Bind PKCS11 ECC key duration to ECC object

mattia-moffa · mattia-moffa · commit 1707acee36cf · 2026-02-17T16:42:13.000+01:00
diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c
@@ -7891,6 +7891,13 @@ int wc_ecc_free(ecc_key* key)
         return 0;
     }
 
+#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE)
+    if (key->devId != INVALID_DEVID) {
+        wc_CryptoCb_Free(key->devId, WC_ALGO_TYPE_PK,
+                         WC_PK_TYPE_EC_KEYGEN, key);
+    }
+#endif
+
 #if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) || \
     defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \
     defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT)
diff --git a/wolfcrypt/src/wc_pkcs11.c b/wolfcrypt/src/wc_pkcs11.c
@@ -2923,8 +2923,12 @@ static int Pkcs11EcKeyGen(Pkcs11Session* session, wc_CryptoInfo* info)
 
     if (pubKey != NULL_PTR)
         session->func->C_DestroyObject(session->handle, pubKey);
-    if (ret != 0 && privKey != NULL_PTR)
+    if (ret == 0 && privKey != NULL_PTR) {
+        key->devCtx = (void*)(uintptr_t)privKey;
+    }
+    else if (ret != 0 && privKey != NULL_PTR) {
         session->func->C_DestroyObject(session->handle, privKey);
+    }
 
     return ret;
 }
@@ -2994,7 +2998,6 @@ static int Pkcs11ECDH(Pkcs11Session* session, wc_CryptoInfo* info)
 {
     int                    ret = 0;
     int                    sessionKey = 0;
-    int                    destroyPrivKey = 0;
     unsigned char*         point = NULL;
     word32                 pointLen;
     CK_RV                  rv;
@@ -3021,7 +3024,11 @@ static int Pkcs11ECDH(Pkcs11Session* session, wc_CryptoInfo* info)
     if (ret == 0) {
         WOLFSSL_MSG("PKCS#11: EC Key Derivation Operation");
 
-        if ((sessionKey = !mp_iszero(
+        if (info->pk.ecdh.private_key->devCtx != NULL) {
+            privateKey = (CK_OBJECT_HANDLE)(uintptr_t)
+                         info->pk.ecdh.private_key->devCtx;
+        }
+        else if ((sessionKey = !mp_iszero(
                 wc_ecc_key_get_priv(info->pk.ecdh.private_key))))
             ret = Pkcs11CreateEccPrivateKey(&privateKey, session,
                                          info->pk.ecdh.private_key, CKA_DERIVE);
@@ -3039,11 +3046,6 @@ static int Pkcs11ECDH(Pkcs11Session* session, wc_CryptoInfo* info)
         else {
             ret = Pkcs11FindEccKey(&privateKey, CKO_PRIVATE_KEY, session,
                                           info->pk.ecdh.public_key, CKA_DERIVE);
-            if (ret == 0) {
-                /* Key found by public key match is likely ephemeral (e.g. from
-                 * Pkcs11EcKeyGen for ECDHE), clean it up after use. */
-                destroyPrivKey = 1;
-            }
         }
     }
     if (ret == 0) {
@@ -3094,20 +3096,8 @@ static int Pkcs11ECDH(Pkcs11Session* session, wc_CryptoInfo* info)
     if (secret != CK_INVALID_HANDLE)
         session->func->C_DestroyObject(session->handle, secret);
 
-    if (sessionKey) {
+    if (sessionKey && privateKey != NULL_PTR)
         session->func->C_DestroyObject(session->handle, privateKey);
-    }
-    else if (destroyPrivKey && privateKey != NULL_PTR) {
-        /* Only destroy if the key is a non-persistent session object */
-        CK_BBOOL isToken = CK_FALSE;
-        CK_ATTRIBUTE tokenTmpl[] = {
-            { CKA_TOKEN, &isToken, sizeof(isToken) },
-        };
-        if (session->func->C_GetAttributeValue(session->handle, privateKey,
-                tokenTmpl, 1) == CKR_OK && isToken == CK_FALSE) {
-            session->func->C_DestroyObject(session->handle, privateKey);
-        }
-    }
 
     if (point != NULL)
         XFREE(point, info->pk.ecdh.public_key->heap, DYNAMIC_TYPE_ECC_BUFFER);
@@ -3335,7 +3325,11 @@ static int Pkcs11ECDSA_Sign(Pkcs11Session* session, wc_CryptoInfo* info)
     if (ret == 0) {
         WOLFSSL_MSG("PKCS#11: EC Signing Operation");
 
-        if ((sessionKey = !mp_iszero(
+        if (info->pk.eccsign.key->devCtx != NULL) {
+            privateKey = (CK_OBJECT_HANDLE)(uintptr_t)
+                         info->pk.eccsign.key->devCtx;
+        }
+        else if ((sessionKey = !mp_iszero(
                 wc_ecc_key_get_priv(info->pk.eccsign.key))))
             ret = Pkcs11CreateEccPrivateKey(&privateKey, session,
                                                 info->pk.eccsign.key, CKA_SIGN);
@@ -3399,7 +3393,7 @@ static int Pkcs11ECDSA_Sign(Pkcs11Session* session, wc_CryptoInfo* info)
                                                          sz);
     }
 
-    if (sessionKey)
+    if (sessionKey && privateKey != NULL_PTR)
         session->func->C_DestroyObject(session->handle, privateKey);
 
     return ret;
@@ -4750,6 +4744,25 @@ int wc_Pkcs11_CryptoDevCb(int devId, wc_CryptoInfo* info, void* ctx)
         else
             ret = NOT_COMPILED_IN;
     }
+#ifdef WOLF_CRYPTO_CB_FREE
+    else if (info->algo_type == WC_ALGO_TYPE_FREE) {
+    #ifdef HAVE_ECC
+        if (info->free.algo == WC_ALGO_TYPE_PK &&
+            info->free.type == WC_PK_TYPE_EC_KEYGEN) {
+            ecc_key* key = (ecc_key*)info->free.obj;
+            if (key != NULL && key->devCtx != NULL) {
+                if (token->handle != NULL_PTR) {
+                    CK_OBJECT_HANDLE handle =
+                        (CK_OBJECT_HANDLE)(uintptr_t)key->devCtx;
+                    token->func->C_DestroyObject(token->handle, handle);
+                }
+                key->devCtx = NULL;
+            }
+            ret = 0;
+        }
+    #endif
+    }
+#endif /* WOLF_CRYPTO_CB_FREE */
 
     return ret;
 }
diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h
@@ -4962,6 +4962,9 @@ extern void uITRON4_free(void *p) ;
            " (WC_TEST_NO_CRYPTOCB_SW_TEST)" \
            " requires WOLF_CRYPTO_CB"
 #endif
+#if defined(HAVE_PKCS11) && !defined(WOLF_CRYPTO_CB_FREE)
+    #define WOLF_CRYPTO_CB_FREE
+#endif
 #if (defined(WOLF_CRYPTO_CB_COPY) || defined(WOLF_CRYPTO_CB_FREE)) && \
     !defined(WOLF_CRYPTO_CB)
     #error "Crypto callback utilities" \
