Conversation
danielinux
force-pushed
the
wolfPKCS11_test
branch
from
ffefd39 to
a1bd17a
Compare
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 7 out of 7 changed files in this pull request and generated 4 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 13 out of 13 changed files in this pull request and generated 4 comments.
Comments suppressed due to low confidence (1)
Makefile:1
- This change removes the previous
|| truebehavior, making signing failures stop the build. That’s a significant behavior change and isn’t mentioned in the PR description (which focuses on PKCS11 tests). If the intent is to make signing errors fatal, please call it out in the PR description; if not, consider restoring the prior non-fatal behavior for this target.
## wolfBoot Makefile
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
+ added m33mu two-runs test for persistent storage coverage
danielinux
force-pushed
the
wolfPKCS11_test
branch
from
fa7acaf to
c435755
Compare
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 11 out of 11 changed files in this pull request and generated 5 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 11 out of 11 changed files in this pull request and generated 3 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 11 out of 11 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| (void)wolfpkcs11nsFunctionList.C_Logout(session); | ||
| (void)wolfpkcs11nsFunctionList.C_CloseSession(session); |
There was a problem hiding this comment.
In cleanup you call C_Logout/C_CloseSession unconditionally even when session is still CK_INVALID_HANDLE (e.g., if session open/login failed and you goto cleanup). Some PKCS#11 implementations treat an invalid handle as an error or may assert. Guard these calls with if (session != CK_INVALID_HANDLE) (and only logout if login succeeded).
| (void)wolfpkcs11nsFunctionList.C_Logout(session); | |
| (void)wolfpkcs11nsFunctionList.C_CloseSession(session); | |
| if (session != CK_INVALID_HANDLE) { | |
| (void)wolfpkcs11nsFunctionList.C_Logout(session); | |
| (void)wolfpkcs11nsFunctionList.C_CloseSession(session); | |
| } |
| if(WOLFCRYPT_TZ_PKCS11) | ||
| list(APPEND TEST_APP_COMPILE_DEFINITIONS WOLFBOOT_PKCS11_APP SECURE_PKCS11 WOLFPKCS11_USER_SETTINGS) | ||
| list(APPEND TEST_APP_COMPILE_DEFINITIONS | ||
| WOLFBOOT_PKCS11_APP | ||
| SECURE_PKCS11 | ||
| WOLFBOOT_TZ_PKCS11 | ||
| WOLFPKCS11_USER_SETTINGS) | ||
| if(PKCS11_TESTAPP) | ||
| list(APPEND TEST_APP_COMPILE_DEFINITIONS WOLFBOOT_PKCS11_TESTAPP) | ||
| endif() | ||
| set(WOLFSSL_PKCS11_SOURCES | ||
| test_pkcs11.c | ||
| wcs/pkcs11_stub.c |
There was a problem hiding this comment.
The WOLFCRYPT_TZ_PKCS11 block adds PKCS#11 sources/defines even when TZEN is OFF, but test_pkcs11.c includes user_settings.h which is provided via the wcs include directory that you only add under if(TZEN). This makes the CMake build inconsistent with the Makefile (which only builds PKCS#11 test code when TZEN=1) and can break configurations that enable WOLFCRYPT_TZ_PKCS11 without TZEN. Consider nesting this block under if(TZEN AND WOLFCRYPT_TZ_PKCS11) or emitting a FATAL_ERROR when WOLFCRYPT_TZ_PKCS11 is set without TZEN.
Uh oh!
There was an error while loading. Please reload this page.