sign and validate with public keys (OpenSSL, mbedtls) #68
Conversation
1 similar comment
| @@ -251,6 +251,10 @@ bool _COSE_Recipient_decrypt(COSE_RecipientInfo * pRecip, COSE_RecipientInfo * p | |||
| int cbitKeyX = 0; | |||
| byte rgbKey[256 / 8]; | |||
|
|
|||
| UNUSED(rgbKey); | |||
There was a problem hiding this comment.
This is confusing. Why would a local variable exist if it is unused. Probably need an #ifdef around the declaration instead.
| @@ -867,6 +874,8 @@ byte * _COSE_RecipientInfo_generateKey(COSE_RecipientInfo * pRecipient, int algI | |||
| const cn_cbor * pK; | |||
| byte *pbSecret = NULL; | |||
|
|
|||
| UNUSED(algIn); | |||
There was a problem hiding this comment.
algIn is not unused in all cases. I'd like to see a clearer indication of when it is used and when it is not.
There was a problem hiding this comment.
usages of algIn are all included in #if ... #endif preprocessor directives. algIn will never be used if none of those macros is defined. To make an unused indication, we need to write:
#if !USE_Direct_HKDF_HMAC_SHA_256 && !USE_Direct_HKDF_HMAC_SHA_512 && \
!USE_Direct_HKDF_AES_128 && !USE_Direct_HKDF_AES_256 && \
!USE_ECDH_ES_HKDF_256 && !USE_ECDH_ES_HKDF_512 && \
!USE_ECDH_SS_HKDF_256 && !USE_ECDH_SS_HKDF_512
UNUSED(algIn);
#endifDo we truly wants this everywhere?
I think the UNUSED() macro should be understood as MAYBE_UNUSED(). Or I can rename it like that.
There was a problem hiding this comment.
I like the idea of a MAYBE_UNUSED(). I think that is more clear. Keep UNUSED() for parameters that are truly never used.
| struct ec_key_st *key; | ||
| int group; | ||
| } eckey_t; | ||
| #endif // USE_MBED_TLS |
There was a problem hiding this comment.
Need #includes to get struct mbedtls_ecp_keypair of struct ec_key_st defined.
There was a problem hiding this comment.
Since we are using struct mbedtls_ecp_keypair and struct ec_key_st by just pointers, they are not necessary be defined, but only need to be declared (forward declaration). by writing typedef struct mbedtls_ecp_keypair eckey_t;, the mbedtls_ecp_keypair structure got itself declared.
|
Adding a function to parse the public key in format of DER or PEM encoded bytes could allow the application to not care if the underlying encryption library is mbedtls or openssl. |
|
What happens when I want to add RSA to the library? |
@sbertin-telular But I agree that passing encoded bytes hides the implementation, I can switch to this if you prefer it. BTW, how about also replacing those |
@jimsch |
|
|
@sbertin-telular |
Sounds fine to me. @jimsch what do you think? Ultimately it is your call. |
|
Trying to address everything in one comment: RFC 8230 added RSA to the set of algorithms that COSE supports so the definitions do exist. There are some trusted modules that exist that only do RSA so there may be some desire to do this in the future. One also needs to think about issues such as the hash signature algorithm that is being defined in https://datatracker.ietf.org/doc/draft-ietf-cose-hash-algs. One of the things I did not do in this library that I did do for the other two libraries is to define a new COSE_Key object structure. One can then create the COSE_Key from either encoded bytes, a DER object or even an underlying key object. One could create a COSE_Key from either an mbedtls key or from an openssl key directly. This provides the type of efficiency that I think is being considered both because the same key can be shared across multiple layers and because it can be kept around long term. Exposing different functions ifdef-ed by library usage works just fine for me. I would probably not start with the same cbor library if I was doing this today, but that is life. I think that one needs to allow for returning the CBOR object rather than the encoded bytes because there are a number of situations such as CWTs where one object becomes nested in the next level up and doing an encoded/decode to do that seems wasteful. |
|
Top of my head design - needs some thoughts and so forth. |
I used |
|
what is the status of this MR? @wgtdkp |
@gocarlos This PR, I think, is not perfect to be merged. The problems is that a public / private key encoded as a COSE key (CBOR format) cannot be easily constructed. For my usage, mbedtls keys are exclusively used. While we should not change current API, so I added APIs like I think the best way is to have two functions that convert mbedtls and OpenSSL keys to cose keys in CBOR format. For example, the COSE-JAVA project has a |
is this something you intend to contribute in a foreseeable future? |
Yes. Actually the convertion from But I didn't get a chance to make this back to the master branch here. @gocarlos I am appreciate if you'd like to help to make it happen earlier, or I will handle this in next weeks. |
|
PR #120 provides this functionality for ECDSA |
upgrade to support mbedtls 3.x
This PR has two main changes:
COSE_sign0_signandCOSE_Sign0_validateAPI with public keys;For the first change: While using
COSE_sign0_signAPI in real applications, it is usual that we have the public key in format of DER or PEM encoded bytes which is parsed into mbedtls/openssl key structures. As the signing and validation functions are implemented with mbedtls/openssl, it would be much more convenient if user can sign/validate a message with those keys directly. And more, it reduces resources when applied in embedded systems.For the second change: many applications force no warnings. As a library, COSE-C should also not emit any warnings. This does no harm at least.