wolfSSL supports the STMicroelectronics STSAFE-A100 I2C cryptographic coprocessor. It's capable of ECC sign/verify (ECDSA) and shared secret (ECDH) operations for 256-bit and 384-bit (NIST Prime and Brainpool) curves. It has 2 key slots and 6KB of non-volatile memory for certificate or data storage.
Prerequisites:
- Requires the STSAFE-A Device Library from ST
- Requires wolfSSL interface and crypto configuration code (available by request and approval from ST)
Examples:
- wolfSSL uses PK callbacks for the TLS crypto operations
- wolfCrypt uses the WOLFSSL_STSAFEA100 macro to enable native `wc_ecc_*` API support
The README.md and reference PK callbacks can be found here: https://github.com/wolfSSL/wolfssl/tree/master/wolfcrypt/src/port/st
Preprocessor Macros:
- WOLFSSL_STSAFEA100
PK Callbacks:
wolfSSL TLS layer PK callbacks expose API’s to set ECC callbacks.Enabled with: #define HAVE_PK_CALLBACKS or ./configure --enable-pkcallbacks.
Reference API’s:
- SSL_STSAFE_CreateKeyCb
- SSL_STSAFE_SignCertificateCb
- SSL_STSAFE_VerifyPeerCertCb
- SSL_STSAFE_SharedSecretCb
Reference API for loading device certificate:
- SSL_STSAFE_LoadDeviceCertificate
For more questions please email us at facts@wolfssl.com.