Basic certificate support #96
Conversation
There was a problem hiding this comment.
Looks very reasonable. A few API names and inout questions, but certainly is a good start. I have some concerns about the RAM necessary on the server to parse the certification chain. We may need to preallocate or use some of the existing cache memory to better handle this.
| @@ -0,0 +1,58 @@ | |||
| /* | |||
| * Copyright (C) 2024 wolfSSL Inc. | |||
There was a problem hiding this comment.
| * Copyright (C) 2024 wolfSSL Inc. | |
| * Copyright (C) 2025 wolfSSL Inc. |
| int wh_Server_CertGetTrusted(whServerContext* server, whNvmId id, uint8_t* cert, | ||
| uint32_t* cert_len); |
There was a problem hiding this comment.
| int wh_Server_CertGetTrusted(whServerContext* server, whNvmId id, uint8_t* cert, | |
| uint32_t* cert_len); | |
| int wh_Server_CertGetTrusted(whServerContext* server, whNvmId id, uint8_t* cert, | |
| uint32_t* inout_cert_len); |
I assume cert_len is set to the size of the cert buffer on invocation and set to the actual length on return, even if cert is NULL or not large enough? Starting with API first.
Naming: shouldn't this be CertReadTrusted, since we are reading the NVM object behind it?
| const uint8_t* cert, uint32_t cert_len); | ||
|
|
||
| /* Delete a trusted certificate from NVM storage */ | ||
| int wh_Server_CertDeleteTrusted(whServerContext* server, whNvmId id); |
There was a problem hiding this comment.
Naming: should this be CertEraseTrusted to match other API's?
| int wh_Server_CertAddTrusted(whServerContext* server, whNvmId id, | ||
| const uint8_t* cert, uint32_t cert_len); |
There was a problem hiding this comment.
Is there a path where the id would be inout? Like we pass in an INVALID id and it returns with a guaranteed unique id?
| #if defined(WOLFHSM_CFG_CERTIFICATE_MANAGER) && !defined(WOLFHSM_CFG_NO_CRYPTO) | ||
|
|
||
| #include "wh_test_cert.h" |
There was a problem hiding this comment.
| #if defined(WOLFHSM_CFG_CERTIFICATE_MANAGER) && !defined(WOLFHSM_CFG_NO_CRYPTO) | |
| #include "wh_test_cert.h" | |
| #if defined(WOLFHSM_CFG_CERTIFICATE_MANAGER) && !defined(WOLFHSM_CFG_NO_CRYPTO) | |
| #include "wh_test_cert.h" |
| @@ -0,0 +1,1503 @@ | |||
| /* | |||
| * Certificate arrays for embedded SSL/TLS applications | |||
| * Generated by OpenSSL dual certificate chain script | |||
There was a problem hiding this comment.
These are new certs or are these already in wolfssl test data?
Yuck that we still are using OpenSSL rather than wolfCLU for this.
| @@ -40,14 +40,19 @@ extern "C" { | |||
| */ | |||
|
|
|||
| /** wolfHSM required settings for wolfCrypt */ | |||
| #define WOLFCRYPT_ONLY | |||
| /* #define WOLFCRYPT_ONLY */ | |||
There was a problem hiding this comment.
Grumble that cert manager is outside of wolfcrypt.
| } | ||
|
|
||
| /* Check if the provided buffer is large enough */ | ||
| if (meta.len > *cert_len) { |
There was a problem hiding this comment.
recommend to set *cert_len to the actual len first. Maybe return a different error, like buffer len? CFG_MAX_CERT_SIZE may be set differently on the client and server, so this config should be added to the info response as well.
Adds basic support for certificate management using wolfSSL Cert Manager.
Client API has add/delete/get functionality for trusted certificate (root), and then a verify function that verifies an (ordered) certificate chain against a given trusted root.
Limitations:
Future work: