test1563 test1564 test1565 test1566 test1567 test1568 test1569 test157 test1570 test1571 test1572 test1573 test1574 test1575 test1576 test1577 test1578 test1579 test158 test1580 test1581 test1582 test1583 test1584 test1585 test1586 test1587 test1588 test1589 test159 test1590 test1591 test1592 test1593 test1594 test1595 test1596 test1597 test1598 test1599 test16 test160 test1600 test1601 test1602 test1603 test1604 test1605 test1606 test1607 test1608 test1609 test161 test1610 test1611 test1612 test1613 test1614 test1615 test1616 test1617 test1618 test1619 test162 test1620 test1621 test1622 test1623 test1624 test1625 test1626 test1627 test1628 test1629 test163 test1630 test1631 test1632 test1633 test1634 test1635 test1636 test1637 test1638 test1639 test164 test1640 test1641 test1642 test1643 test1644 test1645 test165 test1650 test1651 test1652 test1653 test1654 test1655 test1656 test1657 test1658 test1659 test166 test1660 test1661 test1662 test1663 test1664 test1665 test1666 test1667 test1668 test1669 test167 test1670 test1671 test1672 test1673 test1674 test1675 test1676 test168 test1680 test1681 test1682 test1683 test1684 test1685 test169 test17 test170 test1700 test1701 test1702 test1703 test1704 test1705 test1706 test1707 test1708 test1709 test171 test1710 test1711 test1712 test1713 test1714 test1715 test172 test1720 test1721 test173 test174 test175 test176 test177 test178 test179 test18 test180 test1800 test1801 test1802 test181 test182 test183 test184 test1847 test1848 test1849 test185 test1850 test1851 test186 test187 test188 test189 test19 test190 test1900 test1901 test1902 test1903 test1904 test1905 test1906 test1907 test1908 test1909 test191 test1910 test1911 test1912 test1913 test1914 test1915 test1916 test1917 test1918 test1919 test192 test1920 test1921 test193 test1933 test1934 test1935 test1936 test1937 test1938 test1939 test194 test1940 test1941 test1942 test1943 test1944 test1945 test1946 test1947 test1948 test195 test1955 test1956 test1957 test1958 test1959 test196 test1960 test1964 test1965 test1966 test197 test1970 test1971 test1972 test1973 test1974 test1975 test1976 test1977 test1978 test1979 test198 test1980 test1981 test1982 test1983 test1984 test199 test2 test20 test200 test2000 test2001 test2002 test2003 test2004 test2005 test2006 test2007 test2008 test2009 test201 test2010 test2011 test2012 test2013 test2014 test202 test2023 test2024 test2025 test2026 test2027 test2028 test2029 test203 test2030 test2031 test2032 test2033 test2034 test2035 test2037 test2038 test2039 test204 test2040 test2041 test2042 test2043 test2044 test2045 test2046 test2047 test2048 test2049 test205 test2050 test2051 test2052 test2053 test2054 test2055 test2056 test2057 test2058 test2059 test206 test2060 test2061 test2062 test2063 test2064 test2065 test2066 test2067 test2068 test2069 test207 test2070 test2071 test2072 test2073 test2074 test2075 test2076 test2077 test2078 test2079 test208 test2080 test2081 test2082 test2083 test2084 test2085 test2086 test2087 test2088 test2089 test209 test2090 test2091 test2092 test21 test210 test2100 test2101 test2102 test2103 test2104 test211 test212 test213 test214 test215 test216 test217 test218 test219 test22 test220 test2200 test2201 test2202 test2203 test2204 test2205 test2206 test2207 test221 test222 test223 test224 test225 test226 test227 test228 test229 test23 test230 test2300 test2301 test2302 test2303 test2304 test2306 test2307 test2308 test2309 test231 test232 test233 test234 test235 test236 test237 test238 test239 test24 test240 test2400 test2401 test2402 test2403 test2404 test2405 test2406 test2407 test2408 test2409 test241 test2410 test2411 test242 test243 test244 test245 test246 test247 test248 test249 test25 test250 test2500 test2501 test2502 test2503 test2504 test2505 test2506 test251 test252 test253 test254 test255 test256 test257 test258 test259 test26 test260 test2600 test2601 test2602 test2603 test2604 test2605 test261 test262 test263 test264 test265 test266 test267 test268 test269 test27 test270 test2700 test2701 test2702 test2703 test2704 test2705 test2706 test2707 test2708 test2709 test271 test2710 test2711 test2712 test2713 test2714 test2715 test2716 test2717 test2718 test2719 test272 test2720 test2721 test2722 test2723 test273 test274 test275 test276 test277 test278 test279 test28 test280 test281 test282 test283 test284 test285 test286 test287 test288 test289 test29 test290 test291 test292 test293 test294 test295 test296 test297 test298 test299 test3 test30 test300 test3000 test3001 test3002 test3003 test3004 test3005 test3006 test3007 test3008 test3009 test301 test3010 test3011 test3012 test3013 test3014 test3015 test3016 test3017 test3018 test3019 test302 test3020 test3021 test3022 test3023 test3024 test3025 test3026 test3027 test3028 test3029 test303 test3030 test3031 test3032 test3033 test3034 test3035 test3036 test304 test305 test306 test307 test308 test309 test31 test310 test3100 test3101 test3102 test3103 test3104 test3105 test3106 test311 test312 test313 test314 test315 test316 test317 test318 test319 test32 test320 test3200 test3201 test3202 test3203 test3204 test3205 test3206 test3207 test3208 test3209 test321 test3210 test3211 test3212 test3213 test3214 test3215 test3216 test3217 test3218 test3219 test322 test3220 test323 test324 test325 test326 test327 test328 test329 test33 test330 test3300 test3301 test3302 test331 test332 test333 test334 test335 test336 test337 test338 test339 test34 test340 test341 test342 test343 test344 test345 test346 test347 test348 test349 test35 test350 test351 test352 test353 test354 test355 test356 test357 test358 test359 test36 test360 test361 test362 test363 test364 test365 test366 test367 test368 test369 test37 test370 test371 test372 test373 test374 test375 test376 test378 test379 test38 test380 test381 test383 test384 test385 test386 test387 test388 test389 test39 test390 test391 test392 test393 test394 test395 test396 test397 test398 test399 test4 test40 test400 test4000 test4001 test401 test402 test403 test404 test405 test406 test407 test408 test409 test41 test410 test411 test412 test413 test414 test415 test416 test417 test418 test419 test42 test420 test421 test422 test423 test424 test425 test426 test427 test428 test429 test43 test430 test431 test432 test433 test434 test435 test436 test437 test438 test439 test44 test440 test441 test442 test443 test444 test445 test446 test447 test448 test449 test45 test450 test451 test452 test453 test454 test455 test456 test457 test458 test459 test46 test460 test461 test462 test463 test467 test468 test469 test47 test470 test471 test472 test473 test474 test475 test476 test477 test478 test479 test48 test480 test481 test482 test483 test484 test485 test486 test487 test488 test489 test49 test490 test491 test492 test493 test494 test495 test496 test497 test498 test499 test5 test50 test500 test501 test502 test503 test504 test505 test506 test507 test508 test509 test51 test510 test511 test512 test513 test514 test515 test516 test517 test518 test519 test52 test520 test521 test522 test523 test524 test525 test526 test527 test528 test529 test53 test530 test531 test532 test533 test534 test535 test536 test537 test538 test539 test54 test540 test541 test542 test543 test544 test545 test546 test547 test548 test549 test55 test550 test551 test552 test553 test554 test555 test556 test557 test558 test559 test56 test560 test561 test562 test563 test564 test565 test566 test567 test568 test569 test57 test570 test571 test572 test573 test574 test575 test576 test577 test578 test579 test58 test580 test581 test582 test583 test584 test585 test586 test587 test588 test589 test59 test590 test591 test592 test593 test594 test595 test596 test597 test598 test599 test6 test60 test600 test601 test602 test603 test604 test605 test606 test607 test608 test609 test61 test610 test611 test612 test613 test614 test615 test616 test617 test618 test619 test62 test620 test621 test622 test623 test624 test625 test626 test627 test628 test629 test63 test630 test631 test632 test633 test634 test635 test636 test637 test638 test639 test64 test640 test641 test642 test643 test644 test645 test646 test647 test648 test649 test65 test650 test651 test652 test653 test654 test655 test656 test658 test659 test66 test660 test661 test662 test663 test664 test665 test666 test667 test668 test669 test67 test670 test671 test672 test673 test674 test675 test676 test677 test678 test679 test68 test680 test681 test682 test683 test684 test685 test686 test687 test688 test689 test69 test690 test691 test692 test693 test694 test695 test696 test697 test698 test699 test7 test70 test700 test701 test702 test703 test704 test705 test706 test707 test708 test709 test71 test710 test711 test712 test713 test714 test715 test716 test717 test718 test719 test72 test720 test721 test722 test723 test724 test725 test726 test727 test728 test729 test73 test730 test731 test732 test733 test734 test735 test736 test737 test738 test739 test74 test740 test741 test742 test743 test744 test745 test746 test747 test748 test749 test75 test750 test751 test752 test753 test754 test755 test756 test757 test758 test759 test76 test760 test761 test762 test763 test764 test765 test766 test767 test768 test769 test77 test770 test771 test772 test773 test774 test775 test776 test777 test778 test779 test78 test780 test781 test782 test783 test784 test785 test786 test787 test788 test789 test79 test790 test791 test792 test793 test794 test795 test796 test797 test798 test799 test8 test80 test800 test801 test802 test803 test804 test805 test806 test807 test808 test809 test81 test810 test811 test812 test813 test814 test815 test816 test817 test818 test819 test82 test820 test821 test822 test823 test824 test825 test826 test827 test828 test829 test83 test830 test831 test832 test833 test834 test835 test836 test837 test838 test839 test84 test840 test841 test842 test843 test844 test845 test846 test847 test848 test849 test85 test850 test851 test852 test853 test854 test855 test856 test857 test858 test859 test86 test860 test861 test862 test863 test864 test865 test866 test867 test868 test869 test87 test870 test871 test872 test873 test874 test875 test876 test877 test878 test879 test88 test880 test881 test882 test883 test884 test885 test886 test887 test888 test889 test89 test890 test891 test892 test893 test894 test895 test896 test897 test898 test899 test9 test90 test900 test901 test902 test903 test904 test905 test906 test907 test908 test909 test91 test910 test911 test912 test913 test914 test915 test916 test917 test918 test919 test92 test920 test921 test922 test923 test924 test925 test926 test927 test928 test929 test93 test930 test931 test932 test933 test934 test935 test936 test937 test938 test939 test94 test940 test941 test942 test943 test944 test945 test946 test947 test948 test949 test95 test950 test951 test952 test953 test954 test955 test956 test957 test958 test959 test96 test960 test961 test962 test963 test964 test965 test966 test967 test968 test969 test97 test970 test971 test972 test973 test974 test975 test976 test977 test978 test979 test98 test980 test981 test982 test983 test984 test985 test986 test987 test988 test989 test99 test990 test991 test992 test993 test994 test995 test996 test997 test998 test999http
testenv
__init__.py caddy.py certs.py client.py curl.py dante.py dnsd.py env.py httpd.py nghttpx.py ports.py sshd.py vsftpd.py ws_echo_server.pylibtest
.gitignore CMakeLists.txt Makefile.am Makefile.inc cli_ftp_upload.c cli_h2_pausing.c cli_h2_serverpush.c cli_h2_upgrade_extreme.c cli_hx_download.c cli_hx_upload.c cli_tls_session_reuse.c cli_upload_pausing.c cli_ws_data.c cli_ws_pingpong.c first.c first.h lib1156.c lib1301.c lib1308.c lib1485.c lib1500.c lib1501.c lib1502.c lib1506.c lib1507.c lib1508.c lib1509.c lib1510.c lib1511.c lib1512.c lib1513.c lib1514.c lib1515.c lib1517.c lib1518.c lib1520.c lib1522.c lib1523.c lib1525.c lib1526.c lib1527.c lib1528.c lib1529.c lib1530.c lib1531.c lib1532.c lib1533.c lib1534.c lib1535.c lib1536.c lib1537.c lib1538.c lib1540.c lib1541.c lib1542.c lib1545.c lib1549.c lib1550.c lib1551.c lib1552.c lib1553.c lib1554.c lib1555.c lib1556.c lib1557.c lib1558.c lib1559.c lib1560.c lib1564.c lib1565.c lib1567.c lib1568.c lib1569.c lib1571.c lib1576.c lib1582.c lib1587.c lib1588.c lib1589.c lib1591.c lib1592.c lib1593.c lib1594.c lib1597.c lib1598.c lib1599.c lib1662.c lib1900.c lib1901.c lib1902.c lib1903.c lib1905.c lib1906.c lib1907.c lib1908.c lib1910.c lib1911.c lib1912.c lib1913.c lib1915.c lib1916.c lib1918.c lib1919.c lib1920.c lib1921.c lib1933.c lib1934.c lib1935.c lib1936.c lib1937.c lib1938.c lib1939.c lib1940.c lib1945.c lib1947.c lib1948.c lib1955.c lib1956.c lib1957.c lib1958.c lib1959.c lib1960.c lib1964.c lib1965.c lib1970.c lib1971.c lib1972.c lib1973.c lib1974.c lib1975.c lib1977.c lib1978.c lib2023.c lib2032.c lib2082.c lib2301.c lib2302.c lib2304.c lib2306.c lib2308.c lib2309.c lib2402.c lib2404.c lib2405.c lib2502.c lib2504.c lib2505.c lib2506.c lib2700.c lib3010.c lib3025.c lib3026.c lib3027.c lib3033.c lib3034.c lib3100.c lib3101.c lib3102.c lib3103.c lib3104.c lib3105.c lib3207.c lib3208.c lib500.c lib501.c lib502.c lib503.c lib504.c lib505.c lib506.c lib507.c lib508.c lib509.c lib510.c lib511.c lib512.c lib513.c lib514.c lib515.c lib516.c lib517.c lib518.c lib519.c lib520.c lib521.c lib523.c lib524.c lib525.c lib526.c lib530.c lib533.c lib536.c lib537.c lib539.c lib540.c lib541.c lib542.c lib543.c lib544.c lib547.c lib549.c lib552.c lib553.c lib554.c lib555.c lib556.c lib557.c lib558.c lib559.c lib560.c lib562.c lib564.c lib566.c lib567.c lib568.c lib569.c lib570.c lib571.c lib572.c lib573.c lib574.c lib575.c lib576.c lib578.c lib579.c lib582.c lib583.c lib586.c lib589.c lib590.c lib591.c lib597.c lib598.c lib599.c lib643.c lib650.c lib651.c lib652.c lib653.c lib654.c lib655.c lib658.c lib659.c lib661.c lib666.c lib667.c lib668.c lib670.c lib674.c lib676.c lib677.c lib678.c lib694.c lib695.c lib751.c lib753.c lib757.c lib758.c lib766.c memptr.c mk-lib1521.pl test1013.pl test1022.pl test307.pl test610.pl test613.pl testtrace.c testtrace.h testutil.c testutil.h unitcheck.hserver
.checksrc .gitignore CMakeLists.txt Makefile.am Makefile.inc dnsd.c first.c first.h getpart.c mqttd.c resolve.c rtspd.c sockfilt.c socksd.c sws.c tftpd.c util.ctunit
.gitignore CMakeLists.txt Makefile.am Makefile.inc README.md tool1394.c tool1604.c tool1621.c tool1622.c tool1623.c tool1720.cunit
.gitignore CMakeLists.txt Makefile.am Makefile.inc README.md unit1300.c unit1302.c unit1303.c unit1304.c unit1305.c unit1307.c unit1309.c unit1323.c unit1330.c unit1395.c unit1396.c unit1397.c unit1398.c unit1399.c unit1600.c unit1601.c unit1602.c unit1603.c unit1605.c unit1606.c unit1607.c unit1608.c unit1609.c unit1610.c unit1611.c unit1612.c unit1614.c unit1615.c unit1616.c unit1620.c unit1625.c unit1626.c unit1627.c unit1636.c unit1650.c unit1651.c unit1652.c unit1653.c unit1654.c unit1655.c unit1656.c unit1657.c unit1658.c unit1660.c unit1661.c unit1663.c unit1664.c unit1666.c unit1667.c unit1668.c unit1669.c unit1674.c unit1675.c unit1676.c unit1979.c unit1980.c unit2600.c unit2601.c unit2602.c unit2603.c unit2604.c unit2605.c unit3200.c unit3205.c unit3211.c unit3212.c unit3213.c unit3214.c unit3216.c unit3219.c unit3300.c unit3301.c unit3302.cexamples
.env config.ini crypto_test.lua env_test.lua fs_example.lua http_server.lua https_test.lua ini_example.lua json.lua log.lua path_fs_example.lua process_example.lua request_download.lua request_test.lua run_all.lua sqlite_example.lua sqlite_http_template.lua stash_test.lua template_test.lua timer.lua websocket.luainiparser
example
iniexample.c iniwrite.c parse.c twisted-errors.ini twisted-genhuge.py twisted-ofkey.ini twisted-ofval.ini twisted.initest
CMakeLists.txt test_dictionary.c test_iniparser.c unity-config.yml unity_config.hjinjac
libjinjac
src
CMakeLists.txt ast.c ast.h block_statement.c block_statement.h buffer.c buffer.h buildin.c buildin.h common.h convert.c convert.h flex_decl.h jfunction.c jfunction.h jinja_expression.l jinja_expression.y jinjac_parse.c jinjac_parse.h jinjac_stream.c jinjac_stream.h jlist.c jlist.h jobject.c jobject.h parameter.c parameter.h str_obj.c str_obj.h trace.c trace.htest
.gitignore CMakeLists.txt autotest.rb test_01.expected test_01.jinja test_01b.expected test_01b.jinja test_01c.expected test_01c.jinja test_01d.expected test_01d.jinja test_02.expected test_02.jinja test_03.expected test_03.jinja test_04.expected test_04.jinja test_05.expected test_05.jinja test_06.expected test_06.jinja test_07.expected test_07.jinja test_08.expected test_08.jinja test_08b.expected test_08b.jinja test_09.expected test_09.jinja test_10.expected test_10.jinja test_11.expected test_11.jinja test_12.expected test_12.jinja test_13.expected test_13.jinja test_14.expected test_14.jinja test_15.expected test_15.jinja test_16.expected test_16.jinja test_17.expected test_17.jinja test_18.expected test_18.jinja test_18b.expected test_18b.jinja test_18c.expected test_18c.jinja test_19.expected test_19.jinja test_19b.expected test_19b.jinja test_19c.expected test_19c.jinja test_19d.expected test_19d.jinja test_19e.expected test_19e.jinja test_19f.expected test_19f.jinja test_20.expected test_20.jinja test_21.expected test_21.jinja test_22.expected test_22.jinja test_22a.expected test_22a.jinja test_22b.expected test_22b.jinja test_23.expected test_23.jinja test_24.expected test_24.jinjalibev
Changes LICENSE Makefile Makefile.am Makefile.in README Symbols.ev Symbols.event aclocal.m4 autogen.sh compile config.guess config.h config.h.in config.status config.sub configure configure.ac depcomp ev++.h ev.3 ev.c ev.h ev.pod ev_epoll.c ev_kqueue.c ev_poll.c ev_port.c ev_select.c ev_vars.h ev_win32.c ev_wrap.h event.c event.h install-sh libev.m4 libtool ltmain.sh missing mkinstalldirs stamp-h1luajit
doc
bluequad-print.css bluequad.css contact.html ext_buffer.html ext_c_api.html ext_ffi.html ext_ffi_api.html ext_ffi_semantics.html ext_ffi_tutorial.html ext_jit.html ext_profiler.html extensions.html install.html luajit.html running.html
dynasm
dasm_arm.h dasm_arm.lua dasm_arm64.h dasm_arm64.lua dasm_mips.h dasm_mips.lua dasm_mips64.lua dasm_ppc.h dasm_ppc.lua dasm_proto.h dasm_x64.lua dasm_x86.h dasm_x86.lua dynasm.luasrc
host
.gitignore README buildvm.c buildvm.h buildvm_asm.c buildvm_fold.c buildvm_lib.c buildvm_libbc.h buildvm_peobj.c genlibbc.lua genminilua.lua genversion.lua minilua.cjit
.gitignore bc.lua bcsave.lua dis_arm.lua dis_arm64.lua dis_arm64be.lua dis_mips.lua dis_mips64.lua dis_mips64el.lua dis_mips64r6.lua dis_mips64r6el.lua dis_mipsel.lua dis_ppc.lua dis_x64.lua dis_x86.lua dump.lua p.lua v.lua zone.luawolfssl
.github
workflows
ada.yml arduino.yml async-examples.yml async.yml atecc608-sim.yml bind.yml cmake-autoconf.yml cmake.yml codespell.yml coverity-scan-fixes.yml cryptocb-only.yml curl.yml cyrus-sasl.yml disable-pk-algs.yml docker-Espressif.yml docker-OpenWrt.yml emnet-nonblock.yml fil-c.yml freertos-mem-track.yml gencertbuf.yml grpc.yml haproxy.yml hostap-vm.yml intelasm-c-fallback.yml ipmitool.yml jwt-cpp.yml krb5.yml libspdm.yml libssh2.yml libvncserver.yml linuxkm.yml macos-apple-native-cert-validation.yml mbedtls.sh mbedtls.yml membrowse-comment.yml membrowse-onboard.yml membrowse-report.yml memcached.sh memcached.yml mono.yml mosquitto.yml msmtp.yml msys2.yml multi-arch.yml multi-compiler.yml net-snmp.yml nginx.yml no-malloc.yml no-tls.yml nss.sh nss.yml ntp.yml ocsp.yml openldap.yml openssh.yml openssl-ech.yml opensslcoexist.yml openvpn.yml os-check.yml packaging.yml pam-ipmi.yml pq-all.yml pr-commit-check.yml psk.yml puf.yml python.yml rng-tools.yml rust-wrapper.yml se050-sim.yml smallStackSize.yml socat.yml softhsm.yml sssd.yml stm32-sim.yml stsafe-a120-sim.yml stunnel.yml symbol-prefixes.yml threadx.yml tls-anvil.yml trackmemory.yml watcomc.yml win-csharp-test.yml wolfCrypt-Wconversion.yml wolfboot-integration.yml wolfsm.yml xcode.yml zephyr-4.x.yml zephyr.ymlIDE
ARDUINO
Arduino_README_prepend.md README.md include.am keywords.txt library.properties.template wolfssl-arduino.cpp wolfssl-arduino.sh wolfssl.hECLIPSE
Espressif
ESP-IDF
examples
template
CMakeLists.txt Makefile README.md partitions_singleapp_large.csv sdkconfig.defaults sdkconfig.defaults.esp8266wolfssl_benchmark
VisualGDB
wolfssl_benchmark_IDF_v4.4_ESP32.sln wolfssl_benchmark_IDF_v4.4_ESP32.vgdbproj wolfssl_benchmark_IDF_v5_ESP32.sln wolfssl_benchmark_IDF_v5_ESP32.vgdbproj wolfssl_benchmark_IDF_v5_ESP32C3.sln wolfssl_benchmark_IDF_v5_ESP32C3.vgdbproj wolfssl_benchmark_IDF_v5_ESP32S3.sln wolfssl_benchmark_IDF_v5_ESP32S3.vgdbprojwolfssl_client
CMakeLists.txt Makefile README.md README_server_sm.md partitions_singleapp_large.csv sdkconfig.defaults sdkconfig.defaults.esp32c2 sdkconfig.defaults.esp8266 wolfssl_client_ESP8266.vgdbprojwolfssl_server
CMakeLists.txt Makefile README.md README_server_sm.md partitions_singleapp_large.csv sdkconfig.defaults sdkconfig.defaults.esp32c2 sdkconfig.defaults.esp8266 wolfssl_server_ESP8266.vgdbprojwolfssl_test
VisualGDB
wolfssl_test-IDF_v5_ESP32.sln wolfssl_test-IDF_v5_ESP32.vgdbproj wolfssl_test-IDF_v5_ESP32C3.sln wolfssl_test-IDF_v5_ESP32C3.vgdbproj wolfssl_test-IDF_v5_ESP32C6.sln wolfssl_test-IDF_v5_ESP32C6.vgdbproj wolfssl_test_IDF_v5_ESP32S3.sln wolfssl_test_IDF_v5_ESP32S3.vgdbprojGCC-ARM
Makefile Makefile.bench Makefile.client Makefile.common Makefile.server Makefile.static Makefile.test README.md include.am linker.ld linker_fips.ldIAR-EWARM
embOS
SAMV71_XULT
embOS_SAMV71_XULT_user_settings
user_settings.h user_settings_simple_example.h user_settings_verbose_example.hembOS_wolfcrypt_benchmark_SAMV71_XULT
README_wolfcrypt_benchmark wolfcrypt_benchmark.ewd wolfcrypt_benchmark.ewpINTIME-RTOS
Makefile README.md include.am libwolfssl.c libwolfssl.vcxproj user_settings.h wolfExamples.c wolfExamples.h wolfExamples.sln wolfExamples.vcxproj wolfssl-lib.sln wolfssl-lib.vcxprojMQX
Makefile README-jp.md README.md client-tls.c include.am server-tls.c user_config.h user_settings.hMSVS-2019-AZSPHERE
wolfssl_new_azsphere
.gitignore CMakeLists.txt CMakeSettings.json app_manifest.json applibs_versions.h launch.vs.json main.cNETOS
Makefile.wolfcrypt.inc README.md include.am user_settings.h user_settings.h-cert2425 user_settings.h-cert3389 wolfssl_netos_custom.cPlatformIO
examples
wolfssl_benchmark
CMakeLists.txt README.md platformio.ini sdkconfig.defaults wolfssl_benchmark.code-workspaceROWLEY-CROSSWORKS-ARM
Kinetis_FlashPlacement.xml README.md arm_startup.c benchmark_main.c hw.h include.am kinetis_hw.c retarget.c test_main.c user_settings.h wolfssl.hzp wolfssl_ltc.hzpRenesas
e2studio
RA6M3
README.md README_APRA6M_en.md README_APRA6M_jp.md include.amRX72N
EnvisionKit
Simple
README_EN.md README_JP.mdwolfssl_demo
key_data.c key_data.h user_settings.h wolfssl_demo.c wolfssl_demo.h wolfssl_tsip_unit_test.cSTM32Cube
README.md STM32_Benchmarks.md default_conf.ftl include.am main.c wolfssl_example.c wolfssl_example.hWIN
README.txt include.am test.vcxproj user_settings.h user_settings_dtls.h wolfssl-fips.sln wolfssl-fips.vcxprojWIN-SRTP-KDF-140-3
README.txt include.am resource.h test.vcxproj user_settings.h wolfssl-fips.rc wolfssl-fips.sln wolfssl-fips.vcxprojWIN10
README.txt include.am resource.h test.vcxproj user_settings.h wolfssl-fips.rc wolfssl-fips.sln wolfssl-fips.vcxprojXCODE
Benchmark
include.amXilinxSDK
README.md bench.sh combine.sh eclipse_formatter_profile.xml graph.sh include.am user_settings.h wolfssl_example.capple-universal
wolfssl-multiplatform
iotsafe
Makefile README.md ca-cert.c devices.c devices.h include.am main.c memory-tls.c startup.c target.ld user_settings.hmynewt
README.md apps.wolfcrypttest.pkg.yml crypto.wolfssl.pkg.yml crypto.wolfssl.syscfg.yml include.am setup.shcerts
1024
ca-cert.der ca-cert.pem ca-key.der ca-key.pem client-cert.der client-cert.pem client-key.der client-key.pem client-keyPub.der dh1024.der dh1024.pem dsa-pub-1024.pem dsa1024.der dsa1024.pem include.am rsa1024.der server-cert.der server-cert.pem server-key.der server-key.pemcrl
extra-crls
ca-int-cert-revoked.pem claim-root.pem crl_critical_entry.pem crlnum_57oct.pem crlnum_64oct.pem general-server-crl.pem large_crlnum.pem large_crlnum2.pemdilithium
bench_dilithium_level2_key.der bench_dilithium_level3_key.der bench_dilithium_level5_key.der include.amecc
bp256r1-key.der bp256r1-key.pem ca-secp256k1-cert.pem ca-secp256k1-key.pem client-bp256r1-cert.der client-bp256r1-cert.pem client-secp256k1-cert.der client-secp256k1-cert.pem genecc.sh include.am secp256k1-key.der secp256k1-key.pem secp256k1-param.pem secp256k1-privkey.der secp256k1-privkey.pem server-bp256r1-cert.der server-bp256r1-cert.pem server-secp256k1-cert.der server-secp256k1-cert.pem server2-secp256k1-cert.der server2-secp256k1-cert.pem wolfssl.cnf wolfssl_384.cnfed25519
ca-ed25519-key.der ca-ed25519-key.pem ca-ed25519-priv.der ca-ed25519-priv.pem ca-ed25519.der ca-ed25519.pem client-ed25519-key.der client-ed25519-key.pem client-ed25519-priv.der client-ed25519-priv.pem client-ed25519.der client-ed25519.pem eddsa-ed25519.der eddsa-ed25519.pem gen-ed25519-certs.sh gen-ed25519-keys.sh gen-ed25519.sh include.am root-ed25519-key.der root-ed25519-key.pem root-ed25519-priv.der root-ed25519-priv.pem root-ed25519.der root-ed25519.pem server-ed25519-cert.pem server-ed25519-key.der server-ed25519-key.pem server-ed25519-priv.der server-ed25519-priv.pem server-ed25519.der server-ed25519.pemed448
ca-ed448-key.der ca-ed448-key.pem ca-ed448-priv.der ca-ed448-priv.pem ca-ed448.der ca-ed448.pem client-ed448-key.der client-ed448-key.pem client-ed448-priv.der client-ed448-priv.pem client-ed448.der client-ed448.pem gen-ed448-certs.sh gen-ed448-keys.sh include.am root-ed448-key.der root-ed448-key.pem root-ed448-priv.der root-ed448-priv.pem root-ed448.der root-ed448.pem server-ed448-cert.pem server-ed448-key.der server-ed448-key.pem server-ed448-priv.der server-ed448-priv.pem server-ed448.der server-ed448.pemexternal
DigiCertGlobalRootCA.pem README.txt ca-digicert-ev.pem ca-globalsign-root.pem ca-google-root.pem ca_collection.pem include.amintermediate
ca_false_intermediate
gentestcert.sh int_ca.key server.key test_ca.key test_ca.pem test_int_not_cacert.pem test_sign_bynoca_srv.pem wolfssl_base.conf wolfssl_srv.conflms
bc_hss_L2_H5_W8_root.der bc_hss_L3_H5_W4_root.der bc_lms_chain_ca.der bc_lms_chain_leaf.der bc_lms_native_bc_root.der bc_lms_sha256_h10_w8_root.der bc_lms_sha256_h5_w4_root.der include.ammldsa
README.txt include.am mldsa44-cert.der mldsa44-cert.pem mldsa44-key.pem mldsa44_bare-priv.der mldsa44_bare-seed.der mldsa44_oqskeypair.der mldsa44_priv-only.der mldsa44_pub-spki.der mldsa44_seed-only.der mldsa44_seed-priv.der mldsa65-cert.der mldsa65-cert.pem mldsa65-key.pem mldsa65_bare-priv.der mldsa65_bare-seed.der mldsa65_oqskeypair.der mldsa65_priv-only.der mldsa65_pub-spki.der mldsa65_seed-only.der mldsa65_seed-priv.der mldsa87-cert.der mldsa87-cert.pem mldsa87-key.pem mldsa87_bare-priv.der mldsa87_bare-seed.der mldsa87_oqskeypair.der mldsa87_priv-only.der mldsa87_pub-spki.der mldsa87_seed-only.der mldsa87_seed-priv.derocsp
imposter-root-ca-cert.der imposter-root-ca-cert.pem imposter-root-ca-key.der imposter-root-ca-key.pem include.am index-ca-and-intermediate-cas.txt index-ca-and-intermediate-cas.txt.attr index-intermediate1-ca-issued-certs.txt index-intermediate1-ca-issued-certs.txt.attr index-intermediate2-ca-issued-certs.txt index-intermediate2-ca-issued-certs.txt.attr index-intermediate3-ca-issued-certs.txt index-intermediate3-ca-issued-certs.txt.attr intermediate1-ca-cert.der intermediate1-ca-cert.pem intermediate1-ca-key.der intermediate1-ca-key.pem intermediate2-ca-cert.der intermediate2-ca-cert.pem intermediate2-ca-key.der intermediate2-ca-key.pem intermediate3-ca-cert.der intermediate3-ca-cert.pem intermediate3-ca-key.der intermediate3-ca-key.pem ocsp-responder-cert.der ocsp-responder-cert.pem ocsp-responder-key.der ocsp-responder-key.pem openssl.cnf renewcerts-for-test.sh renewcerts.sh root-ca-cert.der root-ca-cert.pem root-ca-crl.pem root-ca-key.der root-ca-key.pem server1-cert.der server1-cert.pem server1-chain-noroot.pem server1-key.der server1-key.pem server2-cert.der server2-cert.pem server2-key.der server2-key.pem server3-cert.der server3-cert.pem server3-key.der server3-key.pem server4-cert.der server4-cert.pem server4-key.der server4-key.pem server5-cert.der server5-cert.pem server5-key.der server5-key.pem test-leaf-response.der test-multi-response.der test-response-nointern.der test-response-rsapss.der test-response.derp521
ca-p521-key.der ca-p521-key.pem ca-p521-priv.der ca-p521-priv.pem ca-p521.der ca-p521.pem client-p521-key.der client-p521-key.pem client-p521-priv.der client-p521-priv.pem client-p521.der client-p521.pem gen-p521-certs.sh gen-p521-keys.sh include.am root-p521-key.der root-p521-key.pem root-p521-priv.der root-p521-priv.pem root-p521.der root-p521.pem server-p521-cert.pem server-p521-key.der server-p521-key.pem server-p521-priv.der server-p521-priv.pem server-p521.der server-p521.pemrpk
client-cert-rpk.der client-ecc-cert-rpk.der include.am server-cert-rpk.der server-ecc-cert-rpk.derrsapss
ca-3072-rsapss-key.der ca-3072-rsapss-key.pem ca-3072-rsapss-priv.der ca-3072-rsapss-priv.pem ca-3072-rsapss.der ca-3072-rsapss.pem ca-rsapss-key.der ca-rsapss-key.pem ca-rsapss-priv.der ca-rsapss-priv.pem ca-rsapss.der ca-rsapss.pem client-3072-rsapss-key.der client-3072-rsapss-key.pem client-3072-rsapss-priv.der client-3072-rsapss-priv.pem client-3072-rsapss.der client-3072-rsapss.pem client-rsapss-key.der client-rsapss-key.pem client-rsapss-priv.der client-rsapss-priv.pem client-rsapss.der client-rsapss.pem gen-rsapss-keys.sh include.am renew-rsapss-certs.sh root-3072-rsapss-key.der root-3072-rsapss-key.pem root-3072-rsapss-priv.der root-3072-rsapss-priv.pem root-3072-rsapss.der root-3072-rsapss.pem root-rsapss-key.der root-rsapss-key.pem root-rsapss-priv.der root-rsapss-priv.pem root-rsapss.der root-rsapss.pem server-3072-rsapss-cert.pem server-3072-rsapss-key.der server-3072-rsapss-key.pem server-3072-rsapss-priv.der server-3072-rsapss-priv.pem server-3072-rsapss.der server-3072-rsapss.pem server-mix-rsapss-cert.pem server-rsapss-cert.pem server-rsapss-key.der server-rsapss-key.pem server-rsapss-priv.der server-rsapss-priv.pem server-rsapss.der server-rsapss.pemslhdsa
bench_slhdsa_sha2_128f_key.der bench_slhdsa_sha2_128s_key.der bench_slhdsa_sha2_192f_key.der bench_slhdsa_sha2_192s_key.der bench_slhdsa_sha2_256f_key.der bench_slhdsa_sha2_256s_key.der bench_slhdsa_shake128f_key.der bench_slhdsa_shake128s_key.der bench_slhdsa_shake192f_key.der bench_slhdsa_shake192s_key.der bench_slhdsa_shake256f_key.der bench_slhdsa_shake256s_key.der client-mldsa44-priv.pem client-mldsa44-sha2.der client-mldsa44-sha2.pem client-mldsa44-shake.der client-mldsa44-shake.pem gen-slhdsa-mldsa-certs.sh include.am root-slhdsa-sha2-128s-priv.der root-slhdsa-sha2-128s-priv.pem root-slhdsa-sha2-128s.der root-slhdsa-sha2-128s.pem root-slhdsa-shake-128s-priv.der root-slhdsa-shake-128s-priv.pem root-slhdsa-shake-128s.der root-slhdsa-shake-128s.pem server-mldsa44-priv.pem server-mldsa44-sha2.der server-mldsa44-sha2.pem server-mldsa44-shake.der server-mldsa44-shake.pemsm2
ca-sm2-key.der ca-sm2-key.pem ca-sm2-priv.der ca-sm2-priv.pem ca-sm2.der ca-sm2.pem client-sm2-key.der client-sm2-key.pem client-sm2-priv.der client-sm2-priv.pem client-sm2.der client-sm2.pem fix_sm2_spki.py gen-sm2-certs.sh gen-sm2-keys.sh include.am root-sm2-key.der root-sm2-key.pem root-sm2-priv.der root-sm2-priv.pem root-sm2.der root-sm2.pem self-sm2-cert.pem self-sm2-key.pem self-sm2-priv.pem server-sm2-cert.der server-sm2-cert.pem server-sm2-key.der server-sm2-key.pem server-sm2-priv.der server-sm2-priv.pem server-sm2.der server-sm2.pemstatickeys
dh-ffdhe2048-params.pem dh-ffdhe2048-pub.der dh-ffdhe2048-pub.pem dh-ffdhe2048.der dh-ffdhe2048.pem ecc-secp256r1.der ecc-secp256r1.pem gen-static.sh include.am x25519-pub.der x25519-pub.pem x25519.der x25519.pemtest
catalog.txt cert-bad-neg-int.der cert-bad-oid.der cert-bad-utf8.der cert-ext-ia.cfg cert-ext-ia.der cert-ext-ia.pem cert-ext-joi.cfg cert-ext-joi.der cert-ext-joi.pem cert-ext-mnc.der cert-ext-multiple.cfg cert-ext-multiple.der cert-ext-multiple.pem cert-ext-nc-combined.der cert-ext-nc-combined.pem cert-ext-nc.cfg cert-ext-nc.der cert-ext-nc.pem cert-ext-ncdns.der cert-ext-ncdns.pem cert-ext-ncip.der cert-ext-ncip.pem cert-ext-ncmixed.der cert-ext-ncmulti.der cert-ext-ncmulti.pem cert-ext-ncrid.der cert-ext-ncrid.pem cert-ext-nct.cfg cert-ext-nct.der cert-ext-nct.pem cert-ext-ndir-exc.cfg cert-ext-ndir-exc.der cert-ext-ndir-exc.pem cert-ext-ndir.cfg cert-ext-ndir.der cert-ext-ndir.pem cert-ext-ns.der cert-over-max-altnames.cfg cert-over-max-altnames.der cert-over-max-altnames.pem cert-over-max-nc.cfg cert-over-max-nc.der cert-over-max-nc.pem client-ecc-cert-ski.hex cn-ip-literal.der cn-ip-wildcard.der crit-cert.pem crit-key.pem dh1024.der dh1024.pem dh512.der dh512.pem digsigku.pem encrypteddata.msg gen-badsig.sh gen-ext-certs.sh gen-testcerts.sh include.am kari-keyid-cms.msg ktri-keyid-cms.msg ossl-trusted-cert.pem server-badaltname.der server-badaltname.pem server-badaltnull.der server-badaltnull.pem server-badcn.der server-badcn.pem server-badcnnull.der server-badcnnull.pem server-cert-ecc-badsig.der server-cert-ecc-badsig.pem server-cert-rsa-badsig.der server-cert-rsa-badsig.pem server-duplicate-policy.pem server-garbage.der server-garbage.pem server-goodalt.der server-goodalt.pem server-goodaltwild.der server-goodaltwild.pem server-goodcn.der server-goodcn.pem server-goodcnwild.der server-goodcnwild.pem server-localhost.der server-localhost.pem smime-test-canon.p7s smime-test-multipart-badsig.p7s smime-test-multipart.p7s smime-test.p7stest-pathlen
assemble-chains.sh chainA-ICA1-key.pem chainA-ICA1-pathlen0.pem chainA-assembled.pem chainA-entity-key.pem chainA-entity.pem chainB-ICA1-key.pem chainB-ICA1-pathlen0.pem chainB-ICA2-key.pem chainB-ICA2-pathlen1.pem chainB-assembled.pem chainB-entity-key.pem chainB-entity.pem chainC-ICA1-key.pem chainC-ICA1-pathlen1.pem chainC-assembled.pem chainC-entity-key.pem chainC-entity.pem chainD-ICA1-key.pem chainD-ICA1-pathlen127.pem chainD-assembled.pem chainD-entity-key.pem chainD-entity.pem chainE-ICA1-key.pem chainE-ICA1-pathlen128.pem chainE-assembled.pem chainE-entity-key.pem chainE-entity.pem chainF-ICA1-key.pem chainF-ICA1-pathlen1.pem chainF-ICA2-key.pem chainF-ICA2-pathlen0.pem chainF-assembled.pem chainF-entity-key.pem chainF-entity.pem chainG-ICA1-key.pem chainG-ICA1-pathlen0.pem chainG-ICA2-key.pem chainG-ICA2-pathlen1.pem chainG-ICA3-key.pem chainG-ICA3-pathlen99.pem chainG-ICA4-key.pem chainG-ICA4-pathlen5.pem chainG-ICA5-key.pem chainG-ICA5-pathlen20.pem chainG-ICA6-key.pem chainG-ICA6-pathlen10.pem chainG-ICA7-key.pem chainG-ICA7-pathlen100.pem chainG-assembled.pem chainG-entity-key.pem chainG-entity.pem chainH-ICA1-key.pem chainH-ICA1-pathlen0.pem chainH-ICA2-key.pem chainH-ICA2-pathlen2.pem chainH-ICA3-key.pem chainH-ICA3-pathlen2.pem chainH-ICA4-key.pem chainH-ICA4-pathlen2.pem chainH-assembled.pem chainH-entity-key.pem chainH-entity.pem chainI-ICA1-key.pem chainI-ICA1-no_pathlen.pem chainI-ICA2-key.pem chainI-ICA2-no_pathlen.pem chainI-ICA3-key.pem chainI-ICA3-pathlen2.pem chainI-assembled.pem chainI-entity-key.pem chainI-entity.pem chainJ-ICA1-key.pem chainJ-ICA1-no_pathlen.pem chainJ-ICA2-key.pem chainJ-ICA2-no_pathlen.pem chainJ-ICA3-key.pem chainJ-ICA3-no_pathlen.pem chainJ-ICA4-key.pem chainJ-ICA4-pathlen2.pem chainJ-assembled.pem chainJ-entity-key.pem chainJ-entity.pem include.am refreshkeys.shtest-serial0
ee_normal.pem ee_serial0.pem generate_certs.sh include.am intermediate_serial0.pem root_serial0.pem root_serial0_key.pem selfsigned_nonca_serial0.pemxmss
bc_xmss_chain_ca.der bc_xmss_chain_leaf.der bc_xmss_sha2_10_256_root.der bc_xmss_sha2_16_256_root.der bc_xmssmt_sha2_20_2_256_root.der bc_xmssmt_sha2_20_4_256_root.der bc_xmssmt_sha2_40_8_256_root.der include.amcmake
Config.cmake.in README.md config.in functions.cmake include.am options.h.in wolfssl-config-version.cmake.in wolfssl-targets.cmake.indebian
changelog.in control.in copyright include.am libwolfssl-dev.install libwolfssl.install rules.indoc
dox_comments
header_files
aes.h arc4.h ascon.h asn.h asn_public.h blake2.h bn.h camellia.h chacha.h chacha20_poly1305.h cmac.h coding.h compress.h cryptocb.h curve25519.h curve448.h des3.h dh.h doxygen_groups.h doxygen_pages.h dsa.h ecc.h eccsi.h ed25519.h ed448.h error-crypt.h evp.h hash.h hmac.h iotsafe.h kdf.h logging.h md2.h md4.h md5.h memory.h ocsp.h pem.h pkcs11.h pkcs7.h poly1305.h psa.h puf.h pwdbased.h quic.h random.h ripemd.h rsa.h sakke.h sha.h sha256.h sha3.h sha512.h signature.h siphash.h srp.h ssl.h tfm.h types.h wc_encrypt.h wc_port.h wc_she.h wc_slhdsa.h wolfio.hheader_files-ja
aes.h arc4.h ascon.h asn.h asn_public.h blake2.h bn.h camellia.h chacha.h chacha20_poly1305.h cmac.h coding.h compress.h cryptocb.h curve25519.h curve448.h des3.h dh.h doxygen_groups.h doxygen_pages.h dsa.h ecc.h eccsi.h ed25519.h ed448.h error-crypt.h evp.h hash.h hmac.h iotsafe.h kdf.h logging.h md2.h md4.h md5.h memory.h ocsp.h pem.h pkcs11.h pkcs7.h poly1305.h psa.h pwdbased.h quic.h random.h ripemd.h rsa.h sakke.h sha.h sha256.h sha3.h sha512.h signature.h siphash.h srp.h ssl.h tfm.h types.h wc_encrypt.h wc_port.h wolfio.h
examples
async
Makefile README.md async_client.c async_server.c async_tls.c async_tls.h include.am user_settings.hconfigs
README.md include.am user_settings_EBSnet.h user_settings_all.h user_settings_arduino.h user_settings_baremetal.h user_settings_ca.h user_settings_curve25519nonblock.h user_settings_dtls13.h user_settings_eccnonblock.h user_settings_espressif.h user_settings_fipsv2.h user_settings_fipsv5.h user_settings_min_ecc.h user_settings_openssl_compat.h user_settings_pkcs7.h user_settings_platformio.h user_settings_pq.h user_settings_rsa_only.h user_settings_stm32.h user_settings_template.h user_settings_tls12.h user_settings_tls13.h user_settings_wolfboot_keytools.h user_settings_wolfssh.h user_settings_wolftpm.hechoclient
echoclient.c echoclient.h echoclient.sln echoclient.vcproj echoclient.vcxproj include.am quitlinuxkm
Kbuild Makefile README.md get_thread_size.c include.am linuxkm-fips-hash-wrapper.sh linuxkm-fips-hash.c linuxkm_memory.c linuxkm_memory.h linuxkm_wc_port.h lkcapi_aes_glue.c lkcapi_dh_glue.c lkcapi_ecdh_glue.c lkcapi_ecdsa_glue.c lkcapi_glue.c lkcapi_rsa_glue.c lkcapi_sha_glue.c module_exports.c.template module_hooks.c pie_redirect_table.c wolfcrypt.lds x86_vector_register_glue.cm4
ax_add_am_macro.m4 ax_am_jobserver.m4 ax_am_macros.m4 ax_append_compile_flags.m4 ax_append_flag.m4 ax_append_link_flags.m4 ax_append_to_file.m4 ax_atomic.m4 ax_bsdkm.m4 ax_check_compile_flag.m4 ax_check_link_flag.m4 ax_compiler_version.m4 ax_count_cpus.m4 ax_create_generic_config.m4 ax_debug.m4 ax_file_escapes.m4 ax_harden_compiler_flags.m4 ax_linuxkm.m4 ax_print_to_file.m4 ax_pthread.m4 ax_require_defined.m4 ax_tls.m4 ax_vcs_checkout.m4 hexversion.m4 lib_socket_nsl.m4 visibility.m4mqx
wolfcrypt_benchmark
ReferencedRSESystems.xml wolfcrypt_benchmark_twrk70f120m_Int_Flash_DDRData_Debug_PnE_U-MultiLink.launch wolfcrypt_benchmark_twrk70f120m_Int_Flash_DDRData_Release_PnE_U-MultiLink.launch wolfcrypt_benchmark_twrk70f120m_Int_Flash_SramData_Debug_JTrace.jlink wolfcrypt_benchmark_twrk70f120m_Int_Flash_SramData_Debug_JTrace.launch wolfcrypt_benchmark_twrk70f120m_Int_Flash_SramData_Debug_PnE_U-MultiLink.launch wolfcrypt_benchmark_twrk70f120m_Int_Flash_SramData_Release_PnE_U-MultiLink.launchwolfcrypt_test
ReferencedRSESystems.xml wolfcrypt_test_twrk70f120m_Int_Flash_DDRData_Debug_PnE_U-MultiLink.launch wolfcrypt_test_twrk70f120m_Int_Flash_DDRData_Release_PnE_U-MultiLink.launch wolfcrypt_test_twrk70f120m_Int_Flash_SramData_Debug_JTrace.jlink wolfcrypt_test_twrk70f120m_Int_Flash_SramData_Debug_JTrace.launch wolfcrypt_test_twrk70f120m_Int_Flash_SramData_Debug_PnE_U-MultiLink.launch wolfcrypt_test_twrk70f120m_Int_Flash_SramData_Release_PnE_U-MultiLink.launchwolfssl_client
ReferencedRSESystems.xml wolfssl_client_twrk70f120m_Int_Flash_DDRData_Debug_PnE_U-MultiLink.launch wolfssl_client_twrk70f120m_Int_Flash_DDRData_Release_PnE_U-MultiLink.launch wolfssl_client_twrk70f120m_Int_Flash_SramData_Debug_JTrace.jlink wolfssl_client_twrk70f120m_Int_Flash_SramData_Debug_JTrace.launch wolfssl_client_twrk70f120m_Int_Flash_SramData_Debug_PnE_U-MultiLink.launch wolfssl_client_twrk70f120m_Int_Flash_SramData_Release_PnE_U-MultiLink.launchscripts
aria-cmake-build-test.sh asn1_oid_sum.pl benchmark.test benchmark_compare.sh cleanup_testfiles.sh crl-gen-openssl.test crl-revoked.test dertoc.pl dtls.test dtlscid.test external.test google.test include.am makedistsmall.sh memtest.sh ocsp-responder-openssl-interop.test ocsp-stapling-with-ca-as-responder.test ocsp-stapling-with-wolfssl-responder.test ocsp-stapling.test ocsp-stapling2.test ocsp-stapling_tls13multi.test ocsp.test openssl.test openssl_srtp.test pem.test ping.test pkcallbacks.test psk.test resume.test rsapss.test sniffer-gen.sh sniffer-ipv6.pcap sniffer-static-rsa.pcap sniffer-testsuite.test sniffer-tls12-keylog.out sniffer-tls12-keylog.pcap sniffer-tls12-keylog.sslkeylog sniffer-tls13-dh-resume.pcap sniffer-tls13-dh.pcap sniffer-tls13-ecc-resume.pcap sniffer-tls13-ecc.pcap sniffer-tls13-hrr.pcap sniffer-tls13-keylog.out sniffer-tls13-keylog.pcap sniffer-tls13-keylog.sslkeylog sniffer-tls13-x25519-resume.pcap sniffer-tls13-x25519.pcap stm32l4-v4_0_1_build.sh tls13.test trusted_peer.test unit.test.in user_settings_asm.shsrc
bio.c conf.c crl.c dtls.c dtls13.c include.am internal.c keys.c ocsp.c pk.c pk_ec.c pk_rsa.c quic.c sniffer.c ssl.c ssl_api_cert.c ssl_api_crl_ocsp.c ssl_api_pk.c ssl_asn1.c ssl_bn.c ssl_certman.c ssl_crypto.c ssl_ech.c ssl_load.c ssl_misc.c ssl_p7p12.c ssl_sess.c ssl_sk.c tls.c tls13.c wolfio.c x509.c x509_str.ctests
api
api.h api_decl.h create_ocsp_test_blobs.py include.am test_aes.c test_aes.h test_arc4.c test_arc4.h test_ascon.c test_ascon.h test_ascon_kats.h test_asn.c test_asn.h test_blake2.c test_blake2.h test_camellia.c test_camellia.h test_certman.c test_certman.h test_chacha.c test_chacha.h test_chacha20_poly1305.c test_chacha20_poly1305.h test_cmac.c test_cmac.h test_curve25519.c test_curve25519.h test_curve448.c test_curve448.h test_des3.c test_des3.h test_dh.c test_dh.h test_digest.h test_dsa.c test_dsa.h test_dtls.c test_dtls.h test_ecc.c test_ecc.h test_ed25519.c test_ed25519.h test_ed448.c test_ed448.h test_evp.c test_evp.h test_evp_cipher.c test_evp_cipher.h test_evp_digest.c test_evp_digest.h test_evp_pkey.c test_evp_pkey.h test_hash.c test_hash.h test_hmac.c test_hmac.h test_md2.c test_md2.h test_md4.c test_md4.h test_md5.c test_md5.h test_mldsa.c test_mldsa.h test_mlkem.c test_mlkem.h test_ocsp.c test_ocsp.h test_ocsp_test_blobs.h test_ossl_asn1.c test_ossl_asn1.h test_ossl_bio.c test_ossl_bio.h test_ossl_bn.c test_ossl_bn.h test_ossl_cipher.c test_ossl_cipher.h test_ossl_dgst.c test_ossl_dgst.h test_ossl_dh.c test_ossl_dh.h test_ossl_dsa.c test_ossl_dsa.h test_ossl_ec.c test_ossl_ec.h test_ossl_ecx.c test_ossl_ecx.h test_ossl_mac.c test_ossl_mac.h test_ossl_obj.c test_ossl_obj.h test_ossl_p7p12.c test_ossl_p7p12.h test_ossl_pem.c test_ossl_pem.h test_ossl_rand.c test_ossl_rand.h test_ossl_rsa.c test_ossl_rsa.h test_ossl_sk.c test_ossl_sk.h test_ossl_x509.c test_ossl_x509.h test_ossl_x509_acert.c test_ossl_x509_acert.h test_ossl_x509_crypto.c test_ossl_x509_crypto.h test_ossl_x509_ext.c test_ossl_x509_ext.h test_ossl_x509_info.c test_ossl_x509_info.h test_ossl_x509_io.c test_ossl_x509_io.h test_ossl_x509_lu.c test_ossl_x509_lu.h test_ossl_x509_name.c test_ossl_x509_name.h test_ossl_x509_pk.c test_ossl_x509_pk.h test_ossl_x509_str.c test_ossl_x509_str.h test_ossl_x509_vp.c test_ossl_x509_vp.h test_pkcs12.c test_pkcs12.h test_pkcs7.c test_pkcs7.h test_poly1305.c test_poly1305.h test_random.c test_random.h test_rc2.c test_rc2.h test_ripemd.c test_ripemd.h test_rsa.c test_rsa.h test_sha.c test_sha.h test_sha256.c test_sha256.h test_sha3.c test_sha3.h test_sha512.c test_sha512.h test_she.c test_she.h test_signature.c test_signature.h test_slhdsa.c test_slhdsa.h test_sm2.c test_sm2.h test_sm3.c test_sm3.h test_sm4.c test_sm4.h test_tls.c test_tls.h test_tls13.c test_tls13.h test_tls_ext.c test_tls_ext.h test_wc_encrypt.c test_wc_encrypt.h test_wolfmath.c test_wolfmath.h test_x509.c test_x509.hwolfcrypt
benchmark
README.md benchmark-VS2022.sln benchmark-VS2022.vcxproj benchmark-VS2022.vcxproj.user benchmark.c benchmark.h benchmark.sln benchmark.vcproj benchmark.vcxproj include.amsrc
port
Espressif
esp_crt_bundle
README.md cacrt_all.pem cacrt_deprecated.pem cacrt_local.pem esp_crt_bundle.c gen_crt_bundle.py pio_install_cryptography.pyRenesas
README.md renesas_common.c renesas_fspsm_aes.c renesas_fspsm_rsa.c renesas_fspsm_sha.c renesas_fspsm_util.c renesas_rx64_hw_sha.c renesas_rx64_hw_util.c renesas_tsip_aes.c renesas_tsip_rsa.c renesas_tsip_sha.c renesas_tsip_util.carm
armv8-32-aes-asm.S armv8-32-aes-asm_c.c armv8-32-chacha-asm.S armv8-32-chacha-asm_c.c armv8-32-curve25519.S armv8-32-curve25519_c.c armv8-32-mlkem-asm.S armv8-32-mlkem-asm_c.c armv8-32-poly1305-asm.S armv8-32-poly1305-asm_c.c armv8-32-sha256-asm.S armv8-32-sha256-asm_c.c armv8-32-sha3-asm.S armv8-32-sha3-asm_c.c armv8-32-sha512-asm.S armv8-32-sha512-asm_c.c armv8-aes-asm.S armv8-aes-asm_c.c armv8-aes.c armv8-chacha-asm.S armv8-chacha-asm_c.c armv8-curve25519.S armv8-curve25519_c.c armv8-mlkem-asm.S armv8-mlkem-asm_c.c armv8-poly1305-asm.S armv8-poly1305-asm_c.c armv8-sha256-asm.S armv8-sha256-asm_c.c armv8-sha256.c armv8-sha3-asm.S armv8-sha3-asm_c.c armv8-sha512-asm.S armv8-sha512-asm_c.c armv8-sha512.c cryptoCell.c cryptoCellHash.c thumb2-aes-asm.S thumb2-aes-asm_c.c thumb2-chacha-asm.S thumb2-chacha-asm_c.c thumb2-curve25519.S thumb2-curve25519_c.c thumb2-mlkem-asm.S thumb2-mlkem-asm_c.c thumb2-poly1305-asm.S thumb2-poly1305-asm_c.c thumb2-sha256-asm.S thumb2-sha256-asm_c.c thumb2-sha3-asm.S thumb2-sha3-asm_c.c thumb2-sha512-asm.S thumb2-sha512-asm_c.ccaam
README.md caam_aes.c caam_doc.pdf caam_driver.c caam_error.c caam_integrity.c caam_qnx.c caam_sha.c wolfcaam_aes.c wolfcaam_cmac.c wolfcaam_ecdsa.c wolfcaam_fsl_nxp.c wolfcaam_hash.c wolfcaam_hmac.c wolfcaam_init.c wolfcaam_qnx.c wolfcaam_rsa.c wolfcaam_seco.c wolfcaam_x25519.cdevcrypto
README.md devcrypto_aes.c devcrypto_ecdsa.c devcrypto_hash.c devcrypto_hmac.c devcrypto_rsa.c devcrypto_x25519.c wc_devcrypto.criscv
riscv-64-aes.c riscv-64-chacha.c riscv-64-poly1305.c riscv-64-sha256.c riscv-64-sha3.c riscv-64-sha512.cwolfssl
openssl
aes.h asn1.h asn1t.h bio.h bn.h buffer.h camellia.h cmac.h cms.h compat_types.h conf.h crypto.h des.h dh.h dsa.h ec.h ec25519.h ec448.h ecdh.h ecdsa.h ed25519.h ed448.h engine.h err.h evp.h fips_rand.h hmac.h include.am kdf.h lhash.h md4.h md5.h modes.h obj_mac.h objects.h ocsp.h opensslconf.h opensslv.h ossl_typ.h pem.h pkcs12.h pkcs7.h rand.h rc4.h ripemd.h rsa.h safestack.h sha.h sha3.h srp.h ssl.h ssl23.h stack.h tls1.h txt_db.h ui.h x509.h x509_vfy.h x509v3.hwolfcrypt
port
Renesas
renesas-fspsm-crypt.h renesas-fspsm-types.h renesas-rx64-hw-crypt.h renesas-tsip-crypt.h renesas_cmn.h renesas_fspsm_internal.h renesas_sync.h renesas_tsip_internal.h renesas_tsip_types.hcaam
caam_driver.h caam_error.h caam_qnx.h wolfcaam.h wolfcaam_aes.h wolfcaam_cmac.h wolfcaam_ecdsa.h wolfcaam_fsl_nxp.h wolfcaam_hash.h wolfcaam_qnx.h wolfcaam_rsa.h wolfcaam_seco.h wolfcaam_sha.h wolfcaam_x25519.hwrapper
Ada
examples
src
aes_verify_main.adb rsa_verify_main.adb sha256_main.adb spark_sockets.adb spark_sockets.ads spark_terminal.adb spark_terminal.ads tls_client.adb tls_client.ads tls_client_main.adb tls_server.adb tls_server.ads tls_server_main.adbtests
src
aes_bindings_tests.adb aes_bindings_tests.ads rsa_verify_bindings_tests.adb rsa_verify_bindings_tests.ads sha256_bindings_tests.adb sha256_bindings_tests.ads tests.adbCSharp
wolfSSL-Example-IOCallbacks
App.config wolfSSL-Example-IOCallbacks.cs wolfSSL-Example-IOCallbacks.csprojwolfSSL-TLS-ServerThreaded
App.config wolfSSL-TLS-ServerThreaded.cs wolfSSL-TLS-ServerThreaded.csprojrust
wolfssl-wolfcrypt
src
aes.rs blake2.rs chacha20_poly1305.rs cmac.rs cmac_mac.rs curve25519.rs dh.rs dilithium.rs ecc.rs ecdsa.rs ed25519.rs ed448.rs fips.rs hkdf.rs hmac.rs hmac_mac.rs kdf.rs lib.rs lms.rs mlkem.rs mlkem_kem.rs pbkdf2_password_hash.rs prf.rs random.rs rsa.rs rsa_pkcs1v15.rs sha.rs sha_digest.rs sys.rstests
test_aes.rs test_blake2.rs test_chacha20_poly1305.rs test_cmac.rs test_cmac_mac.rs test_curve25519.rs test_dh.rs test_dilithium.rs test_ecc.rs test_ecdsa.rs test_ed25519.rs test_ed448.rs test_hkdf.rs test_hmac.rs test_hmac_mac.rs test_kdf.rs test_lms.rs test_mlkem.rs test_mlkem_kem.rs test_pbkdf2_password_hash.rs test_prf.rs test_random.rs test_rsa.rs test_rsa_pkcs1v15.rs test_sha.rs test_sha_digest.rs test_wolfcrypt.rszephyr
samples
wolfssl_benchmark
CMakeLists.txt README install_test.sh prj.conf sample.yaml zephyr_legacy.conf zephyr_v4.1.confwolfssl_test
CMakeLists.txt README install_test.sh prj-no-malloc.conf prj.conf sample.yaml zephyr_legacy.conf zephyr_v4.1.conf
wolfssl/wolfcrypt/src/port/st/stsafe.c
raw
1/* stsafe.c
2 *
3 * Copyright (C) 2006-2026 wolfSSL Inc.
4 *
5 * This file is part of wolfSSL.
6 *
7 * wolfSSL is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 3 of the License, or
10 * (at your option) any later version.
11 *
12 * wolfSSL is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
20 */
21
22#ifdef HAVE_CONFIG_H
23 #include <config.h>
24#endif
25
26#include <wolfssl/wolfcrypt/types.h>
27#include <wolfssl/wolfcrypt/port/st/stsafe.h>
28#include <wolfssl/wolfcrypt/logging.h>
29#ifndef NO_ASN
30 #include <wolfssl/wolfcrypt/asn.h>
31#endif
32
33#ifndef STSAFE_INTERFACE_PRINTF
34 #define STSAFE_INTERFACE_PRINTF(...) WC_DO_NOTHING
35#endif
36
37/* Combined STSAFE macro - set in stsafe.h when either A100/A120 is defined */
38#ifdef WOLFSSL_STSAFE
39
40/* ========================================================================== */
41/* Internal Implementation (when NOT using external stsafe_interface.h) */
42/* ========================================================================== */
43
44/* When WOLFSSL_STSAFE_INTERFACE_EXTERNAL is defined, all internal
45 * implementation is skipped and the customer provides their own
46 * stsafe_interface.h with custom implementations. This maintains
47 * backwards compatibility with older integration approaches. */
48#ifndef WOLFSSL_STSAFE_INTERFACE_EXTERNAL
49
50/* ========================================================================== */
51/* SDK-Specific Includes */
52/* ========================================================================== */
53
54#ifdef WOLFSSL_STSAFEA120
55 /* STSELib includes for A120 */
56 #include "stse_platform_generic.h"
57 #include "stselib.h"
58#else /* WOLFSSL_STSAFEA100 */
59 /* Legacy STSAFE-A1xx SDK includes */
60 #include <stsafe_a_types.h>
61 #include <stsafe_a_configuration.h>
62 #include <stsafe_a_basic.h>
63 #include <stsafe_a_tools.h>
64 #include <stsafe_a_administrative.h>
65 #include <stsafe_a_general_purpose.h>
66 #include <stsafe_a_private_public_key.h>
67 #include <stsafe_a_data_partition.h>
68#endif
69
70/* ========================================================================== */
71/* Global State */
72/* ========================================================================== */
73
74#ifdef WOLFSSL_STSAFEA120
75 /* STSELib handler */
76 static stse_Handler_t g_stse_handler;
77 static int g_stse_initialized = 0;
78#else /* WOLFSSL_STSAFEA100 */
79 /* Legacy SDK handle */
80 static void* g_stsafe_handle = NULL;
81
82 /* Host MAC and Cipher Keys for secure communication */
83 /* NOTE: These are example keys
84 * - real implementations should store securely */
85 #ifndef STSAFE_HOST_KEY_MAC
86 static const uint8_t g_host_mac_key[16] = {
87 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
88 0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF
89 };
90 #endif
91 #ifndef STSAFE_HOST_KEY_CIPHER
92 static const uint8_t g_host_cipher_key[16] = {
93 0x11, 0x11, 0x22, 0x22, 0x33, 0x33, 0x44, 0x44,
94 0x55, 0x55, 0x66, 0x66, 0x77, 0x77, 0x88, 0x88
95 };
96 #endif
97#endif
98
99/* Current curve mode for signing operations */
100static stsafe_curve_id_t g_stsafe_curve_mode = STSAFE_DEFAULT_CURVE;
101
102
103/* ========================================================================== */
104/* Internal Helper Functions */
105/* ========================================================================== */
106
107/**
108 * \brief Helper macros to store/retrieve slot number in devCtx
109 * \details Slot number is stored directly in devCtx as void* to avoid
110 * dynamic memory allocation. Slot values are small (0, 1, 0xFF)
111 * so safe to cast to/from void*.
112 */
113#define STSAFE_SLOT_TO_DEVCXT(slot) ((void*)(uintptr_t)(slot))
114#define STSAFE_DEVCXT_TO_SLOT(devCtx) ((stsafe_slot_t)(uintptr_t)(devCtx))
115
116
117/**
118 * \brief Get key size in bytes for a given curve
119 */
120static int stsafe_get_key_size(stsafe_curve_id_t curve_id)
121{
122 switch (curve_id) {
123 case STSAFE_ECC_CURVE_P256:
124 #if defined(HAVE_ECC_BRAINPOOL) && defined(STSE_CONF_ECC_BRAINPOOL_P_256)
125 case STSAFE_ECC_CURVE_BP256:
126 #endif
127 return 32;
128 case STSAFE_ECC_CURVE_P384:
129 #if defined(HAVE_ECC_BRAINPOOL) && defined(STSE_CONF_ECC_BRAINPOOL_P_384)
130 case STSAFE_ECC_CURVE_BP384:
131 #endif
132 return 48;
133 default:
134 break;
135 }
136 return 0;
137}
138
139/**
140 * \brief Convert wolfSSL ECC curve ID to STSAFE curve ID
141 */
142static stsafe_curve_id_t stsafe_get_ecc_curve_id(int ecc_curve)
143{
144 switch (ecc_curve) {
145 case ECC_SECP256R1:
146 return STSAFE_ECC_CURVE_P256;
147 case ECC_SECP384R1:
148 return STSAFE_ECC_CURVE_P384;
149 #if defined(HAVE_ECC_BRAINPOOL) && defined(STSE_CONF_ECC_BRAINPOOL_P_256)
150 case ECC_BRAINPOOLP256R1:
151 return STSAFE_ECC_CURVE_BP256;
152 #endif
153 #if defined(HAVE_ECC_BRAINPOOL) && defined(STSE_CONF_ECC_BRAINPOOL_P_384)
154 case ECC_BRAINPOOLP384R1:
155 return STSAFE_ECC_CURVE_BP384;
156 #endif
157 default:
158 break;
159 }
160 return STSAFE_DEFAULT_CURVE;
161}
162
163/**
164 * \brief Convert STSAFE curve ID to wolfSSL ECC curve ID
165 */
166#if !defined(WOLFCRYPT_ONLY) && defined(HAVE_PK_CALLBACKS)
167static int stsafe_get_ecc_curve(stsafe_curve_id_t curve_id)
168{
169 switch (curve_id) {
170 case STSAFE_ECC_CURVE_P256:
171 return ECC_SECP256R1;
172 case STSAFE_ECC_CURVE_P384:
173 return ECC_SECP384R1;
174 #if defined(HAVE_ECC_BRAINPOOL) && defined(STSE_CONF_ECC_BRAINPOOL_P_256)
175 case STSAFE_ECC_CURVE_BP256:
176 return ECC_BRAINPOOLP256R1;
177 #endif
178 #if defined(HAVE_ECC_BRAINPOOL) && defined(STSE_CONF_ECC_BRAINPOOL_P_384)
179 case STSAFE_ECC_CURVE_BP384:
180 return ECC_BRAINPOOLP384R1;
181 #endif
182 default:
183 break;
184 }
185 return ECC_SECP256R1;
186}
187#endif
188
189/**
190 * \brief Get current curve mode for signing
191 */
192static stsafe_curve_id_t stsafe_get_curve_mode(void)
193{
194 return g_stsafe_curve_mode;
195}
196
197/**
198 * \brief Set current curve mode for signing
199 */
200static int stsafe_set_curve_mode(stsafe_curve_id_t curve_id)
201{
202 g_stsafe_curve_mode = curve_id;
203 return 0;
204}
205
206/* Unused function workaround for some compilers */
207#ifdef __GNUC__
208__attribute__((unused))
209#endif
210static void stsafe_unused_funcs(void)
211{
212#if !defined(WOLFCRYPT_ONLY) && defined(HAVE_PK_CALLBACKS)
213 (void)stsafe_get_ecc_curve;
214#endif
215 (void)stsafe_set_curve_mode;
216}
217
218/* ========================================================================== */
219/* Internal Interface Functions - SDK Specific Implementations */
220/* ========================================================================== */
221
222#ifdef WOLFSSL_STSAFEA120
223/* -------------------------------------------------------------------------- */
224/* STSELib (A120) Implementation */
225/* -------------------------------------------------------------------------- */
226
227/**
228 * \brief Initialize STSAFE-A120 device using STSELib
229 */
230int stsafe_interface_init(void)
231{
232 int rc = 0;
233 stse_ReturnCode_t ret;
234
235 if (g_stse_initialized) {
236 return 0; /* Already initialized */
237 }
238
239 /* Set default handler values */
240 ret = stse_set_default_handler_value(&g_stse_handler);
241 if (ret != STSE_OK) {
242 STSAFE_INTERFACE_PRINTF("stse_set_default_handler_value error: %d\n",
243 ret);
244 rc = -1;
245 }
246
247 if (rc == 0) {
248 /* Configure for STSAFE-A120 on I2C bus 1 */
249 g_stse_handler.device_type = STSAFE_A120;
250 #ifdef STSAFE_I2C_BUS
251 g_stse_handler.io.busID = STSAFE_I2C_BUS;
252 #else
253 g_stse_handler.io.busID = 1;
254 #endif
255 g_stse_handler.io.BusSpeed = 400; /* 400 kHz */
256
257 /* Initialize STSELib - this sets up I2C communication */
258 ret = stse_init(&g_stse_handler);
259 if (ret != STSE_OK) {
260 STSAFE_INTERFACE_PRINTF("stse_init error: %d\n", ret);
261 rc = -1;
262 }
263 }
264
265 if (rc == 0) {
266 g_stse_initialized = 1;
267 #ifdef USE_STSAFE_VERBOSE
268 WOLFSSL_MSG("STSAFE-A120 (STSELib) initialized");
269 #endif
270 }
271
272 return rc;
273}
274
275/**
276 * \brief Generate ECC key pair on STSAFE-A120
277 * \details Uses dedicated key slot for persistent keys (typically slot 0 or 1).
278 * For ephemeral ECDHE keys, use stsafe_create_ecdhe_key() instead.
279 *
280 * Note: For ECDH operations on persistent slots, the key must be generated
281 * with appropriate usage settings. Per ST FAE: slot 0xFF with usage_limit=1
282 * is recommended for ephemeral ECDH (key establishment mode).
283 *
284 * \return STSAFE_A_OK on success.
285 * \return Other value on failure.
286 */
287static int stsafe_create_key(stsafe_slot_t slot, stsafe_curve_id_t curve_id,
288 uint8_t* pPubKeyRaw)
289{
290 int rc = STSAFE_A_OK;
291 stse_ReturnCode_t ret;
292
293 if (pPubKeyRaw == NULL) {
294 return BAD_FUNC_ARG;
295 }
296
297 /* Generate key pair - public key is X||Y concatenated
298 * Note: stse_generate_ecc_key_pair expects stse_ecc_key_type_t,
299 * but stsafe_curve_id_t values match stse_ecc_key_type_t enum values.
300 *
301 * For persistent keys: usage_limit=255 allows multiple operations (signing)
302 * For ephemeral keys (slot 0xFF): usage_limit=1 for key establishment mode
303 */
304 ret = stse_generate_ecc_key_pair(&g_stse_handler, slot,
305 (stse_ecc_key_type_t)curve_id,
306 STSAFE_PERSISTENT_KEY_USAGE_LIMIT,
307 pPubKeyRaw);
308 if (ret != STSE_OK) {
309 STSAFE_INTERFACE_PRINTF("stse_generate_ecc_key_pair error: %d\n", ret);
310 rc = (int)ret;
311 }
312
313 return rc;
314}
315
316/**
317 * \brief Generate ECDHE ephemeral key pair on STSAFE-A120
318 * \details Uses stse_generate_ecc_key_pair() with slot 0xFF (ephemeral slot)
319 * and usage_limit=1 for key establishment mode.
320 * Per ST FAE recommendation: slot 0xFF must be used with mode of
321 * operation = key establishment and usage limit = 1 for ECDH operations.
322 * Public key is returned in X||Y format.
323 *
324 * \return STSAFE_A_OK on success.
325 * \return Other value on failure.
326 */
327static int stsafe_create_ecdhe_key(stsafe_curve_id_t curve_id,
328 uint8_t* pPubKeyRaw)
329{
330 int rc = STSAFE_A_OK;
331 stse_ReturnCode_t ret;
332
333 if (pPubKeyRaw == NULL) {
334 return BAD_FUNC_ARG;
335 }
336
337 /* Generate ephemeral key pair in slot 0xFF with usage_limit=1
338 * This configures the key for key establishment mode */
339 ret = stse_generate_ecc_key_pair(&g_stse_handler,
340 STSAFE_KEY_SLOT_EPHEMERAL, /* slot 0xFF */
341 (stse_ecc_key_type_t)curve_id,
342 STSAFE_EPHEMERAL_KEY_USAGE_LIMIT, /* usage_limit = 1 */
343 pPubKeyRaw);
344 if (ret != STSE_OK) {
345 STSAFE_INTERFACE_PRINTF("stse_generate_ecc_key_pair (ephemeral) error: %d\n", ret);
346 rc = (int)ret;
347 }
348
349 return rc;
350}
351
352/**
353 * \brief ECDSA sign using STSAFE-A120
354 *
355 * \return STSAFE_A_OK on success.
356 * \return Other value on failure.
357 */
358static int stsafe_sign(stsafe_slot_t slot, stsafe_curve_id_t curve_id,
359 uint8_t* pHash, uint8_t* pSigRS)
360{
361 int rc = STSAFE_A_OK;
362 stse_ReturnCode_t ret;
363 int key_sz = stsafe_get_key_size(curve_id);
364
365 if (pHash == NULL || pSigRS == NULL) {
366 return BAD_FUNC_ARG;
367 }
368
369 /* Sign hash - output is R || S concatenated */
370 ret = stse_ecc_generate_signature(&g_stse_handler, slot, curve_id,
371 pHash, (uint16_t)key_sz, pSigRS);
372 if (ret != STSE_OK) {
373 STSAFE_INTERFACE_PRINTF("stse_ecc_generate_signature error: %d\n", ret);
374 rc = (int)ret;
375 }
376
377 return rc;
378}
379
380/**
381 * \brief ECDSA verify using STSAFE-A120
382 *
383 * \return STSAFE_A_OK on success.
384 * \return Other value on failure.
385 */
386static int stsafe_verify(stsafe_curve_id_t curve_id, uint8_t* pHash,
387 uint8_t* pSigRS, uint8_t* pPubKeyX, uint8_t* pPubKeyY,
388 int32_t* pResult)
389{
390 int rc = STSAFE_A_OK;
391 stse_ReturnCode_t ret;
392 int key_sz = stsafe_get_key_size(curve_id);
393 uint8_t pubKey[STSAFE_MAX_PUBKEY_RAW_LEN];
394 uint8_t validity = 0;
395
396 if (pHash == NULL || pSigRS == NULL || pPubKeyX == NULL ||
397 pPubKeyY == NULL || pResult == NULL) {
398 return BAD_FUNC_ARG;
399 }
400
401 /* Combine X and Y into single buffer (X||Y) */
402 XMEMCPY(pubKey, pPubKeyX, key_sz);
403 XMEMCPY(pubKey + key_sz, pPubKeyY, key_sz);
404
405 /* Verify signature - pMessage is the hash, pSignature is R||S */
406 ret = stse_ecc_verify_signature(&g_stse_handler, curve_id,
407 pubKey, /* public key X||Y */
408 pSigRS, /* signature R||S */
409 pHash, /* message (hash) */
410 (uint16_t)key_sz, /* message length */
411 0, /* eddsa_variant (0 for non-EdDSA) */
412 &validity);
413 if (ret != STSE_OK) {
414 STSAFE_INTERFACE_PRINTF("stse_ecc_verify_signature error: %d\n", ret);
415 *pResult = 0;
416 rc = (int)ret;
417 }
418
419 if (rc == STSAFE_A_OK) {
420 *pResult = (validity != 0) ? 1 : 0;
421 }
422
423 return rc;
424}
425
426/**
427 * \brief ECDH shared secret using STSAFE-A120
428 *
429 * \return STSAFE_A_OK on success.
430 * \return Other value on failure.
431 */
432static int stsafe_shared_secret(stsafe_slot_t slot, stsafe_curve_id_t curve_id,
433 uint8_t* pPubKeyX, uint8_t* pPubKeyY,
434 uint8_t* pSharedSecret,
435 int32_t* pSharedSecretLen)
436{
437 int rc = STSAFE_A_OK;
438 stse_ReturnCode_t ret;
439 int key_sz = stsafe_get_key_size(curve_id);
440#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
441 uint8_t* peerPubKey = NULL;
442#else
443 uint8_t peerPubKey[STSAFE_MAX_PUBKEY_RAW_LEN];
444#endif
445
446 if (pPubKeyX == NULL || pPubKeyY == NULL || pSharedSecret == NULL ||
447 pSharedSecretLen == NULL) {
448 return BAD_FUNC_ARG;
449 }
450
451#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
452 peerPubKey = (uint8_t*)XMALLOC(STSAFE_MAX_PUBKEY_RAW_LEN, NULL,
453 DYNAMIC_TYPE_TMP_BUFFER);
454 if (peerPubKey == NULL) {
455 return MEMORY_E;
456 }
457#endif
458
459 /* Combine peer X and Y (X||Y format) */
460 XMEMCPY(peerPubKey, pPubKeyX, key_sz);
461 XMEMCPY(peerPubKey + key_sz, pPubKeyY, key_sz);
462
463 /* Compute shared secret
464 * Note: stse_ecc_establish_shared_secret expects stse_ecc_key_type_t.
465 * For STSAFE-A120, stsafe_curve_id_t values match stse_ecc_key_type_t enum values:
466 * STSAFE_ECC_CURVE_P256 (0) = STSE_ECC_KT_NIST_P_256 (0)
467 * STSAFE_ECC_CURVE_P384 (1) = STSE_ECC_KT_NIST_P_384 (1) */
468 ret = stse_ecc_establish_shared_secret(&g_stse_handler, slot,
469 (stse_ecc_key_type_t)curve_id, peerPubKey, pSharedSecret);
470 if (ret != STSE_OK) {
471 STSAFE_INTERFACE_PRINTF("stse_ecc_establish_shared_secret error: %d (slot: %d, curve_id: %d)\n",
472 ret, slot, curve_id);
473 rc = (int)ret;
474 }
475
476 if (rc == STSAFE_A_OK) {
477 *pSharedSecretLen = (int32_t)key_sz;
478 }
479
480#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
481 XFREE(peerPubKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
482#endif
483
484 return rc;
485}
486
487/**
488 * \brief Read device certificate from STSAFE-A120
489 *
490 * \return STSAFE_A_OK on success.
491 * \return Other value on failure.
492 */
493static int stsafe_read_certificate(uint8_t** ppCert, uint32_t* pCertLen)
494{
495#ifdef WOLFSSL_NO_MALLOC
496 /* Certificate reading requires dynamic allocation */
497 (void)ppCert;
498 (void)pCertLen;
499 return NOT_COMPILED_IN;
500#else
501 int rc = STSAFE_A_OK;
502 stse_ReturnCode_t ret;
503 uint16_t certLen = 0;
504 uint8_t certZone = 0; /* Certificate zone 0 */
505
506 /* First, get certificate size */
507 ret = stse_get_device_certificate_size(&g_stse_handler, certZone, &certLen);
508 if (ret != STSE_OK) {
509 STSAFE_INTERFACE_PRINTF("stse_get_device_certificate_size error: %d\n",
510 ret);
511 rc = (int)ret;
512 }
513 else if (certLen == 0) {
514 /* Certificate size is 0 - invalid certificate data */
515 STSAFE_INTERFACE_PRINTF("stse_get_device_certificate_size returned zero length\n");
516 rc = ASN_PARSE_E;
517 }
518
519 /* Allocate buffer */
520 if (rc == STSAFE_A_OK) {
521 *ppCert = (uint8_t*)XMALLOC(certLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
522 if (*ppCert == NULL) {
523 rc = MEMORY_E;
524 }
525 }
526
527 /* Read certificate */
528 if (rc == STSAFE_A_OK) {
529 ret = stse_get_device_certificate(&g_stse_handler, certZone, certLen,
530 *ppCert);
531 if (ret != STSE_OK) {
532 XFREE(*ppCert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
533 *ppCert = NULL;
534 STSAFE_INTERFACE_PRINTF("stse_get_device_certificate error: %d\n",
535 ret);
536 rc = (int)ret;
537 }
538 }
539
540 if (rc == STSAFE_A_OK) {
541 *pCertLen = certLen;
542 }
543
544 return rc;
545#endif /* WOLFSSL_NO_MALLOC */
546}
547
548#if !defined(WC_NO_RNG) && defined(USE_STSAFE_RNG_SEED)
549/**
550 * \brief Get random bytes from STSAFE-A120
551 */
552static int stsafe_get_random(uint8_t* pRandom, uint32_t size)
553{
554 int rc;
555 stse_ReturnCode_t ret;
556 uint16_t len = (size > 0xFFFF) ? 0xFFFF : (uint16_t)size;
557
558 ret = stse_generate_random(&g_stse_handler, pRandom, len);
559 if (ret != STSE_OK) {
560 rc = -1;
561 }
562 else {
563 rc = (int)len;
564 }
565
566 return rc;
567}
568#endif
569
570#else /* WOLFSSL_STSAFEA100 */
571/* -------------------------------------------------------------------------- */
572/* Legacy STSAFE-A1xx SDK (A100/A110) Implementation */
573/* -------------------------------------------------------------------------- */
574
575/**
576 * \brief Set host keys for secure communication
577 */
578static void stsafe_set_host_keys(void* handle)
579{
580 StSafeA_SetHostMacKey(handle, g_host_mac_key);
581 StSafeA_SetHostCipherKey(handle, g_host_cipher_key);
582}
583
584/**
585 * \brief Check and initialize host keys
586 */
587static int stsafe_check_host_keys(void* handle)
588{
589 uint8_t status_code;
590 StSafeA_HostKeySlotBuffer* pHostKeySlot;
591
592 status_code = StSafeA_HostKeySlotQuery(handle, &pHostKeySlot,
593 STSAFE_A_NO_MAC);
594
595 if (status_code == STSAFE_A_OK && !pHostKeySlot->HostKeyPresenceFlag) {
596 /* Host keys not set, initialize them */
597 uint8_t hostKeys[32];
598 XMEMCPY(hostKeys, g_host_mac_key, 16);
599 XMEMCPY(hostKeys + 16, g_host_cipher_key, 16);
600
601 status_code = StSafeA_PutAttribute(handle, STSAFE_A_HOST_KEY_SLOT_TAG,
602 hostKeys, sizeof(hostKeys), STSAFE_A_NO_MAC);
603 }
604
605 return status_code;
606}
607
608/**
609 * \brief Initialize STSAFE-A100/A110 device
610 *
611 * \return STSAFE_A_OK on success.
612 * \return Other value on failure.
613 */
614int stsafe_interface_init(void)
615{
616 int rc = 0;
617 uint8_t status_code;
618 const uint8_t echo_data[3] = {0x01, 0x02, 0x03};
619 StSafeA_EchoBuffer* echo_resp = NULL;
620
621 if (g_stsafe_handle != NULL) {
622 return 0; /* Already initialized */
623 }
624
625 /* Create handle */
626 status_code = StSafeA_CreateHandle(&g_stsafe_handle, STSAFE_I2C_ADDR);
627 if (status_code != STSAFE_A_OK) {
628 STSAFE_INTERFACE_PRINTF("StSafeA_CreateHandle error: %d\n",
629 status_code);
630 rc = -1;
631 }
632
633 /* Echo test to verify communication */
634 if (rc == 0) {
635 status_code = StSafeA_Echo(g_stsafe_handle, (uint8_t*)echo_data, 3,
636 &echo_resp, STSAFE_A_NO_MAC);
637 if (status_code != STSAFE_A_OK ||
638 XMEMCMP(echo_data, echo_resp->Data, 3) != 0) {
639 STSAFE_INTERFACE_PRINTF("StSafeA_Echo error: %d\n", status_code);
640 rc = -1;
641 }
642 XFREE(echo_resp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
643 }
644
645 /* Check/initialize host keys */
646 if (rc == 0) {
647 status_code = stsafe_check_host_keys(g_stsafe_handle);
648 if (status_code != STSAFE_A_OK) {
649 STSAFE_INTERFACE_PRINTF("stsafe_check_host_keys error: %d\n",
650 status_code);
651 rc = -1;
652 }
653 }
654
655#ifdef USE_STSAFE_VERBOSE
656 if (rc == 0) {
657 WOLFSSL_MSG("STSAFE-A100/A110 initialized");
658 }
659#endif
660
661 return rc;
662}
663
664/**
665 * \brief Generate ECC key pair on STSAFE-A100/A110
666 *
667 * \return STSAFE_A_OK on success.
668 * \return Other value on failure.
669 */
670static int stsafe_create_key(stsafe_slot_t* pSlot, stsafe_curve_id_t curve_id,
671 uint8_t* pPubKeyRaw)
672{
673 int rc;
674 uint8_t status_code;
675 int key_sz = stsafe_get_key_size(curve_id);
676 stsafe_slot_t slot = STSAFE_KEY_SLOT_1;
677 StSafeA_CoordinateBuffer* pubX = NULL;
678 StSafeA_CoordinateBuffer* pubY = NULL;
679 uint8_t* pointRepId = NULL;
680
681 stsafe_set_host_keys(g_stsafe_handle);
682
683 status_code = StSafeA_GenerateKeyPair(g_stsafe_handle, slot, 0xFFFF, 1,
684 (StSafeA_KeyUsageAuthorizationFlags)(
685 STSAFE_A_COMMAND_RESPONSE_SIGNATURE |
686 STSAFE_A_MESSAGE_DIGEST_SIGNATURE |
687 STSAFE_A_KEY_ESTABLISHMENT),
688 curve_id, &pointRepId, &pubX, &pubY, STSAFE_A_HOST_C_MAC);
689
690 if (status_code == STSAFE_A_OK && pointRepId != NULL &&
691 *pointRepId == STSAFE_A_POINT_REPRESENTATION_ID &&
692 pubX != NULL && pubY != NULL) {
693 XMEMCPY(pPubKeyRaw, pubX->Data, pubX->Length);
694 XMEMCPY(pPubKeyRaw + key_sz, pubY->Data, pubY->Length);
695 rc = STSAFE_A_OK;
696 }
697 else {
698 rc = (int)(uint8_t)-1;
699 }
700
701 /* Free SDK-allocated buffers */
702 XFREE(pubX, NULL, DYNAMIC_TYPE_TMP_BUFFER);
703 XFREE(pubY, NULL, DYNAMIC_TYPE_TMP_BUFFER);
704
705 if (rc == STSAFE_A_OK && pSlot != NULL) {
706 *pSlot = slot;
707 }
708
709 return rc;
710}
711
712/**
713 * \brief ECDSA sign using STSAFE-A100/A110
714 *
715 * \return STSAFE_A_OK on success.
716 * \return Other value on failure.
717 */
718static int stsafe_sign(stsafe_slot_t slot, stsafe_curve_id_t curve_id,
719 uint8_t* pHash, uint8_t* pSigRS)
720{
721 int rc;
722 uint8_t status_code;
723 int key_sz = stsafe_get_key_size(curve_id);
724 StSafeA_SignatureBuffer* signature = NULL;
725 StSafeA_HashTypes hashType;
726 size_t r_length, s_length;
727
728 hashType = (curve_id == STSAFE_ECC_CURVE_P384 ||
729 curve_id == STSAFE_ECC_CURVE_BP384) ?
730 STSAFE_HASH_SHA384 : STSAFE_HASH_SHA256;
731
732 status_code = StSafeA_GenerateSignature(g_stsafe_handle, slot, pHash,
733 hashType, &signature, STSAFE_A_NO_MAC);
734
735 if (status_code == STSAFE_A_OK && signature != NULL) {
736 /* Parse signature - format is: len(2) || R || len(2) || S */
737 r_length = ((uint16_t)signature->Data[0] << 8) | signature->Data[1];
738
739 /* Bounds check: r_length must be valid and fit within signature buffer */
740 if (r_length > key_sz || r_length == 0 ||
741 (size_t)(2 + r_length + 2) > signature->Length) {
742 rc = ASN_PARSE_E;
743 }
744 else {
745 s_length = ((uint16_t)signature->Data[2 + r_length] << 8) |
746 signature->Data[3 + r_length];
747
748 /* Bounds check: s_length must be valid and fit within signature buffer */
749 if (s_length > key_sz || s_length == 0 ||
750 (size_t)(4 + r_length + s_length) > signature->Length) {
751 rc = ASN_PARSE_E;
752 }
753 else {
754 /* Copy R and S to output (zero-padded) */
755 XMEMSET(pSigRS, 0, key_sz * 2);
756 XMEMCPY(pSigRS + (key_sz - r_length), &signature->Data[2], r_length);
757 XMEMCPY(pSigRS + key_sz + (key_sz - s_length),
758 &signature->Data[4 + r_length], s_length);
759 rc = STSAFE_A_OK;
760 }
761 }
762 }
763 else {
764 rc = (int)status_code;
765 }
766
767 /* Free SDK-allocated buffer */
768 XFREE(signature, NULL, DYNAMIC_TYPE_TMP_BUFFER);
769
770 return rc;
771}
772
773/**
774 * \brief ECDSA verify using STSAFE-A100/A110
775 *
776 * \return STSAFE_A_OK on success.
777 * \return Other value on failure.
778 */
779static int stsafe_verify(stsafe_curve_id_t curve_id, uint8_t* pHash,
780 uint8_t* pSigRS, uint8_t* pPubKeyX, uint8_t* pPubKeyY,
781 int32_t* pResult)
782{
783 int rc = (int)(uint8_t)-1;
784 uint8_t status_code;
785 int key_sz = stsafe_get_key_size(curve_id);
786#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
787 StSafeA_CoordinateBuffer* X = NULL;
788 StSafeA_CoordinateBuffer* Y = NULL;
789 StSafeA_SignatureBuffer* R = NULL;
790 StSafeA_SignatureBuffer* S = NULL;
791 StSafeA_SignatureBuffer* Hash = NULL;
792#else
793 /* Stack buffers: 2 bytes for Length + STSAFE_MAX_KEY_LEN for Data */
794 byte R_buf[2 + STSAFE_MAX_KEY_LEN];
795 byte S_buf[2 + STSAFE_MAX_KEY_LEN];
796 byte Hash_buf[2 + STSAFE_MAX_KEY_LEN];
797 byte X_buf[2 + STSAFE_MAX_KEY_LEN];
798 byte Y_buf[2 + STSAFE_MAX_KEY_LEN];
799 StSafeA_SignatureBuffer* R = (StSafeA_SignatureBuffer*)R_buf;
800 StSafeA_SignatureBuffer* S = (StSafeA_SignatureBuffer*)S_buf;
801 StSafeA_SignatureBuffer* Hash = (StSafeA_SignatureBuffer*)Hash_buf;
802 StSafeA_CoordinateBuffer* X = (StSafeA_CoordinateBuffer*)X_buf;
803 StSafeA_CoordinateBuffer* Y = (StSafeA_CoordinateBuffer*)Y_buf;
804#endif
805 StSafeA_VerifySignatureBuffer* Verif = NULL;
806
807 *pResult = 0;
808
809#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
810 /* Allocate buffers */
811 R = (StSafeA_SignatureBuffer*)XMALLOC(key_sz + 2, NULL,
812 DYNAMIC_TYPE_TMP_BUFFER);
813 S = (StSafeA_SignatureBuffer*)XMALLOC(key_sz + 2, NULL,
814 DYNAMIC_TYPE_TMP_BUFFER);
815 Hash = (StSafeA_SignatureBuffer*)XMALLOC(key_sz + 2, NULL,
816 DYNAMIC_TYPE_TMP_BUFFER);
817 X = (StSafeA_CoordinateBuffer*)XMALLOC(key_sz + 2, NULL,
818 DYNAMIC_TYPE_TMP_BUFFER);
819 Y = (StSafeA_CoordinateBuffer*)XMALLOC(key_sz + 2, NULL,
820 DYNAMIC_TYPE_TMP_BUFFER);
821
822 if (X == NULL || Y == NULL || R == NULL || S == NULL || Hash == NULL) {
823 XFREE(R, NULL, DYNAMIC_TYPE_TMP_BUFFER);
824 XFREE(S, NULL, DYNAMIC_TYPE_TMP_BUFFER);
825 XFREE(Hash, NULL, DYNAMIC_TYPE_TMP_BUFFER);
826 XFREE(X, NULL, DYNAMIC_TYPE_TMP_BUFFER);
827 XFREE(Y, NULL, DYNAMIC_TYPE_TMP_BUFFER);
828 return MEMORY_E;
829 }
830#endif
831
832 R->Length = key_sz;
833 S->Length = key_sz;
834 Hash->Length = key_sz;
835 X->Length = key_sz;
836 Y->Length = key_sz;
837
838 XMEMCPY(R->Data, pSigRS, key_sz);
839 XMEMCPY(S->Data, pSigRS + key_sz, key_sz);
840 XMEMCPY(Hash->Data, pHash, key_sz);
841 XMEMCPY(X->Data, pPubKeyX, key_sz);
842 XMEMCPY(Y->Data, pPubKeyY, key_sz);
843
844 status_code = StSafeA_VerifyMessageSignature(g_stsafe_handle,
845 curve_id, X, Y, R, S, Hash, &Verif, STSAFE_A_NO_MAC);
846
847 if (status_code == STSAFE_A_OK && Verif != NULL) {
848 *pResult = Verif->SignatureValidity ? 1 : 0;
849 if (Verif->SignatureValidity) {
850 rc = STSAFE_A_OK;
851 }
852 }
853#ifndef WOLFSSL_NO_MALLOC
854 /* Free SDK-allocated buffer */
855 XFREE(Verif, NULL, DYNAMIC_TYPE_TMP_BUFFER);
856#endif
857
858#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
859 XFREE(R, NULL, DYNAMIC_TYPE_TMP_BUFFER);
860 XFREE(S, NULL, DYNAMIC_TYPE_TMP_BUFFER);
861 XFREE(Hash, NULL, DYNAMIC_TYPE_TMP_BUFFER);
862 XFREE(X, NULL, DYNAMIC_TYPE_TMP_BUFFER);
863 XFREE(Y, NULL, DYNAMIC_TYPE_TMP_BUFFER);
864#endif
865
866 return rc;
867}
868
869/**
870 * \brief ECDH shared secret using STSAFE-A100/A110
871 *
872 * \return STSAFE_A_OK on success.
873 * \return Other value on failure.
874 */
875static int stsafe_shared_secret(stsafe_slot_t slot, stsafe_curve_id_t curve_id,
876 uint8_t* pPubKeyX, uint8_t* pPubKeyY,
877 uint8_t* pSharedSecret,
878 int32_t* pSharedSecretLen)
879{
880 int rc = (int)(uint8_t)-1;
881 uint8_t status_code;
882 int key_sz = stsafe_get_key_size(curve_id);
883#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
884 StSafeA_CoordinateBuffer* peerX = NULL;
885 StSafeA_CoordinateBuffer* peerY = NULL;
886#else
887 /* Stack buffers: 2 bytes for Length + STSAFE_MAX_KEY_LEN for Data */
888 byte peerX_buf[2 + STSAFE_MAX_KEY_LEN];
889 byte peerY_buf[2 + STSAFE_MAX_KEY_LEN];
890 StSafeA_CoordinateBuffer* peerX = (StSafeA_CoordinateBuffer*)peerX_buf;
891 StSafeA_CoordinateBuffer* peerY = (StSafeA_CoordinateBuffer*)peerY_buf;
892#endif
893 StSafeA_SharedSecretBuffer* sharedSecret = NULL;
894
895 stsafe_set_host_keys(g_stsafe_handle);
896
897#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
898 peerX = (StSafeA_CoordinateBuffer*)XMALLOC(key_sz + 2, NULL,
899 DYNAMIC_TYPE_TMP_BUFFER);
900 peerY = (StSafeA_CoordinateBuffer*)XMALLOC(key_sz + 2, NULL,
901 DYNAMIC_TYPE_TMP_BUFFER);
902
903 if (peerX == NULL || peerY == NULL) {
904 XFREE(peerX, NULL, DYNAMIC_TYPE_TMP_BUFFER);
905 XFREE(peerY, NULL, DYNAMIC_TYPE_TMP_BUFFER);
906 return MEMORY_E;
907 }
908#endif
909
910 peerX->Length = key_sz;
911 peerY->Length = key_sz;
912 XMEMCPY(peerX->Data, pPubKeyX, key_sz);
913 XMEMCPY(peerY->Data, pPubKeyY, key_sz);
914
915 status_code = StSafeA_EstablishKey(g_stsafe_handle, slot,
916 peerX, peerY, &sharedSecret, STSAFE_A_HOST_C_MAC);
917
918 if (status_code == STSAFE_A_OK && sharedSecret != NULL) {
919 *pSharedSecretLen = sharedSecret->SharedSecret.Length;
920 XMEMCPY(pSharedSecret, sharedSecret->SharedSecret.Data,
921 sharedSecret->SharedSecret.Length);
922 rc = STSAFE_A_OK;
923 }
924#ifndef WOLFSSL_NO_MALLOC
925 /* Free SDK-allocated buffer */
926 XFREE(sharedSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
927#endif
928
929#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
930 XFREE(peerX, NULL, DYNAMIC_TYPE_TMP_BUFFER);
931 XFREE(peerY, NULL, DYNAMIC_TYPE_TMP_BUFFER);
932#endif
933
934 return rc;
935}
936
937/**
938 * \brief Read device certificate from STSAFE-A100/A110
939 *
940 * \return STSAFE_A_OK on success.
941 * \return Other value on failure.
942 */
943static int stsafe_read_certificate(uint8_t** ppCert, uint32_t* pCertLen)
944{
945#ifdef WOLFSSL_NO_MALLOC
946 /* Certificate reading requires dynamic allocation */
947 (void)ppCert;
948 (void)pCertLen;
949 return NOT_COMPILED_IN;
950#else
951 int rc = STSAFE_A_OK;
952 uint8_t status_code;
953 StSafeA_ReadBuffer* readBuf = NULL;
954 struct stsafe_a* stsafe_a = (struct stsafe_a*)g_stsafe_handle;
955 uint8_t step;
956 uint16_t i;
957
958 *pCertLen = 0;
959
960 /* Read first 4 bytes to determine certificate length */
961 status_code = StSafeA_Read(g_stsafe_handle, 0, 0, STSAFE_A_ALWAYS,
962 0, 0, 4, &readBuf, STSAFE_A_NO_MAC);
963
964 if (status_code == STSAFE_A_OK && readBuf != NULL && readBuf->Length == 4) {
965 /* Parse ASN.1 DER certificate header */
966 /* 0x30 = ASN_SEQUENCE | ASN_CONSTRUCTED (certificate is a SEQUENCE) */
967 if (readBuf->Data[0] == (ASN_SEQUENCE | ASN_CONSTRUCTED)) {
968 /* Parse ASN.1 length encoding */
969 switch (readBuf->Data[1]) {
970 case (ASN_LONG_LENGTH | 0x01): /* Length encoded in 1 byte */
971 *pCertLen = readBuf->Data[2] + 3;
972 break;
973 case (ASN_LONG_LENGTH | 0x02): /* Length encoded in 2 bytes */
974 *pCertLen = ((uint16_t)readBuf->Data[2] << 8) +
975 readBuf->Data[3] + 4;
976 break;
977 default:
978 /* Short form: length < 128, encoded directly */
979 if (readBuf->Data[1] < ASN_LONG_LENGTH) {
980 *pCertLen = readBuf->Data[1] + 2;
981 }
982 break;
983 }
984 /* Check if length parsing succeeded */
985 if (*pCertLen == 0) {
986 rc = ASN_PARSE_E;
987 }
988 }
989 else {
990 /* Invalid ASN.1 header - expected SEQUENCE tag */
991 rc = ASN_PARSE_E;
992 }
993 }
994 else {
995 rc = (int)status_code;
996 }
997 XFREE(readBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
998 readBuf = NULL;
999
1000 if (rc == STSAFE_A_OK && *pCertLen > 0) {
1001 *ppCert = (uint8_t*)XMALLOC(*pCertLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1002 if (*ppCert == NULL) {
1003 rc = MEMORY_E;
1004 }
1005 }
1006
1007 if (rc == STSAFE_A_OK && *pCertLen > 0) {
1008 /* STSAFE-A100/A110 maximum read size is 225 bytes per command.
1009 * When CRC is supported, 2 bytes are used for CRC, leaving 223 bytes
1010 * for data. Without CRC, we can read up to 225 bytes, but use 223
1011 * for consistency and to leave room for protocol overhead. */
1012 step = 223 - (stsafe_a->CrcSupport ? 2 : 0);
1013
1014 for (i = 0; rc == STSAFE_A_OK && i < *pCertLen / step; i++) {
1015 status_code = StSafeA_Read(g_stsafe_handle, 0, 0,
1016 STSAFE_A_ALWAYS, 0, i * step, step, &readBuf,
1017 STSAFE_A_NO_MAC);
1018 if (status_code == STSAFE_A_OK) {
1019 XMEMCPY(*ppCert + (i * step), readBuf->Data, readBuf->Length);
1020 }
1021 else {
1022 rc = (int)status_code;
1023 }
1024 XFREE(readBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1025 readBuf = NULL;
1026 }
1027
1028 if (rc == STSAFE_A_OK && (*pCertLen % step)) {
1029 status_code = StSafeA_Read(g_stsafe_handle, 0, 0,
1030 STSAFE_A_ALWAYS, 0, i * step, *pCertLen % step,
1031 &readBuf, STSAFE_A_NO_MAC);
1032 if (status_code == STSAFE_A_OK) {
1033 XMEMCPY(*ppCert + (i * step), readBuf->Data, readBuf->Length);
1034 }
1035 else {
1036 rc = (int)status_code;
1037 }
1038 XFREE(readBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1039 readBuf = NULL;
1040 }
1041 }
1042
1043 return rc;
1044#endif /* WOLFSSL_NO_MALLOC */
1045}
1046
1047#if !defined(WC_NO_RNG) && defined(USE_STSAFE_RNG_SEED)
1048/**
1049 * \brief Get random bytes from STSAFE-A100/A110
1050 */
1051static int stsafe_get_random(uint8_t* pRandom, uint32_t size)
1052{
1053 int rc;
1054 uint8_t status_code;
1055 StSafeA_GenerateRandomBuffer* rndBuf = NULL;
1056 uint8_t reqSize = (size > 255) ? 255 : (uint8_t)size;
1057
1058 status_code = StSafeA_GenerateRandom(g_stsafe_handle, STSAFE_A_EPHEMERAL,
1059 reqSize, &rndBuf, STSAFE_A_NO_MAC);
1060
1061 if (status_code == STSAFE_A_OK && rndBuf != NULL) {
1062 rc = (int)rndBuf->Length;
1063 XMEMCPY(pRandom, rndBuf->Data, rndBuf->Length);
1064 }
1065 else {
1066 rc = -1;
1067 }
1068
1069 XFREE(rndBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1070
1071 return rc;
1072}
1073#endif
1074
1075#endif /* WOLFSSL_STSAFEA120 */
1076
1077#endif /* !WOLFSSL_STSAFE_INTERFACE_EXTERNAL */
1078
1079
1080/* ========================================================================== */
1081/* Public API Functions */
1082/* ========================================================================== */
1083
1084/**
1085 * \brief Load device certificate from STSAFE
1086 */
1087int SSL_STSAFE_LoadDeviceCertificate(byte** pRawCertificate,
1088 word32* pRawCertificateLen)
1089{
1090 int err = 0;
1091
1092 if (pRawCertificate == NULL || pRawCertificateLen == NULL) {
1093 err = BAD_FUNC_ARG;
1094 }
1095
1096#ifdef USE_STSAFE_VERBOSE
1097 if (err == 0) {
1098 WOLFSSL_MSG("SSL_STSAFE_LoadDeviceCertificate");
1099 }
1100#endif
1101
1102 if (err == 0) {
1103 err = stsafe_read_certificate(pRawCertificate, pRawCertificateLen);
1104 if (err != STSAFE_A_OK) {
1105 err = WC_HW_E;
1106 }
1107 }
1108
1109 return err;
1110}
1111
1112
1113/* ========================================================================== */
1114/* PK Callbacks */
1115/* ========================================================================== */
1116
1117#if !defined(WOLFCRYPT_ONLY) && defined(HAVE_PK_CALLBACKS)
1118
1119/**
1120 * \brief Key Gen Callback (used by TLS server for ECDHE)
1121 */
1122int SSL_STSAFE_CreateKeyCb(WOLFSSL* ssl, ecc_key* key, word32 keySz,
1123 int ecc_curve, void* ctx)
1124{
1125 int err = 0;
1126#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1127 byte* pubKeyRaw = NULL;
1128#else
1129 byte pubKeyRaw[STSAFE_MAX_PUBKEY_RAW_LEN];
1130#endif
1131 stsafe_slot_t slot;
1132 stsafe_curve_id_t curve_id;
1133
1134 (void)ssl;
1135 (void)ctx;
1136
1137#ifdef USE_STSAFE_VERBOSE
1138 WOLFSSL_MSG("CreateKeyCb: STSAFE (ECDHE)");
1139#endif
1140
1141#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1142 pubKeyRaw = (byte*)XMALLOC(STSAFE_MAX_PUBKEY_RAW_LEN, NULL,
1143 DYNAMIC_TYPE_TMP_BUFFER);
1144 if (pubKeyRaw == NULL) {
1145 err = MEMORY_E;
1146 }
1147#endif
1148
1149 if (err == 0) {
1150 curve_id = stsafe_get_ecc_curve_id(ecc_curve);
1151
1152#ifdef WOLFSSL_STSAFEA120
1153 /* Use ECDHE ephemeral key generation for A120 */
1154 err = stsafe_create_ecdhe_key(curve_id, pubKeyRaw);
1155 if (err != STSAFE_A_OK) {
1156 STSAFE_INTERFACE_PRINTF("stsafe_create_ecdhe_key error: %d\n", err);
1157 err = WC_HW_E;
1158 }
1159 /* For ECDHE, slot is not used (ephemeral key stored internally) */
1160 slot = STSAFE_KEY_SLOT_EPHEMERAL;
1161#else
1162 /* Legacy A100/A110 uses slot-based key generation */
1163 err = stsafe_create_key(&slot, curve_id, pubKeyRaw);
1164 if (err != STSAFE_A_OK) {
1165 STSAFE_INTERFACE_PRINTF("stsafe_create_key error: %d\n", err);
1166 err = WC_HW_E;
1167 }
1168#endif
1169 }
1170
1171 if (err == 0) {
1172 err = wc_ecc_import_unsigned(key, pubKeyRaw, &pubKeyRaw[keySz],
1173 NULL, ecc_curve);
1174 }
1175
1176#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1177 XFREE(pubKeyRaw, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1178#endif
1179
1180 (void)slot; /* May be unused for A120 ECDHE */
1181
1182 return err;
1183}
1184
1185/**
1186 * \brief Verify Peer Cert Callback
1187 */
1188int SSL_STSAFE_VerifyPeerCertCb(WOLFSSL* ssl,
1189 const unsigned char* sig, unsigned int sigSz,
1190 const unsigned char* hash, unsigned int hashSz,
1191 const unsigned char* keyDer, unsigned int keySz,
1192 int* result, void* ctx)
1193{
1194 int err = 0;
1195 int eccKeyInit = 0;
1196#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1197 byte* sigRS = NULL;
1198 byte* pubKeyX = NULL;
1199 byte* pubKeyY = NULL;
1200#else
1201 byte sigRS[STSAFE_MAX_SIG_LEN];
1202 byte pubKeyX[STSAFE_MAX_PUBKEY_RAW_LEN/2];
1203 byte pubKeyY[STSAFE_MAX_PUBKEY_RAW_LEN/2];
1204#endif
1205 byte* r = NULL;
1206 byte* s = NULL;
1207 word32 r_len = STSAFE_MAX_SIG_LEN/2, s_len = STSAFE_MAX_SIG_LEN/2;
1208 word32 pubKeyX_len = STSAFE_MAX_PUBKEY_RAW_LEN/2;
1209 word32 pubKeyY_len = STSAFE_MAX_PUBKEY_RAW_LEN/2;
1210 ecc_key eccKey;
1211 word32 inOutIdx = 0;
1212 stsafe_curve_id_t curve_id = STSAFE_ECC_CURVE_P256;
1213 int ecc_curve;
1214 int key_sz = 0;
1215
1216 (void)ssl;
1217 (void)ctx;
1218 (void)hashSz;
1219
1220#ifdef USE_STSAFE_VERBOSE
1221 WOLFSSL_MSG("VerifyPeerCertCB: STSAFE");
1222#endif
1223
1224#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1225 sigRS = (byte*)XMALLOC(STSAFE_MAX_SIG_LEN, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1226 pubKeyX = (byte*)XMALLOC(STSAFE_MAX_PUBKEY_RAW_LEN/2, NULL,
1227 DYNAMIC_TYPE_TMP_BUFFER);
1228 pubKeyY = (byte*)XMALLOC(STSAFE_MAX_PUBKEY_RAW_LEN/2, NULL,
1229 DYNAMIC_TYPE_TMP_BUFFER);
1230 if (sigRS == NULL || pubKeyX == NULL || pubKeyY == NULL) {
1231 err = MEMORY_E;
1232 }
1233#endif
1234
1235 if (err == 0) {
1236 err = wc_ecc_init(&eccKey);
1237 if (err == 0) {
1238 eccKeyInit = 1;
1239 }
1240 }
1241
1242 if (err == 0) {
1243 err = wc_EccPublicKeyDecode(keyDer, &inOutIdx, &eccKey, keySz);
1244 }
1245 if (err == 0) {
1246 err = wc_ecc_export_public_raw(&eccKey, pubKeyX, &pubKeyX_len,
1247 pubKeyY, &pubKeyY_len);
1248 }
1249 if (err == 0) {
1250 ecc_curve = eccKey.dp->id;
1251 curve_id = stsafe_get_ecc_curve_id(ecc_curve);
1252 key_sz = stsafe_get_key_size(curve_id);
1253 if (key_sz <= 0 || key_sz > STSAFE_MAX_KEY_LEN) {
1254 err = BAD_FUNC_ARG;
1255 }
1256 }
1257 if (err == 0) {
1258 XMEMSET(sigRS, 0, STSAFE_MAX_SIG_LEN);
1259 r = &sigRS[0];
1260 s = &sigRS[key_sz];
1261 err = wc_ecc_sig_to_rs(sig, sigSz, r, &r_len, s, &s_len);
1262 }
1263 if (err == 0) {
1264 if ((int)r_len > key_sz || (int)s_len > key_sz) {
1265 err = BAD_FUNC_ARG;
1266 }
1267 }
1268 if (err == 0) {
1269 /* Zero-pad R and S */
1270 XMEMMOVE(&sigRS[key_sz - r_len], r, r_len);
1271 XMEMSET(&sigRS[0], 0, key_sz - r_len);
1272 XMEMMOVE(&sigRS[key_sz + (key_sz - s_len)], s, s_len);
1273 XMEMSET(&sigRS[key_sz], 0, key_sz - s_len);
1274
1275 err = stsafe_verify(curve_id, (uint8_t*)hash, sigRS,
1276 pubKeyX, pubKeyY, (int32_t*)result);
1277 if (err != STSAFE_A_OK) {
1278 STSAFE_INTERFACE_PRINTF("stsafe_verify error: %d\n", err);
1279 err = WC_HW_E;
1280 }
1281 }
1282
1283 if (eccKeyInit) {
1284 wc_ecc_free(&eccKey);
1285 }
1286
1287#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1288 XFREE(sigRS, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1289 XFREE(pubKeyX, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1290 XFREE(pubKeyY, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1291#endif
1292
1293 return err;
1294}
1295
1296/**
1297 * \brief Sign Certificate Callback
1298 */
1299int SSL_STSAFE_SignCertificateCb(WOLFSSL* ssl, const byte* in,
1300 word32 inSz, byte* out, word32* outSz,
1301 const byte* key, word32 keySz, void* ctx)
1302{
1303 int err = 0;
1304#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1305 byte* digest = NULL;
1306 byte* sigRS = NULL;
1307#else
1308 byte digest[STSAFE_MAX_KEY_LEN];
1309 byte sigRS[STSAFE_MAX_SIG_LEN];
1310#endif
1311 byte* r;
1312 byte* s;
1313 stsafe_curve_id_t curve_id;
1314 int key_sz;
1315
1316 (void)ssl;
1317 (void)ctx;
1318 (void)key;
1319 (void)keySz;
1320
1321#ifdef USE_STSAFE_VERBOSE
1322 WOLFSSL_MSG("SignCertificateCb: STSAFE");
1323#endif
1324
1325#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1326 digest = (byte*)XMALLOC(STSAFE_MAX_KEY_LEN, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1327 sigRS = (byte*)XMALLOC(STSAFE_MAX_SIG_LEN, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1328 if (digest == NULL || sigRS == NULL) {
1329 err = MEMORY_E;
1330 }
1331#endif
1332
1333 if (err == 0) {
1334 curve_id = stsafe_get_curve_mode();
1335 key_sz = stsafe_get_key_size(curve_id);
1336
1337 if ((int)inSz > key_sz)
1338 inSz = key_sz;
1339
1340 XMEMSET(digest, 0, STSAFE_MAX_KEY_LEN);
1341 XMEMCPY(&digest[key_sz - inSz], in, inSz);
1342
1343 XMEMSET(sigRS, 0, STSAFE_MAX_SIG_LEN);
1344 err = stsafe_sign(STSAFE_KEY_SLOT_0, curve_id, digest, sigRS);
1345 if (err != STSAFE_A_OK) {
1346 STSAFE_INTERFACE_PRINTF("stsafe_sign error: %d\n", err);
1347 err = WC_HW_E;
1348 }
1349 }
1350
1351 if (err == 0) {
1352 r = &sigRS[0];
1353 s = &sigRS[key_sz];
1354 err = wc_ecc_rs_raw_to_sig(r, key_sz, s, key_sz, out, outSz);
1355 if (err != 0) {
1356 WOLFSSL_MSG("Error converting RS to Signature");
1357 }
1358 }
1359
1360#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1361 XFREE(digest, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1362 XFREE(sigRS, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1363#endif
1364
1365 return err;
1366}
1367
1368/**
1369 * \brief Shared Secret Callback (ECDHE)
1370 */
1371int SSL_STSAFE_SharedSecretCb(WOLFSSL* ssl, ecc_key* otherKey,
1372 unsigned char* pubKeyDer, unsigned int* pubKeySz,
1373 unsigned char* out, unsigned int* outlen,
1374 int side, void* ctx)
1375{
1376 int err = 0;
1377 int tmpKeyInit = 0;
1378#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1379 byte* otherKeyX = NULL;
1380 byte* otherKeyY = NULL;
1381 byte* pubKeyRaw = NULL;
1382#else
1383 byte otherKeyX[STSAFE_MAX_KEY_LEN];
1384 byte otherKeyY[STSAFE_MAX_KEY_LEN];
1385 byte pubKeyRaw[STSAFE_MAX_PUBKEY_RAW_LEN];
1386#endif
1387 word32 otherKeyX_len = STSAFE_MAX_KEY_LEN;
1388 word32 otherKeyY_len = STSAFE_MAX_KEY_LEN;
1389 stsafe_slot_t slot = STSAFE_KEY_SLOT_0;
1390 stsafe_curve_id_t curve_id;
1391 ecc_key tmpKey;
1392 int ecc_curve;
1393 int key_sz;
1394
1395 (void)ssl;
1396 (void)ctx;
1397
1398#ifdef USE_STSAFE_VERBOSE
1399 WOLFSSL_MSG("SharedSecretCb: STSAFE (ECDHE)");
1400#endif
1401
1402#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1403 otherKeyX = (byte*)XMALLOC(STSAFE_MAX_KEY_LEN, NULL,
1404 DYNAMIC_TYPE_TMP_BUFFER);
1405 otherKeyY = (byte*)XMALLOC(STSAFE_MAX_KEY_LEN, NULL,
1406 DYNAMIC_TYPE_TMP_BUFFER);
1407 pubKeyRaw = (byte*)XMALLOC(STSAFE_MAX_PUBKEY_RAW_LEN, NULL,
1408 DYNAMIC_TYPE_TMP_BUFFER);
1409 if (otherKeyX == NULL || otherKeyY == NULL || pubKeyRaw == NULL) {
1410 err = MEMORY_E;
1411 }
1412#endif
1413
1414 if (err == 0) {
1415 err = wc_ecc_init(&tmpKey);
1416 if (err == 0) {
1417 tmpKeyInit = 1;
1418 }
1419 }
1420
1421 if (err == 0) {
1422 ecc_curve = otherKey->dp->id;
1423 curve_id = stsafe_get_ecc_curve_id(ecc_curve);
1424 key_sz = stsafe_get_key_size(curve_id);
1425
1426 if (side == WOLFSSL_CLIENT_END) {
1427 err = wc_ecc_export_public_raw(otherKey, otherKeyX, &otherKeyX_len,
1428 otherKeyY, &otherKeyY_len);
1429
1430 if (err == 0) {
1431#ifdef WOLFSSL_STSAFEA120
1432 /* Use ECDHE ephemeral key generation for A120 */
1433 err = stsafe_create_ecdhe_key(curve_id, pubKeyRaw);
1434 if (err != STSAFE_A_OK) {
1435 STSAFE_INTERFACE_PRINTF("stsafe_create_ecdhe_key error: %d\n",
1436 err);
1437 err = WC_HW_E;
1438 }
1439 slot = STSAFE_KEY_SLOT_EPHEMERAL;
1440#else
1441 /* Legacy A100/A110 uses slot-based key generation */
1442 err = stsafe_create_key(&slot, curve_id, pubKeyRaw);
1443 if (err != STSAFE_A_OK) {
1444 STSAFE_INTERFACE_PRINTF("stsafe_create_key error: %d\n",
1445 err);
1446 err = WC_HW_E;
1447 }
1448#endif
1449 }
1450
1451 if (err == 0) {
1452 err = wc_ecc_import_unsigned(&tmpKey, pubKeyRaw,
1453 &pubKeyRaw[key_sz], NULL, ecc_curve);
1454 }
1455 if (err == 0) {
1456 err = wc_ecc_export_x963(&tmpKey, pubKeyDer, pubKeySz);
1457 }
1458 }
1459 else if (side == WOLFSSL_SERVER_END) {
1460 err = wc_ecc_import_x963_ex(pubKeyDer, *pubKeySz, &tmpKey,
1461 ecc_curve);
1462 if (err == 0) {
1463 err = wc_ecc_export_public_raw(&tmpKey, otherKeyX,
1464 &otherKeyX_len, otherKeyY, &otherKeyY_len);
1465 }
1466 }
1467 else {
1468 err = BAD_FUNC_ARG;
1469 }
1470 }
1471
1472 if (err == 0) {
1473 err = stsafe_shared_secret(slot, curve_id, otherKeyX, otherKeyY,
1474 out, (int32_t*)outlen);
1475 if (err != STSAFE_A_OK) {
1476 STSAFE_INTERFACE_PRINTF("stsafe_shared_secret error: %d\n", err);
1477 err = WC_HW_E;
1478 }
1479 }
1480
1481 if (tmpKeyInit) {
1482 wc_ecc_free(&tmpKey);
1483 }
1484
1485#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1486 XFREE(otherKeyX, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1487 XFREE(otherKeyY, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1488 XFREE(pubKeyRaw, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1489#endif
1490
1491 return err;
1492}
1493
1494/**
1495 * \brief Setup PK callbacks for STSAFE
1496 */
1497int SSL_STSAFE_SetupPkCallbacks(WOLFSSL_CTX* ctx)
1498{
1499 wolfSSL_CTX_SetEccKeyGenCb(ctx, SSL_STSAFE_CreateKeyCb);
1500 wolfSSL_CTX_SetEccSignCb(ctx, SSL_STSAFE_SignCertificateCb);
1501 wolfSSL_CTX_SetEccVerifyCb(ctx, SSL_STSAFE_VerifyPeerCertCb);
1502 wolfSSL_CTX_SetEccSharedSecretCb(ctx, SSL_STSAFE_SharedSecretCb);
1503 wolfSSL_CTX_SetDevId(ctx, 0);
1504 return 0;
1505}
1506
1507/**
1508 * \brief Setup PK callback context
1509 */
1510int SSL_STSAFE_SetupPkCallbackCtx(WOLFSSL* ssl, void* user_ctx)
1511{
1512 wolfSSL_SetEccKeyGenCtx(ssl, user_ctx);
1513 wolfSSL_SetEccSharedSecretCtx(ssl, user_ctx);
1514 wolfSSL_SetEccSignCtx(ssl, user_ctx);
1515 wolfSSL_SetEccVerifyCtx(ssl, user_ctx);
1516 return 0;
1517}
1518
1519#endif /* HAVE_PK_CALLBACKS */
1520
1521
1522/* ========================================================================== */
1523/* Crypto Callbacks */
1524/* ========================================================================== */
1525
1526#ifdef WOLF_CRYPTO_CB
1527
1528int wolfSSL_STSAFE_CryptoDevCb(int devId, wc_CryptoInfo* info, void* ctx)
1529{
1530 int rc = CRYPTOCB_UNAVAILABLE;
1531 wolfSTSAFE_CryptoCb_Ctx* stsCtx = (wolfSTSAFE_CryptoCb_Ctx*)ctx;
1532
1533 if (info == NULL || ctx == NULL) {
1534 rc = BAD_FUNC_ARG;
1535 }
1536
1537 (void)devId;
1538 (void)stsCtx;
1539
1540 if (rc != BAD_FUNC_ARG && info->algo_type == WC_ALGO_TYPE_SEED) {
1541 #if !defined(WC_NO_RNG) && defined(USE_STSAFE_RNG_SEED)
1542 rc = 0;
1543 while (rc == 0 && info->seed.sz > 0) {
1544 int len = stsafe_get_random(info->seed.seed, info->seed.sz);
1545 if (len < 0) {
1546 rc = len;
1547 }
1548 else {
1549 info->seed.seed += len;
1550 info->seed.sz -= len;
1551 }
1552 }
1553 #else
1554 rc = CRYPTOCB_UNAVAILABLE;
1555 #endif
1556 }
1557#ifdef HAVE_ECC
1558 else if (rc != BAD_FUNC_ARG && info->algo_type == WC_ALGO_TYPE_PK) {
1559 #ifdef USE_STSAFE_VERBOSE
1560 STSAFE_INTERFACE_PRINTF("STSAFE Pk: Type %d\n", info->pk.type);
1561 #endif
1562
1563 if (info->pk.type == WC_PK_TYPE_EC_KEYGEN) {
1564 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1565 byte* pubKeyRaw = NULL;
1566 #else
1567 byte pubKeyRaw[STSAFE_MAX_PUBKEY_RAW_LEN];
1568 #endif
1569 stsafe_slot_t slot;
1570 stsafe_curve_id_t curve_id;
1571 int ecc_curve, key_sz;
1572
1573 WOLFSSL_MSG("STSAFE: ECC KeyGen");
1574
1575 rc = 0;
1576 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1577 pubKeyRaw = (byte*)XMALLOC(STSAFE_MAX_PUBKEY_RAW_LEN, NULL,
1578 DYNAMIC_TYPE_TMP_BUFFER);
1579 if (pubKeyRaw == NULL) {
1580 rc = MEMORY_E;
1581 }
1582 #endif
1583
1584 if (rc == 0) {
1585 ecc_curve = info->pk.eckg.curveId;
1586 curve_id = stsafe_get_ecc_curve_id(ecc_curve);
1587 key_sz = stsafe_get_key_size(curve_id);
1588
1589 /* For A120: Use ephemeral slot (0xFF) for ECDH/ECDHE operations.
1590 * Use persistent slots (0-4) for ECDSA signing operations.
1591 * Note: Persistent slots require key establishment to be enabled
1592 * in their mode of operation flags via put_attribute command. */
1593#ifdef WOLFSSL_STSAFEA120
1594 /* Check if this is for ECDH by looking at devCtx hint */
1595 if (info->pk.eckg.key != NULL && info->pk.eckg.key->devCtx != NULL) {
1596 slot = STSAFE_DEVCXT_TO_SLOT(info->pk.eckg.key->devCtx);
1597 } else {
1598 /* Default: Use slot 1 for ECDSA signing */
1599 slot = STSAFE_KEY_SLOT_1;
1600 }
1601
1602 STSAFE_INTERFACE_PRINTF("STSAFE: KeyGen slot %d, curve_id %d\n",
1603 slot, curve_id);
1604
1605 /* Always use ephemeral slot (0xFF) for ECDH operations */
1606 if (slot == STSAFE_KEY_SLOT_EPHEMERAL) {
1607 rc = stsafe_create_ecdhe_key(curve_id, pubKeyRaw);
1608 } else {
1609 /* Persistent slot for signing */
1610 rc = stsafe_create_key(slot, curve_id, pubKeyRaw);
1611 }
1612 if (rc != STSE_OK) {
1613 STSAFE_INTERFACE_PRINTF("STSAFE: KeyGen (slot %d) error: %d\n", slot, rc);
1614 rc = WC_HW_E;
1615 } else {
1616 rc = STSAFE_A_OK;
1617 }
1618#else
1619 /* Legacy A100/A110 uses slot-based key generation */
1620 rc = stsafe_create_key(&slot, curve_id, pubKeyRaw);
1621 if (rc != STSAFE_A_OK) {
1622 STSAFE_INTERFACE_PRINTF("stsafe_create_key error: %d\n",
1623 rc);
1624 rc = WC_HW_E;
1625 }
1626#endif
1627 }
1628
1629 if (rc == 0) {
1630 /* Import public key */
1631 rc = wc_ecc_import_unsigned(info->pk.eckg.key, pubKeyRaw,
1632 &pubKeyRaw[key_sz], NULL, ecc_curve);
1633 }
1634
1635 if (rc == 0) {
1636 /* Store slot number directly in devCtx */
1637 info->pk.eckg.key->devCtx = STSAFE_SLOT_TO_DEVCXT(slot);
1638 }
1639
1640
1641 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1642 XFREE(pubKeyRaw, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1643 #endif
1644 }
1645 else if (info->pk.type == WC_PK_TYPE_ECDSA_SIGN) {
1646 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1647 byte* digest = NULL;
1648 byte* sigRS = NULL;
1649 #else
1650 byte digest[STSAFE_MAX_KEY_LEN];
1651 byte sigRS[STSAFE_MAX_SIG_LEN];
1652 #endif
1653 byte* r;
1654 byte* s;
1655 stsafe_slot_t slot;
1656 stsafe_curve_id_t curve_id;
1657 int ecc_curve;
1658 word32 inSz = info->pk.eccsign.inlen;
1659 int key_sz;
1660
1661 WOLFSSL_MSG("STSAFE: ECC Sign");
1662
1663 rc = 0;
1664 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1665 digest = (byte*)XMALLOC(STSAFE_MAX_KEY_LEN, NULL,
1666 DYNAMIC_TYPE_TMP_BUFFER);
1667 sigRS = (byte*)XMALLOC(STSAFE_MAX_SIG_LEN, NULL,
1668 DYNAMIC_TYPE_TMP_BUFFER);
1669 if (digest == NULL || sigRS == NULL) {
1670 rc = MEMORY_E;
1671 }
1672 #endif
1673
1674 if (rc == 0) {
1675 /* Get curve from signing key */
1676 if (info->pk.eccsign.key != NULL &&
1677 info->pk.eccsign.key->dp != NULL) {
1678 ecc_curve = info->pk.eccsign.key->dp->id;
1679 curve_id = stsafe_get_ecc_curve_id(ecc_curve);
1680 } else {
1681 curve_id = stsafe_get_curve_mode();
1682 }
1683 key_sz = stsafe_get_key_size(curve_id);
1684
1685 if ((int)inSz > key_sz)
1686 inSz = key_sz;
1687
1688 XMEMSET(digest, 0, STSAFE_MAX_KEY_LEN);
1689 XMEMCPY(&digest[key_sz - inSz], info->pk.eccsign.in, inSz);
1690
1691 XMEMSET(sigRS, 0, STSAFE_MAX_SIG_LEN);
1692 /* Retrieve slot from devCtx if available, otherwise use default */
1693 slot = STSAFE_KEY_SLOT_1; /* Default fallback */
1694 if (info->pk.eccsign.key != NULL && info->pk.eccsign.key->devCtx != NULL) {
1695 slot = STSAFE_DEVCXT_TO_SLOT(info->pk.eccsign.key->devCtx);
1696 STSAFE_INTERFACE_PRINTF("STSAFE: Sign using slot %d\n", slot);
1697 } else {
1698 WOLFSSL_MSG("STSAFE: Sign using default slot 1");
1699 }
1700 rc = stsafe_sign(slot, curve_id, digest, sigRS);
1701 if (rc != STSAFE_A_OK) {
1702 STSAFE_INTERFACE_PRINTF("stsafe_sign error: %d\n", rc);
1703 rc = WC_HW_E;
1704 }
1705 }
1706
1707 if (rc == 0) {
1708 r = &sigRS[0];
1709 s = &sigRS[key_sz];
1710 rc = wc_ecc_rs_raw_to_sig(r, key_sz, s, key_sz,
1711 info->pk.eccsign.out, info->pk.eccsign.outlen);
1712 if (rc != 0) {
1713 WOLFSSL_MSG("Error converting RS to Signature");
1714 }
1715 }
1716
1717 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1718 XFREE(digest, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1719 XFREE(sigRS, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1720 #endif
1721 }
1722 else if (info->pk.type == WC_PK_TYPE_ECDSA_VERIFY) {
1723 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1724 byte* sigRS = NULL;
1725 byte* pubKeyX = NULL;
1726 byte* pubKeyY = NULL;
1727 #else
1728 byte sigRS[STSAFE_MAX_SIG_LEN];
1729 byte pubKeyX[STSAFE_MAX_PUBKEY_RAW_LEN/2];
1730 byte pubKeyY[STSAFE_MAX_PUBKEY_RAW_LEN/2];
1731 #endif
1732 byte* r = NULL;
1733 byte* s = NULL;
1734 word32 r_len = STSAFE_MAX_SIG_LEN/2, s_len = STSAFE_MAX_SIG_LEN/2;
1735 word32 pubKeyX_len = STSAFE_MAX_PUBKEY_RAW_LEN/2;
1736 word32 pubKeyY_len = STSAFE_MAX_PUBKEY_RAW_LEN/2;
1737 stsafe_curve_id_t curve_id;
1738 int ecc_curve, key_sz;
1739
1740 WOLFSSL_MSG("STSAFE: ECC Verify");
1741
1742 rc = 0;
1743 if (info->pk.eccverify.key == NULL ||
1744 info->pk.eccverify.key->dp == NULL) {
1745 rc = BAD_FUNC_ARG;
1746 }
1747
1748 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1749 if (rc == 0) {
1750 sigRS = (byte*)XMALLOC(STSAFE_MAX_SIG_LEN, NULL,
1751 DYNAMIC_TYPE_TMP_BUFFER);
1752 pubKeyX = (byte*)XMALLOC(STSAFE_MAX_PUBKEY_RAW_LEN/2, NULL,
1753 DYNAMIC_TYPE_TMP_BUFFER);
1754 pubKeyY = (byte*)XMALLOC(STSAFE_MAX_PUBKEY_RAW_LEN/2, NULL,
1755 DYNAMIC_TYPE_TMP_BUFFER);
1756 if (sigRS == NULL || pubKeyX == NULL || pubKeyY == NULL) {
1757 rc = MEMORY_E;
1758 }
1759 }
1760 #endif
1761
1762 if (rc == 0) {
1763 ecc_curve = info->pk.eccverify.key->dp->id;
1764 curve_id = stsafe_get_ecc_curve_id(ecc_curve);
1765 key_sz = stsafe_get_key_size(curve_id);
1766 if (key_sz <= 0 || key_sz > STSAFE_MAX_KEY_LEN) {
1767 rc = BAD_FUNC_ARG;
1768 }
1769 }
1770
1771 if (rc == 0) {
1772 rc = wc_ecc_export_public_raw(info->pk.eccverify.key,
1773 pubKeyX, &pubKeyX_len, pubKeyY, &pubKeyY_len);
1774 }
1775 if (rc == 0) {
1776 XMEMSET(sigRS, 0, STSAFE_MAX_SIG_LEN);
1777 r = &sigRS[0];
1778 s = &sigRS[key_sz];
1779 rc = wc_ecc_sig_to_rs(info->pk.eccverify.sig,
1780 info->pk.eccverify.siglen, r, &r_len, s, &s_len);
1781 }
1782 if (rc == 0) {
1783 if ((int)r_len > key_sz || (int)s_len > key_sz) {
1784 rc = BAD_FUNC_ARG;
1785 }
1786 }
1787 if (rc == 0) {
1788 XMEMMOVE(&sigRS[key_sz - r_len], r, r_len);
1789 XMEMSET(&sigRS[0], 0, key_sz - r_len);
1790 XMEMMOVE(&sigRS[key_sz + (key_sz - s_len)], s, s_len);
1791 XMEMSET(&sigRS[key_sz], 0, key_sz - s_len);
1792
1793 rc = stsafe_verify(curve_id, (uint8_t*)info->pk.eccverify.hash,
1794 sigRS, pubKeyX, pubKeyY, (int32_t*)info->pk.eccverify.res);
1795 if (rc != STSAFE_A_OK) {
1796 STSAFE_INTERFACE_PRINTF("stsafe_verify error: %d\n", rc);
1797 rc = WC_HW_E;
1798 }
1799 }
1800
1801 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1802 XFREE(sigRS, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1803 XFREE(pubKeyX, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1804 XFREE(pubKeyY, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1805 #endif
1806 }
1807 else if (info->pk.type == WC_PK_TYPE_ECDH) {
1808 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1809 byte* otherKeyX = NULL;
1810 byte* otherKeyY = NULL;
1811 #else
1812 byte otherKeyX[STSAFE_MAX_KEY_LEN];
1813 byte otherKeyY[STSAFE_MAX_KEY_LEN];
1814 #endif
1815 word32 otherKeyX_len = STSAFE_MAX_KEY_LEN;
1816 word32 otherKeyY_len = STSAFE_MAX_KEY_LEN;
1817 stsafe_curve_id_t curve_id;
1818 stsafe_slot_t slot;
1819 int ecc_curve;
1820
1821 WOLFSSL_MSG("STSAFE: ECDH");
1822
1823 rc = 0;
1824 if (info->pk.ecdh.public_key == NULL) {
1825 rc = BAD_FUNC_ARG;
1826 }
1827
1828 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1829 if (rc == 0) {
1830 otherKeyX = (byte*)XMALLOC(STSAFE_MAX_KEY_LEN, NULL,
1831 DYNAMIC_TYPE_TMP_BUFFER);
1832 otherKeyY = (byte*)XMALLOC(STSAFE_MAX_KEY_LEN, NULL,
1833 DYNAMIC_TYPE_TMP_BUFFER);
1834 if (otherKeyX == NULL || otherKeyY == NULL) {
1835 rc = MEMORY_E;
1836 }
1837 }
1838 #endif
1839
1840 if (rc == 0) {
1841 /* Get curve from private_key (hardware key), not public_key (peer key) */
1842 if (info->pk.ecdh.private_key != NULL &&
1843 info->pk.ecdh.private_key->dp != NULL) {
1844 ecc_curve = info->pk.ecdh.private_key->dp->id;
1845 } else if (info->pk.ecdh.public_key != NULL &&
1846 info->pk.ecdh.public_key->dp != NULL) {
1847 /* Fallback to public_key if private_key not available */
1848 ecc_curve = info->pk.ecdh.public_key->dp->id;
1849 } else {
1850 rc = BAD_FUNC_ARG;
1851 }
1852 if (rc == 0) {
1853 curve_id = stsafe_get_ecc_curve_id(ecc_curve);
1854 /* Note: STSAFE_ECC_CURVE_P256 is 0, so we can't use STSAFE_DEFAULT_CURVE check.
1855 * Instead, verify the curve_id is valid by checking it's one of the supported curves */
1856 if (curve_id != STSAFE_ECC_CURVE_P256 && curve_id != STSAFE_ECC_CURVE_P384
1857 #if defined(HAVE_ECC_BRAINPOOL) && defined(STSE_CONF_ECC_BRAINPOOL_P_256)
1858 && curve_id != STSAFE_ECC_CURVE_BP256
1859 #endif
1860 #if defined(HAVE_ECC_BRAINPOOL) && defined(STSE_CONF_ECC_BRAINPOOL_P_384)
1861 && curve_id != STSAFE_ECC_CURVE_BP384
1862 #endif
1863 ) {
1864 rc = BAD_FUNC_ARG;
1865 }
1866 }
1867
1868 if (rc == 0) {
1869 rc = wc_ecc_export_public_raw(info->pk.ecdh.public_key,
1870 otherKeyX, &otherKeyX_len, otherKeyY, &otherKeyY_len);
1871 }
1872 }
1873 if (rc == 0) {
1874 *info->pk.ecdh.outlen = 0;
1875
1876 if (rc == 0) {
1877 /* For ECDH operations, use the slot from devCtx. */
1878 slot = STSAFE_KEY_SLOT_EPHEMERAL;
1879 if (info->pk.ecdh.private_key != NULL &&
1880 info->pk.ecdh.private_key->devCtx != NULL) {
1881 slot = STSAFE_DEVCXT_TO_SLOT(info->pk.ecdh.private_key->devCtx);
1882 }
1883
1884 STSAFE_INTERFACE_PRINTF("STSAFE: ECDH with slot %d, curve_id %d\n",
1885 slot, curve_id);
1886
1887 rc = stsafe_shared_secret(slot, curve_id,
1888 otherKeyX, otherKeyY,
1889 info->pk.ecdh.out, (int32_t*)info->pk.ecdh.outlen);
1890 if (rc != STSAFE_A_OK) {
1891 WOLFSSL_MSG("STSAFE: stsafe_shared_secret failed");
1892 STSAFE_INTERFACE_PRINTF("stsafe_shared_secret "
1893 "error: %d (slot: %d, curve_id: %d)\n",
1894 rc, slot, curve_id);
1895 rc = WC_HW_E;
1896 }
1897 }
1898 }
1899
1900 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
1901 XFREE(otherKeyX, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1902 XFREE(otherKeyY, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1903 #endif
1904 }
1905 }
1906#endif /* HAVE_ECC */
1907
1908 if (rc != 0 && rc != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) {
1909 WOLFSSL_MSG("STSAFE: CryptoCb failed");
1910 #ifdef USE_STSAFE_VERBOSE
1911 STSAFE_INTERFACE_PRINTF("STSAFE: CryptoCb failed %d\n", rc);
1912 #endif
1913 rc = WC_HW_E;
1914 }
1915
1916 return rc;
1917}
1918
1919#endif /* WOLF_CRYPTO_CB */
1920
1921#endif /* WOLFSSL_STSAFE */