Skip to content

Add option to use IV with DHUK wrapping, add user pin argument #140

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
dgarske merged 1 commit into from
Aug 21, 2025
Merged

Add option to use IV with DHUK wrapping, add user pin argument #140

dgarske merged 1 commit into from
Aug 21, 2025

Conversation

@JacobBarthelmeh
Copy link
Contributor

@JacobBarthelmeh JacobBarthelmeh commented Aug 21, 2025

No description provided.

@JacobBarthelmeh JacobBarthelmeh self-assigned this Aug 21, 2025
Copilot AI reviewed Aug 21, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This pull request adds support for initialization vectors (IV) when using DHUK (Device Hardware Unique Key) AES key wrapping functionality on STM32U5 devices, and enhances the example program with command-line argument support for user PIN specification.

  • Introduces a new attribute CKA_WOLFSSL_DHUK_IV for storing IV data with DHUK objects
  • Updates AES initialization functions to set DHUK IV when available
  • Modifies the key wrapping mechanism to accept IV parameters and use CBC mode instead of ECB
  • Adds command-line argument parsing to the example program for user PIN input

Reviewed Changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 3 comments.

File Description
wolfpkcs11/pkcs11.h Defines new CKA_WOLFSSL_DHUK_IV attribute for DHUK IV support
src/internal.c Adds DHUK IV fields to object structure and implements IV handling in AES operations
src/crypto.c Registers the new DHUK IV attribute type and updates key wrapping to support IV parameters
examples/stm32_dhuk_aes_key.c Refactors to support command-line user PIN input and demonstrates IV usage with CBC mode
Comments suppressed due to low confidence (1)

src/crypto.c:700

  • The preprocessor directive comment change from WOLFPKCS11_DHUK to WOLFSSL_STM32U5_DHUK should be consistent throughout the codebase to avoid confusion.
            rv = WP11_Object_GetAttr(obj, CKA_SENSITIVE, &getVar, &getVarLen);

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

@dgarske dgarske merged commit 17adaaa into wolfSSL:master Aug 21, 2025
86 of 90 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@dgarske dgarske dgarske approved these changes

Assignees

@dgarske dgarske

@wolfSSL-Bot wolfSSL-Bot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@JacobBarthelmeh @dgarske @wolfSSL-Bot