Implementing PKCS8 and Base64 commands

[lealem47]

Also includes :

• a refactor of the clu_x509_verify.c code to use the X509_verify_cert() API instead of the CertManager. This was done in order to support the -untrusted option in the verify.
• small refactor of clu_pkcs7.c to allow for piped input

[Copilot]

Pull Request Overview

This PR implements support for PKCS8 and Base64 commands while refactoring certificate verification to support the -untrusted option by using the X509_verify_cert() API. It also includes a minor refactor in the PKCS7 command to support piped input.

• Introduces new enums and command-line options for PKCS8 and untrusted certificate chains.
• Adds new source files for handling PKCS8 keys and Base64 encoding/decoding.
• Updates the main command dispatch to include the new commands.

Reviewed Changes

Copilot reviewed 9 out of 19 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
wolfclu/clu_optargs.h	Added new enum values for PKCS8, intermediate cert, and options such as nocrypt/topkcs8
wolfclu/clu_header_main.h	Added MAX_STDINSZ define and prototypes for the new PKCS8 and Base64 setup functions
src/tools/clu_funcs.c	Updated logging to include messages for pkcs8 and base64 commands
src/tools/clu_base64.c	New file implementing base64 encode/decode functionality
src/sign-verify/clu_x509_verify.c	Refactored verification to use X509_verify_cert() and introduced handling for an untrusted certificate
src/pkcs/clu_pkcs8.c	New file adding support for PKCS8 commands
src/pkcs/clu_pkcs7.c	Minor refactor to allow stdin input and improve error messaging in PKCS7 parsing
src/hash/clu_hash.c	Removed redundant definition of MAX_STDINSZ
src/clu_main.c	Updated main command switch to add cases for PKCS8 and Base64 commands

Files not reviewed (10)

• Makefile.am: Language not supported
• src/include.am: Language not supported
• tests/base64/base64-test.sh: Language not supported
• tests/base64/include.am: Language not supported
• tests/pkcs/include.am: Language not supported
• tests/pkcs/pkcs7-test.sh: Language not supported
• tests/pkcs/pkcs8-test.sh: Language not supported
• tests/x509/x509-req-test.sh: Language not supported
• tests/x509/x509-verify-test.sh: Language not supported
• wolfCLU.vcxproj: Language not supported

Comments suppressed due to low confidence (1)

src/pkcs/clu_pkcs8.c:175

• In the branch handling piped input, 'optarg' may not be set. Replace it with a generic error message to accurately report the issue (e.g., "Unable to open pkcs8 input from stdin").

wolfCLU_LogError("Unable to open pkcs8 file %s", optarg);

[JacobBarthelmeh]

There needs to be a documentation PR here (https://github.com/wolfSSL/documentation/pulls) to go along with these changes.

[lealem47]

Docs PR here wolfSSL/documentation#189