Add crypto timeout to RNG and AES

Updated based on Copilot's suggestions

Author: miyazakh

src/wh_client_crypto.c

@@ -180,6 +180,27 @@ static int _getCryptoResponse(uint8_t* respBuf, uint16_t type,
 
     return header->rc;
 }
+static int _wait_response_with_crypttimeout(whClientContext *ctx,
+        uint16_t *out_group, uint16_t *out_action,
+        uint16_t *out_size, void* data)
+{
+    int ret = WH_ERROR_OK;
+    do {
+        ret = wh_Client_RecvResponse(ctx, out_group, out_action, out_size, data);
+#if defined(WOLFHSM_CFG_ENABLE_CLIENT_CRYPTIMEOUT)
+        if (ret == WH_ERROR_NOTREADY) {
+            /* Check for crypto timeout */
+            int chk = wh_CommClient_CheckTimeout(ctx->comm);
+            if (chk == WH_ERROR_CRYPTIMEOUT) {
+                return WH_ERROR_CRYPTIMEOUT;
+            } else if (chk < 0 && chk != WH_ERROR_OK) {
+                return chk;
+            }
+        }
+#endif
+    } while (ret == WH_ERROR_NOTREADY);
+    return ret;
+}
 
 /** Implementations */
 int wh_Client_RngGenerate(whClientContext* ctx, uint8_t* out, uint32_t size)
@@ -233,9 +254,14 @@ int wh_Client_RngGenerate(whClientContext* ctx, uint8_t* out, uint32_t size)
 
         /* Send request and get response */
         ret = wh_Client_SendRequest(ctx, group, action, req_len, dataPtr);
+#if defined(WOLFHSM_CFG_ENABLE_CLIENT_CRYPTIMEOUT)
+        if (ret == WH_ERROR_OK) {
+            ret = wh_CommClient_InitCryptTimeout(ctx->comm);
+        }
+#endif
         if (ret == 0) {
             do {
-                ret = wh_Client_RecvResponse(ctx, &group, &action, &res_len,
+                ret = _wait_response_with_crypttimeout(ctx, &group, &action, &res_len,
                                              dataPtr);
             } while (ret == WH_ERROR_NOTREADY);
         }
@@ -418,14 +444,21 @@ int wh_Client_AesCtr(whClientContext* ctx, Aes* aes, int enc, const uint8_t* in,
     wh_Utils_Hexdump("[client] req packet: \n", (uint8_t*)req, req_len);
 #endif
     ret = wh_Client_SendRequest(ctx, group, action, req_len, dataPtr);
+#if defined(WOLFHSM_CFG_ENABLE_CLIENT_CRYPTIMEOUT)
+    if (ret == WH_ERROR_OK) {
+        ret = wh_CommClient_InitCryptTimeout(ctx->comm);
+    }
+#endif
     /* read response */
     if (ret == WH_ERROR_OK) {
         /* Response packet */
         uint16_t res_len = 0;
         do {
             ret =
-                wh_Client_RecvResponse(ctx, &group, &action, &res_len, dataPtr);
+                _wait_response_with_crypttimeout(ctx, &group, &action,
+                                                            &res_len, dataPtr);
         } while (ret == WH_ERROR_NOTREADY);
+
         if (ret == WH_ERROR_OK) {
             ret = _getCryptoResponse(dataPtr, type, (uint8_t**)&res);
             if (ret == WH_ERROR_OK) {
@@ -540,14 +573,21 @@ int wh_Client_AesEcb(whClientContext* ctx, Aes* aes, int enc, const uint8_t* in,
     wh_Utils_Hexdump("[client] req packet: \n", (uint8_t*)req, req_len);
 #endif
     ret = wh_Client_SendRequest(ctx, group, action, req_len, dataPtr);
+#if defined(WOLFHSM_CFG_ENABLE_CLIENT_CRYPTIMEOUT)
+    if (ret == WH_ERROR_OK) {
+        ret = wh_CommClient_InitCryptTimeout(ctx->comm);
+    }
+#endif
     /* read response */
     if (ret == WH_ERROR_OK) {
         /* Response packet */
         uint16_t res_len = 0;
         do {
             ret =
-                wh_Client_RecvResponse(ctx, &group, &action, &res_len, dataPtr);
+                _wait_response_with_crypttimeout(ctx, &group, &action,
+                                                            &res_len, dataPtr);
         } while (ret == WH_ERROR_NOTREADY);
+
         if (ret == WH_ERROR_OK) {
             ret = _getCryptoResponse(dataPtr, type, (uint8_t**)&res);
             if (ret == WH_ERROR_OK) {
@@ -659,14 +699,21 @@ int wh_Client_AesCbc(whClientContext* ctx, Aes* aes, int enc, const uint8_t* in,
     wh_Utils_Hexdump("[client] req packet: \n", (uint8_t*)req, req_len);
 #endif
     ret = wh_Client_SendRequest(ctx, group, action, req_len, dataPtr);
+#if defined(WOLFHSM_CFG_ENABLE_CLIENT_CRYPTIMEOUT)
+    if (ret == WH_ERROR_OK) {
+        ret = wh_CommClient_InitCryptTimeout(ctx->comm);
+    }
+#endif
     /* read response */
     if (ret == WH_ERROR_OK) {
         /* Response packet */
         uint16_t res_len = 0;
         do {
             ret =
-                wh_Client_RecvResponse(ctx, &group, &action, &res_len, dataPtr);
+                _wait_response_with_crypttimeout(ctx, &group, &action,
+                                                            &res_len, dataPtr);
         } while (ret == WH_ERROR_NOTREADY);
+
         if (ret == WH_ERROR_OK) {
             ret = _getCryptoResponse(dataPtr, type, (uint8_t**)&res);
             if (ret == WH_ERROR_OK) {
@@ -793,11 +840,17 @@ int wh_Client_AesGcm(whClientContext* ctx, Aes* aes, int enc, const uint8_t* in,
 
     /* Send request and receive response */
     ret = wh_Client_SendRequest(ctx, group, action, req_len, dataPtr);
+#if defined(WOLFHSM_CFG_ENABLE_CLIENT_CRYPTIMEOUT)
+    if (ret == WH_ERROR_OK) {
+        ret = wh_CommClient_InitCryptTimeout(ctx->comm);
+    }
+#endif
     if (ret == 0) {
         uint16_t res_len = 0;
         do {
             ret =
-                wh_Client_RecvResponse(ctx, &group, &action, &res_len, dataPtr);
+                _wait_response_with_crypttimeout(ctx, &group, &action,
+                                                            &res_len, dataPtr);
         } while (ret == WH_ERROR_NOTREADY);
 
         if (ret == WH_ERROR_OK) {
@@ -987,11 +1040,17 @@ int wh_Client_AesGcmDma(whClientContext* ctx, Aes* aes, int enc,
     wh_Utils_Hexdump("[client] AESGCM DMA req packet: \n", dataPtr, reqLen);
 #endif
     ret = wh_Client_SendRequest(ctx, group, action, reqLen, dataPtr);
+#if defined(WOLFHSM_CFG_ENABLE_CLIENT_CRYPTIMEOUT)
+    if (ret == WH_ERROR_OK) {
+        ret = wh_CommClient_InitCryptTimeout(ctx->comm);
+    }
+#endif
     if (ret == 0) {
         uint16_t resLen = 0;
         do {
             ret =
-                wh_Client_RecvResponse(ctx, &group, &action, &resLen, dataPtr);
+                _wait_response_with_crypttimeout(ctx, &group, &action,
+                                                            &resLen, dataPtr);
         } while (ret == WH_ERROR_NOTREADY);
 
         if (ret == WH_ERROR_OK) {

src/wh_comm.c

@@ -74,7 +74,11 @@ int wh_CommClient_Init(whCommClient* context, const whCommClientConfig* config)
     context->transport_context  = config->transport_context;
     context->client_id          = config->client_id;
     context->connect_cb         = config->connect_cb;
-
+#if defined(WOLFHSM_CFG_ENABLE_CLIENT_CRYPTIMEOUT)
+    context->crypt_timeout_cb    = config->crypt_timeout_cb;
+    context->crypt_timeout_enabled = config->crypt_timeout_enabled;
+    context->crypt_timeout       = config->crypt_timeout;
+#endif
     if (context->transport_cb->Init != NULL) {
         rc = context->transport_cb->Init(context->transport_context,
                 config->transport_config, NULL, NULL);
@@ -211,6 +215,69 @@ int wh_CommClient_Cleanup(whCommClient* context)
     return rc;
 }
 
+#if defined(WOLFHSM_CFG_ENABLE_CLIENT_CRYPTIMEOUT)
+static uint64_t wh_timeval_to_ms64(const WOLFHSM_TIMEVAL* tv)
+{
+    if (tv == NULL) return 0;
+    return (uint64_t)tv->tv_sec * 1000ULL + (uint64_t)((tv->tv_usec) / 1000ULL);
+}
+/* Set Crypto Time Out if needed */
+int wh_CommClient_InitCryptTimeout(whCommClient* context)
+{
+    if (context == NULL)
+        return WH_ERROR_BADARGS;
+    /* if feature not enabled, nothing to do */
+    if (context->crypt_timeout_enabled != 1)
+        return WH_ERROR_OK;
+    if (context->crypt_timeout_cb == NULL ||
+        context->crypt_timeout_cb->GetCurrentTime == NULL)
+        return WH_ERROR_BADARGS;
+
+    /* cache conversion of crypt_timeout to milliseconds */
+    context->crypt_timeout_ms = wh_timeval_to_ms64(&context->crypt_timeout);
+    /* initialize start time */
+    context->crypt_start_time =
+            context->crypt_timeout_cb->GetCurrentTime(1);
+
+    return WH_ERROR_OK;
+}
+
+/* Check Crypto Timeout */
+int wh_CommClient_CheckTimeout(whCommClient* context)
+{
+    uint64_t current_ms = 0;
+    uint64_t elapsed_ms = 0;
+    uint64_t timeout_ms = 0;
+
+    if (context == NULL) return WH_ERROR_BADARGS;
+
+    if (context->crypt_timeout_enabled != 1)
+        return WH_ERROR_OK;
+
+    if (context->crypt_timeout_cb == NULL ||
+        context->crypt_timeout_cb->GetCurrentTime == NULL)
+        return WH_ERROR_BADARGS;
+
+    timeout_ms = context->crypt_timeout_ms;
+    if (timeout_ms == 0)
+        return WH_ERROR_OK;
+
+    /* check timeout by user cb if defined */
+    if (context->crypt_timeout_cb->CheckTimeout != NULL) {
+            return context->crypt_timeout_cb->CheckTimeout(
+                &context->crypt_start_time, timeout_ms);
+    }
+
+    /* Otherwise compute elapsed using user-provided GetCurrentTime */
+    current_ms = context->crypt_timeout_cb->GetCurrentTime(0);
+    elapsed_ms = current_ms - context->crypt_start_time;
+    if (elapsed_ms > timeout_ms) {
+        return WH_ERROR_CRYPTIMEOUT;
+    }
+
+    return WH_ERROR_OK;
+}
+#endif /* WOLFHSM_CFG_ENABLE_CLIENT_CRYPTIMEOUT */
 #endif /* WOLFHSM_CFG_ENABLE_CLIENT */
 
 /** Server Functions */

test/Makefile

@@ -135,6 +135,9 @@ else
 	DEF += -DWOLFHSM_CFG_IS_TEST_SERVER
 endif
 
+ifeq ($(CRYPTIMEOUT),1)
+	DEF += -DWOLFHSM_CFG_ENABLE_CLIENT_CRYPTIMEOUT
+endif
 
 ## Source files
 # Assembly source files

test/config/wolfhsm_cfg.h

@@ -61,4 +61,11 @@
 
 #define WOLFHSM_CFG_SERVER_NVM_FLASH_LOG
 
+/* Enable client crypto timeout feature for testing */
+#if defined(WOLFHSM_CFG_ENABLE_CLIENT_CRYPTIMEOUT) && \
+    defined(WOLFHSM_CFG_TEST_POSIX)
+#define WOLFHSM_CFG_CLIENT_CRYPTIMEOUT_SEC (2)
+#define WOLFHSM_CFG_TEST_CLIENT_CRYPTIMEOUT
+#endif /* WOLFHSM_CFG_TEST_CLIENT_CRYPTIMEOUT */
+
 #endif /* WOLFHSM_CFG_H_ */

test/wh_test_common.c

@@ -26,7 +26,9 @@
 #include <wolfhsm/wh_error.h>
 
 #include "wh_test_common.h"
-
+#if defined(WOLFHSM_CFG_TEST_CLIENT_CRYPTIMEOUT)
+#include <sys/time.h> /* For gettimeofday */
+#endif
 
 /**
  * Helper function to configure and select an NVM backend for testing.
@@ -90,3 +92,52 @@ int whTest_NvmCfgBackend(whTestNvmBackendType   type,
 
     return 0;
 }
+
+#if defined(WOLFHSM_CFG_TEST_CLIENT_CRYPTIMEOUT)
+#include <time.h>
+#include <sys/time.h> /* For gettimeofday */
+
+uint64_t whTest_GetCurrentTime(int reset)
+{
+    (void)reset;
+#if defined(CLOCK_MONOTONIC)
+    struct timespec ts;
+
+    if (clock_gettime(CLOCK_MONOTONIC, &ts) != 0)
+        return 0;
+
+    /* Convert to milliseconds number. */
+    return (uint64_t)ts.tv_sec * 1000ULL +
+           (uint64_t)ts.tv_nsec / 1000000ULL;
+#else
+    struct timeval tv;
+    if (gettimeofday(&tv, 0) < 0)
+        return 0;
+    /* Convert to milliseconds number. */
+    return (uint64_t)(tv.tv_sec * 1000ULL + tv.tv_usec / 1000ULL);
+#endif
+}
+/* start_time stores the time (in milliseconds) returned by the GetCurrentTime()
+ * callback when the operation started.
+ * The actual unit depends on the GetCurrentTime() implementation.
+ * timeout_ms represents the timeout in milliseconds, which is derived from
+ * the crypt_timeout value in whCommClientConfig.
+ */
+int whTest_CheckCryptoTimeout(uint64_t* start_time, uint64_t timeout_ms)
+{
+    uint64_t current_time;
+    uint64_t elapsed_time;
+
+    if (start_time == NULL) return WH_ERROR_BADARGS;
+    if (timeout_ms == 0) return WH_ERROR_OK;
+
+    current_time = whTest_GetCurrentTime(0);
+    elapsed_time = current_time - *start_time;
+
+    if (elapsed_time > timeout_ms) {
+        return WH_ERROR_CRYPTIMEOUT;
+    }
+
+    return WH_ERROR_OK;
+}
+#endif /* WOLFHSM_CFG_TEST_CLIENT_CRYPTIMEOUT */

test/wh_test_common.h

@@ -139,4 +139,13 @@ int whTest_NvmCfgBackend(whTestNvmBackendType   type,
                          whTestNvmBackendUnion* nvmSetup, whNvmConfig* nvmCfg,
                          whFlashRamsimCfg* fCfg, whFlashRamsimCtx* fCtx,
                          const whFlashCb* fCb);
+uint64_t whTest_GetCurrentTime(int reset);
+int      whTest_CheckCryptoTimeout(uint64_t* start_time, uint64_t timeout_ms);
+
+#define WH_CLIENT_CRYPTO_TIMEOUT_CB                  \
+    {                                                \
+        .GetCurrentTime = whTest_GetCurrentTime,     \
+        .CheckTimeout   = whTest_CheckCryptoTimeout, \
+    }
+
 #endif /* WH_TEST_COMMON_H_ */