Remainders of NXP HSM operation must be cleaned-up #20036
Comments
tcarmelveilleux
added a commit
to tcarmelveilleux/connectedhomeip
that referenced
this issue
Jun 28, 2022
- CASE requires P256 ephemeral keys - CASE had a hack whereby "single slots" ephemeral keys for NXP HSM were used, which cannot work for multiple CASE session establishments - Using raw P256Keypair prevents being able to use OS-backed or HW-backed keys, like can be done for operational keys Issue project-chip#20036 This PR: - Adds a way to get CASE ephemeral keys from the OperationalKeystore abstraction - Funnels their access via the FabricTable - Removes some HSM hacks (cannot remove all HSM usage just yet) in a way that now OperationalKeystore targeting NXP HSM could do the right thing Testing done: - Unit tests still pass - Integration tests still passa - Added unit tests to validate usage of new APIs - Ran valgrind on the unit tests, found no leaks
tcarmelveilleux
added a commit
that referenced
this issue
Jun 29, 2022
* Add ephemeral key allocator to FabricTable - CASE requires P256 ephemeral keys - CASE had a hack whereby "single slots" ephemeral keys for NXP HSM were used, which cannot work for multiple CASE session establishments - Using raw P256Keypair prevents being able to use OS-backed or HW-backed keys, like can be done for operational keys Issue #20036 This PR: - Adds a way to get CASE ephemeral keys from the OperationalKeystore abstraction - Funnels their access via the FabricTable - Removes some HSM hacks (cannot remove all HSM usage just yet) in a way that now OperationalKeystore targeting NXP HSM could do the right thing Testing done: - Unit tests still pass - Integration tests still passa - Added unit tests to validate usage of new APIs - Ran valgrind on the unit tests, found no leaks * Restyled by clang-format * Apply review comments * Apply review comment from @bzbarsky-apple * Better document usage * Remove a test member that was added during debug of a prior CI run Co-authored-by: Restyled.io <commits@restyled.io>
|
Assigned to @sujaygkulkarni-nxp |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Problem
NXP's HSM implementation never worked in a way that properly handled AddNOC/UpdateNOC and that assumed a single pending CASE session establishment is a forever constraint.
Since the appearance of the
OperationalKeystoreinterface, it should be feasible to properly support the lifecycle of keys.However, there are still code paths that enshrine direct steering of HSM logic for CASE ephemeral keypair, which is what keeps the CASE establishment constraint.
Proposed Solution
The text was updated successfully, but these errors were encountered: