Add hooks for generate and sign in a secure element #211
Conversation
gilles-peskine-arm
added
enhancement
gilles-peskine-arm
added
the
needs: review
gilles-peskine-arm
force-pushed
the
psa-se_driver-generate_key
branch
from
f87796a to
feb9910
Compare
include/psa/crypto_se_driver.h
Outdated
| * psa_get_key_algorithm() to access this | ||
| * information. | ||
| * \param[in] data Buffer containing the key data. | ||
| * \param[in] data_length Size of the `data` buffer in bytes. |
There was a problem hiding this comment.
Nitpick: data is referred to with a /p prefix earlier in the comment.
There was a problem hiding this comment.
Since I was rebasing anyway, I amended the commit that rewrote that line.
include/psa/crypto_se_driver.h
Outdated
| * to the \p pubkey buffer. | ||
| * This is optional, intended for secure elements that output the | ||
| * public key at generation time and that cannot export the public key | ||
| * later. Drivers that do not need this feature should leave |
There was a problem hiding this comment.
Double whitespace after not
There was a problem hiding this comment.
Since I was rebasing anyway, I amended the commit that introduced that line.
| * later. Drivers that do not need this feature should leave | ||
| * \p *pubkey_length set to 0 and should | ||
| * implement the psa_drv_key_management_t::p_export_public function. | ||
| * Some implementations do not support this feature, in which case |
There was a problem hiding this comment.
NULL can also be passed in a case when the user is not interested in receiving the public key, right? This information is missing.
There was a problem hiding this comment.
No, there's no such thing as “the user is not interested in receiving the public key”. psa_generate_key never outputs the public key. If the driver outputs the public key, the core stores it in case the user ever calls psa_export_public_key later.
There was a problem hiding this comment.
I would suggest reworking it a bit to use key exporting instead of/in addition to passing raw key material to both of the handles.
I would see a following test here:
- Generate key / Import Key (sw / driver to choose);
- Export public key (sw/driver);
- Import key (sw/driver);
- Sign (sw/driver);
- Verify (sw driver);
This way we could run the following cases:
- HW stack only (importing into a different slot);
- HW generate, export public, and sign, SW rest;
- SW generate, export public and sign, HW rest;
Maybe it's too much to handle with one test, but I'd suggest adding public key exporting to the pipeline in any test that you will consider the most readable.
gilles-peskine-arm
added
needs: work
The methods to import and generate a key in a secure element drivers were written for an earlier version of the application-side interface. Now that there is a psa_key_attributes_t structure that combines all key metadata including its lifetime (location), type, size, policy and extra type-specific data (domain parameters), pass that to drivers instead of separate arguments for each piece of metadata. This makes the interface less cluttered. Update parameter names and descriptions to follow general conventions. Document the public-key output on key generation more precisely. Explain that it is optional in a driver, and when a driver would implement it. Declare that it is optional in the core, too (which means that a crypto core might not support drivers for secure elements that do need this feature). Update the implementation and the tests accordingly.
Factor common code of ram_import and ram_fake_generate into a common auxiliary function. Reject key types that aren't supported by this test code. Report the bit size correctly for EC key pairs.
Add a flow where the key is imported or fake-generated in the secure element, then call psa_export_public_key and do the software verification with the public key.
gilles-peskine-arm
force-pushed
the
psa-se_driver-generate_key
branch
from
5c6dadd to
8df72f2
Compare
gilles-peskine-arm
added
needs: review
| * This is \c NULL when generating a symmetric | ||
| * key or if the core does not support | ||
| * exporting the public key at generation time. | ||
| * \param pubkey_size The size of the `pubkey` buffer in bytes. |
There was a problem hiding this comment.
Non-blocker: the pubkey parameter is referenced here in an inconsistent way.
There was a problem hiding this comment.
I'm sure it isn't the only place, and it's preexisting. I'll fix it if I change something else.
|
@AndrzejKurek I forgot to mention: I added a test that goes through |
gilles-peskine-arm
removed
the
needs: review
Update the import and generate methods in the secure element driver interface to use `psa_key_attributes_t.
Implement hooks to call a secure element for key generation and asymmetric signature and verification.