Skip to content

Commit

Permalink
Integrate rust-psa-crypto--0.12.0-minerva, bump version to 0.5.0
Browse files Browse the repository at this point in the history
  • Loading branch information
@j-devel
j-devel committed Aug 30, 2024
1 parent 31b808b commit 49cbb22
Show file tree
Hide file tree
Showing 4 changed files with 76 additions and 61 deletions.
6 changes: 3 additions & 3 deletions Cargo.toml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "minerva-mbedtls"
version = "0.4.21"
version = "0.5.0"
edition = "2018"
authors = ["ANIMA Minerva toolkit"]

Expand All @@ -13,6 +13,6 @@ std = []

[dependencies]
mcu-if = { git = "https://github.com/AnimaGUS-minerva/mcu-if", rev = "da77a48" }
psa-crypto = { path = "/ssw/projects/trentonio/rust-psa-crypto/psa-crypto" }
#psa-crypto = { git = "https://github.com/AnimaGUS-minerva/rust-psa-crypto", rev = "b51150e", features=["minerva"] }
#psa-crypto = { path = "/ssw/projects/trentonio/rust-psa-crypto/psa-crypto" }
psa-crypto = { git = "https://github.com/AnimaGUS-minerva/rust-psa-crypto", rev = "52aa2c4", features=["minerva"] }

3 changes: 2 additions & 1 deletion Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,8 @@ SHELL := /bin/bash
# 'test' or 'ci'
TARGET ?= test
ci:
TARGET=ci make test
##TARGET=ci make test
TARGET=ci make test-x86_64 # WIP with rust-psa-crypto--0.12.0-minerva

init-rust-toolchains:
rustup toolchain install nightly-x86_64-unknown-linux-gnu
Expand Down
112 changes: 57 additions & 55 deletions src/psa_ifce.rs
View file
Original file line number Diff line number Diff line change
@@ -1,25 +1,25 @@
use crate::{utils::*, mbedtls_error};
use crate::{println, vec, Vec, c_void, c_int};
use psa_crypto::ffi;
use psa_crypto::ffi::mbedtls::{self, types::raw_types};

//
// md
//

pub use ffi::{md_type_t, MD_SHA256, MD_SHA384, MD_SHA512, PK_ECKEY, ECP_DP_SECP256R1};
pub struct md_info(*const ffi::md_info_t);
pub use mbedtls::{md_type_t, MD_SHA256, MD_SHA384, MD_SHA512, PK_ECKEY, ECP_DP_SECP256R1};
pub struct md_info(*const mbedtls::md_info_t);

impl md_info {
pub fn from_type(ty: ffi::md_type_t) -> Self {
Self(unsafe { ffi::md_info_from_type(ty) })
pub fn from_type(ty: mbedtls::md_type_t) -> Self {
Self(unsafe { mbedtls::md_info_from_type(ty) })
}

pub fn from_str(s: &str) -> Self {
Self(unsafe { ffi::md_info_from_string(crate::cstr_from!(s)) })
Self(unsafe { mbedtls::md_info_from_string(crate::cstr_from!(s)) })
}

pub fn get_type(&self) -> ffi::md_type_t {
unsafe { ffi::md_get_type(self.0) }
pub fn get_type(&self) -> mbedtls::md_type_t {
unsafe { mbedtls::md_get_type(self.0) }
}

pub fn md(&self, input: &[u8]) -> Vec<u8> {
Expand All @@ -32,7 +32,7 @@ impl md_info {
let mut digest = vec![0; sz];

let ret = unsafe {
ffi::md(self.0, input.as_ptr(), input.len(), digest.as_mut_ptr())
mbedtls::md(self.0, input.as_ptr(), input.len(), digest.as_mut_ptr())
};
assert_eq!(ret, 0);

Expand All @@ -43,31 +43,33 @@ impl md_info {
//
// x509_crt
//

pub struct x509_crt(ffi::x509_crt);
// /* !!
pub struct x509_crt(mbedtls::x509_crt);

impl Drop for x509_crt {
fn drop(&mut self) {
unsafe { ffi::x509_crt_free(&mut self.0) }
unsafe { mbedtls::x509_crt_free(&mut self.0) }
}
}

impl x509_crt {
pub fn new() -> Self {
let mut crt = ffi::x509_crt::default();
unsafe { ffi::x509_crt_init(&mut crt) }
let mut crt = mbedtls::x509_crt::default();
unsafe { mbedtls::x509_crt_init(&mut crt) }

Self(crt)
}

pub fn pk_ctx(&mut self) -> pk_context {
pk_context::from(&mut self.0.private_pk as *mut ffi::pk_context)
// pk_context::from(&mut self.0.private_pk as *mut mbedtls::pk_context)
//==== !!
todo!();
}

pub fn parse(&mut self, buf: &[u8]) -> Result<&mut Self, mbedtls_error> {
let buf = &crate::null_terminate_bytes!(buf);
let ret = unsafe {
ffi::x509_crt_parse(&mut self.0, buf.as_ptr(), buf.len())
mbedtls::x509_crt_parse(&mut self.0, buf.as_ptr(), buf.len())
};

if ret == 0 { Ok(self) } else { Err(ret) }
Expand All @@ -76,7 +78,7 @@ impl x509_crt {
pub fn info(&mut self) -> Result<&mut Self, mbedtls_error> {
let mut buf = [0u8; 2000];
let ret = unsafe {
ffi::x509_crt_info(
mbedtls::x509_crt_info(
buf.as_mut_ptr() as *mut i8,
buf.len(), crate::cstr_from!("@@ "), &self.0)
};
Expand All @@ -101,43 +103,43 @@ impl x509_crt {
Ok(self)
}
}

// !! */
//
// ecp_group
//

pub struct ecp_group(Option<ffi::ecp_group>);
pub struct ecp_group(Option<mbedtls::ecp_group>);

impl Drop for ecp_group {
fn drop(&mut self) {
if let Some(mut grp) = self.0 {
unsafe { ffi::ecp_group_free(&mut grp) }
unsafe { mbedtls::ecp_group_free(&mut grp) }
}
}
}

impl ecp_group {
pub fn from_id(id: ffi::ecp_group_id) -> Result<Self, mbedtls_error> {
pub fn from_id(id: mbedtls::ecp_group_id) -> Result<Self, mbedtls_error> {
let mut grp = ecp_group::new();
grp.load(id)?;

Ok(grp)
}

pub fn new() -> Self {
let mut grp = ffi::ecp_group::default();
unsafe { ffi::ecp_group_init(&mut grp) }
let mut grp = mbedtls::ecp_group::default();
unsafe { mbedtls::ecp_group_init(&mut grp) }

Self(Some(grp))
}

pub fn into(mut self) -> ffi::ecp_group {
pub fn into(mut self) -> mbedtls::ecp_group {
self.0.take().unwrap()
}

pub fn load(&mut self, gid: ffi::ecp_group_id) -> Result<&mut Self, mbedtls_error> {
pub fn load(&mut self, gid: mbedtls::ecp_group_id) -> Result<&mut Self, mbedtls_error> {
if let Some(grp) = &mut self.0 {
let ret = unsafe { ffi::ecp_group_load(grp, gid) };
let ret = unsafe { mbedtls::ecp_group_load(grp, gid) };

if ret == 0 { Ok(self) } else { Err(ret) }
} else {
Expand All @@ -150,31 +152,31 @@ impl ecp_group {
// ecp_point
//

pub struct ecp_point(Option<ffi::ecp_point>);
pub struct ecp_point(Option<mbedtls::ecp_point>);

impl Drop for ecp_point {
fn drop(&mut self) {
if let Some(mut pt) = self.0 {
unsafe { ffi::ecp_point_free(&mut pt) }
unsafe { mbedtls::ecp_point_free(&mut pt) }
}
}
}

impl ecp_point {
pub fn new() -> Self {
let mut pt = ffi::ecp_point::default();
unsafe { ffi::ecp_point_init(&mut pt) }
let mut pt = mbedtls::ecp_point::default();
unsafe { mbedtls::ecp_point_init(&mut pt) }

Self(Some(pt))
}

pub fn into(mut self) -> ffi::ecp_point {
pub fn into(mut self) -> mbedtls::ecp_point {
self.0.take().unwrap()
}

pub fn read_binary(&mut self, grp: ecp_group, bin: &[u8]) -> Result<&mut Self, mbedtls_error> {
if let Some(pt) = &mut self.0 {
let ret = unsafe { ffi::ecp_point_read_binary(&grp.into() as *const ffi::ecp_group, pt, bin.as_ptr(), bin.len()) };
let ret = unsafe { mbedtls::ecp_point_read_binary(&grp.into() as *const mbedtls::ecp_group, pt, bin.as_ptr(), bin.len()) };

if ret == 0 { Ok(self) } else { Err(ret) }
} else {
Expand All @@ -187,35 +189,35 @@ impl ecp_point {
// pk_context
//

pub struct pk_context(Option<ffi::pk_context>, Option<*mut ffi::pk_context>);
pub struct pk_context(Option<mbedtls::pk_context>, Option<*mut mbedtls::pk_context>);

impl Drop for pk_context {
fn drop(&mut self) {
if let Some(pk) = &mut self.0 {
unsafe { ffi::pk_free(pk) }
unsafe { mbedtls::pk_free(pk) }
}
}
}

pub type FnRng = unsafe extern "C" fn(*mut ffi::raw_types::c_void, *mut u8, usize) -> i32;
pub type FnRng = unsafe extern "C" fn(*mut raw_types::c_void, *mut u8, usize) -> i32;

extern "C" {
fn rand() -> c_int;
}

impl pk_context {
pub fn new() -> Self {
let mut pk = ffi::pk_context::default();
unsafe { ffi::pk_init(&mut pk) }
let mut pk = mbedtls::pk_context::default();
unsafe { mbedtls::pk_init(&mut pk) }

Self(Some(pk), None)
}

pub fn from(ptr: *mut ffi::pk_context) -> Self {
pub fn from(ptr: *mut mbedtls::pk_context) -> Self {
Self(None, Some(ptr))
}

fn ptr_mut(&mut self) -> *mut ffi::pk_context {
fn ptr_mut(&mut self) -> *mut mbedtls::pk_context {
if let Some(pk) = &mut self.0 {
pk
} else if let Some(pk) = self.1 {
Expand All @@ -237,24 +239,24 @@ impl pk_context {
self
}

fn as_keypair(&mut self) -> *mut ffi::ecp_keypair {
(unsafe { *self.ptr_mut() }).private_pk_ctx as *mut ffi::ecp_keypair
fn as_keypair(&mut self) -> *mut mbedtls::ecp_keypair {
(unsafe { *self.ptr_mut() }).private_pk_ctx as *mut mbedtls::ecp_keypair
}

pub fn setup(&mut self, ty: ffi::pk_type_t) -> Result<&mut Self, mbedtls_error> {
let ret = unsafe { ffi::pk_setup(self.ptr_mut(), ffi::pk_info_from_type(ty)) };
pub fn setup(&mut self, ty: mbedtls::pk_type_t) -> Result<&mut Self, mbedtls_error> {
let ret = unsafe { mbedtls::pk_setup(self.ptr_mut(), mbedtls::pk_info_from_type(ty)) };

if ret == 0 { Ok(self) } else { Err(ret) }
}

pub fn verify(&mut self, ty: ffi::md_type_t, hash: &[u8], sig: &[u8]) -> Result<bool, mbedtls_error> {
pub fn verify(&mut self, ty: mbedtls::md_type_t, hash: &[u8], sig: &[u8]) -> Result<bool, mbedtls_error> {
let sig = if is_asn1_signature(sig) {
sig.to_vec()
} else {
if let Ok(asn1) = asn1_signature_from(sig) { asn1 } else { return Ok(false); }
};

let ret = unsafe { ffi::pk_verify(
let ret = unsafe { mbedtls::pk_verify(
self.ptr_mut(), ty, hash.as_ptr(), hash.len(), sig.as_ptr(), sig.len()) };

if ret == 0 { Ok(true) } else { Err(ret) }
Expand All @@ -271,29 +273,29 @@ impl pk_context {
(core::ptr::null(), 0)
};

let ret = unsafe { ffi::pk_parse_key(
let ret = unsafe { mbedtls::pk_parse_key(
self.ptr_mut(),
key.as_ptr(), key.len(),
pwd_ptr, pwd_len,
f_rng, p_rng as *mut ffi::raw_types::c_void) };
f_rng, p_rng as *mut raw_types::c_void) };

if ret == 0 { Ok(self) } else { Err(ret) }
}

pub fn sign(
&mut self, ty: ffi::md_type_t, hash: &[u8], sig: &mut Vec<u8>,
&mut self, ty: mbedtls::md_type_t, hash: &[u8], sig: &mut Vec<u8>,
f_rng: Option<FnRng>, p_rng: *mut c_void
) -> Result<&mut Self, mbedtls_error> {
let sz = if ffi::PK_SIGNATURE_MAX_SIZE > 0 {
ffi::PK_SIGNATURE_MAX_SIZE as usize } else { 1024 };
let sz = if mbedtls::PK_SIGNATURE_MAX_SIZE > 0 {
mbedtls::PK_SIGNATURE_MAX_SIZE as usize } else { 1024 };
let mut sig_buf = vec![0u8; sz];
let mut sig_out_len = 0;

let ret = unsafe { ffi::pk_sign(
let ret = unsafe { mbedtls::pk_sign(
self.ptr_mut(), ty,
hash.as_ptr(), hash.len(),
sig_buf.as_mut_ptr(), sig_buf.len(), &mut sig_out_len,
f_rng, p_rng as *mut ffi::raw_types::c_void) };
f_rng, p_rng as *mut raw_types::c_void) };

if ret == 0 {
sig_buf.truncate(sig_out_len);
Expand All @@ -308,8 +310,8 @@ impl pk_context {
}

#[allow(unused_variables, unreachable_code)]
extern "C" fn rnd_std_rand(rng_state: *mut ffi::raw_types::c_void, output: *mut u8, len: usize) -> i32 {
let rng_state: *mut ffi::raw_types::c_void = core::ptr::null_mut();
extern "C" fn rnd_std_rand(rng_state: *mut raw_types::c_void, output: *mut u8, len: usize) -> i32 {
let rng_state: *mut raw_types::c_void = core::ptr::null_mut();

let output: &mut [u8] = unsafe { core::slice::from_raw_parts_mut(output, len) };
for x in output.iter_mut() {
Expand All @@ -318,4 +320,4 @@ impl pk_context {

0
}
}
}
16 changes: 14 additions & 2 deletions test/test.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,13 +57,25 @@ G5/TRupdVlCjPz1+tm/iA9ykx/sazZsuPgw14YulLw==
.md(/* `to_verify` */ &[132, 106, 83, 105, 103, 110, 97, 116, 117, 114, 101, 49, 67, 161, 1, 38, 64, 89, 2, 183, 161, 25, 9, 147, 165, 1, 102, 108, 111, 103, 103, 101, 100, 2, 193, 26, 95, 86, 209, 119, 11, 113, 48, 48, 45, 68, 48, 45, 69, 53, 45, 70, 50, 45, 48, 48, 45, 48, 50, 7, 118, 88, 83, 121, 70, 52, 76, 76, 73, 105, 113, 85, 50, 45, 79, 71, 107, 54, 108, 70, 67, 65, 103, 8, 121, 2, 116, 77, 73, 73, 66, 48, 84, 67, 67, 65, 86, 97, 103, 65, 119, 73, 66, 65, 103, 73, 66, 65, 106, 65, 75, 66, 103, 103, 113, 104, 107, 106, 79, 80, 81, 81, 68, 65, 122, 66, 120, 77, 82, 73, 119, 69, 65, 89, 75, 67, 90, 73, 109, 105, 90, 80, 121, 76, 71, 81, 66, 71, 82, 89, 67, 89, 50, 69, 120, 71, 84, 65, 88, 66, 103, 111, 74, 107, 105, 97, 74, 107, 47, 73, 115, 90, 65, 69, 90, 70, 103, 108, 122, 89, 87, 53, 107, 90, 87, 120, 116, 89, 87, 52, 120, 81, 68, 65, 43, 66, 103, 78, 86, 66, 65, 77, 77, 78, 121, 77, 56, 85, 51, 108, 122, 100, 71, 86, 116, 86, 109, 70, 121, 97, 87, 70, 105, 98, 71, 85, 54, 77, 72, 103, 119, 77, 68, 65, 119, 77, 68, 65, 119, 78, 71, 89, 53, 77, 84, 70, 104, 77, 68, 52, 103, 86, 87, 53, 122, 100, 72, 74, 49, 98, 109, 99, 103, 82, 109, 57, 49, 98, 110, 82, 104, 97, 87, 52, 103, 81, 48, 69, 119, 72, 104, 99, 78, 77, 84, 99, 120, 77, 84, 65, 51, 77, 106, 77, 48, 78, 84, 73, 52, 87, 104, 99, 78, 77, 84, 107, 120, 77, 84, 65, 51, 77, 106, 77, 48, 78, 84, 73, 52, 87, 106, 66, 68, 77, 82, 73, 119, 69, 65, 89, 75, 67, 90, 73, 109, 105, 90, 80, 121, 76, 71, 81, 66, 71, 82, 89, 67, 89, 50, 69, 120, 71, 84, 65, 88, 66, 103, 111, 74, 107, 105, 97, 74, 107, 47, 73, 115, 90, 65, 69, 90, 70, 103, 108, 122, 89, 87, 53, 107, 90, 87, 120, 116, 89, 87, 52, 120, 69, 106, 65, 81, 66, 103, 78, 86, 66, 65, 77, 77, 67, 87, 120, 118, 89, 50, 70, 115, 97, 71, 57, 122, 100, 68, 66, 90, 77, 66, 77, 71, 66, 121, 113, 71, 83, 77, 52, 57, 65, 103, 69, 71, 67, 67, 113, 71, 83, 77, 52, 57, 65, 119, 69, 72, 65, 48, 73, 65, 66, 74, 90, 108, 85, 72, 73, 48, 117, 112, 47, 108, 51, 101, 90, 102, 57, 118, 67, 66, 98, 43, 108, 73, 110, 111, 69, 77, 69, 103, 99, 55, 82, 111, 43, 88, 90, 67, 116, 106, 65, 73, 48, 67, 68, 49, 102, 74, 102, 74, 82, 47, 104, 73, 121, 121, 68, 109, 72, 87, 121, 89, 105, 78, 70, 98, 82, 67, 72, 57, 102, 121, 97, 114, 102, 107, 122, 103, 88, 52, 112, 48, 122, 84, 105, 122, 113, 106, 68, 84, 65, 76, 77, 65, 107, 71, 65, 49, 85, 100, 69, 119, 81, 67, 77, 65, 65, 119, 67, 103, 89, 73, 75, 111, 90, 73, 122, 106, 48, 69, 65, 119, 77, 68, 97, 81, 65, 119, 90, 103, 73, 120, 65, 76, 81, 77, 78, 117, 114, 102, 56, 116, 118, 53, 48, 108, 82, 79, 68, 53, 68, 81, 88, 72, 69, 79, 74, 74, 78, 87, 51, 81, 86, 50, 103, 57, 81, 69, 100, 68, 83, 107, 50, 77, 89, 43, 65, 111, 83, 114, 66, 83, 109, 71, 83, 78, 106, 104, 52, 111, 108, 69, 79, 104, 69, 117, 76, 103, 73, 120, 65, 74, 52, 110, 87, 102, 78, 119, 43, 66, 106, 98, 90, 109, 75, 105, 73, 105, 85, 69, 99, 84, 119, 72, 77, 104, 71, 86, 88, 97, 77, 72, 89, 47, 70, 55, 110, 51, 57, 119, 119, 75, 99, 66, 66, 83, 79, 110, 100, 78, 80, 113, 67, 112, 79, 69, 76, 108, 54, 98, 113, 51, 67, 90, 113, 81, 61, 61]);
assert_eq!(hash, &[54, 231, 97, 210, 190, 7, 213, 205, 54, 208, 99, 79, 66, 160, 246, 154, 204, 198, 56, 162, 103, 201, 116, 248, 63, 96, 116, 7, 135, 89, 115, 215]);
let sig = &[99, 204, 130, 58, 52, 185, 100, 173, 200, 53, 181, 142, 46, 225, 231, 227, 0, 136, 173, 230, 137, 111, 148, 177, 58, 199, 48, 100, 62, 150, 96, 181, 169, 52, 83, 243, 201, 216, 160, 154, 181, 122, 1, 19, 164, 6, 114, 120, 132, 118, 58, 42, 208, 75, 79, 171, 79, 111, 184, 188, 179, 46, 250, 71];

/* !!
assert!(x509_crt::new()
.parse(pem)? // cf. `x509parse_crt()` of 'mbedtls/tests/suites/test_suite_x509parse.function'
.info()? // debug
.pk_ctx()
.verify(MD_SHA256, hash, sig)?);
!! */ todo!(); /* <---- !!!! FIXME
= note: rust-lld: error: undefined symbol: mbedtls_x509_crt_init
>>> referenced by psa_ifce.rs:61 (src/psa_ifce.rs:61)
rust-lld: error: undefined symbol: mbedtls_x509_crt_parse
>>> referenced by psa_ifce.rs:75 (src/psa_ifce.rs:75)
rust-lld: error: undefined symbol: mbedtls_x509_crt_info
>>> referenced by psa_ifce.rs:84 (src/psa_ifce.rs:84)
rust-lld: error: undefined symbol: mbedtls_x509_crt_free
>>> referenced by psa_ifce.rs:54 (src/psa_ifce.rs:54)
*/
Ok(())
}

Expand Down Expand Up @@ -123,4 +135,4 @@ fn init_psa_crypto() {
#[test] fn pk_context_verify_via_ecp() { init_psa_crypto(); test_pk_context_verify_via_ecp().unwrap() }
#[test] fn pk_context_verify_via_x509_crt() { init_psa_crypto(); test_pk_context_verify_via_x509_crt().unwrap() }
#[test] fn pk_context_sign() { init_psa_crypto(); test_pk_context_sign().unwrap() }
#[test] fn utils_is_asn1_signature() { test_utils_is_asn1_signature().unwrap() }
#[test] fn utils_is_asn1_signature() { test_utils_is_asn1_signature().unwrap() }

0 comments on commit 49cbb22

Please sign in to comment.