Skip to content

Trusted cert cache and verify callbacks #353

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
bigbrett wants to merge 7 commits into
base: main
Choose a base branch
from
Draft

Trusted cert cache and verify callbacks #353

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
8f68933
trusted cert cache
bigbrett May 4, 2026
13e6108
add server certificate verify callback injection
bigbrett May 5, 2026
651b4c7
fix nocrypto gating
bigbrett May 5, 2026
ab5d9e5
bind trusted cert cache entries to root ID
bigbrett May 5, 2026
46df685
add global trusted cert cache option
bigbrett May 6, 2026
b276839
restructure wh_settings.h macros and fix padding check to use sentine…
bigbrett May 6, 2026
fe5cdfe
fix crypto message struct ordering and add coverage in padding check
bigbrett May 6, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
59 changes: 59 additions & 0 deletions src/wh_client_cert.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -507,6 +507,65 @@ int wh_Client_CertVerifyAndCacheLeafPubKey(
inout_keyId, out_rc);
}

#ifdef WOLFHSM_CFG_CERTIFICATE_VERIFY_CACHE
int wh_Client_CertVerifyCacheClearRequest(whClientContext* c)
{
if (c == NULL) {
return WH_ERROR_BADARGS;
}
return wh_Client_SendRequest(c, WH_MESSAGE_GROUP_CERT,
WH_MESSAGE_CERT_ACTION_VERIFY_CACHE_CLEAR, 0,
NULL);
}

int wh_Client_CertVerifyCacheClearResponse(whClientContext* c, int32_t* out_rc)
{
int rc;
uint16_t group;
uint16_t action;
uint16_t size;
whMessageCert_SimpleResponse resp;

if (c == NULL) {
return WH_ERROR_BADARGS;
}

rc = wh_Client_RecvResponse(c, &group, &action, &size, &resp);
if (rc == WH_ERROR_OK) {
if ((group != WH_MESSAGE_GROUP_CERT) ||
(action != WH_MESSAGE_CERT_ACTION_VERIFY_CACHE_CLEAR) ||
(size != sizeof(resp))) {
rc = WH_ERROR_ABORTED;
}
else if (out_rc != NULL) {
*out_rc = resp.rc;
}
}
return rc;
}

int wh_Client_CertVerifyCacheClear(whClientContext* c, int32_t* out_rc)
{
int rc = WH_ERROR_OK;

if (c == NULL) {
return WH_ERROR_BADARGS;
}

do {
rc = wh_Client_CertVerifyCacheClearRequest(c);
} while (rc == WH_ERROR_NOTREADY);

if (rc == WH_ERROR_OK) {
do {
rc = wh_Client_CertVerifyCacheClearResponse(c, out_rc);
} while (rc == WH_ERROR_NOTREADY);
}

return rc;
}
#endif /* WOLFHSM_CFG_CERTIFICATE_VERIFY_CACHE */

#ifdef WOLFHSM_CFG_DMA

int wh_Client_CertAddTrustedDmaRequest(whClientContext* c, whNvmId id,
Expand Down
31 changes: 31 additions & 0 deletions src/wh_nvm.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -104,20 +104,40 @@ int wh_Nvm_Init(whNvmContext* context, const whNvmConfig* config)
memset(&context->globalCache, 0, sizeof(context->globalCache));
#endif

#ifdef WOLFHSM_CFG_CERTIFICATE_VERIFY_CACHE_GLOBAL
/* Initialize the global cert verify cache */
memset(&context->globalCertVerifyCache, 0,
sizeof(context->globalCertVerifyCache));
#endif

#ifdef WOLFHSM_CFG_THREADSAFE
/* Initialize lock (NULL lockConfig = no-op locking) */
rc = wh_Lock_Init(&context->lock, config->lockConfig);
if (rc != WH_ERROR_OK) {
return rc;
}
#ifdef WOLFHSM_CFG_CERTIFICATE_VERIFY_CACHE_GLOBAL
/* Initialize the global cert verify cache lock. Distinct lock from the
* NVM lock so cert-cache traffic and NVM I/O don't serialize each other.
* NULL config => no-op locking, same as the NVM lock above. */
rc = wh_Lock_Init(&context->globalCertVerifyCache.lock,
config->certVerifyCacheLockConfig);
if (rc != WH_ERROR_OK) {
(void)wh_Lock_Cleanup(&context->lock);
return rc;
}
#endif
#endif /* WOLFHSM_CFG_THREADSAFE */

if (context->cb != NULL && context->cb->Init != NULL) {
rc = context->cb->Init(context->context, config->config);
if (rc != WH_ERROR_OK) {
context->cb = NULL;
context->context = NULL;
#ifdef WOLFHSM_CFG_THREADSAFE
#ifdef WOLFHSM_CFG_CERTIFICATE_VERIFY_CACHE_GLOBAL
(void)wh_Lock_Cleanup(&context->globalCertVerifyCache.lock);
#endif
(void)wh_Lock_Cleanup(&context->lock);
#endif
}
Expand All @@ -140,6 +160,14 @@ int wh_Nvm_Cleanup(whNvmContext* context)
memset(&context->globalCache, 0, sizeof(context->globalCache));
#endif

#ifdef WOLFHSM_CFG_CERTIFICATE_VERIFY_CACHE_GLOBAL
/* Clear cache slots/writeIdx but keep the embedded lock intact until its
* own cleanup below. */
memset(context->globalCertVerifyCache.slots, 0,
sizeof(context->globalCertVerifyCache.slots));
context->globalCertVerifyCache.writeIdx = 0;
#endif

/* No callback? Return ABORTED */
if (context->cb->Cleanup == NULL) {
rc = WH_ERROR_ABORTED;
Expand All @@ -149,6 +177,9 @@ int wh_Nvm_Cleanup(whNvmContext* context)
}

#ifdef WOLFHSM_CFG_THREADSAFE
#ifdef WOLFHSM_CFG_CERTIFICATE_VERIFY_CACHE_GLOBAL
(void)wh_Lock_Cleanup(&context->globalCertVerifyCache.lock);
#endif
(void)wh_Lock_Cleanup(&context->lock);
#endif

Expand Down
8 changes: 8 additions & 0 deletions src/wh_server.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -122,6 +122,14 @@ int wh_Server_Init(whServerContext* server, whServerConfig* config)
}
#endif /* WOLFHSM_CFG_DMA */

#if defined(WOLFHSM_CFG_CERTIFICATE_MANAGER) && !defined(WOLFHSM_CFG_NO_CRYPTO)
/* Register the user-supplied verify callback, if any. The cache (if
* compiled in) is already zero-initialized by the memset above. */
if (config->certConfig != NULL) {
server->cert.verifyCb = config->certConfig->verifyCb;
}
#endif /* WOLFHSM_CFG_CERTIFICATE_MANAGER && !WOLFHSM_CFG_NO_CRYPTO */

/* Log the server startup */
WH_LOG(&server->log, WH_LOG_LEVEL_INFO, "Server Initialized");

Expand Down
Loading