Conversation
etienne-lms
left a comment
etienne-lms
left a comment
There was a problem hiding this comment.
Thanks for the port to pkcs11 TA.
I've pointed the coding style issues, mostly indentation. See also few other comments.
That said, the overall looks good but i'll need another pass.
| PKCS11_CKK_DSA = 0x001, | ||
| PKCS11_CKK_DH = 0x002, | ||
| PKCS11_CKK_EC = 0x003, | ||
| PKCS11_CKK_EC_EDWARDS = 0x040, |
There was a problem hiding this comment.
indentation + move below line 1180 following macro values ordering.
| PKCS11_CKM_ECDSA_SHA512 = 0x01046, | ||
| PKCS11_CKM_ECDH1_DERIVE = 0x01050, | ||
| PKCS11_CKM_EC_EDWARDS_KEY_PAIR_GEN = 0x01055, | ||
| PKCS11_CKM_EDDSA = 0x01057, |
There was a problem hiding this comment.
PKCS11_CKM_EDDSA and PKCS11_CKM_ECDSA can be easy to confuse.
Would you be ok the rename it? Suggestion PKCS11_CKM_EC_EDDSA.
(and for consistency s/PKCS11_CKK_EDDSA/PKCS11_CKK_EC_EDDSA/g)
(indentation)
There was a problem hiding this comment.
Discard this comment. This naming is driven by the PKCS#11 specs.
Sorry for the noise.
| case PKCS11_CKM_EC_EDWARDS_KEY_PAIR_GEN: | ||
| if ((get_class(temp) != PKCS11_CKO_PUBLIC_KEY && | ||
| get_class(temp) != PKCS11_CKO_PRIVATE_KEY) || | ||
| get_key_type(temp) != PKCS11_CKK_EC_EDWARDS) { |
There was a problem hiding this comment.
indentation:
if ((get_class(temp) != PKCS11_CKO_PUBLIC_KEY &&
get_class(temp) != PKCS11_CKO_PRIVATE_KEY) ||
get_key_type(temp) != PKCS11_CKK_EC_EDWARDS) {
rc = PKCS11_CKR_TEMPLATE_INCONSISTENT;
goto out;
}| if (key_type != PKCS11_CKK_EC_EDWARDS) { | ||
| EMSG("Invalid key %s for mechanism %s", | ||
| id2str_type(key_type, key_class), | ||
| id2str_proc(proc_id)); |
There was a problem hiding this comment.
EMSG("Invalid key %s for mechanism %s",
- id2str_type(key_type, key_class),
- id2str_proc(proc_id));
+ id2str_type(key_type, key_class),
+ id2str_proc(proc_id));| if (key_class != PKCS11_CKO_PUBLIC_KEY && | ||
| key_class != PKCS11_CKO_PRIVATE_KEY) { | ||
| EMSG("Invalid key class for mechanism %s", | ||
| id2str_proc(proc_id)); |
There was a problem hiding this comment.
EMSG("Invalid key class for mechanism %s",
id2str_proc(proc_id));
| return rc; | ||
|
|
||
| rc = tee2pkcs_add_attribute(pub_head, PKCS11_CKA_EC_POINT, | ||
| tee_obj, TEE_ATTR_ED25519_PUBLIC_VALUE); |
There was a problem hiding this comment.
indent for the 3 above
| if (rc) | ||
| return rc; | ||
|
|
||
| out: |
|
|
||
| proc->extra_ctx = TEE_Malloc(sizeof(struct eddsa_processing_ctx) + | ||
| ctx_len, | ||
| TEE_USER_MEM_HINT_NO_FILL_ZERO); |
There was a problem hiding this comment.
proc->extra_ctx = TEE_Malloc(sizeof(struct eddsa_processing_ctx) +
- ctx_len,
- TEE_USER_MEM_HINT_NO_FILL_ZERO);
+ ctx_len, TEE_USER_MEM_HINT_NO_FILL_ZERO);There was a problem hiding this comment.
Fixed indentation,
Is it Ok?
sizeof(*ctx) + ctx_len,
| case PKCS11_CKM_ECDSA_SHA384: | ||
| case PKCS11_CKM_ECDSA_SHA512: | ||
| case PKCS11_CKM_ECDH1_DERIVE: | ||
| case PKCS11_CKFM_GENERATE_KEY_PAIR: |
| struct pkcs11_attribute_head *proc_params) | ||
| { | ||
| enum pkcs11_rc rc = PKCS11_CKR_GENERAL_ERROR; | ||
| uint32_t flag = 0, ctx_len = 0; |
There was a problem hiding this comment.
1 variable definition per line
etienne-lms
left a comment
etienne-lms
left a comment
There was a problem hiding this comment.
few remaining comments on the pkcs11 TA part.
| PKCS11_CKM_ECDSA_SHA512 = 0x01046, | ||
| PKCS11_CKM_ECDH1_DERIVE = 0x01050, | ||
| PKCS11_CKM_EC_EDWARDS_KEY_PAIR_GEN = 0x01055, | ||
| PKCS11_CKM_EDDSA = 0x01057, |
There was a problem hiding this comment.
Discard this comment. This naming is driven by the PKCS#11 specs.
Sorry for the noise.
| return PKCS11_CKR_ARGUMENTS_BAD; | ||
|
|
||
| proc->extra_ctx = TEE_Malloc(sizeof(*ctx) + ctx_len, | ||
| TEE_USER_MEM_HINT_NO_FILL_ZERO); |
| out_buf, &out_size); | ||
| tee_attrs, | ||
| tee_attrs_count, | ||
| hash_buf, hash_size, |
There was a problem hiding this comment.
discard this change. The original code was good:
res = TEE_AsymmetricSignDigest(proc->tee_op_handle,
tee_attrs,
tee_attrs_count,
in_buf, in_size,
out_buf, &out_size);
|
@varder when you address Etienne's comments please also rebase onto master which now has the "proper" Ed25519 implementation, thanks! |
varder
force-pushed
the
pkcs11_ed25519
branch
from
eaeb9f9 to
058ade1
Compare
| tee_attrs, | ||
| tee_attrs_count, | ||
| in_buf, in_size, | ||
| out_buf, &out_size); |
There was a problem hiding this comment.
preserve original indentation :)
| rc = tee2pkcs_add_attribute(priv_head, PKCS11_CKA_VALUE, | ||
| tee_obj, TEE_ATTR_ED25519_PRIVATE_VALUE); | ||
| if (rc) | ||
| return rc; |
There was a problem hiding this comment.
goto out;
ditto lines below
| break; | ||
| case PKCS11_CKM_EC_EDWARDS_KEY_PAIR_GEN: | ||
| case PKCS11_CKM_EDDSA: | ||
| *min_key_size = 256; /* in bits */ |
There was a problem hiding this comment.
Spec mentions 255 while key effective bit size is 256.
Maybe a word here? /* in bits, v3.1 falsly states 255 */
There was a problem hiding this comment.
According to rfc8032
https://www.rfc-editor.org/rfc/rfc8032#section-5.1.5
Key Generation
The private key is 32 octets (256 bits, corresponding to b) of
cryptographically secure random data.
I guess it is a typo in Specs,
|
|
||
| static const uint8_t ed25519ph_oid_der[] = { | ||
| 0x13, 0x0C, 'e', 'd', 'w', 'a', 'r', 'd', 's', | ||
| '2', '5', '5', '1', '9', |
| }; | ||
|
|
||
| static const uint8_t ed25519_name_der[] = { | ||
| 0x06, 0x03, 0x2B, 0x65, 0x70, |
There was a problem hiding this comment.
It seems 0x06, 0x03, 0x2B, 0x65, 0x70 is the encoding of EdDSA algo while the curve OID's DER encoding is 06 09 2B 06 01 04 01 DA 47 0F 01.
See script ta/pkcs11/scripts/dump_ec_curve_params.sh used to get IDs used by openssl, maybe it can help.
There was a problem hiding this comment.
For the existing algos the struct values
struct supported_ecc_curve
can be generated using dump_ec_curve_params.sh
with the commands:
openssl ecparam -name ${EC_CURVE} -param_enc explicit
But it looks like for Ed25519 with Openssl impossible to get the parameters.
I would like to generate it automatically, but i could't find the way.
I have looked at some existing implementation,
and it looks like, 1.3.101.112 is used in this context
https://github.com/opendnssec/SoftHSMv2/blob/develop/src/lib/crypto/BotanEDPrivateKey.cpp#L54
https://github.com/OpenSC/OpenSC/blob/master/src/libopensc/pkcs15-algo.c#L451
varder
force-pushed
the
pkcs11_ed25519
branch
3 times, most recently
from
824cea6 to
c2cbbbe
Compare
|
@etienne-lms |
etienne-lms
left a comment
etienne-lms
left a comment
There was a problem hiding this comment.
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> (minor inline comment style issue)
| 0x91, 0x38, 0x64, 0x09, 0x02, 0x01, 0x01, | ||
| }; | ||
|
|
||
| /* Edwards curves may be specified in two flavours: |
There was a problem hiding this comment.
/*
* Edwards curves may be specified in two flavours: 
Ok |
Add functionality to generate, import keys, sign/verify for ED25519, ED25519ctx and ED25519ph. The values for the object identifies originates from: https://www.rfc-editor.org/rfc/rfc8420.html A.1. ASN.1 Object for Ed25519 The PKCS#11 Specification: https://docs.oasis-open.org/pkcs11/pkcs11-spec/v3.1/cs01/ pkcs11-spec-v3.1-cs01.pdf Signed-off-by: Valerii Chubar <valerii_chubar@epam.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
3 participants
ta: pkcs11: Add Ed25519 support
Add functionality to generate, import keys, sign/verify for
Ed25519, Ed25519ctx and Ed25519ph.