Let applications create a key in a specific secure element slot #202
Conversation
gilles-peskine-arm
added
enhancement
gilles-peskine-arm
force-pushed
the
psa-se_driver-choose_key_slot_number
branch
from
e425596 to
fcfd4f3
Compare
include/psa/crypto_se_driver.h
Outdated
| * if the platform is reset after this function returns, the core | ||
| * may either subsequently call | ||
| * psa_drv_se_key_management_t::p_destroy or may behave as if the | ||
| * last call to this function had not taken place. |
There was a problem hiding this comment.
What do you mean by "behave as if the last call to this function had not taken place"? Should the driver store persistent data about allocation separately? Should it be able to work in the following situation:
p_allocatecalled, slot 1 returned;- hardware resets;
p_generatecalled with slot 1?
There was a problem hiding this comment.
I'm actually not sure about that case. I'm going to try to come up with clearer explanations, but first I need to figure out in more detail which behaviors are possible.
I'd like to merge this PR without necessarily getting all the corner cases right (and there's a precedent: this function has been there for several weeks with incomplete documentation). But I'm planning to make at least one update here.
There was a problem hiding this comment.
I've reworked the documentation. I don't think it covers all the subtleties that can arise if an error or a reset happens, but I think it's good enough for now.
include/psa/crypto_se_driver.h
Outdated
| /** Function that allocates a slot. */ | ||
| /** Function that allocates a slot for a key. | ||
| * | ||
| * The core calls this function to determine a slot number, then |
There was a problem hiding this comment.
Why is this documentation here, not next to psa_drv_se_allocate_key_t?
There was a problem hiding this comment.
I'm not sure how to structure the documentation between the type and the function pointer. I think it makes more sense to document in the documentation of the type, which is where the parameters and return type are spelled out. But I don't think it makes sense to document the context in which the function is called there, and especially not information like “this function is called after that function” — from a type, it doesn't really make sense to reference a specific function rather than another type.
I'm open to suggestions to structure the documentation better.
There was a problem hiding this comment.
I would propose leaving just short notes here, like Function that allocates a slot for a key., and provide all the documentation next to psa_drv_se_allocate_key_t. With the current structure, if someone wants to use this function, he/she has to read about it in both of these places, and that's confusing.
Add infrastructure for internal, external and dual-use flags, with a compile-time check (if static_assert is available) to ensure that the same numerical value doesn't get declared for two different purposes in crypto_struct.h (external or dual-use) and psa_crypto_core.h (internal).
Add a slot_number field to psa_key_attributes_t and getter/setter functions. Since slot numbers can have the value 0, indicate the presence of the field via a separate flag. In psa_get_key_attributes(), report the slot number if the key is in a secure element. When creating a key, for now, applications cannot choose a slot number. A subsequent commit will add this capability in the secure element HAL.
Test the behavior of the getter/setter functions. Test that psa_get_key_slot_number() reports a slot number for a key in a secure element, and doesn't report a slot number for a key that is not in a secure element. Test that psa_get_key_slot_number() reports the correct slot number for a key in a secure element.
check-names.sh rejects MBEDTLS_XXX identifiers that are not defined in a public header.
This didn't break anything now, but would have broken things once we start to add internal flags.
This function no longer modifies anything, so it doesn't actually allocate the slot. Now, it just returns the empty key slot, and it's up to the caller to cause the slot to be in use (or not).
Pave the way for allowing the application to choose the slot number in a secure element, rather than always letting the driver choose.
Allow the application to choose the slot number in a secure element, rather than always letting the driver choose. With this commit, any application may request any slot. In an implementation with isolation, it's up to the service to filter key creation requests and apply policies to limit which applications can request which slot.
|
I've rebased on top of the target branch now that #197 is merged. The rebase shows a large diff because other things were also merged, including |
gilles-peskine-arm
force-pushed
the
psa-se_driver-choose_key_slot_number
branch
from
54e9bd8 to
0a11044
Compare
gilles-peskine-arm
added
needs: work
gilles-peskine-arm
added
needs: review
gilles-peskine-arm
removed
the
needs: review
Successor of #201. The first new commit is "Improve documentation of the allocate method".