Merge pull request #432 from danielinux/update_tz_wolfpkcs11-v1.3.0

Update wolfPKCS11 to v1.3.0
wolfSSL · Apr 16, 2024 · e9980fb · e9980fb
2 parents 625501a + da5b738
commit e9980fb
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 13 deletions.
diff --git a/docs/STM32-TZ.md b/docs/STM32-TZ.md
@@ -10,7 +10,7 @@ are accessible from any software staged in non-secure domain.
 
 ### Compiling wolfBoot with wolfCrypt in TrustZone-M secure domain
 
-When wolfBoot is compiled with the options `TZEN=1` and `WOLFCRYPT_TZ_ENGINE=1`,
+When wolfBoot is compiled with the options `TZEN=1` and `WOLFCRYPT_TZ=1`,
 a more complete set of components of the wolfCrypt crypto library are built-in
 the bootloader, and they can be accessed by applications or OSs running in 
 non-secure domain through non-secure callable APIs.
@@ -19,7 +19,7 @@ This feature is used to isolate the core crypto operations from the applications
 
 ### PKCS11 API in non-secure world
 
-The `WOLFCRYPT_TZ_PKCS11` provides a standard PKCS11 interface,
+The `WOLFCRYPT_TZ_PKCS11` option provides a standard PKCS11 interface,
 including a storage for PKCS11 objects in a dedicated flash area in secure mode.
 
 This means that applications, TLS libraries and operating systems running in 

diff --git a/include/user_settings.h b/include/user_settings.h
@@ -255,19 +255,20 @@ extern int tolower(int c);
 
 #if defined(SECURE_PKCS11)
 #   define HAVE_PWDBASED
-#	define HAVE_PBKDF2
-#	define WOLFPKCS11_CUSTOM_STORE
-# 	define WOLFBOOT_SECURE_PKCS11
-#	define WOLFPKCS11_USER_SETTINGS
-# 	define WOLFPKCS11_NO_TIME
-# 	define WOLFSSL_AES_COUNTER
+#   define HAVE_PBKDF2
+#   define WOLFPKCS11_CUSTOM_STORE
+#   define WOLFBOOT_SECURE_PKCS11
+#   define WOLFPKCS11_USER_SETTINGS
+#   define WOLFPKCS11_NO_TIME
+#   define WOLFSSL_AES_COUNTER
 #   define WOLFSSL_AES_DIRECT
 #   define WOLFSSL_AES_GCM
-# 	define ENCRYPT_WITH_AES128
+#   define ENCRYPT_WITH_AES128
 #   define WOLFSSL_AES_128
-# 	define HAVE_SCRYPT
-# 	define HAVE_AESGCM
-	typedef unsigned long time_t;
+#   define HAVE_SCRYPT
+#   define HAVE_AESGCM
+#   define HAVE_PKCS8
+    typedef unsigned long time_t;
 #endif
 
 #ifndef HAVE_PWDBASED

diff --git a/lib/wolfPKCS11 b/lib/wolfPKCS11
+102 −0		.github/workflows/build-workflow.yml
+84 −0		.github/workflows/unit-test.yml
+67 −0		.github/workflows/win-test.yml
+2 −0		.gitignore
+9 −0		IDE/VisualStudio/README.md
+13 −0		IDE/VisualStudio/include.am
+309 −0		IDE/VisualStudio/pkcs11str.vcxproj
+308 −0		IDE/VisualStudio/pkcs11test.vcxproj
+205 −0		IDE/VisualStudio/user_settings.h
+284 −0		IDE/VisualStudio/wolfcrypt_test.vcxproj
+167 −0		IDE/VisualStudio/wolfpkcs11.sln
+328 −0		IDE/VisualStudio/wolfpkcs11.vcxproj
+368 −0		IDE/VisualStudio/wolfssl.vcxproj
+337 −0		IDE/VisualStudio/wolftpm.vcxproj
+306 −0		IDE/VisualStudio/wrap_test.vcxproj
+5 −0		IDE/include.am
+1 −0		Makefile.am
+73 −3		README.md
+43 −20		configure.ac
+0 −15		include.am
+2 −2		m4/ax_create_generic_config.m4
+2 −4		m4/ax_harden_compiler_flags.m4
+149 −112		m4/ax_pthread.m4
+23 −29		m4/ax_tls.m4
+323 −14		src/crypto.c
+1 −1		src/include.am
+622 −109		src/internal.c
+2 −2		src/slot.c
+1 −1		src/wolfpkcs11.c
+6 −0		tests/README.md
+5 −4		tests/include.am
+85 −42		tests/pkcs11mtt.c
+39 −17		tests/pkcs11str.c
+72 −45		tests/pkcs11test.c
+23 −1		tests/testdata.h
+8 −8		tests/unit.h
+25 −9		wolfpkcs11/internal.h
+1 −1		wolfpkcs11/options.h.in
+16 −1		wolfpkcs11/pkcs11.h
+8 −8		wolfpkcs11/store.h
+3 −3		wolfpkcs11/version.h
+1 −1		wolfpkcs11/version.h.in
+1 −1		wolfpkcs11/visibility.h