Skip to content

Improve crypto daemon portability and provider resilience#84

Merged
antonkri merged 1 commit into
mainfrom
ugmu_improve_portability
Jul 15, 2026
Merged

Improve crypto daemon portability and provider resilience#84
antonkri merged 1 commit into
mainfrom
ugmu_improve_portability

Conversation

@antonkri

Copy link
Copy Markdown
Contributor
  • config: replace std::filesystem::exists with POSIX ::stat to avoid libstdc++fs dependency on the target/QNX toolchain
  • flatbuffer_config_parser: fix signed/unsigned comparison in file-size guard by casting std::streamsize to its unsigned equivalent
  • provider_manager: make provider creation best-effort — continue when a non-critical factory (e.g. PKCS#11/SoftHSM) fails and return false instead of throwing when no provider registers
  • openssl_hmac_handler: validate bound key against the context's provider_id instead of a hardcoded 0, with clearer error logging
  • tests/demo: set init_params.provider_id from the bound key in MakeMacHandler to mirror the mediator and fix Demo2/Demo3 MAC tests

@github-actions

github-actions Bot commented Jul 10, 2026

Copy link
Copy Markdown

License Check Results

🚀 The license check job ran with the Bazel command:

bazel run --lockfile_mode=error //:license-check

Status: ⚠️ Needs Review

Click to expand output
[License Check Output]
Extracting Bazel installation...
Starting local Bazel server (8.3.0) and connecting to it...
INFO: Invocation ID: 4b16b3cd-debf-4d85-a80b-7fd8624cb220
Computing main repo mapping: 
Computing main repo mapping: 
DEBUG: Rule 'abseil-cpp+' indicated that a canonical reproducible form can be obtained by modifying arguments integrity = "sha256-m3oGQwXp/ZTRJP+mzDWFkutCtdpYj7TgfQklSqQAhts="
DEBUG: Repository abseil-cpp+ instantiated at:
  <builtin>: in <toplevel>
Repository rule http_archive defined at:
  /home/runner/.bazel/external/bazel_tools/tools/build_defs/repo/http.bzl:394:31: in <toplevel>
Computing main repo mapping: 
DEBUG: Rule 'protobuf+' indicated that a canonical reproducible form can be obtained by modifying arguments integrity = "sha256-w6Cp7OiTLjHDtzbi2xixxC5wcM2biBOIsm0BqnHiTKI="
DEBUG: Repository protobuf+ instantiated at:
  <builtin>: in <toplevel>
Repository rule http_archive defined at:
  /home/runner/.bazel/external/bazel_tools/tools/build_defs/repo/http.bzl:394:31: in <toplevel>
Computing main repo mapping: 
DEBUG: Rule 'grpc+' indicated that a canonical reproducible form can be obtained by modifying arguments integrity = "sha256-CvN7gAlTEwtHwHW1ZoPuYL3D7aPDf8YAQZP1tWl1ggQ="
DEBUG: Repository grpc+ instantiated at:
  <builtin>: in <toplevel>
Repository rule http_archive defined at:
  /home/runner/.bazel/external/bazel_tools/tools/build_defs/repo/http.bzl:394:31: in <toplevel>
Computing main repo mapping: 
Loading: 
Loading: 1 packages loaded
Loading: 1 packages loaded
    currently loading: 
WARNING: Target pattern parsing failed.
ERROR: Skipping '//:license-check': no such target '//:license-check': target 'license-check' not declared in package '' defined by /home/runner/work/inc_security_crypto/inc_security_crypto/BUILD
ERROR: no such target '//:license-check': target 'license-check' not declared in package '' defined by /home/runner/work/inc_security_crypto/inc_security_crypto/BUILD
INFO: Elapsed time: 8.987s
INFO: 0 processes.
ERROR: Build did NOT complete successfully
ERROR: Build failed. Not running target

@sunildevda sunildevda requested a review from ChansAlive July 10, 2026 10:22
@github-actions

Copy link
Copy Markdown

The created documentation from the pull request is available at: docu-html

@ChansAlive ChansAlive left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes looks good and relevant.

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR improves the crypto daemon’s portability (notably for QNX toolchains) and strengthens multi-provider resilience by relaxing provider factory failure handling, while also aligning MAC handler initialization with provider-aware key binding.

Changes:

  • Replace std::filesystem::exists with POSIX ::stat in config discovery to avoid filesystem library/toolchain dependencies.
  • Make provider factory initialization best-effort and adjust provider registration success criteria (with a correctness issue noted below).
  • Tighten OpenSSL HMAC handler bound-key validation to compare against the context’s provider_id, and update demo tests to mirror mediator behavior.

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 3 comments.

Show a summary per file
File Description
tests/demo/mac_multi_provider_demo.cpp Sets init_params.provider_id from the bound key so MAC demo tests match mediator/provider-id validation behavior.
score/crypto/daemon/provider/src/provider_manager.cpp Changes initialization to return false instead of throwing and alters factory/provider creation flow for best-effort behavior.
score/crypto/daemon/provider/score_provider/openssl/operations/mac/openssl_hmac_handler.cpp Validates bound key provider id against context provider id and improves mismatch logging.
score/crypto/daemon/config/src/flatbuffer_config_parser.cpp Adjusts file-size guard to avoid signed/unsigned comparison warnings by casting to an unsigned equivalent.
score/crypto/daemon/config/src/config.cpp Switches config existence checks from std::filesystem::exists to ::stat for portability.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment on lines +133 to 137
bool any_registered = false;
for (auto& factory : m_factories)
{
if (!factory->CreateAndRegister(*this))
if (factory->CreateAndRegister(*this))
{
Comment on lines +90 to 94
struct stat st_cfg;
if (::stat(config_file_path, &st_cfg) != 0)
{
score::mw::log::LogError() << "[CONFIG] Configuration file does not exist:" << config_file_path;
return false;
Comment on lines +168 to +172
if (init_params.bound_key_handler->GetProviderId() != init_params.provider_id)
{
score::mw::log::LogError() << LOG_PREFIX << "InitializeContext: bound key is not an OpenSSL key handler";
score::mw::log::LogError() << LOG_PREFIX << "InitializeContext: bound key is not an OpenSSL key handler"
<< " (key provider_id=" << init_params.bound_key_handler->GetProviderId()
<< ", expected=" << init_params.provider_id << ")";
@sunildevda sunildevda requested a review from masc2023 July 15, 2026 08:17
@antonkri

Copy link
Copy Markdown
Contributor Author

/recheck

@antonkri

Copy link
Copy Markdown
Contributor Author

recheck

- config: replace std::filesystem::exists with POSIX ::stat to avoid
  libstdc++fs dependency on the target/QNX toolchain
- flatbuffer_config_parser: fix signed/unsigned comparison in file-size
  guard by casting std::streamsize to its unsigned equivalent
- provider_manager: make provider creation best-effort — continue when a
  non-critical factory (e.g. PKCS#11/SoftHSM) fails and return false
  instead of throwing when no provider registers
- openssl_hmac_handler: validate bound key against the context's
  provider_id instead of a hardcoded 0, with clearer error logging
- tests/demo: set init_params.provider_id from the bound key in
  MakeMacHandler to mirror the mediator and fix Demo2/Demo3 MAC tests
@antonkri antonkri force-pushed the ugmu_improve_portability branch from b9bef43 to 4b8ef8c Compare July 15, 2026 09:44
@nradakovic nradakovic self-requested a review July 15, 2026 09:49
@antonkri antonkri merged commit 03b3b46 into main Jul 15, 2026
11 checks passed
@antonkri antonkri deleted the ugmu_improve_portability branch July 15, 2026 09:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

5 participants