Implement HW/SW crypto affinity

[AlexLanzano]

Add SetCryptoAffinity API for runtime HW/SW crypto selection

Summary

This PR adds a new client API to dynamically switch between hardware and software cryptographic implementations at runtime. This allows clients to control whether the server uses crypto callbacks (hardware acceleration) or pure software wolfCrypt implementations.

Changes

• New Client API (wh_client.c, wh_client.h)

  • wh_Client_SetCryptoAffinity() - blocking call
  • wh_Client_SetCryptoAffinityRequest() / wh_Client_SetCryptoAffinityResponse() - async API

• New Message Types (wh_message_comm.c, wh_message_comm.h)

  • WH_MESSAGE_COMM_ACTION_SET_CRYPTO_AFFINITY action
  • WH_CRYPTO_AFFINITY_SW / WH_CRYPTO_AFFINITY_HW enum values
  • Request/response structures with translation functions

• Server Handler (wh_server.c, wh_server.h)

  • Added configDevId field to preserve the original configured device ID
  • Handler switches devId between INVALID_DEVID (SW) and configDevId (HW)

• New Error Code (wh_error.h)

  • WH_ERROR_BADCONFIG (-2010) - returned when HW affinity is requested but no HW crypto was configured

• Tests (wh_test_clientserver.c)

  • Added _testCryptoAffinity() to verify SW/HW switching behavior

• Documentation (docs/draft/crypto_affinity.md)

  • API usage guide with examples

Usage

int32_t server_rc;
uint32_t affinity;

// Switch to software crypto
wh_Client_SetCryptoAffinity(client, WH_CRYPTO_AFFINITY_SW, &server_rc, &affinity);

// Switch to hardware crypto (if configured)
wh_Client_SetCryptoAffinity(client, WH_CRYPTO_AFFINITY_HW, &server_rc, &affinity);

[Copilot]

Pull request overview

This PR implements a new client API to dynamically switch between hardware and software cryptographic implementations at runtime. The feature allows clients to control whether the server uses hardware acceleration (via crypto callbacks) or pure software wolfCrypt implementations by modifying the server's devId field.

Changes:

• New client API with both blocking and async variants for setting crypto affinity
• Server handler to process affinity change requests with proper validation and error handling
• New message types and translation functions for client-server communication
• Comprehensive test coverage including edge cases and error conditions

Reviewed changes

Copilot reviewed 9 out of 9 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
wolfhsm/wh_server.h	Added configDevId field to preserve original device ID configuration
wolfhsm/wh_message_comm.h	Defined message action, enum values, and request/response structures
wolfhsm/wh_error.h	Added WH_ERROR_BADCONFIG error code for configuration failures
wolfhsm/wh_client.h	Declared new client API functions with comprehensive documentation
src/wh_server.c	Implemented initialization of configDevId and request handler with validation
src/wh_message_comm.c	Implemented message translation functions following existing patterns
src/wh_client.c	Implemented client APIs with proper error handling and retry logic
test/wh_test_clientserver.c	Added comprehensive test coverage for various scenarios
docs/draft/crypto_affinity.md	Created API documentation with usage examples and return code reference

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 11 out of 12 changed files in this pull request and generated 2 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 11 out of 12 changed files in this pull request and generated 3 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

[bigbrett]

Nice work. Some tweaks required and some deeper architectural questions.

[bigbrett]

Suggested change

	WH_CRYPTO_AFFINITY_HW = 1, // Use hardware crypto (devId = configured value)
	WH_CRYPTO_AFFINITY_HW = 1, // Attempt hardware crypto (devId = configured value)

[bigbrett]

Suggested change

	The SetCryptoAffinity feature allows a client to control whether the server uses **software** or **hardware** cryptographic implementations.
	The SetCryptoAffinity feature allows a client to control whether the server should use **software** or attempt to use a **hardware** cryptographic implementation when processing crypto requests.

Also add a blurb describing how it applies to future requests, vs just one. Also mention default values.

[bigbrett]

Just for flexibility, should we add a GetCryptoAffinity too?

[bigbrett]

we don't need to check against WOLF_CRYPTO_CB, we error out in wh_settings.h if this isn't defined. All crypto depends on it.

[bigbrett]

This is a bit confusing to reason about, not because of anything you are doing, but because we really aren't saying "prefer HW" here, but rather "prefer the devId you were initialized with, vs overriding it to software". I think from the clients perspective this is fine, but could you add a comment here explaining what is going on?

I appreciate the thoughtful handling of if the server's configDevId is INVALID_DEVID though. This will help provide feedback to the client for annoying dumb scenarios like if you have native HW support in wolfCrypt for a platform (e.g. part of the underlying algo implementation, not supplied via cryptoCb) where toggling this doesn't do anything.

I think adding a comment to briefly summarize this and why we are checking would be helpful.

[bigbrett]

Instead of setting up YANTH (yet another test harness) do you think we could integrate this into wh_test_clientserver.c:whTest_ClientServerSequential()`? Fine to just register the test crypto callback as part of that function as long as it isn't destructive or interferes with other stuff? I don't believe that test runs crypto tests anyway. Could always register it on the fly too if needed.

Ideally we have as few harnesses as possible, and a bunch of generic test drivers that can be run within any harness

[bigbrett]

need to check req_size == sizeof(req) to guard against underflow. If a short packet arrives, the translate function reads past the buffer

[bigbrett]

unused

[bigbrett]

currently only have 2 cases so perhaps just if() else {}? Otherwise logic on 308 is broken now too.

[bigbrett]

in light of my other comment on this being part of the comm group, all of this begs the question: should the affinity persist across client comm connect/disconnects? Or should a disconnect trigger a restoration of the affinity to the default config value? I'm leaning towards the latter.