Rust wrapper: add digest and signature crate trait implementations#10248
Rust wrapper: add digest and signature crate trait implementations#10248holtrop-wolfssl wants to merge 2 commits intowolfSSL:masterfrom
Conversation
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
Adds RustCrypto digest and signature crate trait implementations to the wolfCrypt Rust wrapper, enabling interoperability with the broader RustCrypto ecosystem.
Changes:
- Implement RustCrypto
digesttraits for SHA/SHA3 hashers (sha_digest.rs) and add corresponding tests. - Add RustCrypto
signaturetrait-based wrappers for ECDSA and RSA PKCS#1 v1.5, plus trait impls for Ed25519/Ed448, with new tests. - Add a build-time configuration guard for an incompatible wolfSSL RNG layout and enable new features in Cargo/Makefile.
Reviewed changes
Copilot reviewed 16 out of 17 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| wrapper/rust/wolfssl-wolfcrypt/src/sha_digest.rs | Implements RustCrypto digest traits for SHA-family hashers. |
| wrapper/rust/wolfssl-wolfcrypt/src/ecdsa.rs | Adds ECDSA signature trait wrappers (P-256/P-384/P-521). |
| wrapper/rust/wolfssl-wolfcrypt/src/rsa_pkcs1v15.rs | Adds RSA PKCS#1 v1.5 signature trait wrappers and fixed-size signature type. |
| wrapper/rust/wolfssl-wolfcrypt/src/ed25519.rs | Adds signature trait impls and exports Signature/VerifyingKey. |
| wrapper/rust/wolfssl-wolfcrypt/src/ed448.rs | Adds signature trait impls and exports Signature/VerifyingKey. |
| wrapper/rust/wolfssl-wolfcrypt/src/rsa.rs | Exposes internal key handle to crate and adds new_public_from_raw(_ex). |
| wrapper/rust/wolfssl-wolfcrypt/src/ecc.rs | Exposes internal key handle to crate for ECDSA wrappers. |
| wrapper/rust/wolfssl-wolfcrypt/src/lib.rs | Wires in new modules behind digest/signature features. |
| wrapper/rust/wolfssl-wolfcrypt/tests/test_sha_digest.rs | Tests digest::Digest behavior for SHA/SHA3 implementations. |
| wrapper/rust/wolfssl-wolfcrypt/tests/test_ecdsa.rs | Tests ECDSA signing/verifying and encoding round-trips via signature traits. |
| wrapper/rust/wolfssl-wolfcrypt/tests/test_rsa_pkcs1v15.rs | Tests RSA PKCS#1 v1.5 sign/verify and key/encoding invariants. |
| wrapper/rust/wolfssl-wolfcrypt/tests/test_ed25519.rs | Adds tests for Ed25519 signature trait interoperability. |
| wrapper/rust/wolfssl-wolfcrypt/tests/test_ed448.rs | Adds tests for Ed448 signature trait interoperability. |
| wrapper/rust/wolfssl-wolfcrypt/build.rs | Adds build-time rejection for self-referential RNG layout. |
| wrapper/rust/wolfssl-wolfcrypt/Cargo.toml | Adds digest/signature features and dependencies. |
| wrapper/rust/wolfssl-wolfcrypt/Makefile | Enables digest and signature features in default feature set. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| // When WOLFSSL_NO_MALLOC is set without WOLFSSL_STATIC_MEMORY, the | ||
| // WC_RNG struct contains an inline `drbg_data` field and wolfCrypt sets | ||
| // `rng->drbg = &rng->drbg_data` — a self-referential pointer. Rust | ||
| // moves values by memcpy, which would silently invalidate that pointer. | ||
| // Detect this configuration and refuse to build. | ||
| if binding.contains("drbg_data") { | ||
| eprintln!( | ||
| "error: wolfSSL appears to be built with WOLFSSL_NO_MALLOC \ | ||
| (without WOLFSSL_STATIC_MEMORY). This embeds a self-referential \ | ||
| pointer inside WC_RNG (drbg -> drbg_data) that is incompatible \ | ||
| with Rust move semantics. Please rebuild wolfSSL without \ | ||
| WOLFSSL_NO_MALLOC, or enable WOLFSSL_STATIC_MEMORY." | ||
| ); | ||
| std::process::exit(1); | ||
| } |
There was a problem hiding this comment.
binding.contains("drbg_data") is an overly broad heuristic that can cause false positives (any unrelated symbol/comment containing that substring will hard-error the build). Prefer a more targeted check (mandatory): e.g., regex match the WC_RNG struct definition (or the generated bindgen struct) and confirm it contains a drbg_data field and the self-referential drbg pointer arrangement you’re trying to guard against.
| impl<H: Hash, const N: usize> Keypair for SigningKey<H, N> { | ||
| type VerifyingKey = VerifyingKey<H, N>; | ||
| fn verifying_key(&self) -> VerifyingKey<H, N> { | ||
| let mut n = [0u8; N]; | ||
| let mut e = [0u8; MAX_E_LEN]; | ||
| let mut n_len: u32 = n.len() as u32; | ||
| let mut e_len: u32 = e.len() as u32; | ||
| let rc = unsafe { | ||
| sys::wc_RsaFlattenPublicKey( | ||
| &self.inner.wc_rsakey, | ||
| e.as_mut_ptr(), &mut e_len, | ||
| n.as_mut_ptr(), &mut n_len, | ||
| ) | ||
| }; | ||
| if rc != 0 { | ||
| panic!("wc_RsaFlattenPublicKey failed: {rc}"); | ||
| } | ||
| VerifyingKey { | ||
| n, | ||
| e, | ||
| e_len: e_len as u8, | ||
| _hash: PhantomData, | ||
| } | ||
| } | ||
| } |
There was a problem hiding this comment.
Keypair::verifying_key() does not validate n_len/e_len after wc_RsaFlattenPublicKey, but VerifyingKey::from_rsa() does validate these lengths. This can produce a malformed VerifyingKey (e.g., truncated exponent length) if wolfCrypt ever returns unexpected sizes; add the same n_len == N, e_len != 0, and e_len <= MAX_E_LEN checks here (and fail consistently, ideally via panic! since the trait signature is infallible).
| pub mod rsa_pkcs1v15; | ||
| pub mod sha; | ||
| #[cfg(feature = "digest")] | ||
| mod sha_digest; |
There was a problem hiding this comment.
sha_digest contains substantial module-level rustdoc explaining a user-facing capability (RustCrypto Digest interoperability) but the module is private, so that documentation won’t show up in generated public docs. Consider (optional) either making it pub mod sha_digest (possibly #[doc(hidden)] if you don’t want it as a public module) or moving the relevant docs to a public location (e.g., crate-level docs or the sha module docs) while keeping the impls internal.
| mod sha_digest; | |
| pub mod sha_digest; |
|
Description
Rust wrapper: add digest and signature crate trait implementations
Testing
Unit/CI tests
Checklist