Add crypto callback only mode for ed25519#10830
Conversation
|
|
||
| #ifdef WOLF_CRYPTO_CB | ||
| if (key->devId != INVALID_DEVID) { | ||
| #ifndef WOLF_CRYPTO_CB_FIND |
There was a problem hiding this comment.
Semi-related change to add these missing guards. The cb find mechanism would have failed here.
|
Jenkins retest this please |
|
retest this please |
wolfSSL-Fenrir-bot
left a comment
There was a problem hiding this comment.
Fenrir Automated Review — PR #10830
Scan targets checked: wolfcrypt-bugs, wolfcrypt-rs-bugs, wolfcrypt-src, wolfssl-bugs, wolfssl-src
No new issues found in the changed files. ✅
|
80c6f68 to
37b0c37
Compare
|
jenkins retest this please |
rizlik
left a comment
There was a problem hiding this comment.
Great work, but the problem is that make_public and check-key survives and so ge_operations can't be removed from the build.
Given that the main goal of ONLY_ED25519 is to reduce code/data size, we should aim at removing all the software math.
I see two options:
- Gating out the make_public and check_key with new gating macros
- Adding two crypto callbacks for make_public and check_key
| #if defined(WOLFSSL_EDDSA_CHECK_PRIV_ON_SIGN) && \ | ||
| !defined(WOLF_CRYPTO_CB_ONLY_ED25519) |
There was a problem hiding this comment.
To me it looks like that the priv check must be inside the software blocks, not outside. So this is a bug that predate the PR. Probably a good idea to move it inside that software block instead of gating on !ONLY_ED25519, or just ignore it in this PR.
Frauschi
left a comment
There was a problem hiding this comment.
🐺 Skoll Code Review
Overall recommendation: COMMENT
Findings: 1 total — 1 posted, 0 skipped
Posted findings
- [Low] Sign CB_ONLY path omits (void)ed25519Ctx suppression present in verify path —
wolfcrypt/src/ed25519.c:445
Review generated by Skoll via Claude/Codex
| (void)type; | ||
| ret = se050_ed25519_sign_msg(in, inLen, out, outLen, key); | ||
| #elif defined(WOLF_CRYPTO_CB_ONLY_ED25519) | ||
| ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); |
There was a problem hiding this comment.
🔵 [Low] Sign CB_ONLY path omits (void)ed25519Ctx suppression present in verify path
🔧 NIT convention
The WOLF_CRYPTO_CB_ONLY_ED25519 branch of wc_ed25519_verify_msg_ex adds (void)ed25519Ctx; to suppress an unused-const-variable warning, but the equivalent WOLF_CRYPTO_CB_ONLY_ED25519 branch of wc_ed25519_sign_msg_ex does not. ed25519Ctx is defined whenever HAVE_ED25519_SIGN || HAVE_ED25519_VERIFY. In a narrow configuration built with HAVE_ED25519_SIGN but without HAVE_ED25519_VERIFY under WOLF_CRYPTO_CB_ONLY_ED25519, ed25519Ctx is never referenced (both the sign software path and the streaming-verify code that use it are compiled out), which can trigger -Wunused-const-variable under -Werror. The default/CI configs enable both sign and verify, so this does not fire in the added CI job.
Recommendation: For symmetry with the verify branch and to avoid a possible unused-const warning in sign-only configurations, add (void)ed25519Ctx; at the top of the sign CB_ONLY branch.
Description
Expand existing ed25519 crypto callback to support the "only" mode which strips the software implementation for use with HSM or other hardware accelerators.
make_key,sign_msgandverify_msgsupported. No streaming support.Testing
Added unit test and updated CI workflow
Checklist