Skip to content

Support for Curve25519 non-blocking cryptography (based on PR #5764) #9721

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
dgarske wants to merge 2 commits into
base: master
Choose a base branch
from
+1,791 −372
Open

Support for Curve25519 non-blocking cryptography (based on PR #5764) #9721

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
809091e
Support for Curve25519 non-blocking cryptography (based on PR #5764)
dgarske Jan 30, 2026
e8fc0a8
Update the async examples and add CI for it.
dgarske Jan 30, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
52 changes: 52 additions & 0 deletions .github/workflows/async-examples.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
name: Async Examples

on:
push:
branches: [ 'master', 'main', 'release/**' ]
pull_request:
branches: [ '*' ]

concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true

jobs:
async_examples:
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-24.04
timeout-minutes: 10
steps:
- uses: actions/checkout@v4
name: Checkout wolfSSL

- name: Build async examples (no configure)
run: |
make -C examples/async clean
make -C examples/async

- name: Run async examples (ECC + X25519)
run: |
set -euo pipefail
run_pair() {
local mode="$1"
./examples/async/async_server --"$mode" > "/tmp/async_server_${mode}.log" 2>&1 &
local pid=$!
sleep 1
./examples/async/async_client --"$mode" 127.0.0.1 11111 > "/tmp/async_client_${mode}.log" 2>&1
local rc=$?
kill "$pid" >/dev/null 2>&1 || true
wait "$pid" >/dev/null 2>&1 || true
return "$rc"
}
run_pair ecc
run_pair x25519

- name: Print async logs
if: ${{ failure() }}
run: |
for f in /tmp/async_server_*.log /tmp/async_client_*.log; do
if [ -f "$f" ]; then
echo "==> $f"
cat "$f"
fi
done
2 changes: 2 additions & 0 deletions .github/workflows/os-check.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,7 @@ jobs:
'--enable-all CPPFLAGS=-DWOLFSSL_NO_CLIENT_AUTH',
'--enable-all CPPFLAGS=''-DNO_WOLFSSL_CLIENT -DWOLFSSL_NO_CLIENT_AUTH''',
'--enable-all CPPFLAGS=''-DNO_WOLFSSL_SERVER -DWOLFSSL_NO_CLIENT_AUTH''',
'--enable-curve25519=nonblock --enable-ecc=nonblock --enable-sp=yes,nonblock CFLAGS="-DWOLFSSL_PUBLIC_MP -DWOLFSSL_DEBUG_NONBLOCK"',
]
name: make check
if: github.repository_owner == 'wolfssl'
Expand Down Expand Up @@ -127,6 +128,7 @@ jobs:
'examples/configs/user_settings_dtls13.h',
'examples/configs/user_settings_EBSnet.h',
'examples/configs/user_settings_eccnonblock.h',
'examples/configs/user_settings_curve25519nonblock.h',
'examples/configs/user_settings_min_ecc.h',
'examples/configs/user_settings_openssl_compat.h',
'examples/configs/user_settings_pkcs7.h',
Expand Down
1 change: 1 addition & 0 deletions .wolfssl_known_macro_extras
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -597,6 +597,7 @@ WC_AES_GCM_DEC_AUTH_EARLY
WC_ASN_HASH_SHA256
WC_ASN_RUNTIME_DATE_CHECK_CONTROL
WC_ASYNC_ENABLE_ECC_KEYGEN
WC_ASYNC_ENABLE_X25519
WC_ASYNC_NO_3DES
WC_ASYNC_NO_AES
WC_ASYNC_NO_ARC4
Expand Down
16 changes: 14 additions & 2 deletions configure.ac
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4816,11 +4816,18 @@ ENABLED_ED25519_SMALL=no

# CURVE25519
AC_ARG_ENABLE([curve25519],
[AS_HELP_STRING([--enable-curve25519],[Enable Curve25519 (default: disabled)])],
[AS_HELP_STRING([--enable-curve25519],[Enable Curve25519 (default: disabled). Set to "nonblock" to enable non-blocking support for key gen and shared secret])],
[ ENABLED_CURVE25519=$enableval ],
[ ENABLED_CURVE25519=no ]
)

# Handle curve25519 nonblock option - enable asynccrypt and asynccrypt-sw early
if test "$ENABLED_CURVE25519" = "nonblock"
then
test -z "$enable_asynccrypt" && enable_asynccrypt=yes
test -z "$enable_asynccrypt_sw" && enable_asynccrypt_sw=yes
fi

if test "$ENABLED_CURVE25519" = "no" && test "$ENABLED_QUIC" = "yes" && test "$ENABLED_FIPS" = "no"
then
ENABLED_CURVE25519=yes
Expand Down Expand Up @@ -10328,12 +10335,17 @@ fi

if test "$ENABLED_CURVE25519" != "no"
then
if test "$ENABLED_CURVE25519" = "small" || test "$ENABLED_LOWRESOURCE" = "yes"
if test "$ENABLED_CURVE25519" = "small" || test "$ENABLED_CURVE25519" = "nonblock" || test "$ENABLED_LOWRESOURCE" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DCURVE25519_SMALL"
ENABLED_CURVE25519_SMALL=yes
fi

if test "$ENABLED_CURVE25519" = "nonblock"
then
AM_CFLAGS="$AM_CFLAGS -DWC_X25519_NONBLOCK"
fi

if test "$ENABLED_CURVE25519" = "no128bit" || test "$ENABLED_32BIT" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DNO_CURVED25519_128BIT"
Expand Down
45 changes: 45 additions & 0 deletions examples/async/Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
CC ?= gcc
AR ?= ar
RM ?= rm -f

WOLFSSL_TOP ?= $(abspath ../..)
OBJDIR ?= build

CFLAGS ?= -O0 -g
CFLAGS += -I.
CFLAGS += -I$(WOLFSSL_TOP)
CFLAGS += -I$(WOLFSSL_TOP)/wolfssl
CFLAGS += -I$(WOLFSSL_TOP)/wolfssl/wolfcrypt
CFLAGS += -DWOLFSSL_USER_SETTINGS
CFLAGS += -DUSE_CERT_BUFFERS_256

LDFLAGS ?=
LDLIBS ?=

TARGETS = async_client async_server

WOLFSSL_SRC := $(wildcard $(WOLFSSL_TOP)/src/*.c)
WOLFCRYPT_SRC := $(wildcard $(WOLFSSL_TOP)/wolfcrypt/src/*.c)
LOCAL_SRC := async_client.c async_server.c

WOLFSSL_OBJS := $(patsubst $(WOLFSSL_TOP)/%, $(OBJDIR)/%, $(WOLFSSL_SRC:.c=.o))
WOLFCRYPT_OBJS := $(patsubst $(WOLFSSL_TOP)/%, $(OBJDIR)/%, $(WOLFCRYPT_SRC:.c=.o))
LOCAL_OBJS := $(patsubst %.c, $(OBJDIR)/%.o, $(LOCAL_SRC))

OBJS := $(LOCAL_OBJS) $(WOLFSSL_OBJS) $(WOLFCRYPT_OBJS)

all: $(TARGETS)

$(TARGETS): %: $(OBJDIR)/%.o $(WOLFSSL_OBJS) $(WOLFCRYPT_OBJS)
$(CC) $(LDFLAGS) -o $@ $^ $(LDLIBS)

$(OBJDIR)/%.o: %.c user_settings.h
@mkdir -p $(dir $@)
$(CC) $(CFLAGS) -c $< -o $@

$(OBJDIR)/%.o: $(WOLFSSL_TOP)/%.c
@mkdir -p $(dir $@)
$(CC) $(CFLAGS) -c $< -o $@

clean:
$(RM) -r $(OBJDIR) $(TARGETS)
7 changes: 4 additions & 3 deletions examples/async/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,10 @@ Tested with:
* `./configure --enable-asynccrypt --enable-pkcallbacks --disable-rsa --enable-ecc`

```
make
./examples/async/async_server
./examples/async/async_client 127.0.0.1
make -C examples/async
./examples/async/async_server --ecc
./examples/async/async_client --ecc 127.0.0.1 11111
./examples/async/async_client --x25519 ecc256.badssl.com 443
```

## Asynchronous Cryptography Design
Expand Down
Loading
Loading