diff --git a/Cargo.lock b/Cargo.lock deleted file mode 100644 index 51061357..00000000 --- a/Cargo.lock +++ /dev/null @@ -1,1592 +0,0 @@ -# This file is automatically @generated by Cargo. -# It is not intended for manual editing. -[[package]] -name = "addr2line" -version = "0.12.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a49806b9dadc843c61e7c97e72490ad7f7220ae249012fbda9ad0609457c0543" -dependencies = [ - "gimli", -] - -[[package]] -name = "aho-corasick" -version = "0.7.10" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8716408b8bc624ed7f65d223ddb9ac2d044c0547b6fa4b0d554f3a9540496ada" -dependencies = [ - "memchr", -] - -[[package]] -name = "ansi_term" -version = "0.11.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ee49baf6cb617b853aa8d93bf420db2383fab46d314482ca2803b40d5fde979b" -dependencies = [ - "winapi", -] - -[[package]] -name = "anyhow" -version = "1.0.31" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "85bb70cc08ec97ca5450e6eba421deeea5f172c0fc61f78b5357b2a8e8be195f" - -[[package]] -name = "arbitrary" -version = "0.4.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c5eb01a9ab8a3369f2f7632b9461c34f5920bd454774bab5b9fc6744f21d6143" -dependencies = [ - "derive_arbitrary", -] - -[[package]] -name = "arc-swap" -version = "0.4.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4d25d88fd6b8041580a654f9d0c581a047baee2b3efee13275f2fc392fc75034" - -[[package]] -name = "atty" -version = "0.2.14" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d9b39be18770d11421cdb1b9947a45dd3f37e93092cbf377614828a319d5fee8" -dependencies = [ - "hermit-abi", - "libc", - "winapi", -] - -[[package]] -name = "autocfg" -version = "0.1.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1d49d90015b3c36167a20fe2810c5cd875ad504b39cff3d4eae7977e6b7c1cb2" - -[[package]] -name = "autocfg" -version = "1.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f8aac770f1885fd7e387acedd76065302551364496e46b3dd00860b2f8359b9d" - -[[package]] -name = "backtrace" -version = "0.3.48" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0df2f85c8a2abbe3b7d7e748052fdd9b76a0458fdeb16ad4223f5eca78c7c130" -dependencies = [ - "addr2line", - "cfg-if", - "libc", - "object", - "rustc-demangle", -] - -[[package]] -name = "base64" -version = "0.10.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0b25d992356d2eb0ed82172f5248873db5560c4721f564b13cb5193bda5e668e" -dependencies = [ - "byteorder", -] - -[[package]] -name = "bincode" -version = "1.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5753e2a71534719bf3f4e57006c3a4f0d2c672a4b676eec84161f763eca87dbf" -dependencies = [ - "byteorder", - "serde", -] - -[[package]] -name = "bindgen" -version = "0.54.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "66c0bb6167449588ff70803f4127f0684f9063097eca5016f37eb52b92c2cf36" -dependencies = [ - "bitflags", - "cexpr", - "cfg-if", - "clang-sys", - "clap", - "env_logger", - "lazy_static", - "lazycell", - "log", - "peeking_take_while", - "proc-macro2", - "quote", - "regex", - "rustc-hash", - "shlex", - "which", -] - -[[package]] -name = "bitfield" -version = "0.13.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "46afbd2983a5d5a7bd740ccb198caf5b82f45c40c09c0eed36052d91cb92e719" - -[[package]] -name = "bitflags" -version = "1.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cf1de2fe8c75bc145a2f577add951f8134889b4795d47466a54a5c846d691693" - -[[package]] -name = "block-buffer" -version = "0.7.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c0940dc441f31689269e10ac70eb1002a3a1d3ad1390e030043662eb7fe4688b" -dependencies = [ - "block-padding", - "byte-tools", - "byteorder", - "generic-array", -] - -[[package]] -name = "block-padding" -version = "0.1.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fa79dedbb091f449f1f39e53edf88d5dbe95f895dae6135a8d7b881fb5af73f5" -dependencies = [ - "byte-tools", -] - -[[package]] -name = "bumpalo" -version = "3.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2e8c087f005730276d1096a652e92a8bacee2e2472bcc9715a74d2bec38b5820" - -[[package]] -name = "byte-tools" -version = "0.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e3b5ca7a04898ad4bcd41c90c5285445ff5b791899bb1b0abdd2a2aa791211d7" - -[[package]] -name = "byteorder" -version = "1.3.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "08c48aae112d48ed9f069b33538ea9e3e90aa263cfa3d1c24309612b1f7472de" - -[[package]] -name = "bytes" -version = "0.5.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "130aac562c0dd69c56b3b1cc8ffd2e17be31d0b6c25b61c96b76231aa23e39e1" - -[[package]] -name = "cargo_toml" -version = "0.7.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bed092b004819e731a68f8a99afb6e07ddb9160810beafbe9d68b952ff09c73a" -dependencies = [ - "serde", - "serde_derive", - "toml 0.5.6", -] - -[[package]] -name = "cc" -version = "1.0.54" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7bbb73db36c1246e9034e307d0fba23f9a2e251faa47ade70c1bd252220c8311" - -[[package]] -name = "cexpr" -version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f4aedb84272dbe89af497cf81375129abda4fc0a9e7c5d317498c15cc30c0d27" -dependencies = [ - "nom", -] - -[[package]] -name = "cfg-if" -version = "0.1.10" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4785bdd1c96b2a846b2bd7cc02e86b6b3dbf14e7e53446c4f54c92a361040822" - -[[package]] -name = "clang-sys" -version = "0.29.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fe6837df1d5cba2397b835c8530f51723267e16abbf83892e9e5af4f0e5dd10a" -dependencies = [ - "glob", - "libc", - "libloading", -] - -[[package]] -name = "clap" -version = "2.33.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bdfa80d47f954d53a35a64987ca1422f495b8d6483c0fe9f7117b36c2a792129" -dependencies = [ - "ansi_term", - "atty", - "bitflags", - "strsim", - "textwrap", - "unicode-width", - "vec_map", -] - -[[package]] -name = "cmake" -version = "0.1.44" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0e56268c17a6248366d66d4a47a3381369d068cce8409bb1716ed77ea32163bb" -dependencies = [ - "cc", -] - -[[package]] -name = "derivative" -version = "2.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cb582b60359da160a9477ee80f15c8d784c477e69c217ef2cdd4169c24ea380f" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - -[[package]] -name = "derive_arbitrary" -version = "0.4.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5cee758ebd1c79a9c6fb95f242dcc30bdbf555c28369ae908d21fdaf81537496" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - -[[package]] -name = "digest" -version = "0.8.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f3d0c8c8752312f9713efd397ff63acb9f85585afbf179282e720e7704954dd5" -dependencies = [ - "generic-array", -] - -[[package]] -name = "doc-comment" -version = "0.3.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fea41bba32d969b513997752735605054bc0dfa92b4c56bf1189f2e174be7a10" - -[[package]] -name = "either" -version = "1.5.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bb1f6b1ce1c140482ea30ddd3335fc0024ac7ee112895426e0a629a6c20adfe3" - -[[package]] -name = "enumflags2" -version = "0.6.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "83c8d82922337cd23a15f88b70d8e4ef5f11da38dd7cdb55e84dd5de99695da0" -dependencies = [ - "enumflags2_derive", -] - -[[package]] -name = "enumflags2_derive" -version = "0.6.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "946ee94e3dbf58fdd324f9ce245c7b238d46a66f00e86a020b71996349e46cce" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - -[[package]] -name = "env_logger" -version = "0.7.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "44533bbbb3bb3c1fa17d9f2e4e38bbbaf8396ba82193c4cb1b6445d711445d36" -dependencies = [ - "atty", - "humantime", - "log", - "regex", - "termcolor", -] - -[[package]] -name = "failure" -version = "0.1.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d32e9bd16cc02eae7db7ef620b392808b89f6a5e16bb3497d159c6b92a0f4f86" -dependencies = [ - "backtrace", - "failure_derive", -] - -[[package]] -name = "failure_derive" -version = "0.1.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "aa4da3c766cd7a0db8242e326e9e4e081edd567072893ed320008189715366a4" -dependencies = [ - "proc-macro2", - "quote", - "syn", - "synstructure", -] - -[[package]] -name = "fake-simd" -version = "0.1.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e88a8acf291dafb59c2d96e8f59828f3838bb1a70398823ade51a84de6a6deed" - -[[package]] -name = "fixedbitset" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "37ab347416e802de484e4d03c7316c48f1ecb56574dfd4a46a80f173ce1de04d" - -[[package]] -name = "fnv" -version = "1.0.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" - -[[package]] -name = "generic-array" -version = "0.12.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c68f0274ae0e023facc3c97b2e00f076be70e254bc851d972503b328db79b2ec" -dependencies = [ - "typenum", -] - -[[package]] -name = "getrandom" -version = "0.1.14" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7abc8dd8451921606d809ba32e95b6111925cd2906060d2dcc29c070220503eb" -dependencies = [ - "cfg-if", - "libc", - "wasi", -] - -[[package]] -name = "gimli" -version = "0.21.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bcc8e0c9bce37868955864dbecd2b1ab2bdf967e6f28066d65aaac620444b65c" - -[[package]] -name = "glob" -version = "0.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9b919933a397b79c37e33b77bb2aa3dc8eb6e165ad809e58ff75bc7db2e34574" - -[[package]] -name = "heck" -version = "0.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "20564e78d53d2bb135c343b3f47714a56af2061f1c928fdb541dc7b9fdd94205" -dependencies = [ - "unicode-segmentation", -] - -[[package]] -name = "hermit-abi" -version = "0.1.13" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "91780f809e750b0a89f5544be56617ff6b1227ee485bcb06ebe10cdf89bd3b71" -dependencies = [ - "libc", -] - -[[package]] -name = "hex" -version = "0.4.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "644f9158b2f133fd50f5fb3242878846d9eb792e445c893805ff0e3824006e35" - -[[package]] -name = "http" -version = "0.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "28d569972648b2c512421b5f2a405ad6ac9666547189d0c5477a3f200f3e02f9" -dependencies = [ - "bytes", - "fnv", - "itoa", -] - -[[package]] -name = "humantime" -version = "1.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "df004cfca50ef23c36850aaaa59ad52cc70d0e90243c3c7737a4dd32dc7a3c4f" -dependencies = [ - "quick-error", -] - -[[package]] -name = "indexmap" -version = "1.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c398b2b113b55809ceb9ee3e753fcbac793f1956663f3c36549c1346015c2afe" -dependencies = [ - "autocfg 1.0.0", -] - -[[package]] -name = "itertools" -version = "0.8.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f56a2d0bc861f9165be4eb3442afd3c236d8a98afd426f65d92324ae1091a484" -dependencies = [ - "either", -] - -[[package]] -name = "itoa" -version = "0.4.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b8b7a7c0c47db5545ed3fef7468ee7bb5b74691498139e4b3f6a20685dc6dd8e" - -[[package]] -name = "js-sys" -version = "0.3.40" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ce10c23ad2ea25ceca0093bd3192229da4c5b3c0f2de499c1ecac0d98d452177" -dependencies = [ - "wasm-bindgen", -] - -[[package]] -name = "lazy_static" -version = "1.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" -dependencies = [ - "spin", -] - -[[package]] -name = "lazycell" -version = "1.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b294d6fa9ee409a054354afc4352b0b9ef7ca222c69b8812cbea9e7d2bf3783f" - -[[package]] -name = "libc" -version = "0.2.71" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9457b06509d27052635f90d6466700c65095fdf75409b3fbdd903e988b886f49" - -[[package]] -name = "libloading" -version = "0.5.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f2b111a074963af1d37a139918ac6d49ad1d0d5e47f72fd55388619691a7d753" -dependencies = [ - "cc", - "winapi", -] - -[[package]] -name = "libm" -version = "0.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c7d73b3f436185384286bd8098d17ec07c9a7d2388a6599f824d8502b529702a" - -[[package]] -name = "log" -version = "0.4.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "14b6052be84e6b71ab17edffc2eeabf5c2c3ae1fdb464aae35ac50c67a44e1f7" -dependencies = [ - "cfg-if", - "serde", -] - -[[package]] -name = "mbox" -version = "0.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5e3ae5479d6f010bca840f945a5ca2f3c343a74cccc98fcd13d62e176cf22361" -dependencies = [ - "libc", - "rustc_version", - "stable_deref_trait", -] - -[[package]] -name = "memchr" -version = "2.3.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3728d817d99e5ac407411fa471ff9800a778d88a24685968b36824eaf4bee400" - -[[package]] -name = "multimap" -version = "0.8.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d8883adfde9756c1d30b0f519c9b8c502a94b41ac62f696453c37c7fc0a958ce" - -[[package]] -name = "nom" -version = "5.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0b471253da97532da4b61552249c521e01e736071f71c1a4f7ebbfbf0a06aad6" -dependencies = [ - "memchr", - "version_check", -] - -[[package]] -name = "num" -version = "0.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b8536030f9fea7127f841b45bb6243b27255787fb4eb83958aa1ef9d2fdc0c36" -dependencies = [ - "num-bigint", - "num-complex", - "num-integer", - "num-iter", - "num-rational", - "num-traits", -] - -[[package]] -name = "num-bigint" -version = "0.2.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "090c7f9998ee0ff65aa5b723e4009f7b217707f1fb5ea551329cc4d6231fb304" -dependencies = [ - "autocfg 1.0.0", - "num-integer", - "num-traits", -] - -[[package]] -name = "num-bigint-dig" -version = "0.6.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b3d03c330f9f7a2c19e3c0b42698e48141d0809c78cd9b6219f85bd7d7e892aa" -dependencies = [ - "autocfg 0.1.7", - "byteorder", - "lazy_static", - "libm", - "num-integer", - "num-iter", - "num-traits", - "rand", - "serde", - "smallvec", - "zeroize", -] - -[[package]] -name = "num-complex" -version = "0.2.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b6b19411a9719e753aff12e5187b74d60d3dc449ec3f4dc21e3989c3f554bc95" -dependencies = [ - "autocfg 1.0.0", - "num-traits", -] - -[[package]] -name = "num-derive" -version = "0.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0c8b15b261814f992e33760b1fca9fe8b693d8a65299f20c9901688636cfb746" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - -[[package]] -name = "num-integer" -version = "0.1.42" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3f6ea62e9d81a77cd3ee9a2a5b9b609447857f3d358704331e4ef39eb247fcba" -dependencies = [ - "autocfg 1.0.0", - "num-traits", -] - -[[package]] -name = "num-iter" -version = "0.1.40" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dfb0800a0291891dd9f4fe7bd9c19384f98f7fbe0cd0f39a2c6b88b9868bbc00" -dependencies = [ - "autocfg 1.0.0", - "num-integer", - "num-traits", -] - -[[package]] -name = "num-rational" -version = "0.2.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5c000134b5dbf44adc5cb772486d335293351644b801551abe8f75c84cfa4aef" -dependencies = [ - "autocfg 1.0.0", - "num-bigint", - "num-integer", - "num-traits", -] - -[[package]] -name = "num-traits" -version = "0.2.11" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c62be47e61d1842b9170f0fdeec8eba98e60e90e5446449a0545e5152acd7096" -dependencies = [ - "autocfg 1.0.0", -] - -[[package]] -name = "num_cpus" -version = "1.13.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "05499f3756671c15885fee9034446956fff3f243d6077b91e5767df161f766b3" -dependencies = [ - "hermit-abi", - "libc", -] - -[[package]] -name = "object" -version = "0.19.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9cbca9424c482ee628fa549d9c812e2cd22f1180b9222c9200fdfa6eb31aecb2" - -[[package]] -name = "oid" -version = "0.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "293d5f18898078ea69ba1c84f3688d1f2b6744df8211da36197153157cee7055" -dependencies = [ - "serde", -] - -[[package]] -name = "once_cell" -version = "1.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0b631f7e854af39a1739f401cf34a8a013dfe09eac4fa4dba91e9768bd28168d" - -[[package]] -name = "opaque-debug" -version = "0.2.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2839e79665f131bdb5782e51f2c6c9599c133c6098982a54c794358bf432529c" - -[[package]] -name = "parsec-interface" -version = "0.15.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5197f5ea3ce7eafc4a0f9f7606f6d3d2631888b3b3acd81a053e166e51f5904b" -dependencies = [ - "arbitrary", - "bincode", - "log", - "num", - "num-derive", - "num-traits", - "prost", - "prost-build", - "psa-crypto", - "serde", - "uuid", -] - -[[package]] -name = "parsec-service" -version = "0.1.2" -dependencies = [ - "base64", - "bincode", - "bindgen", - "cargo_toml", - "derivative", - "env_logger", - "hex", - "lazy_static", - "log", - "parsec-interface", - "picky", - "picky-asn1", - "picky-asn1-der", - "pkcs11", - "rand", - "ring", - "sd-notify", - "serde", - "signal-hook", - "std-semaphore", - "structopt", - "threadpool", - "toml 0.4.10", - "tss-esapi", - "uuid", - "version", -] - -[[package]] -name = "peeking_take_while" -version = "0.1.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "19b17cddbe7ec3f8bc800887bab5e717348c95ea2ca0b1bf0837fb964dc67099" - -[[package]] -name = "petgraph" -version = "0.5.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "467d164a6de56270bd7c4d070df81d07beace25012d5103ced4e9ff08d6afdb7" -dependencies = [ - "fixedbitset", - "indexmap", -] - -[[package]] -name = "picky" -version = "5.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c3880185fff1d095094fde13a56727dd77994d1065a54bd776dcce988858ab80" -dependencies = [ - "base64", - "http", - "oid", - "picky-asn1", - "picky-asn1-der", - "rand", - "rsa", - "serde", - "serde_json", - "sha-1", - "sha2", - "snafu", - "static_assertions", -] - -[[package]] -name = "picky-asn1" -version = "0.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "462cc017444f8183daf4765fb682023c1c5ce68a649df4a5ce2830ef3f653a6d" -dependencies = [ - "oid", - "serde", - "serde_bytes", -] - -[[package]] -name = "picky-asn1-der" -version = "0.2.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1870d13b5ce802665d715a6a0b551ad48f27d0f5689a5951697cf00cab64f09a" -dependencies = [ - "picky-asn1", - "serde", - "serde_bytes", -] - -[[package]] -name = "pkcs11" -version = "0.4.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "45712272d3a9d9a26471f6bee1596574d38df0136dd7eb163ed736913dc1f6bf" -dependencies = [ - "libloading", - "num-bigint", -] - -[[package]] -name = "pkg-config" -version = "0.3.17" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "05da548ad6865900e60eaba7f589cc0783590a92e940c26953ff81ddbab2d677" - -[[package]] -name = "ppv-lite86" -version = "0.2.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "237a5ed80e274dbc66f86bd59c1e25edc039660be53194b5fe0a482e0f2612ea" - -[[package]] -name = "proc-macro-error" -version = "1.0.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "98e9e4b82e0ef281812565ea4751049f1bdcdfccda7d3f459f2e138a40c08678" -dependencies = [ - "proc-macro-error-attr", - "proc-macro2", - "quote", - "syn", - "version_check", -] - -[[package]] -name = "proc-macro-error-attr" -version = "1.0.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4f5444ead4e9935abd7f27dc51f7e852a0569ac888096d5ec2499470794e2e53" -dependencies = [ - "proc-macro2", - "quote", - "syn", - "syn-mid", - "version_check", -] - -[[package]] -name = "proc-macro2" -version = "1.0.18" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "beae6331a816b1f65d04c45b078fd8e6c93e8071771f41b8163255bbd8d7c8fa" -dependencies = [ - "unicode-xid", -] - -[[package]] -name = "prost" -version = "0.6.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ce49aefe0a6144a45de32927c77bd2859a5f7677b55f220ae5b744e87389c212" -dependencies = [ - "bytes", - "prost-derive", -] - -[[package]] -name = "prost-build" -version = "0.6.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "02b10678c913ecbd69350e8535c3aef91a8676c0773fc1d7b95cdd196d7f2f26" -dependencies = [ - "bytes", - "heck", - "itertools", - "log", - "multimap", - "petgraph", - "prost", - "prost-types", - "tempfile", - "which", -] - -[[package]] -name = "prost-derive" -version = "0.6.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "537aa19b95acde10a12fec4301466386f757403de4cd4e5b4fa78fb5ecb18f72" -dependencies = [ - "anyhow", - "itertools", - "proc-macro2", - "quote", - "syn", -] - -[[package]] -name = "prost-types" -version = "0.6.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1834f67c0697c001304b75be76f67add9c89742eda3a085ad8ee0bb38c3417aa" -dependencies = [ - "bytes", - "prost", -] - -[[package]] -name = "psa-crypto" -version = "0.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4f35ed5d5656ab1c3ff4f2285a8c9ba9f8c97c0d14fb3a4a417f275646582b3e" -dependencies = [ - "log", - "psa-crypto-sys", - "serde", -] - -[[package]] -name = "psa-crypto-sys" -version = "0.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f6e894180dd3d66f5c43825363a8dafbf924e0f2434e198928eb8e6bb3ee14ad" -dependencies = [ - "bindgen", - "cc", - "cmake", -] - -[[package]] -name = "quick-error" -version = "1.2.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a1d01941d82fa2ab50be1e79e6714289dd7cde78eba4c074bc5a4374f650dfe0" - -[[package]] -name = "quote" -version = "1.0.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "aa563d17ecb180e500da1cfd2b028310ac758de548efdd203e18f283af693f37" -dependencies = [ - "proc-macro2", -] - -[[package]] -name = "rand" -version = "0.7.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6a6b1679d49b24bbfe0c803429aa1874472f50d9b363131f0e89fc356b544d03" -dependencies = [ - "getrandom", - "libc", - "rand_chacha", - "rand_core", - "rand_hc", -] - -[[package]] -name = "rand_chacha" -version = "0.2.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f4c8ed856279c9737206bf725bf36935d8666ead7aa69b52be55af369d193402" -dependencies = [ - "ppv-lite86", - "rand_core", -] - -[[package]] -name = "rand_core" -version = "0.5.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "90bde5296fc891b0cef12a6d03ddccc162ce7b2aff54160af9338f8d40df6d19" -dependencies = [ - "getrandom", -] - -[[package]] -name = "rand_hc" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ca3129af7b92a17112d59ad498c6f81eaf463253766b90396d39ea7a39d6613c" -dependencies = [ - "rand_core", -] - -[[package]] -name = "redox_syscall" -version = "0.1.56" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2439c63f3f6139d1b57529d16bc3b8bb855230c8efcc5d3a896c8bea7c3b1e84" - -[[package]] -name = "regex" -version = "1.3.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9c3780fcf44b193bc4d09f36d2a3c87b251da4a046c87795a0d35f4f927ad8e6" -dependencies = [ - "aho-corasick", - "memchr", - "regex-syntax", - "thread_local", -] - -[[package]] -name = "regex-syntax" -version = "0.6.18" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "26412eb97c6b088a6997e05f69403a802a92d520de2f8e63c2b65f9e0f47c4e8" - -[[package]] -name = "remove_dir_all" -version = "0.5.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4a83fa3702a688b9359eccba92d153ac33fd2e8462f9e0e3fdf155239ea7792e" -dependencies = [ - "winapi", -] - -[[package]] -name = "ring" -version = "0.16.14" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "06b3fefa4f12272808f809a0af618501fdaba41a58963c5fb72238ab0be09603" -dependencies = [ - "cc", - "libc", - "once_cell", - "spin", - "untrusted", - "web-sys", - "winapi", -] - -[[package]] -name = "rsa" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6ed8692d8e0ea3baae03f0f32ecfc13a6c6f1f85fcd6d9fdefcdf364e70f4df9" -dependencies = [ - "byteorder", - "failure", - "lazy_static", - "num-bigint-dig", - "num-integer", - "num-iter", - "num-traits", - "rand", - "subtle", - "zeroize", -] - -[[package]] -name = "rustc-demangle" -version = "0.1.16" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c691c0e608126e00913e33f0ccf3727d5fc84573623b8d65b2df340b5201783" - -[[package]] -name = "rustc-hash" -version = "1.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "08d43f7aa6b08d49f382cde6a7982047c3426db949b1424bc4b7ec9ae12c6ce2" - -[[package]] -name = "rustc_version" -version = "0.2.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "138e3e0acb6c9fb258b19b67cb8abd63c00679d2851805ea151465464fe9030a" -dependencies = [ - "semver", -] - -[[package]] -name = "ryu" -version = "1.0.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "71d301d4193d031abdd79ff7e3dd721168a9572ef3fe51a1517aba235bd8f86e" - -[[package]] -name = "sd-notify" -version = "0.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "aef40838bbb143707f8309b1e92e6ba3225287592968ba6f6e3b6de4a9816486" - -[[package]] -name = "semver" -version = "0.9.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1d7eb9ef2c18661902cc47e535f9bc51b78acd254da71d375c2f6720d9a40403" -dependencies = [ - "semver-parser", -] - -[[package]] -name = "semver-parser" -version = "0.7.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "388a1df253eca08550bef6c72392cfe7c30914bf41df5269b68cbd6ff8f570a3" - -[[package]] -name = "serde" -version = "1.0.111" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c9124df5b40cbd380080b2cc6ab894c040a3070d995f5c9dc77e18c34a8ae37d" -dependencies = [ - "serde_derive", -] - -[[package]] -name = "serde_bytes" -version = "0.11.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3bf487fbf5c6239d7ea2ff8b10cb6b811cd4b5080d1c2aeed1dec18753c06e10" -dependencies = [ - "serde", -] - -[[package]] -name = "serde_derive" -version = "1.0.111" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3f2c3ac8e6ca1e9c80b8be1023940162bf81ae3cffbb1809474152f2ce1eb250" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - -[[package]] -name = "serde_json" -version = "1.0.53" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "993948e75b189211a9b31a7528f950c6adc21f9720b6438ff80a7fa2f864cea2" -dependencies = [ - "itoa", - "ryu", - "serde", -] - -[[package]] -name = "sha-1" -version = "0.8.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f7d94d0bede923b3cea61f3f1ff57ff8cdfd77b400fb8f9998949e0cf04163df" -dependencies = [ - "block-buffer", - "digest", - "fake-simd", - "opaque-debug", -] - -[[package]] -name = "sha2" -version = "0.8.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a256f46ea78a0c0d9ff00077504903ac881a1dafdc20da66545699e7776b3e69" -dependencies = [ - "block-buffer", - "digest", - "fake-simd", - "opaque-debug", -] - -[[package]] -name = "shlex" -version = "0.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7fdf1b9db47230893d76faad238fd6097fd6d6a9245cd7a4d90dbd639536bbd2" - -[[package]] -name = "signal-hook" -version = "0.1.15" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8ff2db2112d6c761e12522c65f7768548bd6e8cd23d2a9dae162520626629bd6" -dependencies = [ - "libc", - "signal-hook-registry", -] - -[[package]] -name = "signal-hook-registry" -version = "1.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "94f478ede9f64724c5d173d7bb56099ec3e2d9fc2774aac65d34b8b890405f41" -dependencies = [ - "arc-swap", - "libc", -] - -[[package]] -name = "smallvec" -version = "1.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c7cb5678e1615754284ec264d9bb5b4c27d2018577fd90ac0ceb578591ed5ee4" - -[[package]] -name = "snafu" -version = "0.6.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c7f5aed652511f5c9123cf2afbe9c244c29db6effa2abb05c866e965c82405ce" -dependencies = [ - "doc-comment", - "snafu-derive", -] - -[[package]] -name = "snafu-derive" -version = "0.6.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ebf8f7d5720104a9df0f7076a8682024e958bba0fe9848767bb44f251f3648e9" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - -[[package]] -name = "spin" -version = "0.5.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d" - -[[package]] -name = "stable_deref_trait" -version = "1.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dba1a27d3efae4351c8051072d619e3ade2820635c3958d826bfea39d59b54c8" - -[[package]] -name = "static_assertions" -version = "1.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a2eb9349b6444b326872e140eb1cf5e7c522154d69e7a0ffb0fb81c06b37543f" - -[[package]] -name = "std-semaphore" -version = "0.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "33ae9eec00137a8eed469fb4148acd9fc6ac8c3f9b110f52cd34698c8b5bfa0e" - -[[package]] -name = "strsim" -version = "0.8.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8ea5119cdb4c55b55d432abb513a0429384878c15dde60cc77b1c99de1a95a6a" - -[[package]] -name = "structopt" -version = "0.3.14" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "863246aaf5ddd0d6928dfeb1a9ca65f505599e4e1b399935ef7e75107516b4ef" -dependencies = [ - "clap", - "lazy_static", - "structopt-derive", -] - -[[package]] -name = "structopt-derive" -version = "0.4.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d239ca4b13aee7a2142e6795cbd69e457665ff8037aed33b3effdc430d2f927a" -dependencies = [ - "heck", - "proc-macro-error", - "proc-macro2", - "quote", - "syn", -] - -[[package]] -name = "subtle" -version = "2.2.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "502d53007c02d7605a05df1c1a73ee436952781653da5d0bf57ad608f66932c1" - -[[package]] -name = "syn" -version = "1.0.30" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "93a56fabc59dce20fe48b6c832cc249c713e7ed88fa28b0ee0a3bfcaae5fe4e2" -dependencies = [ - "proc-macro2", - "quote", - "unicode-xid", -] - -[[package]] -name = "syn-mid" -version = "0.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7be3539f6c128a931cf19dcee741c1af532c7fd387baa739c03dd2e96479338a" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - -[[package]] -name = "synstructure" -version = "0.12.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "67656ea1dc1b41b1451851562ea232ec2e5a80242139f7e679ceccfb5d61f545" -dependencies = [ - "proc-macro2", - "quote", - "syn", - "unicode-xid", -] - -[[package]] -name = "tempfile" -version = "3.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a6e24d9338a0a5be79593e2fa15a648add6138caa803e2d5bc782c371732ca9" -dependencies = [ - "cfg-if", - "libc", - "rand", - "redox_syscall", - "remove_dir_all", - "winapi", -] - -[[package]] -name = "termcolor" -version = "1.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bb6bfa289a4d7c5766392812c0a1f4c1ba45afa1ad47803c11e1f407d846d75f" -dependencies = [ - "winapi-util", -] - -[[package]] -name = "textwrap" -version = "0.11.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d326610f408c7a4eb6f51c37c330e496b08506c9457c9d34287ecc38809fb060" -dependencies = [ - "unicode-width", -] - -[[package]] -name = "thread_local" -version = "1.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d40c6d1b69745a6ec6fb1ca717914848da4b44ae29d9b3080cbee91d72a69b14" -dependencies = [ - "lazy_static", -] - -[[package]] -name = "threadpool" -version = "1.8.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d050e60b33d41c19108b32cea32164033a9013fe3b46cbd4457559bfbf77afaa" -dependencies = [ - "num_cpus", -] - -[[package]] -name = "toml" -version = "0.4.10" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "758664fc71a3a69038656bee8b6be6477d2a6c315a6b81f7081f591bffa4111f" -dependencies = [ - "serde", -] - -[[package]] -name = "toml" -version = "0.5.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ffc92d160b1eef40665be3a05630d003936a3bc7da7421277846c2613e92c71a" -dependencies = [ - "serde", -] - -[[package]] -name = "tss-esapi" -version = "4.0.3-alpha.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d0b8770c1c7414f8a4390627337ddf01091b3955a175692442dffb280ecb8e6c" -dependencies = [ - "bindgen", - "bitfield", - "enumflags2", - "log", - "mbox", - "num-derive", - "num-traits", - "pkg-config", - "serde", -] - -[[package]] -name = "typenum" -version = "1.12.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "373c8a200f9e67a0c95e62a4f52fbf80c23b4381c05a17845531982fa99e6b33" - -[[package]] -name = "unicode-segmentation" -version = "1.6.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e83e153d1053cbb5a118eeff7fd5be06ed99153f00dbcd8ae310c5fb2b22edc0" - -[[package]] -name = "unicode-width" -version = "0.1.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "caaa9d531767d1ff2150b9332433f32a24622147e5ebb1f26409d5da67afd479" - -[[package]] -name = "unicode-xid" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "826e7639553986605ec5979c7dd957c7895e93eabed50ab2ffa7f6128a75097c" - -[[package]] -name = "untrusted" -version = "0.7.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a156c684c91ea7d62626509bce3cb4e1d9ed5c4d978f7b4352658f96a4c26b4a" - -[[package]] -name = "uuid" -version = "0.7.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "90dbc611eb48397705a6b0f6e917da23ae517e4d127123d2cf7674206627d32a" - -[[package]] -name = "vec_map" -version = "0.8.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f1bddf1187be692e79c5ffeab891132dfb0f236ed36a43c7ed39f1165ee20191" - -[[package]] -name = "version" -version = "3.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3a449064fee414fcc201356a3e6c1510f6c8829ed28bb06b91c54ebe208ce065" - -[[package]] -name = "version_check" -version = "0.9.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b5a972e5669d67ba988ce3dc826706fb0a8b01471c088cb0b6110b805cc36aed" - -[[package]] -name = "wasi" -version = "0.9.0+wasi-snapshot-preview1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cccddf32554fecc6acb585f82a32a72e28b48f8c4c1883ddfeeeaa96f7d8e519" - -[[package]] -name = "wasm-bindgen" -version = "0.2.63" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c2dc4aa152834bc334f506c1a06b866416a8b6697d5c9f75b9a689c8486def0" -dependencies = [ - "cfg-if", - "wasm-bindgen-macro", -] - -[[package]] -name = "wasm-bindgen-backend" -version = "0.2.63" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ded84f06e0ed21499f6184df0e0cb3494727b0c5da89534e0fcc55c51d812101" -dependencies = [ - "bumpalo", - "lazy_static", - "log", - "proc-macro2", - "quote", - "syn", - "wasm-bindgen-shared", -] - -[[package]] -name = "wasm-bindgen-macro" -version = "0.2.63" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "838e423688dac18d73e31edce74ddfac468e37b1506ad163ffaf0a46f703ffe3" -dependencies = [ - "quote", - "wasm-bindgen-macro-support", -] - -[[package]] -name = "wasm-bindgen-macro-support" -version = "0.2.63" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3156052d8ec77142051a533cdd686cba889537b213f948cd1d20869926e68e92" -dependencies = [ - "proc-macro2", - "quote", - "syn", - "wasm-bindgen-backend", - "wasm-bindgen-shared", -] - -[[package]] -name = "wasm-bindgen-shared" -version = "0.2.63" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c9ba19973a58daf4db6f352eda73dc0e289493cd29fb2632eb172085b6521acd" - -[[package]] -name = "web-sys" -version = "0.3.40" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7b72fe77fd39e4bd3eaa4412fd299a0be6b3dfe9d2597e2f1c20beb968f41d17" -dependencies = [ - "js-sys", - "wasm-bindgen", -] - -[[package]] -name = "which" -version = "3.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d011071ae14a2f6671d0b74080ae0cd8ebf3a6f8c9589a2cd45f23126fe29724" -dependencies = [ - "libc", -] - -[[package]] -name = "winapi" -version = "0.3.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8093091eeb260906a183e6ae1abdba2ef5ef2257a21801128899c3fc699229c6" -dependencies = [ - "winapi-i686-pc-windows-gnu", - "winapi-x86_64-pc-windows-gnu", -] - -[[package]] -name = "winapi-i686-pc-windows-gnu" -version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" - -[[package]] -name = "winapi-util" -version = "0.1.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "70ec6ce85bb158151cae5e5c87f95a8e97d2c0c4b001223f33a334e3ce5de178" -dependencies = [ - "winapi", -] - -[[package]] -name = "winapi-x86_64-pc-windows-gnu" -version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" - -[[package]] -name = "zeroize" -version = "1.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3cbac2ed2ba24cc90f5e06485ac8c7c1e5449fe8911aef4d8877218af021a5b8" -dependencies = [ - "zeroize_derive", -] - -[[package]] -name = "zeroize_derive" -version = "1.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "de251eec69fc7c1bc3923403d18ececb929380e016afe103da75f396704f8ca2" -dependencies = [ - "proc-macro2", - "quote", - "syn", - "synstructure", -] diff --git a/Cargo.toml b/Cargo.toml index 04ca0e24..4113405d 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -18,8 +18,8 @@ name = "parsec" path = "src/bin/main.rs" [dependencies] -parsec-interface = "0.15.0" -rand = "0.7.2" +parsec-interface = "0.16.0" +rand = { version = "0.7.2", features = ["small_rng"] } base64 = "0.10.1" uuid = "0.7.4" threadpool = "1.7.1" @@ -40,6 +40,7 @@ derivative = "2.1.1" version = "3.0.0" hex = "0.4.2" picky = "5.0.0" +psa-crypto = { version = "0.2.0" , default-features = false, features = ["with-mbed-crypto"], optional = true } [dev-dependencies] ring = "0.16.12" @@ -59,7 +60,7 @@ features = ["docs"] [features] default = [] -mbed-crypto-provider = [] +mbed-crypto-provider = ["psa-crypto"] pkcs11-provider = ["pkcs11", "picky-asn1-der", "picky-asn1"] tpm-provider = ["tss-esapi", "picky-asn1-der", "picky-asn1"] all-providers = ["tpm-provider", "pkcs11-provider", "mbed-crypto-provider"] diff --git a/build-conf.toml b/build-conf.toml deleted file mode 100644 index 8a24fac3..00000000 --- a/build-conf.toml +++ /dev/null @@ -1,19 +0,0 @@ -# Configuration values for setting up and building the Mbed Crypto library that -# PARSEC depends on -[mbed_config] - # Path (either relative or absolute) where the Mbed Crypto source code will be - # persisted. - # This value default to the OUT_DIR environment variable. - mbed_path = "/tmp/" - - # When compiling natively - [mbed_config.native] - # The compiler to use when building the Mbed Crypto library - # mbed_compiler = "clang" - # The archiver to use when building the Mbed Crypto library - # mbed_archiver = "ar" - - # When cross-compiling for aarch64-unknown-linux-gnu target - [mbed_config.aarch64_unknown_linux_gnu] - # mbed_compiler = "aarch64-linux-gnu-gcc" - # mbed_archiver = "aarch64-linux-gnu-ar" diff --git a/build.rs b/build.rs index 28848147..9ac8eedf 100644 --- a/build.rs +++ b/build.rs @@ -1,268 +1,3 @@ -// Copyright 2019 Contributors to the Parsec project. -// SPDX-License-Identifier: Apache-2.0 - -#![deny( - nonstandard_style, - const_err, - dead_code, - improper_ctypes, - non_shorthand_field_patterns, - no_mangle_generic_items, - overflowing_literals, - path_statements, - patterns_in_fns_without_body, - private_in_public, - unconditional_recursion, - unused, - unused_allocation, - unused_comparisons, - unused_parens, - while_true, - missing_debug_implementations, - trivial_casts, - trivial_numeric_casts, - unused_extern_crates, - unused_import_braces, - unused_qualifications, - unused_results, - missing_copy_implementations -)] -// This one is hard to avoid. #![allow(clippy::multiple_crate_versions)] -use cargo_toml::{Manifest, Value}; -use serde::Deserialize; -use std::env; -use std::io::{Error, ErrorKind, Result}; -use std::path::{Path, PathBuf}; - -const CONFIG_TABLE_NAME: &str = "config"; -const MBED_CRYPTO_VERSION_KEY: &str = "mbed-crypto-version"; - -const SETUP_MBED_SCRIPT_PATH: &str = "./setup_mbed_crypto.sh"; -const BUILD_CONFIG_FILE_PATH: &str = "./build-conf.toml"; - -const DEFAULT_NATIVE_MBED_COMPILER: &str = "clang"; -const DEFAULT_NATIVE_MBED_ARCHIVER: &str = "ar"; -const DEFAULT_ARM64_MBED_COMPILER: &str = "aarch64-linux-gnu-gcc"; -const DEFAULT_ARM64_MBED_ARCHIVER: &str = "aarch64-linux-gnu-ar"; - -#[derive(Debug, Deserialize)] -struct Configuration { - mbed_config: Option, -} - -#[derive(Debug, Deserialize)] -struct MbedConfig { - mbed_path: Option, - native: Option, - aarch64_unknown_linux_gnu: Option, -} - -#[derive(Debug, Deserialize)] -struct Toolchain { - mbed_compiler: Option, - mbed_archiver: Option, -} - -fn get_configuration_string(parsec_config: &Value, key: &str) -> Result { - let config_value = get_value_from_table(parsec_config, key)?; - match config_value { - Value::String(string) => Ok(string.clone()), - _ => Err(Error::new( - ErrorKind::InvalidInput, - "Configuration key missing", - )), - } -} - -fn get_value_from_table<'a>(table: &'a Value, key: &str) -> Result<&'a Value> { - match table { - Value::Table(table) => table.get(key).ok_or_else(|| { - println!("Config table does not contain configuration key: {}", key); - Error::new(ErrorKind::InvalidInput, "Configuration key missing.") - }), - _ => Err(Error::new( - ErrorKind::InvalidInput, - "Value provided is not a TOML table", - )), - } -} - -// Get the Mbed Crypto version to branch on from Cargo.toml file. Use that and MbedConfig to pass -// parameters to the setup_mbed_crypto.sh script which clones and builds Mbed Crypto and create -// a static library. -fn setup_mbed_crypto(mbed_config: &MbedConfig, mbed_version: &str) -> Result<()> { - let (mbed_compiler, mbed_archiver) = - if std::env::var("TARGET").unwrap() == "aarch64-unknown-linux-gnu" { - let toolchain; - toolchain = mbed_config - .aarch64_unknown_linux_gnu - .as_ref() - .ok_or_else(|| { - Error::new( - ErrorKind::InvalidInput, - "The aarch64_unknown_linux_gnu subtable of mbed_config should exist", - ) - })?; - ( - toolchain - .mbed_compiler - .clone() - .unwrap_or_else(|| DEFAULT_ARM64_MBED_COMPILER.to_string()), - toolchain - .mbed_archiver - .clone() - .unwrap_or_else(|| DEFAULT_ARM64_MBED_ARCHIVER.to_string()), - ) - } else { - let toolchain; - toolchain = mbed_config.native.as_ref().ok_or_else(|| { - Error::new( - ErrorKind::InvalidInput, - "The native subtable of mbed_config should exist", - ) - })?; - ( - toolchain - .mbed_compiler - .clone() - .unwrap_or_else(|| DEFAULT_NATIVE_MBED_COMPILER.to_string()), - toolchain - .mbed_archiver - .clone() - .unwrap_or_else(|| DEFAULT_NATIVE_MBED_ARCHIVER.to_string()), - ) - }; - - let script_fail = |_| { - Err(Error::new( - ErrorKind::Other, - "setup_mbed_crypto.sh script failed", - )) - }; - - if !::std::process::Command::new(SETUP_MBED_SCRIPT_PATH) - .arg(mbed_version) - .arg( - mbed_config - .mbed_path - .clone() - .unwrap_or_else(|| env::var("OUT_DIR").unwrap()), - ) - .arg(format!("CC={}", mbed_compiler)) - .arg(format!("AR={}", mbed_archiver)) - .status() - .or_else(script_fail)? - .success() - { - Err(Error::new( - ErrorKind::Other, - "setup_mbed_crypto.sh returned an error status.", - )) - } else { - Ok(()) - } -} - -fn generate_mbed_bindings(mbed_config: &MbedConfig, mbed_version: &str) -> Result<()> { - let mbed_include_dir = mbed_config - .mbed_path - .clone() - .unwrap_or_else(|| env::var("OUT_DIR").unwrap()) - + "/mbed-crypto-" - + mbed_version - + "/include"; - let header = mbed_include_dir.clone() + "/psa/crypto.h"; - - println!("cargo:rerun-if-changed={}", header); - - let bindings = bindgen::Builder::default() - .clang_arg(format!("-I{}", mbed_include_dir)) - .rustfmt_bindings(true) - .header(header) - .generate_comments(false) - .generate() - .or_else(|_| { - Err(Error::new( - ErrorKind::Other, - "Unable to generate bindings to mbed crypto", - )) - })?; - - let out_path = PathBuf::from(env::var("OUT_DIR").unwrap()); - bindings.write_to_file(out_path.join("psa_crypto_bindings.rs")) -} - -// Get the compiler, the archiver and the location where to clone the Mbed Crypto repository. -fn parse_config_file() -> Result { - let config_str = ::std::fs::read_to_string(Path::new(BUILD_CONFIG_FILE_PATH))?; - Ok(toml::from_str(&config_str).or_else(|e| { - println!("Error parsing build configuration file ({}).", e); - Err(Error::new( - ErrorKind::InvalidInput, - "Could not parse build configuration file.", - )) - })?) -} - -fn main() -> Result<()> { - // Parsing build-conf.toml - let config = parse_config_file()?; - - // Parsing Cargo.toml - let toml_path = std::path::Path::new("./Cargo.toml"); - if !toml_path.exists() { - return Err(Error::new( - ErrorKind::InvalidInput, - "Could not find Cargo.toml.", - )); - } - let manifest = Manifest::from_path(&toml_path).or_else(|e| { - println!("Error parsing Cargo.toml ({}).", e); - Err(Error::new( - ErrorKind::InvalidInput, - "Could not parse Cargo.toml.", - )) - })?; - - let package = manifest.package.ok_or_else(|| { - Error::new( - ErrorKind::InvalidInput, - "Cargo.toml does not contain package information.", - ) - })?; - let metadata = package.metadata.ok_or_else(|| { - Error::new( - ErrorKind::InvalidInput, - "Cargo.toml does not contain package metadata.", - ) - })?; - let parsec_config = get_value_from_table(&metadata, CONFIG_TABLE_NAME)?; - - if cfg!(feature = "mbed-crypto-provider") { - let mbed_config = config.mbed_config.ok_or_else(|| { - Error::new( - ErrorKind::InvalidInput, - "Could not find mbed_config table in the config file.", - ) - })?; - - let mbed_version = get_configuration_string(&parsec_config, MBED_CRYPTO_VERSION_KEY)?; - - setup_mbed_crypto(&mbed_config, &mbed_version)?; - generate_mbed_bindings(&mbed_config, &mbed_version)?; - - // Request rustc to link the Mbed Crypto static library - println!( - "cargo:rustc-link-search=native={}/mbed-crypto-{}/library/", - mbed_config - .mbed_path - .unwrap_or_else(|| env::var("OUT_DIR").unwrap()), - mbed_version, - ); - println!("cargo:rustc-link-lib=static=mbedcrypto"); - } - - Ok(()) -} +fn main() {} diff --git a/e2e_tests/provider_cfg/all/Dockerfile b/e2e_tests/provider_cfg/all/Dockerfile index 78c7db54..c2f61e92 100644 --- a/e2e_tests/provider_cfg/all/Dockerfile +++ b/e2e_tests/provider_cfg/all/Dockerfile @@ -3,7 +3,7 @@ FROM tpm2software/tpm2-tss:ubuntu-18.04 ENV PKG_CONFIG_PATH /usr/local/lib/pkgconfig RUN apt-get update && \ - apt-get install -y git make gcc python3 python curl wget && \ + apt-get install -y git make gcc python3 python curl wget cmake && \ apt-get install -y automake autoconf libtool pkg-config libssl-dev && \ # These libraries are needed for bindgen as it uses libclang.so apt-get install -y clang libclang-dev libc6-dev-i386 diff --git a/e2e_tests/provider_cfg/mbed-crypto/Dockerfile b/e2e_tests/provider_cfg/mbed-crypto/Dockerfile index b652c720..d8f1ff98 100644 --- a/e2e_tests/provider_cfg/mbed-crypto/Dockerfile +++ b/e2e_tests/provider_cfg/mbed-crypto/Dockerfile @@ -1,7 +1,7 @@ FROM ubuntu:18.04 RUN apt-get update && \ - apt-get install -y git make gcc python3 python curl wget libgcc1 && \ + apt-get install -y git make gcc python3 python curl wget libgcc1 cmake && \ # These libraries are needed for bindgen as it uses libclang.so apt-get install -y clang libclang-dev && \ # Needed for Open SSL diff --git a/e2e_tests/tests/per_provider/normal_tests/create_destroy_key.rs b/e2e_tests/tests/per_provider/normal_tests/create_destroy_key.rs index 42a80556..ee3baa1f 100644 --- a/e2e_tests/tests/per_provider/normal_tests/create_destroy_key.rs +++ b/e2e_tests/tests/per_provider/normal_tests/create_destroy_key.rs @@ -1,12 +1,6 @@ // Copyright 2019 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 use e2e_tests::TestClient; -use parsec_client::core::interface::operations::psa_algorithm::{ - Algorithm, AsymmetricSignature, Hash, -}; -use parsec_client::core::interface::operations::psa_key_attributes::{ - Attributes, Lifetime, Policy, Type, UsageFlags, -}; use parsec_client::core::interface::requests::ResponseStatus; use parsec_client::core::interface::requests::Result; use picky_asn1::wrapper::IntegerAsn1; @@ -110,35 +104,13 @@ fn generate_public_rsa_check_modulus() -> Result<()> { fn failed_created_key_should_be_removed() -> Result<()> { let mut client = TestClient::new(); let key_name = String::from("failed_created_key_should_be_removed"); + const GARBAGE_IMPORT_DATA: [u8; 1] = [ + 48, + ]; - let attributes = Attributes { - lifetime: Lifetime::Persistent, - key_type: Type::Arc4, - bits: 1024, - policy: Policy { - usage_flags: UsageFlags { - sign_hash: false, - verify_hash: true, - sign_message: false, - verify_message: true, - export: false, - encrypt: false, - decrypt: false, - cache: false, - copy: false, - derive: false, - }, - permitted_algorithms: Algorithm::AsymmetricSignature( - AsymmetricSignature::RsaPkcs1v15Sign { - hash_alg: Hash::Sha256.into(), - }, - ), - }, - }; - - // Unsupported parameter, should fail + // The data being imported is garbage, should fail let _ = client - .generate_key(key_name.clone(), attributes) + .import_rsa_public_key(key_name.clone(), GARBAGE_IMPORT_DATA.to_vec()) .unwrap_err(); // The key should not exist anymore in the KIM client.generate_rsa_sign_key(key_name)?; diff --git a/setup_mbed_crypto.sh b/setup_mbed_crypto.sh deleted file mode 100755 index 7aec93a4..00000000 --- a/setup_mbed_crypto.sh +++ /dev/null @@ -1,58 +0,0 @@ -#!/usr/bin/env bash - -# Copyright 2019 Contributors to the Parsec project. -# SPDX-License-Identifier: Apache-2.0 - -MBED_VERSION=$1 -if [[ -z "$MBED_VERSION" ]]; then - >&2 echo "No mbed version provided." - exit 1 -fi - -MBED_GITHUB_URL="https://github.com/ARMmbed/mbed-crypto" -MBED_ROOT_FOLDER_NAME="mbed-crypto-$MBED_VERSION" -MBED_LIB_FILENAME="libmbedcrypto.a" - -# Where to clone the Mbed Crypto library -TEMP_FOLDER=$2 -if [[ -z "$TEMP_FOLDER" ]]; then - >&2 echo "No temporary folder for mbed provided." - exit 1 -fi - -# These options refer to CC and AR -OPTIONS="$3 $4" - -if [[ -z "$(type git 2> /dev/null)" ]]; then - >&2 echo "Git not installed." - exit 1 -fi - -get_mbed_repo() { - echo "No mbed-crypto present locally. Cloning." - wget $MBED_GITHUB_URL/archive/$MBED_VERSION.tar.gz - tar xf $MBED_VERSION.tar.gz - pushd $MBED_ROOT_FOLDER_NAME -} - -setup_mbed_library() { - echo "Building libmbedcrypto." - #TODO: explain the bug with SHARED, it is needed for correct linking on some Linux machine - make SHARED=0 $OPTIONS > /dev/null -} - -# Fetch mbed-crypto source code -mkdir -p $TEMP_FOLDER -pushd $TEMP_FOLDER -if [[ -d "$MBED_ROOT_FOLDER_NAME" ]]; then - pushd $MBED_ROOT_FOLDER_NAME -else - get_mbed_repo -fi - -# Set up lib -if [[ -e "library/$MBED_LIB_FILENAME" ]]; then - echo "Library is set up." -else - setup_mbed_library -fi diff --git a/src/providers/mbed_provider/asym_sign.rs b/src/providers/mbed_provider/asym_sign.rs index 6f283e08..e8ceee52 100644 --- a/src/providers/mbed_provider/asym_sign.rs +++ b/src/providers/mbed_provider/asym_sign.rs @@ -1,13 +1,14 @@ // Copyright 2020 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 -use super::constants::PSA_SUCCESS; -use super::utils::{self, KeyHandle}; -use super::{key_management, psa_crypto_binding, MbedProvider}; +use super::utils; +use super::{key_management, MbedProvider}; use crate::authenticators::ApplicationName; use crate::key_info_managers::KeyTriple; -use log::{error, info}; +use log::info; use parsec_interface::operations::{psa_sign_hash, psa_verify_hash}; -use parsec_interface::requests::{ProviderID, Result}; +use parsec_interface::requests::{ProviderID, ResponseStatus, Result}; +use psa_crypto::operations::asym_signature; +use psa_crypto::types::key; impl MbedProvider { pub(super) fn psa_sign_hash_internal( @@ -29,49 +30,21 @@ impl MbedProvider { .lock() .expect("Grabbing key handle mutex failed"); - let mut key_handle; - let mut key_attrs; - // Safety: - // * at this point the provider has been instantiated so Mbed Crypto has been initialized - // * self.key_handle_mutex prevents concurrent accesses - // * self.key_slot_semaphore prevents overflowing key slots - unsafe { - key_handle = KeyHandle::open(key_id)?; - key_attrs = key_handle.attributes()?; - } - - let buffer_size = utils::psa_asymmetric_sign_output_size(key_attrs.as_ref())?; + let id = key::Id::from_persistent_key_id(key_id); + let key_attributes = key::Attributes::from_key_id(id)?; + let buffer_size = utils::psa_asymmetric_sign_output_size(&key_attributes)?; let mut signature = vec![0u8; buffer_size]; - let mut signature_size = 0; - - let sign_status; - // Safety: same conditions than above. - unsafe { - sign_status = psa_crypto_binding::psa_asymmetric_sign( - key_handle.raw(), - utils::convert_algorithm(&alg.into())?, - hash.as_ptr(), - hash.len() as u64, - signature.as_mut_ptr(), - buffer_size as u64, - &mut signature_size, - ); - key_attrs.reset(); - key_handle.close()?; - }; - if sign_status == PSA_SUCCESS { - let mut res = psa_sign_hash::Result { - signature: Vec::new(), - }; - res.signature.resize(signature_size as usize, 0); - res.signature - .copy_from_slice(&signature[0..signature_size as usize]); - - Ok(res) - } else { - error!("Sign status: {}", sign_status); - Err(utils::convert_status(sign_status)) + match asym_signature::sign_hash(id, alg, &hash, &mut signature) { + Ok(size) => { + signature.resize(size, 0); + Ok(psa_sign_hash::Result { signature }) + } + Err(error) => { + let error = ResponseStatus::from(error); + format_error!("Sign status: {}", error); + Err(error) + } } } @@ -95,32 +68,14 @@ impl MbedProvider { .lock() .expect("Grabbing key handle mutex failed"); - let mut key_handle; - let mut key_attrs; - let verify_status; - // Safety: - // * at this point the provider has been instantiated so Mbed Crypto has been initialized - // * self.key_handle_mutex prevents concurrent accesses - // * self.key_slot_semaphore prevents overflowing key slots - unsafe { - key_handle = KeyHandle::open(key_id)?; - key_attrs = key_handle.attributes()?; - verify_status = psa_crypto_binding::psa_asymmetric_verify( - key_handle.raw(), - utils::convert_algorithm(&alg.into())?, - hash.as_ptr(), - hash.len() as u64, - signature.as_ptr(), - signature.len() as u64, - ); - key_attrs.reset(); - key_handle.close()?; - } - - if verify_status == PSA_SUCCESS { - Ok(psa_verify_hash::Result {}) - } else { - Err(utils::convert_status(verify_status)) + let id = key::Id::from_persistent_key_id(key_id); + match asym_signature::verify_hash(id, alg, &hash, &signature) { + Ok(()) => Ok(psa_verify_hash::Result {}), + Err(error) => { + let error = ResponseStatus::from(error); + format_error!("Verify status: {}", error); + Err(error) + } } } } diff --git a/src/providers/mbed_provider/constants.rs b/src/providers/mbed_provider/constants.rs deleted file mode 100644 index baff7c18..00000000 --- a/src/providers/mbed_provider/constants.rs +++ /dev/null @@ -1,157 +0,0 @@ -// Copyright 2019 Contributors to the Parsec project. -// SPDX-License-Identifier: Apache-2.0 -//! Constants used by the Mbed Provider for interaction with the Mbed Crypto C library. - -use super::psa_crypto_binding::*; - -// PSA error codes -pub const PSA_SUCCESS: psa_status_t = 0; -pub const PSA_ERROR_GENERIC_ERROR: psa_status_t = -132; -pub const PSA_ERROR_NOT_SUPPORTED: psa_status_t = -134; -pub const PSA_ERROR_NOT_PERMITTED: psa_status_t = -133; -pub const PSA_ERROR_BUFFER_TOO_SMALL: psa_status_t = -138; -pub const PSA_ERROR_ALREADY_EXISTS: psa_status_t = -139; -pub const PSA_ERROR_DOES_NOT_EXIST: psa_status_t = -140; -pub const PSA_ERROR_BAD_STATE: psa_status_t = -137; -pub const PSA_ERROR_INVALID_ARGUMENT: psa_status_t = -135; -pub const PSA_ERROR_INSUFFICIENT_MEMORY: psa_status_t = -141; -pub const PSA_ERROR_INSUFFICIENT_STORAGE: psa_status_t = -142; -pub const PSA_ERROR_COMMUNICATION_FAILURE: psa_status_t = -145; -pub const PSA_ERROR_STORAGE_FAILURE: psa_status_t = -146; -pub const PSA_ERROR_HARDWARE_FAILURE: psa_status_t = -147; -pub const PSA_ERROR_TAMPERING_DETECTED: psa_status_t = -151; -pub const PSA_ERROR_INSUFFICIENT_ENTROPY: psa_status_t = -148; -pub const PSA_ERROR_INVALID_SIGNATURE: psa_status_t = -149; -pub const PSA_ERROR_INVALID_PADDING: psa_status_t = -150; -pub const PSA_ERROR_INSUFFICIENT_DATA: psa_status_t = -143; -pub const PSA_ERROR_INVALID_HANDLE: psa_status_t = -136; - -pub const PSA_MAX_KEY_BITS: usize = 0xfff8; -pub const PSA_KEY_BITS_TOO_LARGE: psa_key_bits_t = 0xffff; -pub const PSA_MAX_PERSISTENT_KEY_IDENTIFIER: psa_key_id_t = 0x3fff_ffff; -pub const PSA_KEY_SLOT_COUNT: isize = 32; -pub const EMPTY_KEY_HANDLE: psa_key_handle_t = 0; -pub const PSA_KEY_TYPE_NONE: psa_key_type_t = 0x0000_0000; -pub const PSA_KEY_TYPE_VENDOR_FLAG: psa_key_type_t = 0x8000_0000; -pub const PSA_KEY_TYPE_CATEGORY_MASK: psa_key_type_t = 0x7000_0000; -pub const PSA_KEY_TYPE_CATEGORY_SYMMETRIC: psa_key_type_t = 0x4000_0000; -pub const PSA_KEY_TYPE_CATEGORY_RAW: psa_key_type_t = 0x5000_0000; -pub const PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY: psa_key_type_t = 0x6000_0000; -pub const PSA_KEY_TYPE_CATEGORY_KEY_PAIR: psa_key_type_t = 0x7000_0000; -pub const PSA_KEY_TYPE_CATEGORY_FLAG_PAIR: psa_key_type_t = 0x1000_0000; -pub const PSA_KEY_TYPE_RAW_DATA: psa_key_type_t = 0x5000_0001; -pub const PSA_KEY_TYPE_HMAC: psa_key_type_t = 0x5100_0000; -pub const PSA_KEY_TYPE_DERIVE: psa_key_type_t = 0x5200_0000; -pub const PSA_KEY_TYPE_AES: psa_key_type_t = 0x4000_0001; -pub const PSA_KEY_TYPE_DES: psa_key_type_t = 0x4000_0002; -pub const PSA_KEY_TYPE_CAMELLIA: psa_key_type_t = 0x4000_0003; -pub const PSA_KEY_TYPE_ARC4: psa_key_type_t = 0x4000_0004; -pub const PSA_KEY_TYPE_RSA_PUBLIC_KEY: psa_key_type_t = 0x6001_0000; -pub const PSA_KEY_TYPE_RSA_KEYPAIR: psa_key_type_t = 0x7001_0000; -pub const PSA_KEY_TYPE_DSA_PUBLIC_KEY: psa_key_type_t = 0x6002_0000; -pub const PSA_KEY_TYPE_DSA_KEYPAIR: psa_key_type_t = 0x7002_0000; -pub const PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE: psa_key_type_t = 0x6003_0000; -pub const PSA_KEY_TYPE_ECC_KEYPAIR_BASE: psa_key_type_t = 0x7003_0000; -pub const PSA_KEY_TYPE_ECC_CURVE_MASK: psa_key_type_t = 0x0000_ffff; -pub const PSA_ECC_CURVE_SECT163K1: psa_ecc_curve_t = 0x0001; -pub const PSA_ECC_CURVE_SECT163R1: psa_ecc_curve_t = 0x0002; -pub const PSA_ECC_CURVE_SECT163R2: psa_ecc_curve_t = 0x0003; -pub const PSA_ECC_CURVE_SECT193R1: psa_ecc_curve_t = 0x0004; -pub const PSA_ECC_CURVE_SECT193R2: psa_ecc_curve_t = 0x0005; -pub const PSA_ECC_CURVE_SECT233K1: psa_ecc_curve_t = 0x0006; -pub const PSA_ECC_CURVE_SECT233R1: psa_ecc_curve_t = 0x0007; -pub const PSA_ECC_CURVE_SECT239K1: psa_ecc_curve_t = 0x0008; -pub const PSA_ECC_CURVE_SECT283K1: psa_ecc_curve_t = 0x0009; -pub const PSA_ECC_CURVE_SECT283R1: psa_ecc_curve_t = 0x000a; -pub const PSA_ECC_CURVE_SECT409K1: psa_ecc_curve_t = 0x000b; -pub const PSA_ECC_CURVE_SECT409R1: psa_ecc_curve_t = 0x000c; -pub const PSA_ECC_CURVE_SECT571K1: psa_ecc_curve_t = 0x000d; -pub const PSA_ECC_CURVE_SECT571R1: psa_ecc_curve_t = 0x000e; -pub const PSA_ECC_CURVE_SECP160K1: psa_ecc_curve_t = 0x000f; -pub const PSA_ECC_CURVE_SECP160R1: psa_ecc_curve_t = 0x0010; -pub const PSA_ECC_CURVE_SECP160R2: psa_ecc_curve_t = 0x0011; -pub const PSA_ECC_CURVE_SECP192K1: psa_ecc_curve_t = 0x0012; -pub const PSA_ECC_CURVE_SECP192R1: psa_ecc_curve_t = 0x0013; -pub const PSA_ECC_CURVE_SECP224K1: psa_ecc_curve_t = 0x0014; -pub const PSA_ECC_CURVE_SECP224R1: psa_ecc_curve_t = 0x0015; -pub const PSA_ECC_CURVE_SECP256K1: psa_ecc_curve_t = 0x0016; -pub const PSA_ECC_CURVE_SECP256R1: psa_ecc_curve_t = 0x0017; -pub const PSA_ECC_CURVE_SECP384R1: psa_ecc_curve_t = 0x0018; -pub const PSA_ECC_CURVE_SECP521R1: psa_ecc_curve_t = 0x0019; -pub const PSA_ECC_CURVE_BRAINPOOL_P256R1: psa_ecc_curve_t = 0x001a; -pub const PSA_ECC_CURVE_BRAINPOOL_P384R1: psa_ecc_curve_t = 0x001b; -pub const PSA_ECC_CURVE_BRAINPOOL_P512R1: psa_ecc_curve_t = 0x001c; -pub const PSA_ECC_CURVE_CURVE25519: psa_ecc_curve_t = 0x001d; -pub const PSA_ECC_CURVE_CURVE448: psa_ecc_curve_t = 0x001e; -pub const PSA_ALG_VENDOR_FLAG: psa_algorithm_t = 0x8000_0000; -pub const PSA_ALG_CATEGORY_MASK: psa_algorithm_t = 0x7f00_0000; -pub const PSA_ALG_CATEGORY_HASH: psa_algorithm_t = 0x0100_0000; -pub const PSA_ALG_CATEGORY_MAC: psa_algorithm_t = 0x0200_0000; -pub const PSA_ALG_CATEGORY_CIPHER: psa_algorithm_t = 0x0400_0000; -pub const PSA_ALG_CATEGORY_AEAD: psa_algorithm_t = 0x0600_0000; -pub const PSA_ALG_CATEGORY_SIGN: psa_algorithm_t = 0x1000_0000; -pub const PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION: psa_algorithm_t = 0x1200_0000; -pub const PSA_ALG_CATEGORY_KEY_AGREEMENT: psa_algorithm_t = 0x2200_0000; -pub const PSA_ALG_CATEGORY_KEY_DERIVATION: psa_algorithm_t = 0x3000_0000; -pub const PSA_ALG_CATEGORY_KEY_SELECTION: psa_algorithm_t = 0x3100_0000; -pub const PSA_ALG_KEY_SELECTION_FLAG: psa_algorithm_t = 0x0100_0000; -pub const PSA_ALG_HASH_MASK: psa_algorithm_t = 0x0000_00ff; -pub const PSA_ALG_MD2: psa_algorithm_t = 0x0100_0001; -pub const PSA_ALG_MD4: psa_algorithm_t = 0x0100_0002; -pub const PSA_ALG_MD5: psa_algorithm_t = 0x0100_0003; -pub const PSA_ALG_RIPEMD160: psa_algorithm_t = 0x0100_0004; -pub const PSA_ALG_SHA_1: psa_algorithm_t = 0x0100_0005; -pub const PSA_ALG_SHA_224: psa_algorithm_t = 0x0100_0008; -pub const PSA_ALG_SHA_256: psa_algorithm_t = 0x0100_0009; -pub const PSA_ALG_SHA_384: psa_algorithm_t = 0x0100_000a; -pub const PSA_ALG_SHA_512: psa_algorithm_t = 0x0100_000b; -pub const PSA_ALG_SHA_512_224: psa_algorithm_t = 0x0100_000c; -pub const PSA_ALG_SHA_512_256: psa_algorithm_t = 0x0100_000d; -pub const PSA_ALG_SHA3_224: psa_algorithm_t = 0x0100_0010; -pub const PSA_ALG_SHA3_256: psa_algorithm_t = 0x0100_0011; -pub const PSA_ALG_SHA3_384: psa_algorithm_t = 0x0100_0012; -pub const PSA_ALG_SHA3_512: psa_algorithm_t = 0x0100_0013; -pub const PSA_ALG_ANY_HASH: psa_algorithm_t = 0x0100_00ff; -pub const PSA_ALG_MAC_SUBCATEGORY_MASK: psa_algorithm_t = 0x00c0_0000; -pub const PSA_ALG_HMAC_BASE: psa_algorithm_t = 0x0280_0000; -pub const PSA_ALG_MAC_TRUNCATION_MASK: psa_algorithm_t = 0x0000_3f00; -pub const PSA_ALG_CIPHER_MAC_BASE: psa_algorithm_t = 0x02c0_0000; -pub const PSA_ALG_CBC_MAC: psa_algorithm_t = 0x02c0_0001; -pub const PSA_ALG_CMAC: psa_algorithm_t = 0x02c0_0002; -pub const PSA_ALG_GMAC: psa_algorithm_t = 0x02c0_0003; -pub const PSA_ALG_CIPHER_STREAM_FLAG: psa_algorithm_t = 0x0080_0000; -pub const PSA_ALG_CIPHER_FROM_BLOCK_FLAG: psa_algorithm_t = 0x0040_0000; -pub const PSA_ALG_ARC4: psa_algorithm_t = 0x0480_0001; -pub const PSA_ALG_CTR: psa_algorithm_t = 0x04c0_0001; -pub const PSA_ALG_CFB: psa_algorithm_t = 0x04c0_0002; -pub const PSA_ALG_OFB: psa_algorithm_t = 0x04c0_0003; -pub const PSA_ALG_XTS: psa_algorithm_t = 0x0440_00ff; -pub const PSA_ALG_CBC_NO_PADDING: psa_algorithm_t = 0x0460_0100; -pub const PSA_ALG_CBC_PKCS7: psa_algorithm_t = 0x0460_0101; -pub const PSA_ALG_CCM: psa_algorithm_t = 0x0600_1001; -pub const PSA_ALG_GCM: psa_algorithm_t = 0x0600_1002; -pub const PSA_ALG_AEAD_TAG_LENGTH_MASK: psa_algorithm_t = 0x0000_3f00; -pub const PSA_ALG_RSA_PKCS1V15_SIGN_BASE: psa_algorithm_t = 0x1002_0000; -pub const PSA_ALG_RSA_PSS_BASE: psa_algorithm_t = 0x1003_0000; -pub const PSA_ALG_DSA_BASE: psa_algorithm_t = 0x1004_0000; -pub const PSA_ALG_DETERMINISTIC_DSA_BASE: psa_algorithm_t = 0x1005_0000; -pub const PSA_ALG_DSA_DETERMINISTIC_FLAG: psa_algorithm_t = 0x0001_0000; -pub const PSA_ALG_ECDSA_BASE: psa_algorithm_t = 0x1006_0000; -pub const PSA_ALG_DETERMINISTIC_ECDSA_BASE: psa_algorithm_t = 0x1007_0000; -pub const PSA_ALG_RSA_PKCS1V15_CRYPT: psa_algorithm_t = 0x1202_0000; -pub const PSA_ALG_RSA_OAEP_BASE: psa_algorithm_t = 0x1203_0000; -pub const PSA_ALG_HKDF_BASE: psa_algorithm_t = 0x3000_0100; -pub const PSA_ALG_TLS12_PRF_BASE: psa_algorithm_t = 0x3000_0200; -pub const PSA_ALG_TLS12_PSK_TO_MS_BASE: psa_algorithm_t = 0x3000_0300; -pub const PSA_ALG_KEY_DERIVATION_MASK: psa_algorithm_t = 0x010f_ffff; -pub const PSA_ALG_SELECT_RAW: psa_algorithm_t = 0x3100_0001; -pub const PSA_ALG_FFDH_BASE: psa_algorithm_t = 0x2210_0000; -pub const PSA_ALG_ECDH_BASE: psa_algorithm_t = 0x2220_0000; -pub const PSA_KEY_LIFETIME_VOLATILE: psa_key_lifetime_t = 0x0000_0000; -pub const PSA_KEY_LIFETIME_PERSISTENT: psa_key_lifetime_t = 0x0000_0001; -pub const PSA_KEY_USAGE_EXPORT: psa_key_usage_t = 0x0000_0001; -pub const PSA_KEY_USAGE_ENCRYPT: psa_key_usage_t = 0x0000_0100; -pub const PSA_KEY_USAGE_DECRYPT: psa_key_usage_t = 0x0000_0200; -pub const PSA_KEY_USAGE_SIGN: psa_key_usage_t = 0x0000_0400; -pub const PSA_KEY_USAGE_VERIFY: psa_key_usage_t = 0x0000_0800; -pub const PSA_KEY_USAGE_DERIVE: psa_key_usage_t = 0x0000_1000; diff --git a/src/providers/mbed_provider/key_management.rs b/src/providers/mbed_provider/key_management.rs index 53fcd42e..e178e0dd 100644 --- a/src/providers/mbed_provider/key_management.rs +++ b/src/providers/mbed_provider/key_management.rs @@ -1,18 +1,20 @@ // Copyright 2020 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 -use super::constants::{PSA_MAX_PERSISTENT_KEY_IDENTIFIER, PSA_SUCCESS}; -use super::psa_crypto_binding::{self, psa_key_id_t}; -use super::utils::{self, KeyHandle}; +use super::utils; use super::{LocalIdStore, MbedProvider}; use crate::authenticators::ApplicationName; use crate::key_info_managers; use crate::key_info_managers::{KeyInfo, KeyTriple, ManageKeyInfo}; -use log::{error, info, warn}; +use log::{info, warn}; use parsec_interface::operations::psa_key_attributes::Attributes; use parsec_interface::operations::{ psa_destroy_key, psa_export_public_key, psa_generate_key, psa_import_key, }; use parsec_interface::requests::{ProviderID, ResponseStatus, Result}; +use psa_crypto::operations::key_management as psa_crypto_key_management; +use psa_crypto::types::key; +use rand::rngs::SmallRng; +use rand::{Rng, SeedableRng}; /// Gets a PSA Key ID from the Key Info Manager. /// Wrapper around the get method of the Key Info Manager to convert the key ID to the psa_key_id_t @@ -20,7 +22,7 @@ use parsec_interface::requests::{ProviderID, ResponseStatus, Result}; pub fn get_key_id( key_triple: &KeyTriple, store_handle: &dyn ManageKeyInfo, -) -> Result { +) -> Result { match store_handle.get(key_triple) { Ok(Some(key_info)) => { if key_info.id.len() == 4 { @@ -28,7 +30,10 @@ pub fn get_key_id( dst.copy_from_slice(&key_info.id); Ok(u32::from_ne_bytes(dst)) } else { - error!("Stored Key ID is not valid."); + format_error!( + "Stored Key ID is not valid.", + ResponseStatus::KeyInfoManagerError + ); Err(ResponseStatus::KeyInfoManagerError) } } @@ -43,13 +48,12 @@ fn create_key_id( key_attributes: Attributes, store_handle: &mut dyn ManageKeyInfo, local_ids_handle: &mut LocalIdStore, -) -> Result { - let mut key_id = rand::random::(); - while local_ids_handle.contains(&key_id) - || key_id == 0 - || key_id > PSA_MAX_PERSISTENT_KEY_IDENTIFIER - { - key_id = rand::random::(); +) -> Result { + let mut rng = SmallRng::from_entropy(); + let mut key_id = rng.gen_range(key::PSA_KEY_ID_USER_MIN, key::PSA_KEY_ID_USER_MAX + 1); + + while local_ids_handle.contains(&key_id) { + key_id = rng.gen_range(key::PSA_KEY_ID_USER_MIN, key::PSA_KEY_ID_USER_MAX + 1); } let key_info = KeyInfo { id: key_id.to_ne_bytes().to_vec(), @@ -70,7 +74,7 @@ fn create_key_id( fn remove_key_id( key_triple: &KeyTriple, - key_id: psa_key_id_t, + key_id: key::psa_key_id_t, store_handle: &mut dyn ManageKeyInfo, local_ids_handle: &mut LocalIdStore, ) -> Result<()> { @@ -115,43 +119,25 @@ impl MbedProvider { &mut local_ids_handle, )?; - let key_attrs = utils::convert_key_attributes(&key_attributes, key_id).or_else(|e| { - remove_key_id( - &key_triple, - key_id, - &mut *store_handle, - &mut local_ids_handle, - )?; - error!("Failed converting key attributes."); - Err(e) - })?; - let _guard = self .key_handle_mutex .lock() .expect("Grabbing key handle mutex failed"); - // Safety: - // * at this point the provider has been instantiated so Mbed Crypto has been initialized - // * self.key_handle_mutex prevents concurrent accesses - // * self.key_slot_semaphore prevents overflowing key slots - let mut key_handle = unsafe { KeyHandle::generate(&key_attrs) }.or_else(|e| { - remove_key_id( - &key_triple, - key_id, - &mut *store_handle, - &mut local_ids_handle, - )?; - error!("Generate key status: {}", e); - Err(e) - })?; - - // Safety: same conditions than above. - unsafe { - key_handle.close()?; + match psa_crypto_key_management::generate(key_attributes, Some(key_id)) { + Ok(_) => Ok(psa_generate_key::Result {}), + Err(error) => { + remove_key_id( + &key_triple, + key_id, + &mut *store_handle, + &mut local_ids_handle, + )?; + let error = ResponseStatus::from(error); + format_error!("Generate key status: {}", error); + Err(error) + } } - - Ok(psa_generate_key::Result {}) } pub(super) fn psa_import_key_internal( @@ -180,43 +166,25 @@ impl MbedProvider { &mut local_ids_handle, )?; - let key_attrs = utils::convert_key_attributes(&key_attributes, key_id).or_else(|e| { - remove_key_id( - &key_triple, - key_id, - &mut *store_handle, - &mut local_ids_handle, - )?; - error!("Failed converting key attributes."); - Err(e) - })?; - let _guard = self .key_handle_mutex .lock() .expect("Grabbing key handle mutex failed"); - // Safety: - // * at this point the provider has been instantiated so Mbed Crypto has been initialized - // * self.key_handle_mutex prevents concurrent accesses - // * self.key_slot_semaphore prevents overflowing key slots - let mut key_handle = unsafe { KeyHandle::import(&key_attrs, key_data) }.or_else(|e| { - remove_key_id( - &key_triple, - key_id, - &mut *store_handle, - &mut local_ids_handle, - )?; - error!("Import key status: {}", e); - Err(e) - })?; - - // Safety: same conditions than above. - unsafe { - key_handle.close()?; + match psa_crypto_key_management::import(key_attributes, Some(key_id), &key_data[..]) { + Ok(_) => Ok(psa_import_key::Result {}), + Err(error) => { + remove_key_id( + &key_triple, + key_id, + &mut *store_handle, + &mut local_ids_handle, + )?; + let error = ResponseStatus::from(error); + format_error!("Import key status: {}", error); + Err(error) + } } - - Ok(psa_import_key::Result {}) } pub(super) fn psa_export_public_key_internal( @@ -236,41 +204,14 @@ impl MbedProvider { .lock() .expect("Grabbing key handle mutex failed"); - let mut key_handle; - let mut key_attrs; - // Safety: - // * at this point the provider has been instantiated so Mbed Crypto has been initialized - // * self.key_handle_mutex prevents concurrent accesses - // * self.key_slot_semaphore prevents overflowing key slots - unsafe { - key_handle = KeyHandle::open(key_id)?; - key_attrs = key_handle.attributes()?; - } - - let buffer_size = utils::psa_export_public_key_size(key_attrs.as_ref())?; + let id = key::Id::from_persistent_key_id(key_id); + let key_attributes = key::Attributes::from_key_id(id)?; + let buffer_size = utils::psa_export_public_key_size(&key_attributes)?; let mut buffer = vec![0u8; buffer_size]; - let mut actual_size = 0; - - let export_status; - // Safety: same conditions than above. - unsafe { - export_status = psa_crypto_binding::psa_export_public_key( - key_handle.raw(), - buffer.as_mut_ptr(), - buffer_size as u64, - &mut actual_size, - ); - key_attrs.reset(); - key_handle.close()?; - }; - if export_status != PSA_SUCCESS { - error!("Export status: {}", export_status); - // Safety: same conditions than above. - return Err(utils::convert_status(export_status)); - } + let export_length = psa_crypto_key_management::export_public(id, &mut buffer)?; - buffer.resize(actual_size as usize, 0); + buffer.resize(export_length, 0); Ok(psa_export_public_key::Result { data: buffer }) } @@ -294,30 +235,32 @@ impl MbedProvider { .key_handle_mutex .lock() .expect("Grabbing key handle mutex failed"); - - let key_handle; let destroy_key_status; // Safety: // * at this point the provider has been instantiated so Mbed Crypto has been initialized // * self.key_handle_mutex prevents concurrent accesses // * self.key_slot_semaphore prevents overflowing key slots + let id = key::Id::from_persistent_key_id(key_id); unsafe { - key_handle = KeyHandle::open(key_id)?; - destroy_key_status = psa_crypto_binding::psa_destroy_key(key_handle.raw()); + destroy_key_status = psa_crypto_key_management::destroy(id); } - if destroy_key_status == PSA_SUCCESS { - remove_key_id( - &key_triple, - key_id, - &mut *store_handle, - &mut local_ids_handle, - )?; - Ok(psa_destroy_key::Result {}) - } else { - error!("Destroy key status: {}", destroy_key_status); - Err(utils::convert_status(destroy_key_status)) + match destroy_key_status { + Ok(()) => { + remove_key_id( + &key_triple, + key_id, + &mut *store_handle, + &mut local_ids_handle, + )?; + Ok(psa_destroy_key::Result {}) + } + Err(error) => { + let error = ResponseStatus::from(error); + format_error!("Destroy key status: {}", error); + Err(error) + } } } } diff --git a/src/providers/mbed_provider/mod.rs b/src/providers/mbed_provider/mod.rs index 632b892b..d6dfd9a0 100644 --- a/src/providers/mbed_provider/mod.rs +++ b/src/providers/mbed_provider/mod.rs @@ -3,7 +3,6 @@ use super::Provide; use crate::authenticators::ApplicationName; use crate::key_info_managers::{KeyTriple, ManageKeyInfo}; -use constants::PSA_SUCCESS; use derivative::Derivative; use log::{error, trace}; use parsec_interface::operations::list_providers::ProviderInfo; @@ -12,34 +11,20 @@ use parsec_interface::operations::{ psa_verify_hash, }; use parsec_interface::requests::{Opcode, ProviderID, ResponseStatus, Result}; -use psa_crypto_binding::psa_key_id_t; +use psa_crypto::types::{key, status}; use std::collections::HashSet; use std::io::{Error, ErrorKind}; use std::sync::{Arc, Mutex, RwLock}; use std_semaphore::Semaphore; -use utils::KeyHandle; use uuid::Uuid; -#[allow( - non_snake_case, - non_camel_case_types, - non_upper_case_globals, - dead_code, - trivial_casts -)] -#[allow(clippy::all)] -mod psa_crypto_binding { - include!(concat!(env!("OUT_DIR"), "/psa_crypto_bindings.rs")); -} - mod asym_sign; #[allow(dead_code)] -mod constants; mod key_management; mod utils; -type LocalIdStore = HashSet; - +type LocalIdStore = HashSet; +const PSA_KEY_SLOT_COUNT: isize = 32; const SUPPORTED_OPCODES: [Opcode; 6] = [ Opcode::PsaGenerateKey, Opcode::PsaDestroyKey, @@ -80,15 +65,15 @@ impl MbedProvider { fn new(key_info_store: Arc>) -> Option { // Safety: this function should be called before any of the other Mbed Crypto functions // are. - if unsafe { psa_crypto_binding::psa_crypto_init() } != PSA_SUCCESS { - error!("Error when initialising Mbed Crypto"); + if let Err(error) = psa_crypto::init() { + format_error!("Error when initialising Mbed Crypto", error); return None; } let mbed_provider = MbedProvider { key_info_store, local_ids: RwLock::new(HashSet::new()), key_handle_mutex: Mutex::new(()), - key_slot_semaphore: Semaphore::new(constants::PSA_KEY_SLOT_COUNT), + key_slot_semaphore: Semaphore::new(PSA_KEY_SLOT_COUNT), }; { // The local scope allows to drop store_handle and local_ids_handle in order to return @@ -117,18 +102,17 @@ impl MbedProvider { } }; - // Safety: safe because: - // * the Mbed Crypto library has been initialized - // * this code is executed only by the main thread - match unsafe { KeyHandle::open(key_id) } { + let pc_key_id = key::Id::from_persistent_key_id(key_id); + match key::Attributes::from_key_id(pc_key_id) { Ok(_) => { let _ = local_ids_handle.insert(key_id); } - Err(ResponseStatus::PsaErrorDoesNotExist) => { - to_remove.push(key_triple.clone()) - } + Err(status::Error::DoesNotExist) => to_remove.push(key_triple.clone()), Err(e) => { - error!("Error {} when opening a persistent Mbed Crypto key.", e); + format_error!( + "Error {} when opening a persistent Mbed Crypto key.", + e + ); return None; } }; @@ -221,15 +205,6 @@ impl Provide for MbedProvider { } } -impl Drop for MbedProvider { - fn drop(&mut self) { - // Safety: the Provider was initialized with psa_crypto_init - unsafe { - psa_crypto_binding::mbedtls_psa_crypto_free(); - } - } -} - #[derive(Default, Derivative)] #[derivative(Debug)] pub struct MbedProviderBuilder { diff --git a/src/providers/mbed_provider/utils.rs b/src/providers/mbed_provider/utils.rs index 633b0321..b9a0da49 100644 --- a/src/providers/mbed_provider/utils.rs +++ b/src/providers/mbed_provider/utils.rs @@ -1,194 +1,8 @@ // Copyright 2019 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 -use super::constants::*; -use super::psa_crypto_binding::{ - self, psa_algorithm_t, psa_core_key_attributes_t, psa_key_attributes_t, psa_key_bits_t, - psa_key_handle_t, psa_key_id_t, psa_key_policy_s, psa_key_type_t, psa_key_usage_t, - psa_status_t, -}; -use log::error; -use parsec_interface::operations::psa_algorithm::{Algorithm, AsymmetricSignature, Hash, SignHash}; -use parsec_interface::operations::psa_key_attributes; use parsec_interface::operations::psa_key_attributes::Type; use parsec_interface::requests::{ResponseStatus, Result}; -use std::convert::TryFrom; -use std::convert::TryInto; - -/// Converts between native Parsec key attributes and ID and the -/// `psa_key_attributes_t` structure required by Mbed Crypto. -/// -/// # Errors -/// -/// If either algorithm or key type conversion fails. See docs for -/// `convert_key_type` and `convert_algorithm` for more details. -pub fn convert_key_attributes( - attrs: &psa_key_attributes::Attributes, - key_id: psa_key_id_t, -) -> Result { - Ok(psa_key_attributes_t { - core: psa_core_key_attributes_t { - type_: convert_key_type(attrs.key_type)?, - lifetime: PSA_KEY_LIFETIME_PERSISTENT, - id: key_id, - policy: psa_key_policy_s { - usage: convert_key_usage(&attrs.policy.usage_flags), - alg: convert_algorithm(&attrs.policy.permitted_algorithms)?, - alg2: 0, - }, - bits: convert_key_bits(attrs.bits as u32), - flags: 0, - }, - domain_parameters: ::std::ptr::null_mut(), - domain_parameters_size: 0, - }) -} - -/// Generates a blank `psa_key_attributes_t` object. -pub fn get_empty_key_attributes() -> psa_key_attributes_t { - psa_key_attributes_t { - core: psa_core_key_attributes_t { - type_: 0, - lifetime: 0, - id: 0, - policy: psa_key_policy_s { - usage: 0, - alg: 0, - alg2: 0, - }, - bits: 0, - flags: 0, - }, - domain_parameters: ::std::ptr::null_mut(), - domain_parameters_size: 0, - } -} - -/// Convert down from a `u32` value to a `u16` (`psa_key_bits_t`), capping the -/// result at `PSA_KEY_BITS_TOO_LARGE`. -pub fn convert_key_bits(key_size: u32) -> psa_key_bits_t { - psa_key_bits_t::try_from(key_size).unwrap_or(PSA_KEY_BITS_TOO_LARGE) -} - -/// Converts between native and Mbed Crypto type values. -/// -/// # Errors -/// -/// Only `Type::RsaKeypair` and `Type::RsaPublicKey` are supported. Returns -/// ResponseStatus::PsaErrorNotSupported otherwise. -pub fn convert_key_type(key_type: Type) -> Result { - match key_type { - Type::RsaKeyPair => Ok(PSA_KEY_TYPE_RSA_KEYPAIR), - Type::RsaPublicKey => Ok(PSA_KEY_TYPE_RSA_PUBLIC_KEY), - _ => Err(ResponseStatus::PsaErrorNotSupported), - } -} - -/// Converts between native and Mbed Crypto key usage values. -pub fn convert_key_usage(operation: &psa_key_attributes::UsageFlags) -> psa_key_usage_t { - let mut usage: psa_key_usage_t = 0; - - // Build up the individual usage flags in the OpKeyCreateBase, and use them to bitwise-combine the equivalent flags - // in the PSA definition. - - if operation.decrypt { - usage |= PSA_KEY_USAGE_DECRYPT; - } - - if operation.encrypt { - usage |= PSA_KEY_USAGE_ENCRYPT; - } - - if operation.export { - usage |= PSA_KEY_USAGE_EXPORT; - } - - if operation.sign_message && operation.sign_hash { - usage |= PSA_KEY_USAGE_SIGN; - } - - if operation.verify_message && operation.verify_hash { - usage |= PSA_KEY_USAGE_VERIFY; - } - - if operation.derive { - usage |= PSA_KEY_USAGE_DERIVE; - } - - usage -} - -/// Converts between native and Mbed Crypto algorithm values. -/// -/// # Errors -/// -/// Only `AlgorithmInner::Sign` is supported as algorithm with only the -/// `SignAlgorithm::RsaPkcs1v15Sign` signing algorithm. Will return -/// ResponseStatus::PsaErrorNotSupported otherwise. -pub fn convert_algorithm(alg: &Algorithm) -> Result { - let mut algo_val: psa_algorithm_t; - match alg { - Algorithm::AsymmetricSignature(asym_sign) => match asym_sign { - AsymmetricSignature::RsaPkcs1v15Sign { hash_alg } => { - algo_val = PSA_ALG_RSA_PKCS1V15_SIGN_BASE; - algo_val |= convert_hash_algorithm(*hash_alg)? & PSA_ALG_HASH_MASK; - Ok(algo_val) - } - _ => Err(ResponseStatus::PsaErrorNotSupported), - }, - _ => Err(ResponseStatus::PsaErrorNotSupported), - } -} - -/// Converts between native and Mbed Crypto hash algorithm values. -pub fn convert_hash_algorithm(hash: SignHash) -> Result { - match hash { - #[allow(deprecated)] - SignHash::Specific(Hash::Md2) => Ok(PSA_ALG_MD2), - #[allow(deprecated)] - SignHash::Specific(Hash::Md4) => Ok(PSA_ALG_MD4), - #[allow(deprecated)] - SignHash::Specific(Hash::Md5) => Ok(PSA_ALG_MD5), - SignHash::Specific(Hash::Ripemd160) => Ok(PSA_ALG_RIPEMD160), - #[allow(deprecated)] - SignHash::Specific(Hash::Sha1) => Ok(PSA_ALG_SHA_1), - SignHash::Specific(Hash::Sha224) => Ok(PSA_ALG_SHA_224), - SignHash::Specific(Hash::Sha256) => Ok(PSA_ALG_SHA_256), - SignHash::Specific(Hash::Sha384) => Ok(PSA_ALG_SHA_384), - SignHash::Specific(Hash::Sha512) => Ok(PSA_ALG_SHA_512), - SignHash::Specific(Hash::Sha512_224) => Ok(PSA_ALG_SHA_512_224), - SignHash::Specific(Hash::Sha512_256) => Ok(PSA_ALG_SHA_512_256), - SignHash::Specific(Hash::Sha3_224) => Ok(PSA_ALG_SHA3_224), - SignHash::Specific(Hash::Sha3_256) => Ok(PSA_ALG_SHA3_256), - SignHash::Specific(Hash::Sha3_384) => Ok(PSA_ALG_SHA3_384), - SignHash::Specific(Hash::Sha3_512) => Ok(PSA_ALG_SHA3_512), - _ => Err(ResponseStatus::PsaErrorNotSupported), - } -} - -const PSA_STATUS_TO_RESPONSE_STATUS_OFFSET: psa_status_t = 1000; - -/// Converts between Mbed Crypto and native status values. -/// Returns None if the conversion can not happen. -pub fn convert_status(psa_status: psa_status_t) -> ResponseStatus { - // psa_status_t errors are i32, negative values between -132 and -151. To map them to u16 - // ResponseStatus values between 1000 and 1999 (as per the Wire Protocol), they are taken their - // absolute values and added 1000. - let psa_status = match psa_status.checked_abs() { - Some(status) => status, - None => return ResponseStatus::InvalidEncoding, - }; - let psa_status = match psa_status.checked_add(PSA_STATUS_TO_RESPONSE_STATUS_OFFSET) { - Some(status) => status, - None => return ResponseStatus::InvalidEncoding, - }; - let psa_status = match u16::try_from(psa_status) { - Ok(status) => status, - Err(_) => return ResponseStatus::InvalidEncoding, - }; - psa_status - .try_into() - .unwrap_or(ResponseStatus::InvalidEncoding) -} +use psa_crypto::types::key; macro_rules! bits_to_bytes { ($size:expr) => { @@ -198,184 +12,25 @@ macro_rules! bits_to_bytes { /// Compute the size of the asymmetric signature, given the key attributes of the signing key. /// Implementing `PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE` as defined in `crypto_sizes.h` (Mbed Crypto). -pub fn psa_asymmetric_sign_output_size(key_attrs: &psa_key_attributes_t) -> Result { - match key_attrs.core.type_ { - PSA_KEY_TYPE_RSA_KEYPAIR => Ok(usize::from(bits_to_bytes!(key_attrs.core.bits))), - PSA_KEY_TYPE_ECC_KEYPAIR_BASE => Ok(usize::from(bits_to_bytes!(key_attrs.core.bits) * 2)), +pub fn psa_asymmetric_sign_output_size(key_attrs: &key::Attributes) -> Result { + match key_attrs.key_type { + Type::RsaKeyPair => Ok(bits_to_bytes!(key_attrs.bits)), + Type::EccKeyPair { .. } => Ok(bits_to_bytes!(key_attrs.bits) * 2), _ => Err(ResponseStatus::PsaErrorNotSupported), } } /// Compute the size of the public key material to be exported, given the attributes of the key. /// Implementing `PSA_KEY_EXPORT_MAX_SIZE` for public keys only, as defined in `crypto_sizes.h` (Mbed Crypto). -pub fn psa_export_public_key_size(key_attrs: &psa_key_attributes_t) -> Result { +pub fn psa_export_public_key_size(key_attrs: &key::Attributes) -> Result { macro_rules! export_asn1_int_max_size { ($size:expr) => { ($size) / 8 + 5 }; }; - match key_attrs.core.type_ { - PSA_KEY_TYPE_RSA_PUBLIC_KEY | PSA_KEY_TYPE_RSA_KEYPAIR => Ok(usize::from( - export_asn1_int_max_size!(key_attrs.core.bits) + 11, - )), + match key_attrs.key_type { + Type::RsaPublicKey | Type::RsaKeyPair => Ok(export_asn1_int_max_size!(key_attrs.bits) + 11), _ => Err(ResponseStatus::PsaErrorNotSupported), } } - -/// Wrapper around raw `psa_key_attributes_t` -pub struct KeyAttributes(psa_key_attributes_t); - -impl KeyAttributes { - /// Reset the key attribute structure to a freshly initialized state. - /// Also frees any auxiliary resources that the structure may contain. - /// This method needs to be called on the KeyAttributes structure returned by the attributes - /// method when not needed anymore. - /// - /// # Safety - /// - /// Calling this function is only safe if: - /// * the Mbed Crypto library has already been initialized - /// - /// It is not safe to put this method in a Drop trait as it might be called after the Mbed - /// Crypto library is freed. - pub unsafe fn reset(&mut self) { - psa_crypto_binding::psa_reset_key_attributes(&mut self.0); - } -} - -impl AsRef for KeyAttributes { - fn as_ref(&self) -> &psa_key_attributes_t { - &self.0 - } -} - -impl AsMut for KeyAttributes { - fn as_mut(&mut self) -> &mut psa_key_attributes_t { - &mut self.0 - } -} - -/// Wrapper around raw `psa_key_handle_t` which allows for easier manipulation of -/// handles and the attributes associated with them. -pub struct KeyHandle(psa_key_handle_t); - -impl KeyHandle { - /// Open a key and store the allocated handle for it. - /// - /// # Safety - /// - /// Calling this function is only safe if: - /// * the Mbed Crypto library has already been initialized - /// * calls to open, generate, import and close are protected by the same mutex - /// * only PSA_KEY_SLOT_COUNT slots are used at any given time - pub unsafe fn open(key_id: psa_key_id_t) -> Result { - let mut key_handle: psa_key_handle_t = Default::default(); - let open_key_status = psa_crypto_binding::psa_open_key(key_id, &mut key_handle); - if open_key_status != PSA_SUCCESS { - error!("Open key status: {}", open_key_status); - Err(convert_status(open_key_status)) - } else { - Ok(KeyHandle(key_handle)) - } - } - - /// Generate a key or a key pair. - /// - /// # Safety - /// - /// Calling this function is only safe if: - /// * the Mbed Crypto library has already been initialized - /// * calls to open, generate, import and close are protected by the same mutex - /// * only PSA_KEY_SLOT_COUNT slots are used at any given time - pub unsafe fn generate(attributes: &psa_key_attributes_t) -> Result { - let mut key_handle: psa_key_handle_t = Default::default(); - let status = psa_crypto_binding::psa_generate_key(attributes, &mut key_handle); - if status != PSA_SUCCESS { - error!("Generate key status: {}", status); - Err(convert_status(status)) - } else { - Ok(KeyHandle(key_handle)) - } - } - - /// Import a key in binary format. - /// - /// # Safety - /// - /// Calling this function is only safe if: - /// * the Mbed Crypto library has already been initialized - /// * calls to open, generate, import and close are protected by the same mutex - /// * only PSA_KEY_SLOT_COUNT slots are used at any given time - pub unsafe fn import(attributes: &psa_key_attributes_t, key_data: Vec) -> Result { - let mut key_handle: psa_key_handle_t = Default::default(); - let status = psa_crypto_binding::psa_import_key( - attributes, - key_data.as_ptr(), - key_data.len() as u64, - &mut key_handle, - ); - if status != PSA_SUCCESS { - error!("Import key status: {}", status); - Err(convert_status(status)) - } else { - Ok(KeyHandle(key_handle)) - } - } - - /// Get the attributes associated with the key stored in this handle. - /// - /// # Safety - /// - /// Calling this function is only safe if: - /// * the Mbed Crypto library has already been initialized - pub unsafe fn attributes(&self) -> Result { - let mut key_attrs = get_empty_key_attributes(); - let get_attrs_status = psa_crypto_binding::psa_get_key_attributes(self.0, &mut key_attrs); - - if get_attrs_status != PSA_SUCCESS { - error!("Get key attributes status: {}", get_attrs_status); - Err(convert_status(get_attrs_status)) - } else { - Ok(KeyAttributes(key_attrs)) - } - } - - /// Release the key stored under this handle. - /// - /// # Safety - /// - /// Calling this function is only safe if: - /// * the Mbed Crypto library has already been initialized - /// * calls to open, generate, import and close are protected by the same mutex - /// * only PSA_KEY_SLOT_COUNT slots are used at any given time - /// - /// Because of the conditions above, it is not safe to put this function inside a Drop trait as - /// it would make possible for this function to be executed in an unsafe context. - pub unsafe fn close(&mut self) -> Result<()> { - let status = psa_crypto_binding::psa_close_key(self.0); - - if status != PSA_SUCCESS { - error!("Close key status: {}", status); - Err(convert_status(status)) - } else { - Ok(()) - } - } - - pub fn raw(&self) -> psa_key_handle_t { - self.0 - } -} - -impl AsRef for KeyHandle { - fn as_ref(&self) -> &psa_key_handle_t { - &self.0 - } -} - -impl AsMut for KeyHandle { - fn as_mut(&mut self) -> &mut psa_key_handle_t { - &mut self.0 - } -} diff --git a/src/providers/pkcs11_provider/key_management.rs b/src/providers/pkcs11_provider/key_management.rs index 6aae5bac..7a83ba86 100644 --- a/src/providers/pkcs11_provider/key_management.rs +++ b/src/providers/pkcs11_provider/key_management.rs @@ -274,11 +274,23 @@ impl Pkcs11Provider { let public_key: RsaPublicKey = picky_asn1_der::from_bytes(&op.data).or_else(|e| { format_error!("Failed to parse RsaPublicKey data", e); + remove_key_id( + &key_triple, + key_id, + &mut *store_handle, + &mut local_ids_handle, + )?; Err(ResponseStatus::PsaErrorInvalidArgument) })?; if public_key.modulus.is_negative() || public_key.public_exponent.is_negative() { error!("Only positive modulus and public exponent are supported."); + remove_key_id( + &key_triple, + key_id, + &mut *store_handle, + &mut local_ids_handle, + )?; return Err(ResponseStatus::PsaErrorInvalidArgument); }