-
Notifications
You must be signed in to change notification settings - Fork 27
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add PsaSignMessage and PsaVerifyMessage usage flags functions #83
Add PsaSignMessage and PsaVerifyMessage usage flags functions #83
Conversation
Signed-off-by: artur.kazimierski <artur.kazimierski@globallogic.com>
Signed-off-by: artur.kazimierski <artur.kazimierski@globallogic.com>
Signed-off-by: artur.kazimierski <artur.kazimierski@globallogic.com>
db55c1c
to
869111f
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks! This looks alright - are you planning to add the actual operations in a separate PR?
if flags.sign_hash { | ||
usage_flags |= psa_crypto_sys::PSA_KEY_USAGE_SIGN_HASH; | ||
} | ||
//if flags.verify_message { | ||
//usage_flags |= psa_crypto_sys::PSA_KEY_USAGE_VERIFY_MESSAGE; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That was commented because the Mbed TLS version used by this crate does not support it, that's why the tests fail I think 😢
Very topical as this PR (Mbed-TLS/mbedtls#4357) seems to add it! Meanwhile I think this is fine to keep this commented.
The whole permissions around sign/very hash/message will need to be revamped as part of #82 anyway
Signed-off-by: artur.kazimierski <artur.kazimierski@globallogic.com>
psa-crypto/src/types/key.rs
Outdated
@@ -113,6 +113,36 @@ impl Attributes { | |||
} | |||
} | |||
|
|||
/// Check if a key has permission to sign a message | |||
pub fn is_message_signable(self) -> bool { | |||
self.policy.usage_flags.sign_hash & self.policy.usage_flags.sign_message |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Shouldn't it be |
here instead of &
?
From the sign_hash
explanation:
This flag automatically sets sign_message: if an application sets the flag sign_hash when creating a key, then the key always has the permissions conveyed by sign_message. For a key pair, this concerns the private key.
It means that a key can either have (ideally, this is currently not implemented, will be in #82):
sign_hash
andsign_message
tofalse
sign_hash
andsign_message
totrue
sign_hash
tofalse
andsign_message
totrue
&
would mean that 3 is not possible?
And same for verify
. Not 100% sure so feel free to correct me!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, that's true, I mis-remembered it the other way around - if you have sign_message
you should also have sign_hash
(since you're hashing the message and signing that...).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So it is possible for scenario 3. to exist? If yes then it make sense to change it to |
.
As Ionut metioned and from point of view of cryptoauthlib you always need to be able to sign hash to sign message.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So it is possible for scenario 3. to exist?
From the PSA Crypto API, yes it is! The scenario sign_hash
to true
and sign_message
to false
is not possible.
Signed-off-by: artur.kazimierski <artur.kazimierski@globallogic.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you!
New functions for checking usage flags for PsaSignMessage and PsaVerifyMessage.