Fix expected callback behavior for ECC/Dilithium for Free Callbacks#9962
Merged
dgarske merged 6 commits intowolfSSL:masterfrom Mar 13, 2026
Merged
Conversation
… match existing free callback code paths
…spects the return code of the callback
…et passed to hit callback paths when configured and that Dilithium will be retested in the callback section of the wolfCrypt test.
… it respects the return code of the callback
night1rider
force-pushed
the
ecc-dilithium-callback-free-fix
branch
from
c00ee29 to
1625b29
Compare
…turn CRYPTOCB_UNAVAILABLE after attempting the context free so the caller still does software cleanup on the rest of the context that the callback does not handle.
night1rider
force-pushed
the
ecc-dilithium-callback-free-fix
branch
from
1625b29 to
2626f97
Compare
Contributor
There was a problem hiding this comment.
Pull request overview
Aligns ECC and Dilithium “free” crypto callback behavior with the existing wolfCrypt convention: callbacks return 0 when they fully handled cleanup, and only CRYPTOCB_UNAVAILABLE requests software fallback cleanup. This prevents inconsistent cleanup behavior across crypto backends (software vs HW/HSM via callbacks).
Changes:
- Update
wc_ecc_free()andwc_dilithium_free()to honorwc_CryptoCb_Free()return values (early-return unlessCRYPTOCB_UNAVAILABLE). - Adjust PKCS#11 free callback handling to return
CRYPTOCB_UNAVAILABLEafter HSM object release so software cleanup still occurs. - Extend tests/CI to cover Dilithium free-callback paths and run a new CI config that enables the relevant callback features.
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
wolfcrypt/src/ecc.c |
Honor crypto-callback free return value to decide whether to run software cleanup. |
wolfcrypt/src/dilithium.c |
Same as ECC: respect callback return code for free behavior. |
wolfcrypt/src/wc_pkcs11.c |
Return CRYPTOCB_UNAVAILABLE from PKCS#11 free handlers to ensure software cleanup still runs. |
wolfcrypt/test/test.c |
Run Dilithium tests under cryptocb test path and add cryptocb free handling for ECC/Dilithium in the test callback; update Dilithium inits to *_init_ex(..., devId). |
.github/workflows/os-check.yml |
Add CI matrix entry to exercise cryptocb + pkcallbacks + dilithium configuration. |
Comments suppressed due to low confidence (1)
wolfcrypt/test/test.c:47004
- On
wc_dilithium_init_ex()failure this returns immediately, skipping theout:cleanup path. InWOLFSSL_SMALL_STACK && !WOLFSSL_NO_MALLOCbuilds that leaksmsg,key, andpubExported. Route this error through the existingout:label (or free the allocated buffers) before returning.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
dgarske
approved these changes
Mar 13, 2026
Contributor
|
Thanks for this fix! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
A crypto callback is a replacement for the wolfSSL function: returning 0 means the callback handled cleanup, only
CRYPTOCB_UNAVAILABLEsignals fallback to software.wc_ecc_freeandwc_dilithium_freeignored thewc_CryptoCb_Freereturn value, breaking this convention established by AES and SHA free handlers.Without this fix, callback authors who only clean up their hardware resource and return 0 have wolfSSL do the software cleanup of the rest of the context.
If the return check is added later to match convention, wolfSSL would return early on 0, silently skipping software cleanup and possibly leaking memory, a that would be hard to detect on embedded devices.
This PR also updates PKCS11 free handlers to return CRYPTOCB_UNAVAILABLE after HSM cleanup, adds ECC/dilithium free test cases, and adds CI coverage.
The original addition of the ECC Free Callback: #9780
The original addition of the Dilithium Free Callback: #9836