wolfSSL support for the ATECC508A/ATECC608A crypto coprocessor

wolfSSL embedded SSL/TLS support the latest Microchip ATECC508A and ATECC608A I2C cryptographic coprocessors. The latest round of fixes to support the most recent CryptoAuthLib are in a pull request here (https://github.com/wolfSSL/wolfssl/pull/1815). We have not yet tested with the ATECC608A due to lack of hardware, but wolfSSL is compatible with the latest CryptoAuthLib. We plan on adding support for the new 608A PRF and HKDF for TLS 1.2 and TLS 1.3 speed improvements.

Prerequisites:

Examples:

  • wolfSSL uses PK (Public Key) callbacks for the TLS crypto operations
  • wolfCrypt uses the WOLFSSL_ATECC508A macro to enable native `wc_ecc_*` API support

The README.md and reference PK callbacks can be found here: https://github.com/wolfSSL/wolfssl/tree/master/wolfcrypt/src/port/atmel

Additional demos for wolfSSL TLS Client/Server and wolfCrypt test/benchmarks can be found:

https://www.wolfssl.com/download/downloadMoreForm.php
https://github.com/dgarske/atmel

Preprocessor Macros:

  • WOLFSSL_ATECC508A
  • WOLFSSL_ATECC_PKCB
  • WOLFSSL_ATMEL

PK Callbacks:

wolfSSL’s TLS layer PK callbacks expose API’s to set ECC callbacks. These are enabled with: #define HAVE_PK_CALLBACKS or ./configure --enable-pkcallbacks.

Reference API’s:

  • atcatls_create_key_cb
  • atcatls_verify_signature_cb
  • atcatls_sign_certificate_cb
  • atcatls_create_pms_cb

For more questions please email us at info@wolfssl.com.