New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Crypto Service - keys access control #9638
Conversation
@itayzafrir, thank you for your changes. |
components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c
Outdated
Show resolved
Hide resolved
components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
part 0.5
components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_access_control.c
Outdated
Show resolved
Hide resolved
components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_access_control.c
Show resolved
Hide resolved
components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_access_control.c
Show resolved
Hide resolved
components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_access_control.c
Show resolved
Hide resolved
components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_access_control.c
Show resolved
Hide resolved
components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_access_control.c
Show resolved
Hide resolved
components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_access_control.h
Outdated
Show resolved
Hide resolved
components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c
Show resolved
Hide resolved
components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c
Show resolved
Hide resolved
components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c
Show resolved
Hide resolved
components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c
Show resolved
Hide resolved
@@ -0,0 +1,5 @@ | |||
#ifdef PSA_CRYPTO_SECURE |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
license header files in each file
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just leaving a more visible note. |
@0xc0170 your review comment seems to be fixed, please re-review. |
7e7f188
to
6475bc6
Compare
@avolinski rebased on master, please take another look |
#include "psa_crypto_core.h" | ||
#include "crypto_platform.h" | ||
|
||
void psa_crypto_access_control_init(void); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
these functions should contain documentation?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think so, this is internal only. These could have been implemented as static functions in psa_crypto_partition.c...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we could use \internal
or using _internal suffix in the header or at least a comment in this header file.
Even internal functions should have documentation, hidden from public (using #if !defined(DOXYGEN_ONLY)
). IF you look at some drivers headers like SPI.h
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added in 5ac58b84dfa06f1c6cd76293dd4f01a5511124a0
#define PSA_CRYPTO_ACCESS_CONTROL_RESET() (memset(crypto_access_control_arr, 0, sizeof(crypto_access_control_arr))) | ||
static inline void psa_crypto_access_control_reset() | ||
{ | ||
memset(crypto_access_control_arr, 0, sizeof(crypto_access_control_arr)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
isn't it
psa_crypto_access_control_reset();?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The macro was removed in 6475bc65d818fc9ff4fc6c2c02de3d1b7ecde24a in favor of the static inline function.
Implement crypto keys access control in crypto service: - Only the key owner (the partition which created the key) is allowed to manage (import/export/open/close/destroy/etc.) the key. - Only the key owner (the partition which created the key) is allowed to use the key handle for crypto operations which require a key handle.
This file is for internal use only.
5ac58b8
to
37cc257
Compare
Rebased on master |
removing @ARMmbed/mbed-os-crypto as a reviewer. if you would still like to review please do so ASAP |
Merged, this should be ready for review and CI |
Yes this is unblocked now |
CI started |
Test run: SUCCESSSummary: 12 of 12 test jobs passed |
@alzix Happy with the latest update? This is ready to land otherwise |
Not sure about the availability of @alzix, he might be OOO for a while... |
Description
Access control for crypto keys in crypto service.
This is in continuation of PR #9575 which ensured that only the key creator is allowed to open a key & obtain a handle to it.
This PR, validates that the
psa_key_handle_t
argument (passed in as an input argument to the crypto APIs) is associated with the calling partition, i.e. that the API caller is also the key owner/creator.Please do not merge or run CI - needs preceding PR #9575Reviewers, reviews should start from c9130428951d60d865826e431eb400d92223b163, previous commits are from #9575 and are being reviewed there.Pull request type
Reviewers
@avolinski