Devid per client#406
Draft
bigbrett wants to merge 9 commits into
Draft
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
This PR migrates wolfHSM’s wolfCrypt crypto-callback routing from a single process-global devId (WH_DEV_ID / WH_DEV_ID_DMA) to a per-client devId derived from client_id, enabling multiple client contexts in one process. It also introduces a DMA dispatch mode toggle on the client context and updates tests, benchmarks, examples, and documentation accordingly, while keeping the legacy global devIds as an opt-in compatibility path.
Changes:
- Add per-client devId scheme (
WH_CLIENT_DEVID(client)) and make legacy global devIds opt-in viaWOLFHSM_CFG_LEGACY_GLOBAL_DEVIDS. - Introduce
wh_Client_SetDmaMode()/wh_Client_GetDmaMode()and a unified cryptoCb that can prefer DMA with fallback to standard. - Update test/benchmark/example code and docs to use per-client devIds and DMA mode.
Reviewed changes
Copilot reviewed 47 out of 47 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| wolfhsm/wh_comm.h | Document client_id as a stable per-client identifier used for devId namespacing. |
| wolfhsm/wh_client.h | Add WH_CLIENT_DEVID, legacy devId opt-in, and DMA mode APIs/fields. |
| wolfhsm/wh_client_cryptocb.h | Expose unified cryptoCb plus legacy std/DMA callbacks. |
| src/wh_client.c | Register per-client devId; add legacy devId opt-in and DMA mode getters/setters. |
| src/wh_client_cryptocb.c | Implement unified cryptoCb dispatch (DMA-preferred with fallback). |
| test/wh_test_timeout.c | Switch wolfCrypt init calls to WH_CLIENT_DEVID(client). |
| test/wh_test_she.c | Switch RNG init to per-client devId. |
| test/wh_test_multiclient.c | Add devId lifecycle tests + switch to per-client devId usage. |
| test/wh_test_keywrap.c | Switch AES/RNG init to per-client devId. |
| test/wh_test_crypto.c | Switch crypto tests to per-client devId + add DMA mode exercise. |
| test/wh_test_common.h | Replace “foreach devId” helper with dispatch-mode count macro. |
| test/Makefile | Add LEGACY_DEVIDS option; auto-enable legacy devIds for wolfCrypt tests. |
| test-refactor/wh_test_list.c | Register new refactor test case for devId lifecycle. |
| test-refactor/posix/Makefile | Mirror LEGACY_DEVIDS + TESTWOLFCRYPT legacy devId enabling. |
| test-refactor/misc/wh_test_client_devid.c | New devId lifecycle test (refactor suite). |
| test-refactor/client-server/wh_test_crypto_sha.c | Update SHA tests to per-client devId + DMA mode loops. |
| test-refactor/client-server/wh_test_crypto_rsa.c | Update RSA tests to per-client devId. |
| test-refactor/client-server/wh_test_crypto_rng.c | Update RNG tests to per-client devId + DMA mode loops. |
| test-refactor/client-server/wh_test_crypto_mldsa.c | Update ML-DSA tests to per-client devId + DMA mode handling. |
| test-refactor/client-server/wh_test_crypto_keypolicy.c | Update key policy tests to per-client devId; reset DMA mode at suite start. |
| test-refactor/client-server/wh_test_crypto_kdf.c | Update KDF tests to per-client devId. |
| test-refactor/client-server/wh_test_crypto_ed25519.c | Update Ed25519 tests to per-client devId. |
| test-refactor/client-server/wh_test_crypto_ecc.c | Update ECC tests to per-client devId. |
| test-refactor/client-server/wh_test_crypto_curve25519.c | Update Curve25519 tests to per-client devId. |
| test-refactor/client-server/wh_test_crypto_cmac.c | Update CMAC tests to per-client devId + DMA mode loops. |
| test-refactor/client-server/wh_test_crypto_aes.c | Update AES tests to per-client devId + DMA mode loops. |
| examples/posix/wh_posix_client/wolfhsm_cfg.h | Enable legacy global devIds for wolfCrypt demo suites that need WC_USE_DEVID. |
| examples/posix/wh_posix_client/wh_posix_client.c | Switch RNG init to per-client devId. |
| examples/demo/client/wh_demo_client_secboot.c | Pass client context through helpers; use per-client devId for hashing/sign/verify. |
| examples/demo/client/wh_demo_client_keywrap.c | Switch RNG/AES init to per-client devId. |
| examples/demo/client/wh_demo_client_keystore.c | Switch AES init to per-client devId. |
| examples/demo/client/wh_demo_client_crypto.c | Switch all crypto init calls to per-client devId. |
| docs/src/9-Configuration.md | Document WOLFHSM_CFG_LEGACY_GLOBAL_DEVIDS and updated DMA semantics. |
| docs/src/5-Features.md | Document per-client devId and DMA dispatch mode instead of DMA devId-only model. |
| docs/src/3-Quickstart.md | Update quickstart text to reference per-client devId routing. |
| benchmark/bench_modules/wh_bench_mod_sha2.c | Convert bench routing to per-client devId + DMA mode parameter. |
| benchmark/bench_modules/wh_bench_mod_rsa.c | Convert bench routing to per-client devId + DMA mode parameter. |
| benchmark/bench_modules/wh_bench_mod_rng.c | Convert bench routing to per-client devId + DMA mode parameter. |
| benchmark/bench_modules/wh_bench_mod_mlkem.c | Convert bench routing to per-client devId + DMA mode parameter. |
| benchmark/bench_modules/wh_bench_mod_mldsa.c | Convert bench routing to per-client devId + DMA mode parameter. |
| benchmark/bench_modules/wh_bench_mod_hmac.c | Convert bench routing to per-client devId + DMA mode parameter. |
| benchmark/bench_modules/wh_bench_mod_hkdf.c | Convert bench routing to per-client devId + DMA mode parameter. |
| benchmark/bench_modules/wh_bench_mod_ecc.c | Convert bench routing to per-client devId + DMA mode parameter. |
| benchmark/bench_modules/wh_bench_mod_curve25519.c | Convert bench routing to per-client devId; explicitly reset DMA mode. |
| benchmark/bench_modules/wh_bench_mod_cmac.c | Convert bench routing to per-client devId + DMA mode parameter. |
| benchmark/bench_modules/wh_bench_mod_cmac_kdf.c | Convert bench routing to per-client devId + DMA mode parameter. |
| benchmark/bench_modules/wh_bench_mod_aes.c | Convert bench routing to per-client devId; set DMA mode per variant. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Replace the global WH_DEV_ID/WH_DEV_ID_DMA with the per-client WH_CLIENT_DEVID(&ctx) across the test suites, toggling DMA preference through a new wh_Client_SetDmaMode()/GetDmaMode() API. Also fix the unified client cryptoCb to propagate CRYPTOCB_UNAVAILABLE so wolfCrypt can fall back to software for primitives wolfHSM does not offload (e.g. the internal SHA-3 in ML-KEM key decode), which was breaking ML-KEM key generation through a per-client devId.
bigbrett
force-pushed
the
devid-per-client
branch
from
988d734 to
4ff72c1
Compare
wolfSSL-Fenrir-bot
left a comment
wolfSSL-Fenrir-bot
left a comment
There was a problem hiding this comment.
Fenrir Automated Review — PR #406
Scan targets checked: none
Failed targets: wolfhsm-core-bugs, wolfhsm-crypto-bugs, wolfhsm-src
wolfSSL-Fenrir-bot
left a comment
wolfSSL-Fenrir-bot
left a comment
There was a problem hiding this comment.
Fenrir Automated Review — PR #406
Scan targets checked: none
Failed targets: wolfhsm-core-bugs, wolfhsm-crypto-bugs, wolfhsm-src
Contributor
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 47 out of 47 changed files in this pull request and generated 3 comments.
Comments suppressed due to low confidence (2)
wolfhsm/wh_client.h:1
- The docstring claims
wh_Client_SetDmaMode()can returnWH_ERROR_BADARGSon invalid input, but the implementation only errors onc == NULLand treats any non-zerouseDmaas enabled. Either (a) tighten the documentation to match current behavior (only NULL pointer is invalid), or (b) add explicit validation (e.g., only accept 0/1) so the documented error case is real.
wolfhsm/wh_keyid.h:1 - This comment describes
client_idas always constrained to[1, WH_CLIENT_ID_MAX](0 reserved), but then implies the server only rejects0whenWOLFHSM_CFG_GLOBAL_KEYSis enabled. Givenwh_Client_Init()now rejects0unconditionally, consider aligning the server-side contract/documentation by either (a) stating explicitly that the client library enforces0as invalid regardless of server config, or (b) updating the server INIT handling to reject0in all builds so the reserved namespace is consistently enforced end-to-end.
Comment on lines
+215
to
+229
| /* Unregister this context's cryptoCb entries before dropping the wolfCrypt | ||
| * reference. wolfCrypt only clears its fixed-size callback table when the | ||
| * process-wide last wolfCrypt_Cleanup runs, so while any other client (or | ||
| * wolfCrypt user) remains active a stale entry would otherwise keep its | ||
| * table slot and dispatch into this zeroed context. The devId is nonzero | ||
| * only on a successfully initialized context (Init zeroes it when | ||
| * unwinding a failed init). The global WH_DEV_ID / WH_DEV_ID_DMA entries | ||
| * are unregistered unconditionally */ | ||
| if (c->devId != 0) { | ||
| (void)wc_CryptoCb_UnRegisterDevice(c->devId); | ||
| (void)wc_CryptoCb_UnRegisterDevice(WH_DEV_ID); | ||
| #ifdef WOLFHSM_CFG_DMA | ||
| (void)wc_CryptoCb_UnRegisterDevice(WH_DEV_ID_DMA); | ||
| #endif /* WOLFHSM_CFG_DMA */ | ||
| } |
Comment on lines
+143
to
+144
| wc_CryptoCb_UnRegisterDevice(WH_DEV_ID); | ||
| rc = wc_CryptoCb_RegisterDevice(WH_DEV_ID, wh_Client_CryptoCb, c); |
Comment on lines
+167
to
+169
| wc_CryptoCb_UnRegisterDevice(WH_DEV_ID_DMA); | ||
| rc = wc_CryptoCb_RegisterDevice(WH_DEV_ID_DMA, | ||
| wh_Client_CryptoCbDma, c); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.