Add X25519 non-blocking support and async example improvements#9721
Merged
SparkiDev merged 7 commits intowolfSSL:masterfrom Feb 11, 2026
Merged
Add X25519 non-blocking support and async example improvements#9721SparkiDev merged 7 commits intowolfSSL:masterfrom
SparkiDev merged 7 commits intowolfSSL:masterfrom
Conversation
dgarske
force-pushed
the
x25519_nb
branch
4 times, most recently
from
e8fc0a8 to
50dea8f
Compare
Contributor
|
Jenkins retest this please - CI issue PRB-Master-Job |
Member
Author
|
Jenkins retest this please |
## Summary - Add non-blocking (incremental) Curve25519 key generation and shared secret via `WC_X25519_NONBLOCK`, modeled after the existing ECC non-blocking pattern (`WC_ECC_NONBLOCK`) - Implement `curve25519_nb()` and `fe_inv__distinct_nb()` in `fe_low_mem.c` as state-machine variants that return `FP_WOULDBLOCK` to yield after each field multiply - Add `wc_curve25519_set_nonblock()` API to attach/detach non-blocking context to a key - Integrate X25519 non-blocking with TLS 1.2/1.3 key share generation and shared secret in `tls.c` and `internal.c` (behind `WC_X25519_NONBLOCK && WOLFSSL_ASYNC_CRYPT_SW`) - Add `--enable-curve25519=nonblock` configure option (auto-enables `--enable-asynccrypt` and `--enable-asynccrypt-sw`) - Add X25519 async software dispatch cases in `async.c` and types in `async.h` - Fix async guard in `curve25519.c` to require `WOLFSSL_ASYNC_CRYPT_SW` (matching other algorithms) - Overhaul `examples/async/` client/server: non-blocking I/O via `WOLFSSL_USER_IO`, standalone `Makefile`, X25519/ECC mode selection, CI-friendly ready-file sync - Add `examples/configs/user_settings_curve25519nonblock.h` and CI coverage in `os-check.yml` and new `async-examples.yml` workflow - Add wolfcrypt test and API test coverage for X25519 non-blocking
…ion in SP ECC non-blocking.
dgarske
changed the title
Member
Author
|
Jenkins retest this please: "EOFException" |
Contributor
There was a problem hiding this comment.
Pull request overview
This pull request adds non-blocking (async crypto) support for Curve25519 (X25519) key generation and shared secret operations, enabling WC_X25519_NONBLOCK for use with TLS. The implementation requires CURVE25519_SMALL and follows the existing WC_ECC_NONBLOCK pattern using an FP_WOULDBLOCK yield mechanism.
Changes:
- Adds X25519 non-blocking API (
wc_curve25519_set_nonblock) and implementation with state machine for iterative scalar multiplication infe_low_mem.c - Integrates non-blocking X25519 into TLS layer for key share generation and ECDH operations during handshake
- Fixes C90 mixed-declaration violations in SP ECC non-blocking code across multiple architecture files by moving typedef declarations before statements
- Adds new standalone async TLS client/server examples with Makefile, user settings, and CI workflow
- Updates ED25519 certificate keys to use proper PKCS#8 private key format instead of SubjectPublicKeyInfo
Reviewed changes
Copilot reviewed 37 out of 37 changed files in this pull request and generated 8 comments.
Show a summary per file
| File | Description |
|---|---|
| wolfssl/wolfcrypt/fe_operations.h | Declares non-blocking function prototypes for fe_inv and curve25519 |
| wolfssl/wolfcrypt/curve25519.h | Defines non-blocking context structures and API |
| wolfssl/wolfcrypt/async.h | Adds X25519 async device support structures and markers |
| wolfcrypt/src/fe_low_mem.c | Implements non-blocking state machine for curve25519 scalar multiplication |
| wolfcrypt/src/curve25519.c | Adds non-blocking key gen and shared secret wrappers with async integration |
| wolfcrypt/src/async.c | Implements async device handlers for X25519 operations |
| wolfcrypt/test/test.c | Adds X25519 non-blocking test cases and updates existing tests for async support |
| src/tls.c | Integrates X25519 non-blocking support in key share generation and ECDH processing |
| src/internal.c | Allocates non-blocking contexts for X25519 keys and updates cleanup |
| src/ssl.c | Maps MP_WOULDBLOCK error to WC_PENDING_E |
| wolfcrypt/src/sp_*.c | Fixes C90 compliance by moving typedef before statements |
| tests/utils.c, tests/api.c | Handles MP_WOULDBLOCK errors in handshake loops |
| wolfcrypt/src/asn.c | Fixes non-blocking context allocation to only occur with valid async device |
| wolfssl/certs_test.h | Updates ED25519 keys to proper PKCS#8 private key format |
| gencertbuf.pl | Updates certificate paths to use -priv.der files |
| examples/async/* | New standalone async examples with user settings and Makefile |
| .github/workflows/async-examples.yml | CI workflow testing async examples with multiple configurations |
| configure.ac | Adds --enable-curve25519=nonblock option |
| examples/configs/user_settings_curve25519nonblock.h | Example configuration for X25519 non-blocking |
| .wolfssl_known_macro_extras | Adds NET_GETDEVRANDOM and WC_ASYNC_NO_X25519 macros |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Member
Author
|
Jenkins retest this please "ChannelClosedException" |
The non-blocking setup for X25519 and ECC in TLS was unconditionally setting up nbCtx, which caused functions to return FP_WOULDBLOCK. However, with INVALID_DEVID (the default), TLS has no async loop to handle FP_WOULDBLOCK, only WC_PENDING_E via the async framework. The fix follows the pattern used in asn.c: only set up nbCtx when the async device is active (devId != INVALID_DEVID). With INVALID_DEVID, the code now uses the blocking fallback (WC_ECC_NONBLOCK_ONLY) instead. This prevents unit test timeouts when built with --enable-curve25519=nonblock or --enable-ecc=nonblock. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Member
Author
|
Jenkins retest this please" FIPS v2 "RequestAbortedException" |
SparkiDev
requested changes
Feb 10, 2026
SparkiDev
approved these changes
Feb 11, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Add non-blocking (non-blocking crypto) support for Curve25519 (X25519) key generation and shared secret. This enables
WC_X25519_NONBLOCKfor use with TLS, similar to the existingWC_ECC_NONBLOCKsupport. RequiresCURVE25519_SMALL(the smallfe_low_mem.cimplementation).New Features
wc_curve25519_make_key) and shared secret (wc_curve25519_shared_secret) usingFP_WOULDBLOCKyield pattern.curve25519_nb()function infe_low_mem.cwith state machine for iterative scalar multiplication.WC_X25519_NONBLOCKsupport insrc/tls.candsrc/internal.cfor key gen and ECDH during handshake.examples/async/) with standaloneMakefile(no configure needed).user_settings_curve25519nonblock.hexample config..github/workflows/async-examples.yml).WOLFSSL_STATIC_MEMORYsupport in async examples usingwolfSSL_CTX_load_static_memory.Fixes
curve25519.c— requireWOLFSSL_ASYNC_CRYPT_SWfor software async simulation symbols.sp_c32.c,sp_c64.c,sp_x86_64.c,sp_arm32.c,sp_arm64.c,sp_armthumb.c,sp_cortexm.c) — movetypedefbefore statements.register ... asm()pedantic warning on macOS insp_x86_64.cwith__APPLE__ && __MACH__guard.user_settings_curve25519nonblock.htoexamples/configs/include.am.Testing
WOLFSSL_SMALL_CERT_VERIFY,WOLFSSL_STATIC_MEMORY.WC_PENDING_Ecount >= 100 per test to confirm async crypto is exercised.wolfcrypt/test/test.cupdated with X25519 non-blocking test cases../configure --enable-curve25519=small CFLAGS="-DWC_X25519_NONBLOCK"and./configure CFLAGS="-DWC_X25519_NONBLOCK" --enable-curve25519=small --enable-asynccrypt.ZD 21093