Feat: Add mechanisms for simple key derivations

[jacobprudhomme]

Author: Jacob Prud'homme
Email: [email protected]

Description

This PR adds support for the simple key derivation mechanisms (defined in section 6.43 of v3.1 of PKCS#11)

Motivation

We would like to use some of these mechanisms in a cryptography library we are building, and figured it would make sense to add support for all for them since they are all simple

Summary of Changes

• Added CONCATENATE_BASE_AND_KEY, CONCATENATE_BASE_AND_DATA, CONCATENATE_DATA_AND_BASE, XOR_BASE_AND_DATA, EXTRACT_KEY_FROM_KEY mechanism types and their corresponding Mechanism variants, as well as new parameter types for some of these (in a new misc module)
• Added corresponding tests for these new mechanisms
  • Currently untestable, as Kryoptic does not support these. Issue opened at Add support for simple key derivation mechanisms latchset/kryoptic#323
• Made unrelated code cleanup (start using make_mechanism() for GcmParams and GcmMessageParams, for some reason this was not the case before)

[Jakuje]

I just pushed update of kryoptic 1.3.1 into Fedora so next time you run the CI, you should have these algorithms supported.

[jacobprudhomme]

@Jakuje sorry for the delay! I haven't had much time recently.

It seems the tests I've added are all failing due to an incomplete template error from Kryoptic. I'll look into it more when I have the chance.

[Jakuje]

@Jakuje sorry for the delay! I haven't had much time recently.

It seems the tests I've added are all failing due to an incomplete template error from Kryoptic. I'll look into it more when I have the chance.

The unique-id test is fixed with #313.

I will try to check the other failures when I will get some time. We have some test coverage in kryoptic, but its always better when somebody else reads through the specs and writes the tests.

[Jakuje]

Looks like I tested this in kryoptic testsuite only with the session object (CKA_TOKEN=FALSE) and it fails only when we try to create a database object from this for some reason. Workaround here would be then to do the session objects (as you usually really want these to be ephemeral), but indeed, this is something we need to fix.

With the reproducer, I hope I will be able to figure out how to get this fixed. I will keep you updated.

[Jakuje]

I retested with current main of kryoptic and with the following patch, all the tests are passing (except for the one fixed in #313). I will likely update Fedora package with the recent fixes on top of the release:

diff --git a/cryptoki/tests/basic.rs b/cryptoki/tests/basic.rs
index 5d61d92..cf2413f 100644
--- a/cryptoki/tests/basic.rs
+++ b/cryptoki/tests/basic.rs
@@ -798,6 +798,8 @@ fn derive_key_concatenation_two_keys() -> TestResult {
         Attribute::KeyType(KeyType::GENERIC_SECRET),
         Attribute::Value(key_value[..3].to_vec()),
         Attribute::Derive(true),
+        Attribute::Sensitive(false),
+        Attribute::Extractable(true),
     ];
     let key2_template = [
         Attribute::Token(true),
@@ -806,6 +808,8 @@ fn derive_key_concatenation_two_keys() -> TestResult {
         Attribute::KeyType(KeyType::GENERIC_SECRET),
         Attribute::Value(key_value[3..].to_vec()),
         Attribute::Derive(true),
+        Attribute::Sensitive(false),
+        Attribute::Extractable(true),
     ];
 
     let key1 = session.create_object(&key1_template)?;

[Jakuje]

Actually the PR is not yet merged, but the changes posted above are still needed. I will update fedora after the PR will get merged.