SE050: Fixes + NO_{RSA,ECDHE}_VERIFY options + simulator CI#10219
Merged
dgarske merged 11 commits intowolfSSL:masterfrom Apr 15, 2026
Merged
SE050: Fixes + NO_{RSA,ECDHE}_VERIFY options + simulator CI#10219dgarske merged 11 commits intowolfSSL:masterfrom
dgarske merged 11 commits intowolfSSL:masterfrom
Conversation
- se050_ed25519_verify_msg: initialize *res = 0 at entry so failures don't leak a stale res = 1 from a prior good verify. - Ed25519 import functions: reset keyIdSet / keyId under WOLFSSL_SE050 in wc_ed25519_import_private_key_ex, wc_ed25519_import_private_only, wc_ed25519_import_public_ex so overwriting host-side key material invalidates any prior SE050 object binding. - New workflow .github/workflows/se050-sim.yml: builds wolfSSL against the NXP Plug&Trust SDK and runs the wolfCrypt tests against the SE050Sim simulator. Patches the upstream Dockerfile to use the PR's wolfSSL source. - ed25519_test SE050 adjustments: - Cap the RFC 8032 loop at 5 iters — iter 5's 1023 B msg exceeds NXP SDK SE05X_TLV_BUF_SIZE_CMD = 900. - rareEd verifies and private-only sign: expect WC_HW_E (SE050 delegates malformed-input rejection to the secure element) instead of BAD_FUNC_ARG / SIG_VERIFY_E. - Skip ed25519ctx_test / ed25519ph_test — SE050 port drops the context/prehash params so RFC 8032 ctx/ph vectors can't byte-match.
- se050_rsa_verify: when the function uploads only the public part of the key (keyCreated == 1), erase the transient SE050 object and don't persist keyIdSet = 1. A subsequent sign on the same RsaKey was reusing the public-only SE050 object and failing. Pre-existing bindings (from wc_RsaUseKeyId or a prior sign that uploaded a keypair) are preserved untouched. - rsa_keygen_test: add WOLFSSL_SE050 to the existing WOLFSSL_CRYPTOCELL guard around the export-then-decode round-trip. SE050-generated keys keep their private components in the secure element, so wc_RsaKeyToDer + wc_RsaPrivateKeyDecode cannot complete. Matching guard on the idx declaration to avoid an unused-variable warning.
Contributor
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
This PR improves compatibility and CI coverage for the NXP SE050 backend by adding feature-disabling build options, adjusting tests/expected behaviors for SE050 constraints, and introducing a simulator-based GitHub Actions workflow.
Changes:
- Add SE050-specific “NO_{RSA,ECDHE}_VERIFY” style options and route crypto operations to software when configured.
- Fix SE050 key-binding behavior (avoid persisting public-only bindings) and tighten argument/error handling for several SE050 port functions.
- Add a GitHub Actions workflow that builds against the SE050 simulator and runs wolfCrypt tests.
Reviewed changes
Copilot reviewed 8 out of 8 changed files in this pull request and generated 6 comments.
Show a summary per file
| File | Description |
|---|---|
wolfcrypt/test/test.c |
Skips/adjusts tests and expected error codes under SE050; adds a reload step to exercise public-only vs keypair bindings. |
wolfcrypt/src/rsa.c |
Adds a compile-time option to disable SE050 offloaded RSA PKCS#1 v1.5 verify path. |
wolfcrypt/src/port/nxp/se050_port.c |
Switches verify/import flows to transient objects and avoids persisting public-only bindings; improves hash-size error handling and argument checks. |
wolfcrypt/src/port/nxp/README_SE050.md |
Documents new SE050 build options for disabling ECDHE/ECDSA verify/RSA verify offload. |
wolfcrypt/src/ed25519.c |
Clears SE050 key bindings on key import so host material and SE050 object bindings don’t diverge. |
wolfcrypt/src/ecc.c |
Adds WOLFSSL_SE050_NOECDHE and WOLFSSL_SE050_NO_ECDSA_VERIFY routing to software paths. |
.wolfssl_known_macro_extras |
Registers the newly introduced SE050-related macros. |
.github/workflows/se050-sim.yml |
Adds CI job to test wolfCrypt against the SE050 simulator in Docker. |
Comments suppressed due to low confidence (1)
wolfcrypt/test/test.c:1
- The
#endifcomment is inconsistent with the#ifcondition (!defined(...) && !defined(...)). Please update the trailing comment to match the actual conditional, to avoid confusion during future maintenance/debugging of preprocessor paths.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
LinuxJedi
approved these changes
Apr 15, 2026
Member
LinuxJedi
left a comment
LinuxJedi
left a comment
There was a problem hiding this comment.
Approval for the parts that weren't mine.
dgarske
approved these changes
Apr 15, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
zd#21221 and others