/*! \page wolfssl_API wolfSSL API Reference - \ref CertManager - \ref Memory - \ref openSSL - \ref CertsKeys - \ref IO - \ref Setup - \ref Debug - \ref TLS */ /*! \page wolfcrypt_API wolfCrypt API Reference */ /*! \page ECCSI ECCSI API Reference - \ref ECCSI_Overview - \ref ECCSI_Setup - \ref ECCSI_Operations */ /*! \page SAKKE SAKKE API Reference - \ref SAKKE_Overview - \ref SAKKE_Setup - \ref SAKKE_RSK - \ref SAKKE_Operations */ /*! \page AES_CryptoCB_KeyImport AES CryptoCB Key Import When enabled via WOLF_CRYPTO_CB_AES_SETKEY, wolfSSL invokes a CryptoCB callback during AES key setup. The callback behavior determines the mode: **If callback returns 0 (success):** - Key is imported to Secure Element/HSM - Key is NOT copied to wolfSSL RAM (true key isolation) - GCM tables are NOT generated (full hardware offload) - All subsequent AES operations route through CryptoCB **If callback returns CRYPTOCB_UNAVAILABLE:** - SE doesn't support key import - Normal software AES path is used - Key is copied to devKey for CryptoCB encrypt/decrypt acceleration This mode is compatible with Secure Elements and hardware-backed key storage and is intended for protecting TLS traffic keys. \sa wc_CryptoCb_AesSetKey \sa \ref Crypto Callbacks */ /*! \page PKCS7_RSA_PSS PKCS#7 RSA-PSS (CMS) PKCS#7 SignedData supports RSA-PSS signers (CMS RSASSA-PSS). When WC_RSA_PSS is defined, use wc_PKCS7_InitWithCert with a signer certificate that has RSA-PSS (id-RSASSA-PSS) and set hashOID and optional rng; encode produces full RSASSA-PSS-params (hashAlgorithm, mgfAlgorithm, saltLength, trailerField). Verify accepts NULL, empty, or absent parameters with RFC defaults. See \ref PKCS7 for the main API. */