WIP: adds a signature::Signer interface
#537
Conversation
baloo
force-pushed
the
baloo/rust-crypto/signer-interface
branch
from
85783cc
to
6525f15
Compare
baloo
force-pushed
the
baloo/rust-crypto/signer-interface
branch
2 times, most recently
from
336466d
to
8145f8e
Compare
tss-esapi/tests/integration_tests/abstraction_tests/public_tests.rs
Outdated
Show resolved
Hide resolved
baloo
force-pushed
the
baloo/rust-crypto/signer-interface
branch
2 times, most recently
from
7331b83
to
18ee544
Compare
Signed-off-by: Arthur Gautier <[email protected]>
Signed-off-by: Arthur Gautier <[email protected]>
baloo
force-pushed
the
baloo/rust-crypto/signer-interface
branch
from
18ee544
to
55ea1cc
Compare
Signed-off-by: Arthur Gautier <[email protected]>
baloo
force-pushed
the
baloo/rust-crypto/signer-interface
branch
2 times, most recently
from
dda6694
to
df740fd
Compare
Signed-off-by: Arthur Gautier <[email protected]>
Signed-off-by: Arthur Gautier <[email protected]>
baloo
force-pushed
the
baloo/rust-crypto/signer-interface
branch
from
df740fd
to
eaf82d5
Compare
Oh, no, thanks for reviewing it! |
| // Note: this does not implement `TryFrom<RsaSignature>` because `RsaSignature` does not carry the | ||
| // information whether the signatures was generated using PKCS#1v1.5 or PSS. |
There was a problem hiding this comment.
The fields of RsaSignature are private, so we can extend it to capture this detail as well. It's a deviation from the TPM spec, but I don't necessarily see a problem with it. Thoughts?
cc @Superhepper
There was a problem hiding this comment.
No it is not really a problem as long as it does not causes any ambiguities in the conversions between TPMS_SIGNATURE_RSA and RsaSignature.
There was a problem hiding this comment.
I think it's fine like that, the comment was more for a future self why we would not have such a TryFrom
| use signature::{DigestSigner, Error as SigError, KeypairRef}; | ||
|
|
||
| #[derive(Debug)] | ||
| pub struct Ecdsa<'ctx, C> |
There was a problem hiding this comment.
(I know this is a draft: ) Would be good to have some docs on these structs to make it clear what they're meant for.
There was a problem hiding this comment.
I tried to add some, and add a code sample in the doc as well.
| /// Key parameters for this curve | ||
| pub fn key_params<D>() -> KeyParams |
There was a problem hiding this comment.
I'm a bit mystified by the purpose of this function. Also by the use of "this curve" in the doc for it, given that Ecdsa is presumably not the description of a curve (?)
There was a problem hiding this comment.
C describes the curve (could be NistP256, NistP384, NistP521, ...) those are all supported here. When using the signer (through the Ecdsa struct) you would specify which curve you're using.
This would pick the correct parameters to specify to the TPM when signing, the size of the object that comes back from signature, how to verify them, ...
This function just creates the TPM parameters related to this curve and the selected digest.
There was a problem hiding this comment.
Sure, I think I was mostly confused by the existence of two nearly-identical methods before, and that the struct they're tacked to doesn't represent (just) a specific curve.
There was a problem hiding this comment.
I did bring back the two nearly-identical methods btw.
baloo
force-pushed
the
baloo/rust-crypto/signer-interface
branch
3 times, most recently
from
fe52b1c
to
fa8ff3a
Compare
baloo
force-pushed
the
baloo/rust-crypto/signer-interface
branch
4 times, most recently
from
7bcbb0c
to
b79e193
Compare
| let builder = RequestBuilder::new(subject, &signer).expect("Create certificate request"); | ||
|
|
||
| let cert_req = builder | ||
| .build::<p256::ecdsa::DerSignature>() | ||
| .expect("Sign a CSR"); |
There was a problem hiding this comment.
I added proper examples of what this interface is used for.
| // I can't find where in the TPM spec this would be an illegal pair, we'll ignore for now. | ||
| #[ignore] | ||
| #[test] | ||
| fn sign_p256_sha3_256() { |
There was a problem hiding this comment.
This one is a bit puzzling to me. I can't find where in the spec the the P-256/SHA3-256 pair would be illegal. If anyone has an idea, I'd love to know.
There was a problem hiding this comment.
Could it be a limitation of the TPM you're using? From the Structures spec, table 8, it seems SHA3-256 is classified as Assigned rather than TCG standard. I assume this might mean that manufacturers are not required to implement it (?)
There was a problem hiding this comment.
I'm using swtpm (0.8.2) with libtpms (0.9.6) I expected it to play nicely. I haven't took time to look in libtpms yet.
There was a problem hiding this comment.
Hmm, from this it seems libtpms can block SHA3 at compile-time, perhaps that's what is going on here.
There was a problem hiding this comment.
yeah, turns out it's more complicated than that.
stefanberger/libtpms#206
No sha3 support for now.
baloo
force-pushed
the
baloo/rust-crypto/signer-interface
branch
from
b79e193
to
9f760ad
Compare
| const TPM_DIGEST: HashingAlgorithm; | ||
| } | ||
|
|
||
| #[cfg(feature = "sha1")] |
There was a problem hiding this comment.
Hmm... how does this work if I don't see the feature declared in Cargo.toml? 🤔
There was a problem hiding this comment.
yeaaah, I learned this one recently too lol.
https://doc.rust-lang.org/cargo/reference/features.html#optional-dependencies
By default, this optional dependency implicitly defines a feature that looks like this:
[features]
gif = ["dep:gif"]
I'm abusing that mechanism here.
I actually need to split the features in the Cargo.toml to look more like:
rustcrypto = ["ecdsa", "elliptic-curve", "signature", "x509-cert"]
rustcrypto-full = ["rustcrypto", "p192", "p224", "p256", "p384", "p521", "rsa", "sha1", "sha2", "sha3", "sm2", "sm3"]
That way you can bring in rustcrypto + "p256" + "sha2" if you only care about those.
While I'm at it: I don't know how to name that feature, is rustcrypto good enough?
Signed-off-by: Arthur Gautier <[email protected]>
baloo
force-pushed
the
baloo/rust-crypto/signer-interface
branch
from
9f760ad
to
edf67ed
Compare
This brings an implementation of a
signature::Signerfor keys stored on the TPM.This is intend to make for easier re-use of this crate and to allow to:
Here is an implementation of an SSH agent making use of that infrastructure: wiktor-k/ssh-agent-lib#87