Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[CryptoAuthLib provider] Support for psa_sign_message and psa_verify_message. #425

Merged
merged 2 commits into from
May 18, 2021
Merged

[CryptoAuthLib provider] Support for psa_sign_message and psa_verify_message. #425

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
cedd64f
Support for psa_sign_message and psa_verify_message.
RobertDrazkowskiGL May 13, 2021
08b2f5d
Error handling improvement in hash calculation.
RobertDrazkowskiGL May 18, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 5 additions & 8 deletions Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 3 additions & 3 deletions Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ name = "parsec"
path = "src/bin/main.rs"

[dependencies]
parsec-interface = "0.24.0"
parsec-interface = { git = "https://github.com/parallaxsecond/parsec-interface-rs.git", rev = "a7f3c7e246a64b9474ca3a0a1365b6deee74e7a4"}
rand = { version = "0.8.3", features = ["small_rng"], optional = true }
base64 = "0.13.0"
uuid = "0.8.2"
Expand All @@ -26,7 +26,7 @@ toml = "0.5.8"
serde = { version = "1.0.123", features = ["derive"] }
env_logger = "0.8.3"
log = { version = "0.4.14", features = ["serde"] }
cryptoki = { git = "https://github.com/parallaxsecond/rust-cryptoki", rev = "850b826b631df354553bf62757f35cd394b3dfff", optional = true, features = ["psa-crypto-conversions"] }
cryptoki = { git = "https://github.com/parallaxsecond/rust-cryptoki", rev = "0345c8caa40fd9a64012f053721aa3de52ad3e3e", optional = true, features = ["psa-crypto-conversions"] }
picky-asn1-der = { version = "0.2.4", optional = true }
picky-asn1 = { version = "0.3.1", optional = true }
tss-esapi = { git = "https://github.com/parallaxsecond/rust-tss-esapi", rev = "56c487a101dc85e17560416d71f0fc2eb81739a6", optional = true }
Expand All @@ -35,7 +35,7 @@ structopt = "0.3.21"
derivative = "2.2.0"
version = "3.0.0"
hex = { version = "0.4.2", optional = true }
psa-crypto = { version = "0.8.0", default-features = false, features = ["operations"], optional = true }
psa-crypto = { git = "https://github.com/parallaxsecond/rust-psa-crypto.git", rev = "15ba7cd048923ae7193b268df51c004e8ceff48e", default-features = false, features = ["operations"], optional = true }
zeroize = { version = "1.2.0", features = ["zeroize_derive"] }
picky-asn1-x509 = { version = "0.4.0", optional = true }
users = "0.11.0"
Expand Down
2 changes: 1 addition & 1 deletion e2e_tests/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ publish = false

[dependencies]
serde = { version = "1.0.123", features = ["derive"] }
parsec-client = { version = "0.12.0", features = ["testing"] }
parsec-client = { git = "https://github.com/parallaxsecond/parsec-client-rust.git", rev = "06b921c4bfc6cd0c2aad91ffacb6e0ea1cda1fd7", features = ["testing"]}
log = "0.4.14"
# Compatible version with crate rsa
rand = "0.7.3"
Expand Down
75 changes: 66 additions & 9 deletions e2e_tests/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ use parsec_client::core::interface::operations::psa_algorithm::{
use parsec_client::core::interface::operations::psa_key_attributes::{
Attributes, EccFamily, Lifetime, Policy, Type, UsageFlags,
};
use parsec_client::core::interface::requests::{Opcode, ProviderID, ResponseStatus, Result};
use parsec_client::core::interface::requests::{Opcode, ProviderId, ResponseStatus, Result};
use parsec_client::core::ipc_handler::unix_socket;
use parsec_client::error::Error;
use std::collections::HashSet;
Expand All @@ -35,7 +35,7 @@ const TEST_TIMEOUT: Duration = Duration::from_secs(60);
#[derive(Debug)]
pub struct TestClient {
basic_client: BasicClient,
created_keys: Option<HashSet<(String, Option<String>, ProviderID)>>,
created_keys: Option<HashSet<(String, Option<String>, ProviderId)>>,
}

fn convert_error(err: Error) -> ResponseStatus {
Expand Down Expand Up @@ -81,12 +81,12 @@ impl TestClient {
}

/// Manually set the provider to execute the requests.
pub fn set_provider(&mut self, provider: ProviderID) {
pub fn set_provider(&mut self, provider: ProviderId) {
self.basic_client.set_implicit_provider(provider);
}

/// Get client provider
pub fn provider(&self) -> ProviderID {
pub fn provider(&self) -> ProviderId {
self.basic_client.implicit_provider()
}

Expand Down Expand Up @@ -666,7 +666,7 @@ impl TestClient {
.into(),
},
},
data
data,
)
}

Expand Down Expand Up @@ -734,7 +734,7 @@ impl TestClient {
)
}

/// Verifies a signature.
/// Verifies a hash signature.
pub fn verify(
&mut self,
key_name: String,
Expand All @@ -747,7 +747,7 @@ impl TestClient {
.map_err(convert_error)
}

/// Verifies a signature made with an RSA key.
/// Verifies a hash signature made with an RSA key.
pub fn verify_with_rsa_sha256(
&mut self,
key_name: String,
Expand All @@ -764,7 +764,7 @@ impl TestClient {
)
}

/// Verifies a signature made with an ECDSA key.
/// Verifies a hash signature made with an ECDSA key.
pub fn verify_with_ecdsa_sha256(
&mut self,
key_name: String,
Expand All @@ -781,6 +781,63 @@ impl TestClient {
)
}

/// Signs a message with a key.
pub fn sign_msg(
&mut self,
key_name: String,
alg: AsymmetricSignature,
msg: Vec<u8>,
) -> Result<Vec<u8>> {
self.basic_client
.psa_sign_message(key_name, &msg, alg)
.map_err(convert_error)
}

/// Signs a message with an ECDSA key.
pub fn sign_msg_with_ecdsa_sha256(
&mut self,
key_name: String,
msg: Vec<u8>,
) -> Result<Vec<u8>> {
self.sign_msg(
key_name,
AsymmetricSignature::Ecdsa {
hash_alg: Hash::Sha256.into(),
},
msg,
)
}

/// Verifies a message signature.
pub fn verify_msg(
&mut self,
key_name: String,
alg: AsymmetricSignature,
msg: Vec<u8>,
signature: Vec<u8>,
) -> Result<()> {
self.basic_client
.psa_verify_message(key_name, &msg, alg, &signature)
.map_err(convert_error)
}

/// Verifies a message signature made with an ECDSA key and SHA256 hash.
pub fn verify_msg_with_ecdsa_sha256(
&mut self,
key_name: String,
msg: Vec<u8>,
signature: Vec<u8>,
) -> Result<()> {
self.verify_msg(
key_name,
AsymmetricSignature::Ecdsa {
hash_alg: Hash::Sha256.into(),
},
msg,
signature,
)
}

pub fn asymmetric_encrypt_message_with_rsapkcs1v15(
&mut self,
key_name: String,
Expand Down Expand Up @@ -959,7 +1016,7 @@ impl TestClient {
}

/// Lists the opcodes available for one provider to execute.
pub fn list_opcodes(&mut self, provider_id: ProviderID) -> Result<HashSet<Opcode>> {
pub fn list_opcodes(&mut self, provider_id: ProviderId) -> Result<HashSet<Opcode>> {
self.basic_client
.list_opcodes(provider_id)
.map_err(convert_error)
Expand Down
Loading