diff options
Diffstat (limited to 'diced/open_dice/src/ops.rs')
-rw-r--r-- | diced/open_dice/src/ops.rs | 142 |
1 files changed, 142 insertions, 0 deletions
diff --git a/diced/open_dice/src/ops.rs b/diced/open_dice/src/ops.rs new file mode 100644 index 00000000..8222b266 --- /dev/null +++ b/diced/open_dice/src/ops.rs @@ -0,0 +1,142 @@ +// Copyright 2023, The Android Open Source Project +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +//! This module mirrors the content in open-dice/include/dice/ops.h +//! It contains the set of functions that implement various operations that the +//! main DICE functions depend on. + +use crate::dice::{ + Hash, InputValues, PrivateKey, PublicKey, Signature, HASH_SIZE, PRIVATE_KEY_SEED_SIZE, + PRIVATE_KEY_SIZE, PUBLIC_KEY_SIZE, SIGNATURE_SIZE, +}; +use crate::error::{check_result, Result}; +use open_dice_cbor_bindgen::{ + DiceGenerateCertificate, DiceHash, DiceKdf, DiceKeypairFromSeed, DiceSign, DiceVerify, +}; +use std::ptr; + +/// Hashes the provided input using DICE's hash function `DiceHash`. +pub fn hash(input: &[u8]) -> Result<Hash> { + let mut output: Hash = [0; HASH_SIZE]; + // SAFETY: DiceHash takes a sized input buffer and writes to a constant-sized output buffer. + // The first argument context is not used in this function. + check_result(unsafe { + DiceHash( + ptr::null_mut(), // context + input.as_ptr(), + input.len(), + output.as_mut_ptr(), + ) + })?; + Ok(output) +} + +/// An implementation of HKDF-SHA512. Derives a key of `derived_key.len()` bytes from `ikm`, `salt`, +/// and `info`. The derived key is written to the `derived_key`. +pub fn kdf(ikm: &[u8], salt: &[u8], info: &[u8], derived_key: &mut [u8]) -> Result<()> { + // SAFETY: The function writes to the `derived_key`, within the given bounds, and only reads the + // input values. The first argument context is not used in this function. + check_result(unsafe { + DiceKdf( + ptr::null_mut(), // context + derived_key.len(), + ikm.as_ptr(), + ikm.len(), + salt.as_ptr(), + salt.len(), + info.as_ptr(), + info.len(), + derived_key.as_mut_ptr(), + ) + }) +} + +/// Deterministically generates a public and private key pair from `seed`. +/// Since this is deterministic, `seed` is as sensitive as a private key and can +/// be used directly as the private key. +pub fn keypair_from_seed(seed: &[u8; PRIVATE_KEY_SEED_SIZE]) -> Result<(PublicKey, PrivateKey)> { + let mut public_key = [0u8; PUBLIC_KEY_SIZE]; + let mut private_key = PrivateKey::default(); + // SAFETY: The function writes to the `public_key` and `private_key` within the given bounds, + // and only reads the `seed`. The first argument context is not used in this function. + check_result(unsafe { + DiceKeypairFromSeed( + ptr::null_mut(), // context + seed.as_ptr(), + public_key.as_mut_ptr(), + private_key.as_mut_ptr(), + ) + })?; + Ok((public_key, private_key)) +} + +/// Signs the `message` with the give `private_key` using `DiceSign`. +pub fn sign(message: &[u8], private_key: &[u8; PRIVATE_KEY_SIZE]) -> Result<Signature> { + let mut signature = [0u8; SIGNATURE_SIZE]; + // SAFETY: The function writes to the `signature` within the given bounds, and only reads the + // message and the private key. The first argument context is not used in this function. + check_result(unsafe { + DiceSign( + ptr::null_mut(), // context + message.as_ptr(), + message.len(), + private_key.as_ptr(), + signature.as_mut_ptr(), + ) + })?; + Ok(signature) +} + +/// Verifies the `signature` of the `message` with the given `public_key` using `DiceVerify`. +pub fn verify(message: &[u8], signature: &Signature, public_key: &PublicKey) -> Result<()> { + // SAFETY: only reads the messages, signature and public key as constant values. + // The first argument context is not used in this function. + check_result(unsafe { + DiceVerify( + ptr::null_mut(), // context + message.as_ptr(), + message.len(), + signature.as_ptr(), + public_key.as_ptr(), + ) + }) +} + +/// Generates an X.509 certificate from the given `subject_private_key_seed` and +/// `input_values`, and signed by `authority_private_key_seed`. +/// The subject private key seed is supplied here so the implementation can choose +/// between asymmetric mechanisms, for example ECDSA vs Ed25519. +/// Returns the actual size of the generated certificate. +pub fn generate_certificate( + subject_private_key_seed: &[u8; PRIVATE_KEY_SEED_SIZE], + authority_private_key_seed: &[u8; PRIVATE_KEY_SEED_SIZE], + input_values: &InputValues, + certificate: &mut [u8], +) -> Result<usize> { + let mut certificate_actual_size = 0; + // SAFETY: The function writes to the `certificate` within the given bounds, and only reads the + // input values and the key seeds. The first argument context is not used in this function. + check_result(unsafe { + DiceGenerateCertificate( + ptr::null_mut(), // context + subject_private_key_seed.as_ptr(), + authority_private_key_seed.as_ptr(), + input_values.as_ptr(), + certificate.len(), + certificate.as_mut_ptr(), + &mut certificate_actual_size, + ) + })?; + Ok(certificate_actual_size) +} |