My Project
Functions
cryptocb.h File Reference

Go to the source code of this file.

Functions

int wc_CryptoCb_RegisterDevice (int devId, CryptoDevCallbackFunc cb, void *ctx)
 This function registers a unique device identifier (devID) and callback function for offloading crypto operations to external hardware such as Key Store, Secure Element, HSM, PKCS11 or TPM. More...
 
void wc_CryptoCb_UnRegisterDevice (int devId)
 This function un-registers a unique device identifier (devID) callback function. More...
 

Function Documentation

◆ wc_CryptoCb_RegisterDevice()

int wc_CryptoCb_RegisterDevice ( int  devId,
CryptoDevCallbackFunc  cb,
void *  ctx 
)

This function registers a unique device identifier (devID) and callback function for offloading crypto operations to external hardware such as Key Store, Secure Element, HSM, PKCS11 or TPM.

For STSAFE with Crypto Callbacks example see wolfcrypt/src/port/st/stsafe.c and the wolfSSL_STSAFE_CryptoDevCb function.

For TPM based crypto callbacks example see the wolfTPM2_CryptoDevCb function in wolfTPM src/tpm2_wrap.c

Returns
CRYPTOCB_UNAVAILABLE to fallback to using software crypto
0 for success
negative value for failure
Parameters
devIdany unique value, not -2 (INVALID_DEVID)
cba callback function with prototype: typedef int (CryptoDevCallbackFunc)(int devId, wc_CryptoInfo info, void* ctx);

Example

#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/cryptocb.h>
static int myCryptoCb_Func(int devId, wc_CryptoInfo* info, void* ctx)
{
int ret = CRYPTOCB_UNAVAILABLE;
if (info->algo_type == WC_ALGO_TYPE_PK) {
#ifndef NO_RSA
if (info->pk.type == WC_PK_TYPE_RSA) {
switch (info->pk.rsa.type) {
case RSA_PUBLIC_ENCRYPT:
case RSA_PUBLIC_DECRYPT:
// RSA public op
ret = wc_RsaFunction(
info->pk.rsa.in, info->pk.rsa.inLen,
info->pk.rsa.out, info->pk.rsa.outLen,
info->pk.rsa.type, info->pk.rsa.key,
info->pk.rsa.rng);
break;
case RSA_PRIVATE_ENCRYPT:
case RSA_PRIVATE_DECRYPT:
// RSA private op
ret = wc_RsaFunction(
info->pk.rsa.in, info->pk.rsa.inLen,
info->pk.rsa.out, info->pk.rsa.outLen,
info->pk.rsa.type, info->pk.rsa.key,
info->pk.rsa.rng);
break;
}
}
#endif
#ifdef HAVE_ECC
if (info->pk.type == WC_PK_TYPE_ECDSA_SIGN) {
// ECDSA
info->pk.eccsign.in, info->pk.eccsign.inlen,
info->pk.eccsign.out, info->pk.eccsign.outlen,
info->pk.eccsign.rng, info->pk.eccsign.key);
}
#endif
#ifdef HAVE_ED25519
if (info->pk.type == WC_PK_TYPE_ED25519_SIGN) {
// ED25519 sign
ret = wc_ed25519_sign_msg_ex(
info->pk.ed25519sign.in, info->pk.ed25519sign.inLen,
info->pk.ed25519sign.out, info->pk.ed25519sign.outLen,
info->pk.ed25519sign.key, info->pk.ed25519sign.type,
info->pk.ed25519sign.context,
info->pk.ed25519sign.contextLen);
}
#endif
}
return ret;
}
int devId = 1;
wc_CryptoCb_RegisterDevice(devId, myCryptoCb_Func, &myCtx);
See also
wc_CryptoCb_UnRegisterDevice
wolfSSL_SetDevId
wolfSSL_CTX_SetDevId

◆ wc_CryptoCb_UnRegisterDevice()

void wc_CryptoCb_UnRegisterDevice ( int  devId)

This function un-registers a unique device identifier (devID) callback function.

Returns
none No returns.
Parameters
devIdany unique value, not -2 (INVALID_DEVID)

Example

devId = INVALID_DEVID;
See also
wc_CryptoCb_RegisterDevice
wolfSSL_SetDevId
wolfSSL_CTX_SetDevId
wolfSSL_CTX_SetDevId
int wolfSSL_CTX_SetDevId(WOLFSSL_CTX *ctx, int devId)
This function sets the Device Id at the WOLFSSL_CTX context level.
wc_CryptoCb_RegisterDevice
int wc_CryptoCb_RegisterDevice(int devId, CryptoDevCallbackFunc cb, void *ctx)
This function registers a unique device identifier (devID) and callback function for offloading crypt...
wc_CryptoCb_UnRegisterDevice
void wc_CryptoCb_UnRegisterDevice(int devId)
This function un-registers a unique device identifier (devID) callback function.
wc_ecc_sign_hash
int wc_ecc_sign_hash(const byte *in, word32 inlen, byte *out, word32 *outlen, WC_RNG *rng, ecc_key *key)
This function signs a message digest using an ecc_key object to guarantee authenticity.