Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[hsmtool] Add a SPX+ implementation for PKCS11 Elementary Files #25379

Merged
merged 6 commits into from
Dec 4, 2024
Merged

[hsmtool] Add a SPX+ implementation for PKCS11 Elementary Files #25379

merged 6 commits into from
Dec 4, 2024

Conversation

cfrantz
Copy link
Contributor

@cfrantz cfrantz commented Nov 25, 2024

Create a SPHINCS+ implementation that uses key material from PKCS#11
Elementary Files (aka CKO_DATA objects).

This implementation stores key material on a secure token, and loads the
key material to perform the sphincs+ operations. This is not as secure
as signing within an HSM security boundary, but it provides
token-protected storage for key material when an HSM-based
implementation is not available.

@cfrantz cfrantz force-pushed the hsmtool-elementary-files branch 3 times, most recently from e299dbe to 8019579 Compare November 27, 2024 19:01
jadephilipoom
jadephilipoom approved these changes Nov 29, 2024
View reviewed changes
sw/host/hsmtool/src/spxef/mod.rs Outdated Show resolved Hide resolved
sw/host/hsmtool/src/spxef/mod.rs Outdated Show resolved Hide resolved
sw/host/hsmtool/src/util/shredder.rs Outdated
Comment on lines 42 to 47
unsafe {
for v in self.as_mut_vec().iter_mut() {
*v = rng.gen();
}
}
self.truncate(0);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In C, this would be the place where the compiler helpfully removes the random writes because the string is later freed without being read again so they're "unnecessary". Might be worth a check to see if this compiled with the writes, unless Rust/unsafe provides some guarantees about this kind of thing?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I deleted the Shreddable trait and opted to use the zeroize crate. The zeroize crate specifically claims that it will zero out data without being defeated by the optimizer.

@cfrantz
[hsmtool] Add the zeroize crate
dfd9f08 
Signed-off-by: Chris Frantz <[email protected]>
@cfrantz
[hsmtool] Add support for CKO_PROFILE objects
7c0210c 
- Rust `cryptoki` doesn't know about CKO_PROFILE objects.
- The `sc-hsm-embedded` PKCS#11 provider does not expose the profile
  object, however it also doesn't support CKO_DATA objects.  It does
  support RSA3K keys, which were used in the ES chip.
- The `opensc-pkcs11` provider does expose the profile object and does
  support CKO_DATA objects.  It does _not_ support RSA3K keys.

This hack adds support to `cryptoki` for the profile object (e.g. it
simply recognizes the object).  This allows the use of the
`opensc-pkcs11` provider which will permit using CKO_DATA objects from
`hsmtool`.

Signed-off-by: Chris Frantz <[email protected]>
@cfrantz
[hsmtool] Support CKO_DATA objects
bdab355 
1. Add support for `CKO_DATA` objects (aka "elementary files").

Signed-off-by: Chris Frantz <[email protected]>
@cfrantz
[hsmtool] Prepare for different SPHINCS+ implementations
54e4af9 
1. Create an `SpxInterace` trait.
2. Refactor the acorn library to implement the trait.

Signed-off-by: Chris Frantz <[email protected]>
@cfrantz
[hsmtool] Add a SPX+ implementation for PKCS11 Elementary Files
6a0c877 
Create a SPHINCS+ implementation that uses key material from PKCS#11
Elementary Files (aka CKO_DATA objects).

This implementation stores key material on a secure token, and loads the
key material to perform the sphincs+ operations.  This is not as secure
as signing within an HSM security boundary, but it provides
token-protected storage for key material when an HSM-based
implementation is not available.

Signed-off-by: Chris Frantz <[email protected]>
@cfrantz
[hsmtool] Support sphincs+ signing domains
fbd2358 
Prepare data according to the input format (plain-text, sha256-hash,
etc) and the sphincs+ signing domain (none, pure, prehashedsha256).

Signed-off-by: Chris Frantz <[email protected]>
@cfrantz cfrantz force-pushed the hsmtool-elementary-files branch from 8019579 to fbd2358 Compare December 4, 2024 03:51
@cfrantz cfrantz marked this pull request as ready for review December 4, 2024 05:45
@cfrantz cfrantz requested a review from a team as a code owner December 4, 2024 05:45
@moidx moidx removed the request for review from a team December 4, 2024 06:08
@cfrantz cfrantz merged commit ccd8f9a into lowRISC:master Dec 4, 2024
37 checks passed
@cfrantz cfrantz mentioned this pull request Dec 5, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jadephilipoom jadephilipoom jadephilipoom approved these changes

@moidx moidx moidx approved these changes

@timothytrippel timothytrippel Awaiting requested review from timothytrippel

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@cfrantz @moidx @jadephilipoom