Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use the new abstraction on the PKCS11 interface #301

Merged
merged 1 commit into from
Mar 22, 2021
Merged

Use the new abstraction on the PKCS11 interface #301

merged 1 commit into from
Mar 22, 2021

Conversation

hug-dev
Copy link
Member

@hug-dev hug-dev commented Dec 10, 2020

Use everything from the new module in pkcs11.

Close #272

@hug-dev hug-dev added the platforms Compatibility with different secure services or hardware platforms label Dec 10, 2020
@hug-dev hug-dev requested a review from ionut-arm December 10, 2020 17:18
@hug-dev hug-dev mentioned this pull request Dec 10, 2020
Closed
ionut-arm
ionut-arm approved these changes Dec 11, 2020
View reviewed changes
Copy link
Member

@ionut-arm ionut-arm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks really nice and slick, great improvement 😄 We can try and expand our supported algorithms and operations now

src/providers/pkcs11/asym_encryption.rs
Comment on lines +34 to +40
Ok(psa_asymmetric_encrypt::Result {
ciphertext: session
.encrypt(&mech, key, &op.plaintext)
.map_err(to_response_status)?
.into(),
})
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice and compact

@hug-dev
Copy link
Member Author

hug-dev commented Dec 11, 2020

I will wait for the Christmas period before merging this, waiting to see any comment on the rust-pkcs11 PR.

@hug-dev
Copy link
Member Author

hug-dev commented Mar 3, 2021

The rust-cryptoki repo has been created here. Once the 0.1.0 release is out, this PR needs to use the cryptoki dependency instead of pkcs11!

@hug-dev hug-dev force-pushed the use-pkcs11 branch 4 times, most recently from db93861 to bbd2358 Compare March 22, 2021 13:53
@hug-dev
Use the new abstraction on the PKCS11 interface
62c6f65 
Signed-off-by: Hugues de Valon <hugues.devalon@arm.com>
ionut-arm
ionut-arm approved these changes Mar 22, 2021
View reviewed changes
src/providers/pkcs11/mod.rs
Comment on lines +189 to +190
let mut flags = Flags::new();
let _ = flags.set_rw_session(true).set_serial_session(true);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A bit weird, but I guess it's ok (saying this because the setters for Flags are in the middle between normal setters and builder setters, so you can do this chaining, but the variable has to be mutable and you have to let _ the last return).

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, might be worth a rework at some point!

@hug-dev hug-dev merged commit 60101f8 into parallaxsecond:master Mar 22, 2021
@hug-dev hug-dev deleted the use-pkcs11 branch March 22, 2021 14:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ionut-arm ionut-arm ionut-arm approved these changes

Assignees
No one assigned
Labels
on-hold platforms Compatibility with different secure services or hardware platforms
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Consume the new, safer Rust PKCS#11 interface into Parsec when it is available
2 participants
@hug-dev @ionut-arm