Add STSAFE-A120 Support

[dgarske]

Add STSAFE-A120 Support via STSELib

Description

This PR adds support for the ST STSAFE-A120 secure element using the open-source STSELib SDK. The STSAFE-A120 is ST's latest secure element with enhanced cryptographic capabilities and is the successor to the STSAFE-A100/A110 series.

Changes

Files Modified:

• wolfcrypt/src/port/st/stsafe.c - Added STSAFE-A120/STSELib implementation
• wolfssl/wolfcrypt/port/st/stsafe.h - Added type abstractions and curve mappings
• wolfcrypt/src/wc_port.c - Updated STSAFE initialization
• wolfcrypt/src/port/st/README.md - Added documentation

Features

• True Random Number Generation (TRNG) - Hardware RNG for seeding wolfSSL's RNG
• ECC Key Generation - P-256 and P-384 key pair generation in secure element
• ECDSA Sign/Verify - Hardware-accelerated ECDSA operations
• ECDH Shared Secret - Elliptic curve Diffie-Hellman key exchange
• Device Certificate - Read X.509 certificates from secure storage
• Crypto Callbacks - Full integration with wolfSSL's crypto callback mechanism

Configuration

Enable with:

#define WOLFSSL_STSAFEA120Optional defines:
#define USE_STSAFE_RNG_SEED    /* Use STSAFE for RNG seeding */
#define WOLF_CRYPTO_CB         /* Enable crypto callbacks */
#define STSAFE_I2C_BUS 1       /* I2C bus number (default: 1) */### Dependencies

• STSELib - ST Secure Element Library (BSD-3-Clause)
  • Available from: https://github.com/STMicroelectronics/STSELib
  • Requires platform abstraction layer implementation

API Compatibility

The new implementation maintains API compatibility with the existing STSAFE-A100 code:

• stsafe_interface_init() - Initialize device
• wolfSSL_STSAFE_CryptoDevCb() - Crypto callback handler
• SSL_STSAFE_* callback functions for TLS integration

Testing

Tested on Raspberry Pi 5 with STSAFE-A120 connected via I2C:

• Echo command ✅
• Random number generation ✅
• ECC P-256 key generation ✅
• ECC P-384 key generation ✅
• ECDSA P-256 sign/verify ✅
• ECDSA P-384 sign/verify ✅
• Crypto callback integration ✅

Performance (Raspberry Pi 5)

Operation	Time
ECC P-256 KeyGen	~40 ms
ECDSA P-256 Sign	~51 ms
ECDSA P-256 Verify	~79 ms
RNG (256 bytes)	<1 ms

Notes

• The STSELib uses conditional compilation for ECC curves via stse_conf.h
• Curve ID values in stsafe.h depend on which curves are enabled in stse_conf.h
• Default configuration enables NIST P-256 and P-384

Related

• STSELib: https://github.com/STMicroelectronics/STSELib
• STSAFE-A120 Datasheet: https://www.st.com/en/secure-mcus/stsafe-a120.html
• Example / Tests: Example for ST-SAFE A120 wolfssl-examples#553

ZD 20780

[devin-ai-integration]

🛟 Devin Lifeguard found 3 likely issues in this PR

• check-all-return-codes snippet: Capture the return value of stsafe_interface_init() in wolfCrypt_Init and, if it is non-zero, propagate or handle the error (e.g., ret = stsafe_interface_init(); if (ret != 0) return ret;).
• no-memory-leaks snippet: After copying the shared secret, add XFREE(sharedSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER); (and similarly free other SDK-allocated buffers such as pubX/pubY, signature, readBuf, echo_resp) before the function returns.
• limit-stack-usage snippet: Replace large local buffers (e.g., sigRS, pubKeyX, pubKeyY in SSL_STSAFE_VerifyPeerCertCb) with heap allocations under the WOLFSSL_SMALL_STACK pattern, freeing them before return.

@dgarske
please take a look at the above issues which Devin flagged. Devin will not fix these issues automatically.

[dgarske]

Jenkins retest this please: "AgentOfflineException"