wolfSSL supports the STMicroelectronics STSAFE-A100 I2C cryptographic coprocessor. It’s capable of ECC sign/verify (ECDSA) and shared secret (ECDH) operations for 256-bit and 384-bit (NIST Prime and Brainpool) curves. It has 2 key slots and 6KB of non-volatile memory for certificate or data storage.  Prerequisites:

Requires the STSAFE-A Device Library from ST Requires wolfSSL interface and crypto configuration code (available by request and approval from ST)

Examples:

wolfSSL uses PK callbacks for the TLS crypto operations wolfCrypt uses the WOLFSSL_STSAFEA100 macro to enable native wc_ecc_* API support

The README.md and reference PK callbacks can be found here: https://github.com/wolfSSL/wolfssl/tree/master/wolfcrypt/src/port/st Preprocessor Macros:

WOLFSSL_STSAFEA100

PK Callbacks: wolfSSL TLS layer PK callbacks expose API’s to set ECC callbacks.Enabled with: #define HAVE_PK_CALLBACKS or ./configure --enable-pkcallbacks. Reference API’s:

SSL_STSAFE_CreateKeyCb SSL_STSAFE_SignCertificateCb SSL_STSAFE_VerifyPeerCertCb SSL_STSAFE_SharedSecretCb

Reference API for loading device certificate:

SSL_STSAFE_LoadDeviceCertificate

For more questions please email us at facts@wolfssl.com.