New additions for MAXQ with wolfPKCS11

- Support using MAXQ for: - AES-ECB - AES-CCM - AES-CBC - ECC Key Generation and ECDH - in wc_ecc_import_private_key_ex(): - check to make sure devId is not invalid before calling wc_MAXQ10XX_EccSetKey(). - This is because the raspberry pi sometimes need to sign stuff. - in aes_set_key() and ecc_set_key(): - delete a key in case it already exists; ignore error since it might not exist. - unlock, lock the HW mutex around ECDSA_sign() because it needs access to rng - in wolfSSL_MAXQ10XX_CryptoDevCb: - allow maxq1065 to call the crypto callback. - do not set the key during signing; use pre provisioned one instead (DEVICE_KEY_PAIR_OBJ_ID)
wolfSSL · Jan 8, 2025 · 104246e · 104246e
1 parent 5b07d41
commit 104246e
Show file tree

Hide file tree

Showing 2 changed files with 475 additions and 20 deletions.
diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c
@@ -11352,7 +11352,7 @@ int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz,
 #endif
 
 #ifdef WOLFSSL_MAXQ10XX_CRYPTO
-    if (ret == 0) {
+    if ((ret == 0) && (key->devId != INVALID_DEVID)) {
         ret = wc_MAXQ10XX_EccSetKey(key, key->dp->size);
     }
 #elif defined(WOLFSSL_SILABS_SE_ACCEL)