Add support for non-exportable signature private keys#461
Closed
bifurcation wants to merge 3 commits intomainfrom
Closed
Add support for non-exportable signature private keys#461bifurcation wants to merge 3 commits intomainfrom
bifurcation wants to merge 3 commits intomainfrom
Conversation
This change enables MLSpp to use signature private keys that cannot be exported from their secure storage (HSMs, secure enclaves, PKCS#11 tokens). Key changes: - Add ExternalPrivateKey abstraction to HPKE Signature interface - Implement external key loading via OpenSSL 3.x OSSL_STORE API - Implement external key loading via OpenSSL 1.1.x ENGINE API - Add callback-based signing for BoringSSL/custom backends - Update SignaturePrivateKey with from_external() and from_external_callback() - Remove TLS_SERIALIZABLE from SignaturePrivateKey (non-exportable keys cannot be serialized; applications should store key URIs instead) Tests: - Callback-based signing test (always runs) - Invalid URI error handling test (always runs) - macOS Keychain test using Security.framework (runs on macOS) - File URI test (OpenSSL 3.x only) Supported URI schemes: - OpenSSL 3.x: pkcs11:, file:, and provider-specific URIs - OpenSSL 1.1.x: engine:<engine_id>:<key_id> - BoringSSL: Use from_external_callback() with signing callback Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
bifurcation
commented
Apr 10, 2026
|
|
||
| SignaturePrivateKey() = default; | ||
|
|
||
| /// Raw private key data (empty for non-exportable keys) |
Contributor
Author
There was a problem hiding this comment.
This should be optional<bytes> to properly reflect optionality.
Contributor
Author
There was a problem hiding this comment.
Also, with the change to not being serializable, I think this field can become private.
Comment on lines
+309
to
+312
| // Note: SignaturePrivateKey is intentionally NOT TLS serializable. | ||
| // Non-exportable keys cannot be serialized, and applications should | ||
| // handle key persistence separately (e.g., storing key URIs). | ||
|
|
Contributor
Author
There was a problem hiding this comment.
We could define serialization/deserialization operators (<< >>) that throw if the key is not serializable.
|
|
||
| private: | ||
| /// Handle to external (possibly non-exportable) key | ||
| std::shared_ptr<hpke::Signature::ExternalPrivateKey> external_key_; |
Contributor
Author
There was a problem hiding this comment.
Should be unique_ptr instead of shared_ptr.
Comment on lines
+332
to
+334
| SignaturePrivateKey( | ||
| std::shared_ptr<hpke::Signature::ExternalPrivateKey> external_key, | ||
| bytes pub_data); |
Contributor
Author
There was a problem hiding this comment.
Suggested change
| SignaturePrivateKey( | |
| std::shared_ptr<hpke::Signature::ExternalPrivateKey> external_key, | |
| bytes pub_data); | |
| SignaturePrivateKey( | |
| std::shared_ptr<hpke::Signature::ExternalPrivateKey> external_key); |
Just call external_key->public_key().
- Change SignaturePrivateKey::data to std::optional<bytes> data_ (private) - Use unique_ptr instead of shared_ptr for external_key_ - Add clone() method to ExternalPrivateKey for copyability - Add copy constructor/assignment operator that clone external key - Add TLS serialization operators that throw for non-exportable keys - Remove pub_data parameter from external key constructor (derive from external_key->public_key()) - Fix CallbackExternalPrivateKey::public_key() to work by storing serialized bytes Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Contributor
Author
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
ExternalPrivateKeyabstraction in HPKE layer for non-exportable keysSignaturePrivateKey::from_external()andfrom_external_callback()factory methodsSignaturePrivateKey::exportable()to check if private key data can be extractedTest plan
Notes
🤖 Generated with Claude Code