Add crypto callback support for copy operations (SHA-256)

night1rider · night1rider · commit 4d6418f31aeb · 2025-10-20T10:06:30.000-06:00
diff --git a/wolfcrypt/src/cryptocb.c b/wolfcrypt/src/cryptocb.c
@@ -80,8 +80,8 @@ static const char* GetAlgoTypeStr(int algo)
         case WC_ALGO_TYPE_HMAC:   return "HMAC";
         case WC_ALGO_TYPE_CMAC:   return "CMAC";
         case WC_ALGO_TYPE_CERT:   return "Cert";
-        case WC_ALGO_TYPE_KDF:
-            return "KDF";
+        case WC_ALGO_TYPE_KDF:    return "KDF";
+        case WC_ALGO_TYPE_COPY:   return "Copy";
     }
     return NULL;
 }
@@ -174,6 +174,16 @@ static const char* GetCryptoCbCmdTypeStr(int type)
 }
 #endif
 
+#ifndef NO_COPY_CB
+static const char* GetCryptoCbCopyTypeStr(int type)
+{
+    switch (type) {
+        case WC_CRYPTOCB_COPY_TYPE_SHA256:    return "SHA256-Copy";
+    }
+    return NULL;
+}
+#endif /* !NO_COPY_CB */
+
 #if (defined(HAVE_HKDF) && !defined(NO_HMAC)) || defined(HAVE_CMAC_KDF)
 static const char* GetKdfTypeStr(int type)
 {
@@ -253,6 +263,13 @@ void wc_CryptoCb_InfoString(wc_CryptoInfo* info)
             GetCryptoCbCmdTypeStr(info->cmd.type), info->cmd.type);
     }
 #endif
+#ifndef NO_COPY_CB
+    else if (info->algo_type == WC_ALGO_TYPE_COPY) {
+        printf("Crypto CB: %s %s (%d)\n",
+            GetAlgoTypeStr(info->algo_type),
+            GetCryptoCbCopyTypeStr(info->copy.type), info->copy.type);
+    }
+#endif
 #if (defined(HAVE_HKDF) && !defined(NO_HMAC)) || \
     defined(HAVE_CMAC_KDF)
     else if (info->algo_type == WC_ALGO_TYPE_KDF) {
@@ -2028,6 +2045,41 @@ int wc_CryptoCb_Hkdf(int hashType, const byte* inKey, word32 inKeySz,
 }
 #endif /* HAVE_HKDF && !NO_HMAC */
 
+#ifndef NO_COPY_CB
+/* General copy callback function for algorithm structures
+ * devId: The device ID to use for the callback
+ * copyType: The type of structure being copied (enum wc_CryptoCbCopyType)
+ * src: Pointer to source structure
+ * dst: Pointer to destination structure
+ * Returns: 0 on success, negative on error, CRYPTOCB_UNAVAILABLE if not handled
+ */
+int wc_CryptoCb_Copy(int devId, int copyType, void* src, void* dst)
+{
+    int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
+    CryptoCb* dev;
+
+    /* Validate inputs */
+    if (src == NULL || dst == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    /* Find registered callback device */
+    dev = wc_CryptoCb_FindDevice(devId, WC_ALGO_TYPE_COPY);
+    if (dev && dev->cb) {
+        wc_CryptoInfo cryptoInfo;
+        XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo));
+        cryptoInfo.algo_type = WC_ALGO_TYPE_COPY;
+        cryptoInfo.copy.type = copyType;
+        cryptoInfo.copy.src = src;
+        cryptoInfo.copy.dst = dst;
+        
+        ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx);
+    }
+    
+    return wc_CryptoCb_TranslateErrorCode(ret);
+}
+#endif /* !NO_COPY_CB */
+
 
 #if defined(HAVE_CMAC_KDF)
 /* Crypto callback for NIST SP 800 56C two-step CMAC KDF. See software
diff --git a/wolfcrypt/src/sha256.c b/wolfcrypt/src/sha256.c
@@ -2576,6 +2576,20 @@ int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst)
         return BAD_FUNC_ARG;
     }
 
+#if defined(WOLF_CRYPTO_CB) && !defined(NO_COPY_CB)
+    #ifndef WOLF_CRYPTO_CB_FIND
+    if (src->devId != INVALID_DEVID)
+    #endif
+    {
+        /* Cast the source and destination to be void to keep the abstraction */
+        ret = wc_CryptoCb_Copy(src->devId, WC_CRYPTOCB_COPY_TYPE_SHA256, 
+                               (void*)src, (void*)dst);
+        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
+            return ret;
+        /* fall-through when unavailable */
+    }
+#endif
+
     XMEMCPY(dst, src, sizeof(wc_Sha256));
 
 #ifdef WOLFSSL_MAXQ10XX_CRYPTO
diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c
@@ -61295,6 +61295,43 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
         }
     }
 #endif /* !NO_SHA || !NO_SHA256 */
+#ifndef NO_COPY_CB
+    else if (info->algo_type == WC_ALGO_TYPE_COPY) {
+#ifdef DEBUG_WOLFSSL
+        WOLFSSL_MSG_EX("CryptoDevCb: Copy Type %d\n", info->copy.type);
+#endif
+        switch (info->copy.type) {
+#ifndef NO_SHA256
+            case WC_CRYPTOCB_COPY_TYPE_SHA256:
+            {
+                /* Cast the source and destination to the correct type */
+                /* Given as a void pointer initally for abstraction */
+                wc_Sha256* src = (wc_Sha256*)info->copy.src;
+                wc_Sha256* dst = (wc_Sha256*)info->copy.dst;
+                
+                /* set devId to invalid, so software is used */
+                src->devId = INVALID_DEVID;
+
+                ret = wc_Sha256Copy(src, dst);
+
+                /* reset devId */
+                src->devId = devIdArg;
+                if (ret == 0) {
+                    /* Set the devId of the destination to the same as the */
+                    /* since we used the software implementation of copy */
+                    /* so dst would have been set to INVALID_DEVID */
+                    dst->devId = devIdArg;
+                }
+
+                break;
+            }
+#endif /* !NO_SHA256 */
+            default:
+                ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
+                break;
+        }
+    }
+#endif /* !NO_COPY_CB */
 #ifndef NO_HMAC
     else if (info->algo_type == WC_ALGO_TYPE_HMAC) {
         if (info->hmac.hmac == NULL)
diff --git a/wolfssl/wolfcrypt/cryptocb.h b/wolfssl/wolfcrypt/cryptocb.h
@@ -101,6 +101,15 @@ enum wc_CryptoCbCmdType {
 };
 #endif
 
+#ifndef NO_COPY_CB
+/* CryptoCb Copy Types - for copy operations on algorithm structures */
+enum wc_CryptoCbCopyType {
+    WC_CRYPTOCB_COPY_TYPE_NONE = 0,
+    WC_CRYPTOCB_COPY_TYPE_SHA256,
+    WC_CRYPTOCB_COPY_TYPE_MAX = WC_CRYPTOCB_COPY_TYPE_SHA256
+};
+#endif /* !NO_COPY_CB */
+
 
 #if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
 typedef struct {
@@ -468,6 +477,13 @@ typedef struct wc_CryptoInfo {
         void *ctx;
     } cmd;
 #endif
+#ifndef NO_COPY_CB
+    struct {      /* uses wc_AlgoType=WC_ALGO_TYPE_COPY */
+        int type; /* enum wc_CryptoCbCopyType */
+        void *src; /* Source structure to copy from */
+        void *dst; /* Destination structure to copy to */
+    } copy;
+#endif
 #if defined(HAVE_HKDF) || defined(HAVE_CMAC_KDF)
     struct {
         int type; /* enum wc_KdfType */
@@ -737,6 +753,11 @@ WOLFSSL_LOCAL int wc_CryptoCb_GetCert(int devId, const char *label,
     word32* outSz, int *format, void *heap);
 #endif
 
+#ifndef NO_COPY_CB
+WOLFSSL_LOCAL int wc_CryptoCb_Copy(int devId, int copyType, void* src,
+                                    void* dst);
+#endif
+
 #endif /* WOLF_CRYPTO_CB */
 
 #ifdef __cplusplus
diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h
@@ -1309,8 +1309,9 @@ enum wc_AlgoType {
     WC_ALGO_TYPE_CMAC = 7,
     WC_ALGO_TYPE_CERT = 8,
     WC_ALGO_TYPE_KDF = 9,
+    WC_ALGO_TYPE_COPY = 10,
 
-    WC_ALGO_TYPE_MAX = WC_ALGO_TYPE_KDF
+    WC_ALGO_TYPE_MAX = WC_ALGO_TYPE_COPY
 };
 
 /* KDF types */
