-
Notifications
You must be signed in to change notification settings - Fork 53
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
adds a
signature::Signer
implementation for ecc keys
Signed-off-by: Arthur Gautier <[email protected]>
- Loading branch information
Showing
4 changed files
with
214 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,6 @@ | ||
[workspace] | ||
members = ["tss-esapi", "tss-esapi-sys"] | ||
members = ["tss-esapi", "tss-esapi-sys"] | ||
|
||
[patch.crates-io] | ||
# https://github.com/RustCrypto/traits/pull/1641 | ||
signature_derive = { git = "https://github.com/baloo/traits.git", branch = "baloo/signature_derive/lifetime-support" } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,204 @@ | ||
// Copyright 2024 Contributors to the Parsec project. | ||
// SPDX-License-Identifier: Apache-2.0 | ||
|
||
//! Module for exposing a [`signature::Signer`] interface for keys | ||
//! | ||
//! This modules presents objects held in a TPM over a [`signature::DigestSigner`] interface. | ||
use super::TransientKeyContext; | ||
use crate::{ | ||
abstraction::{ | ||
public::AssociatedTpmCurve, | ||
transient::{KeyMaterial, KeyParams}, | ||
AssociatedHashingAlgorithm, | ||
}, | ||
interface_types::algorithm::EccSchemeAlgorithm, | ||
structures::{Auth, Digest as TpmDigest, EccScheme, Signature as TpmSignature}, | ||
Error, | ||
}; | ||
|
||
use std::{convert::TryFrom, ops::Add, sync::Mutex}; | ||
|
||
use digest::{Digest, FixedOutput, Output}; | ||
use ecdsa::{ | ||
der::{MaxOverhead, MaxSize, Signature as DerSignature}, | ||
hazmat::{DigestPrimitive, SignPrimitive}, | ||
Signature, SignatureSize, VerifyingKey, | ||
}; | ||
use elliptic_curve::{ | ||
generic_array::ArrayLength, | ||
ops::Invert, | ||
sec1::{FromEncodedPoint, ModulusSize, ToEncodedPoint}, | ||
subtle::CtOption, | ||
AffinePoint, CurveArithmetic, FieldBytesSize, PrimeCurve, PublicKey, Scalar, | ||
}; | ||
use signature::{DigestSigner, Error as SigError, KeypairRef, Signer}; | ||
|
||
/// [`EcSigner`] will sign a payload with an elliptic curve secret key stored on the TPM. | ||
/// | ||
/// # Parameters | ||
/// | ||
/// parameter `C` describes the curve that is of use (Nist P-256, Nist P-384, ...) | ||
/// | ||
/// the hashing algorithm `D` is the digest that will be used for signatures (SHA-256, SHA3-256, ...). | ||
/// | ||
/// ```no_run | ||
/// # use tss_esapi::{ | ||
/// # abstraction::transient::{EcSigner, TransientKeyContextBuilder}, | ||
/// # TctiNameConf | ||
/// # }; | ||
/// use p256::NistP256; | ||
/// use signature::Signer; | ||
/// # | ||
/// # // Create context | ||
/// # let mut context = TransientKeyContextBuilder::new() | ||
/// # .with_tcti( | ||
/// # TctiNameConf::from_environment_variable().expect("Failed to get TCTI"), | ||
/// # ) | ||
/// # .build() | ||
/// # .expect("Failed to create Context"); | ||
/// | ||
/// let (tpm_km, _tpm_auth) = context | ||
/// .create_key(EcSigner::<NistP256>::key_params(), 0) | ||
/// .expect("Failed to create a private keypair"); | ||
/// | ||
/// let signer = EcSigner::<NistP256>::new(&mut context, tpm_km, None) | ||
/// .expect("Failed to create a signer"); | ||
/// let signature: p256::ecdsa::Signature = signer.sign(b"Hello Bob, Alice here."); | ||
/// ``` | ||
#[derive(Debug, Signer)] | ||
pub struct EcSigner<'ctx, C> | ||
where | ||
C: PrimeCurve + CurveArithmetic, | ||
{ | ||
context: Mutex<&'ctx mut TransientKeyContext>, | ||
key_material: KeyMaterial, | ||
key_auth: Option<Auth>, | ||
verifying_key: VerifyingKey<C>, | ||
} | ||
|
||
impl<'ctx, C> EcSigner<'ctx, C> | ||
where | ||
C: PrimeCurve + CurveArithmetic, | ||
C: AssociatedTpmCurve, | ||
FieldBytesSize<C>: ModulusSize, | ||
AffinePoint<C>: FromEncodedPoint<C> + ToEncodedPoint<C>, | ||
{ | ||
pub fn new( | ||
context: &'ctx mut TransientKeyContext, | ||
key_material: KeyMaterial, | ||
key_auth: Option<Auth>, | ||
) -> Result<Self, Error> { | ||
let context = Mutex::new(context); | ||
|
||
let public_key = PublicKey::try_from(key_material.public())?; | ||
let verifying_key = VerifyingKey::from(public_key); | ||
|
||
Ok(Self { | ||
context, | ||
key_material, | ||
key_auth, | ||
verifying_key, | ||
}) | ||
} | ||
} | ||
|
||
impl<'ctx, C> EcSigner<'ctx, C> | ||
where | ||
C: PrimeCurve + CurveArithmetic, | ||
C: AssociatedTpmCurve, | ||
{ | ||
/// Key parameters for this curve, selected digest is the one selected by DigestPrimitive | ||
pub fn key_params_default() -> KeyParams | ||
where | ||
C: DigestPrimitive, | ||
<C as DigestPrimitive>::Digest: FixedOutput<OutputSize = FieldBytesSize<C>>, | ||
<C as DigestPrimitive>::Digest: AssociatedHashingAlgorithm, | ||
{ | ||
Self::key_params::<<C as DigestPrimitive>::Digest>() | ||
} | ||
|
||
/// Key parameters for this curve | ||
pub fn key_params<D>() -> KeyParams | ||
where | ||
D: FixedOutput<OutputSize = FieldBytesSize<C>>, | ||
D: AssociatedHashingAlgorithm, | ||
{ | ||
KeyParams::Ecc { | ||
curve: C::TPM_CURVE, | ||
scheme: EccScheme::create(EccSchemeAlgorithm::EcDsa, Some(D::TPM_DIGEST), None) | ||
.expect("Failed to create ecc scheme"), | ||
} | ||
} | ||
} | ||
|
||
impl<'ctx, C> AsRef<VerifyingKey<C>> for EcSigner<'ctx, C> | ||
where | ||
C: PrimeCurve + CurveArithmetic, | ||
Scalar<C>: Invert<Output = CtOption<Scalar<C>>> + SignPrimitive<C>, | ||
SignatureSize<C>: ArrayLength<u8>, | ||
{ | ||
fn as_ref(&self) -> &VerifyingKey<C> { | ||
&self.verifying_key | ||
} | ||
} | ||
|
||
impl<'ctx, C> KeypairRef for EcSigner<'ctx, C> | ||
where | ||
C: PrimeCurve + CurveArithmetic, | ||
Scalar<C>: Invert<Output = CtOption<Scalar<C>>> + SignPrimitive<C>, | ||
SignatureSize<C>: ArrayLength<u8>, | ||
{ | ||
type VerifyingKey = VerifyingKey<C>; | ||
} | ||
|
||
impl<'ctx, C, D> DigestSigner<D, Signature<C>> for EcSigner<'ctx, C> | ||
where | ||
C: PrimeCurve + CurveArithmetic, | ||
C: AssociatedTpmCurve, | ||
D: Digest + FixedOutput<OutputSize = FieldBytesSize<C>>, | ||
D: AssociatedHashingAlgorithm, | ||
Scalar<C>: Invert<Output = CtOption<Scalar<C>>> + SignPrimitive<C>, | ||
SignatureSize<C>: ArrayLength<u8>, | ||
TpmDigest: From<Output<D>>, | ||
{ | ||
fn try_sign_digest(&self, digest: D) -> Result<Signature<C>, SigError> { | ||
let digest = TpmDigest::from(digest.finalize_fixed()); | ||
|
||
let key_params = Self::key_params::<D>(); | ||
let mut context = self.context.lock().expect("Mutex got poisoned"); | ||
let signature = context | ||
.sign( | ||
self.key_material.clone(), | ||
key_params, | ||
self.key_auth.clone(), | ||
digest, | ||
) | ||
.map_err(SigError::from_source)?; | ||
let TpmSignature::EcDsa(signature) = signature else { | ||
todo!(); | ||
}; | ||
|
||
let signature = Signature::try_from(signature).map_err(SigError::from_source)?; | ||
|
||
Ok(signature) | ||
} | ||
} | ||
|
||
impl<'ctx, C, D> DigestSigner<D, DerSignature<C>> for EcSigner<'ctx, C> | ||
where | ||
C: PrimeCurve + CurveArithmetic, | ||
C: AssociatedTpmCurve, | ||
D: Digest + FixedOutput<OutputSize = FieldBytesSize<C>>, | ||
D: AssociatedHashingAlgorithm, | ||
Scalar<C>: Invert<Output = CtOption<Scalar<C>>> + SignPrimitive<C>, | ||
SignatureSize<C>: ArrayLength<u8>, | ||
TpmDigest: From<Output<D>>, | ||
|
||
MaxSize<C>: ArrayLength<u8>, | ||
<FieldBytesSize<C> as Add>::Output: Add<MaxOverhead> + ArrayLength<u8>, | ||
{ | ||
fn try_sign_digest(&self, digest: D) -> Result<DerSignature<C>, SigError> { | ||
let signature: Signature<_> = self.try_sign_digest(digest)?; | ||
Ok(signature.to_der()) | ||
} | ||
} |