From abd5caf5ea6e3563d623d3e952c0b9328f52639f Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Fri, 11 Dec 2015 22:37:04 -0500 Subject: RPC API dispatch, skeleton client functions, mixed-mode handlers for local hashing with remote pkey. --- .gitignore | 3 + GNUmakefile | 9 +- hal_rpc.c | 324 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ hal_rpc.h | 62 ++++++----- rpc_client.c | 287 ++++++++++++++++++++++++++++++++++++++++++++++++++ rpc_internal.h | 191 ++++++++++++++++++++++++++++++++++ 6 files changed, 850 insertions(+), 26 deletions(-) create mode 100644 hal_rpc.c create mode 100644 rpc_client.c create mode 100644 rpc_internal.h diff --git a/.gitignore b/.gitignore index 7428ea1..cdc0f27 100644 --- a/.gitignore +++ b/.gitignore @@ -6,8 +6,11 @@ autom4te.cache config.log config.status tests/test-aes-key-wrap +tests/test-bus tests/test-ecdsa tests/test-hash tests/test-pbkdf2 tests/test-rsa +tests/test-trng +utils/cores utils/eim_peek_poke diff --git a/GNUmakefile b/GNUmakefile index bb3821e..810d997 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -28,7 +28,7 @@ INC = hal.h LIB = libhal.a OBJ = ${IO_OBJ} core.o csprng.o hash.o aes_keywrap.o pbkdf2.o \ - modexp.o rsa.o ecdsa.o asn1.o errorstrings.o + modexp.o rsa.o ecdsa.o asn1.o errorstrings.o ${RPC_OBJ} IO_OBJ_EIM = hal_io_eim.o novena-eim.o IO_OBJ_I2C = hal_io_i2c.o @@ -36,6 +36,13 @@ IO_OBJ_I2C = hal_io_i2c.o # Default I/O bus is EIM, override this to use I2C instead IO_OBJ = ${IO_OBJ_EIM} +RPC_OBJ_CLIENT = hal_rpc.o rpc_client.o +RPC_OBJ_SERVER = hal_rpc.o rpc_server.o + +# Default should be to build the RPC server, but we haven't written even the skeleton of that yet. +# We'll probably end up needing a makefile conditional to handle all this properly +RPC_OBJ = ${RPC_OBJ_CLIENT} + TFMDIR := $(abspath ../thirdparty/libtfm) CFLAGS += -g3 -Wall -fPIC -std=c99 -I${TFMDIR} -DHAL_ECDSA_DEBUG_ONLY_STATIC_TEST_VECTOR_RANDOM=1 LDFLAGS := -g3 -L${TFMDIR} -ltfm diff --git a/hal_rpc.c b/hal_rpc.c new file mode 100644 index 0000000..15f5f65 --- /dev/null +++ b/hal_rpc.c @@ -0,0 +1,324 @@ +/* + * hal_rpc.c + * --------- + * Remote procedure call public API implementation. + * + * Authors: Rob Austein + * Copyright (c) 2015, NORDUnet A/S All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are + * met: + * - Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * - Neither the name of the NORDUnet nor the names of its contributors may + * be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "rpc_internal.h" + +#ifndef HAL_RPC_IS_CLIENT +#warning HAL_RPC_IS_CLIENT not set, assuming we're building for the HSM +#define HAL_RPC_IS_CLIENT 0 +#endif + +/* + * Maybe we'll let the client configure this at runtime, later. For + * now, wire in the obvious defaults: hashing is done locally, + * everything else is done via RPC. For the server everything is + * always done locally. + */ + +#if HAL_RPC_IS_CLIENT + +static const hal_rpc_misc_dispatch_t * const misc_dispatch = &hal_rpc_remote_misc_dispatch; +static const hal_rpc_hash_dispatch_t * const hash_dispatch = &hal_rpc_remote_hash_dispatch; +static const hal_rpc_pkey_dispatch_t * const pkey_dispatch = &hal_rpc_mixed_pkey_dispatch; + +#else + +static const hal_rpc_misc_dispatch_t * const misc_dispatch = &hal_rpc_local_misc_dispatch; +static const hal_rpc_hash_dispatch_t * const hash_dispatch = &hal_rpc_local_hash_dispatch; +static const hal_rpc_pkey_dispatch_t * const pkey_dispatch = &hal_rpc_local_pkey_dispatch; + +#endif + +const hal_rpc_hash_handle_t hal_rpc_hash_handle_none = {0}; + +static inline int check_pkey_type(const hal_rpc_pkey_key_type_t type) +{ + switch (type) { + case HAL_RPC_PKEY_RSA_PRIVATE: + case HAL_RPC_PKEY_RSA_PUBLIC: + case HAL_RPC_PKEY_ECDSA_PRIVATE: + case HAL_RPC_PKEY_ECDSA_PUBLIC: + return 1; + default: + return 0; + } +} + +static inline int check_pkey_flags(const hal_rpc_pkey_flags_t flags) +{ + return (flags &~ (HAL_RPC_PKEY_FLAG_USAGE_DIGITALSIGNATURE | + HAL_RPC_PKEY_FLAG_USAGE_KEYENCIPHERMENT | + HAL_RPC_PKEY_FLAG_USAGE_DATAENCIPHERMENT)) == 0; +} + +static inline int check_pkey_type_curve_flags(const hal_rpc_pkey_key_type_t type, + const hal_rpc_pkey_curve_t curve, + const hal_rpc_pkey_flags_t flags) +{ + if (!check_pkey_flags(flags)) + return 0; + + switch (type) { + + case HAL_RPC_PKEY_RSA_PRIVATE: + case HAL_RPC_PKEY_RSA_PUBLIC: + return curve == HAL_RPC_PKEY_CURVE_NONE; + + case HAL_RPC_PKEY_ECDSA_PRIVATE: + case HAL_RPC_PKEY_ECDSA_PUBLIC: + switch (curve) { + case HAL_RPC_PKEY_CURVE_ECDSA_P256: + case HAL_RPC_PKEY_CURVE_ECDSA_P384: + case HAL_RPC_PKEY_CURVE_ECDSA_P521: + return 1; + default: + return 0; + } + + default: + return 0; + } +} + + +hal_error_t hal_rpc_get_random(void *buffer, const size_t length) +{ + if (buffer == NULL) + return HAL_ERROR_BAD_ARGUMENTS; + if (length == 0) + return HAL_OK; + return misc_dispatch->get_random(buffer, length); +} + +#warning Perhaps we should be enforcing a minimum PIN length here + +hal_error_t hal_rpc_set_pin(const hal_rpc_user_t which, + const char * const newpin, const size_t newpin_len) +{ + if (newpin == NULL || newpin_len == 0 || (which != HAL_RPC_USER_NORMAL && which != HAL_RPC_USER_SO)) + return HAL_ERROR_BAD_ARGUMENTS; + return misc_dispatch->set_pin(which, newpin, newpin_len); +} + +hal_error_t hal_rpc_login(const hal_rpc_client_handle_t client, + const hal_rpc_user_t user, + const char * const pin, const size_t pin_len) +{ + if (pin == NULL || pin_len == 0 || (user != HAL_RPC_USER_NORMAL && user != HAL_RPC_USER_SO)) + return HAL_ERROR_BAD_ARGUMENTS; + return misc_dispatch->login(client, user, pin, pin_len); +} + +hal_error_t hal_rpc_logout(const hal_rpc_client_handle_t client) +{ + return misc_dispatch->logout(client); +} + +hal_error_t hal_rpc_hash_get_digest_length(const hal_rpc_hash_alg_t alg, size_t *length) +{ + if (length == NULL) + return HAL_ERROR_BAD_ARGUMENTS; + return hash_dispatch->get_digest_length(alg, length); +} + +hal_error_t hal_rpc_hash_get_digest_algorithm_id(const hal_rpc_hash_alg_t alg, + uint8_t *id, size_t *len, const size_t len_max) +{ + return hash_dispatch->get_digest_algorithm_id(alg, id, len, len_max); +} + +hal_error_t hal_rpc_hash_get_algorithm(const hal_rpc_hash_handle_t hash, hal_rpc_hash_alg_t *alg) +{ + if (hash.handle == hal_rpc_hash_handle_none.handle || alg == NULL) + return HAL_ERROR_BAD_ARGUMENTS; + return hash_dispatch->get_algorithm(hash, alg); +} + +hal_error_t hal_rpc_hash_initialize(const hal_rpc_client_handle_t client, + const hal_rpc_session_handle_t session, + hal_rpc_hash_handle_t *hash, + const hal_rpc_hash_alg_t alg, + const uint8_t * const key, const size_t key_len) +{ + if (hash == NULL) + return HAL_ERROR_BAD_ARGUMENTS; + return hash_dispatch->initialize(client, session, hash, alg, key, key_len); +} + +hal_error_t hal_rpc_hash_update(const hal_rpc_hash_handle_t hash, + const uint8_t * data, const size_t length) +{ + if (hash.handle == hal_rpc_hash_handle_none.handle || data == NULL) + return HAL_ERROR_BAD_ARGUMENTS; + if (length == 0) + return HAL_OK; + return hash_dispatch->update(hash, data, length); +} + +hal_error_t hal_rpc_hash_finalize(const hal_rpc_hash_handle_t hash, + uint8_t *digest, const size_t length) +{ + if (hash.handle == hal_rpc_hash_handle_none.handle || digest == NULL || length == 0) + return HAL_ERROR_BAD_ARGUMENTS; + return hash_dispatch->finalize(hash, digest, length); +} + +hal_error_t hal_rpc_pkey_load(const hal_rpc_client_handle_t client, + const hal_rpc_session_handle_t session, + hal_rpc_pkey_handle_t *pkey, + const hal_rpc_pkey_key_type_t type, + const hal_rpc_pkey_curve_t curve, + const uint8_t * const name, const size_t name_len, + const uint8_t * const der, const size_t der_len, + const hal_rpc_pkey_flags_t flags) +{ + if (pkey == NULL || + name == NULL || name_len == 0 || + der == NULL || der_len == 0 || + !check_pkey_type_curve_flags(type, curve, flags)) + return HAL_ERROR_BAD_ARGUMENTS; + return pkey_dispatch->load(client, session, pkey, type, curve, name, name_len, der, der_len, flags); +} + +hal_error_t hal_rpc_pkey_find(const hal_rpc_client_handle_t client, + const hal_rpc_session_handle_t session, + hal_rpc_pkey_handle_t *pkey, + const hal_rpc_pkey_key_type_t type, + const uint8_t * const name, const size_t name_len) +{ + if (pkey == NULL || name == NULL || name_len == 0 || !check_pkey_type(type)) + return HAL_ERROR_BAD_ARGUMENTS; + return pkey_dispatch->find(client, session, pkey, type, name, name_len); +} + +hal_error_t hal_rpc_pkey_generate_rsa(const hal_rpc_client_handle_t client, + const hal_rpc_session_handle_t session, + hal_rpc_pkey_handle_t *pkey, + const uint8_t * const name, const size_t name_len, + const unsigned key_len, + const uint8_t * const exp, const size_t exp_len, + const hal_rpc_pkey_flags_t flags) +{ + if (pkey == NULL || name == NULL || name_len == 0 || key_len == 0 || + exp == NULL || exp_len == 0 || !check_pkey_flags(flags)) + return HAL_ERROR_BAD_ARGUMENTS; + return pkey_dispatch->generate_rsa(client, session, pkey, name, name_len, key_len, exp, exp_len, flags); +} + +hal_error_t hal_rpc_pkey_generate_ec(const hal_rpc_client_handle_t client, + const hal_rpc_session_handle_t session, + hal_rpc_pkey_handle_t *pkey, + const uint8_t * const name, const size_t name_len, + const hal_rpc_pkey_curve_t curve, + const hal_rpc_pkey_flags_t flags) +{ + if (pkey == NULL || name == NULL || name_len == 0 || + !check_pkey_type_curve_flags(HAL_RPC_PKEY_ECDSA_PRIVATE, curve, flags)) + return HAL_ERROR_BAD_ARGUMENTS; + return pkey_dispatch->generate_ec(client, session, pkey, name, name_len, curve, flags); +} + +hal_error_t hal_rpc_pkey_delete(const hal_rpc_pkey_handle_t pkey) +{ + return pkey_dispatch->delete(pkey); +} + +hal_error_t hal_rpc_pkey_get_key_type(const hal_rpc_pkey_handle_t pkey, + hal_rpc_pkey_key_type_t *type) +{ + if (type == NULL) + return HAL_ERROR_BAD_ARGUMENTS; + return pkey_dispatch->get_key_type(pkey, type); +} + +hal_error_t hal_rpc_pkey_get_key_flags(const hal_rpc_pkey_handle_t pkey, + hal_rpc_pkey_flags_t *flags) +{ + if (flags == NULL) + return HAL_ERROR_BAD_ARGUMENTS; + return pkey_dispatch->get_key_flags(pkey, flags); +} + +size_t hal_rpc_pkey_get_public_key_len(const hal_rpc_pkey_handle_t pkey) +{ + return pkey_dispatch->get_public_key_len(pkey); +} + +hal_error_t hal_rpc_pkey_get_public_key(const hal_rpc_pkey_handle_t pkey, + uint8_t *der, size_t *der_len, const size_t der_len_max) +{ + if (der == NULL || der_len == NULL || der_len_max == 0) + return HAL_ERROR_BAD_ARGUMENTS; + return pkey_dispatch->get_public_key(pkey, der, der_len, der_len_max); +} + +hal_error_t hal_rpc_pkey_sign(const hal_rpc_session_handle_t session, + const hal_rpc_pkey_handle_t pkey, + const hal_rpc_hash_handle_t hash, + const uint8_t * const input, const size_t input_len, + uint8_t * output, const size_t output_len) +{ + if (output == NULL || output_len == 0 || + (hash.handle == hal_rpc_hash_handle_none.handle) == (input == NULL || input_len == 0)) + return HAL_ERROR_BAD_ARGUMENTS; + return pkey_dispatch->sign(session, pkey, hash, input, input_len, output, output_len); +} + +hal_error_t hal_rpc_pkey_verify(const hal_rpc_session_handle_t session, + const hal_rpc_pkey_handle_t pkey, + const hal_rpc_hash_handle_t hash, + const uint8_t * const input, const size_t input_len, + uint8_t * output, const size_t output_len) +{ + if (output == NULL || output_len == 0 || + (hash.handle == hal_rpc_hash_handle_none.handle) == (input == NULL || input_len == 0)) + return HAL_ERROR_BAD_ARGUMENTS; + return pkey_dispatch->verify(session, pkey, hash, input, input_len, output, output_len); +} + +hal_error_t hal_rpc_pkey_list(hal_rpc_pkey_key_info_t *result, + unsigned *result_len, + const unsigned result_max) +{ + if (result == NULL || result_len == NULL || result_max == 0) + return HAL_ERROR_BAD_ARGUMENTS; + return pkey_dispatch->list(result, result_len, result_max); +} + +/* + * Local variables: + * indent-tabs-mode: nil + * End: + */ diff --git a/hal_rpc.h b/hal_rpc.h index 77baf35..db300e3 100644 --- a/hal_rpc.h +++ b/hal_rpc.h @@ -1,6 +1,6 @@ /* - * halrpc.h - * ---------- + * hal_rpc.h + * --------- * Remote procedure call API to extrude libhal across the green/yellow boundary. * * Authors: Rob Austein, Paul Selkirk @@ -33,14 +33,12 @@ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#ifndef _HALRPC_H_ -#define _HALRPC_H_ +#ifndef _HAL_RPC_H_ +#define _HAL_RPC_H_ -/* - * Get random bytes. - */ - -extern hal_error_t hal_rpc_get_random(void *buffer, const size_t length); +#include +#include +#include "hal.h" /* * Session handles are pretty much as in PKCS #11: from our viewpoint, @@ -68,17 +66,23 @@ extern hal_error_t hal_rpc_get_random(void *buffer, const size_t length); typedef struct { uint32_t handle; } hal_rpc_client_handle_t; typedef struct { uint32_t handle; } hal_rpc_session_handle_t; -typedef enum { HAL_RPC_PIN_USER_REGULAR, HAL_RPC_PIN_USER_SO } hal_rpc_pin_user_t; +typedef enum { HAL_RPC_USER_NONE, HAL_RPC_USER_NORMAL, HAL_RPC_USER_SO } hal_rpc_user_t; -extern hal_error_t hal_rpc_set_pin(const hal_rpc_pin_user_t which, +extern hal_error_t hal_rpc_set_pin(const hal_rpc_user_t which, const char * const newpin, const size_t newpin_len); extern hal_error_t hal_rpc_login(const hal_rpc_client_handle_t client, - const hal_rpc_pin_user_t user, - const char * const newpin, const size_t newpin_len); + const hal_rpc_user_t user, + const char * const pin, const size_t pin_len); extern hal_error_t hal_rpc_logout(const hal_rpc_client_handle_t client); +/* + * Get random bytes. + */ + +extern hal_error_t hal_rpc_get_random(void *buffer, const size_t length); + /* * Combined hash and HMAC functions: pass NULL key for plain hashing. */ @@ -92,11 +96,13 @@ typedef struct { uint32_t handle; } hal_rpc_hash_handle_t; extern const hal_rpc_hash_handle_t hal_rpc_hash_handle_none; -extern hal_error_t hal_rpc_hash_get_digest_len(const hal_rpc_hash_alg_t alg, size_t *length); +extern hal_error_t hal_rpc_hash_get_digest_length(const hal_rpc_hash_alg_t alg, size_t *length); extern hal_error_t hal_rpc_hash_get_digest_algorithm_id(const hal_rpc_hash_alg_t alg, uint8_t *id, size_t *len, const size_t len_max); +extern hal_error_t hal_rpc_hash_get_algorithm(const hal_rpc_hash_handle_t hash, hal_rpc_hash_alg_t *alg); + /* * Once started, a hash or HMAC operation is bound to a particular * session, so we only need the client and session arguments to initialize. @@ -145,15 +151,20 @@ extern hal_error_t hal_rpc_hash_finalize(const hal_rpc_hash_handle_t hash, #define HAL_RPC_PKEY_NAME_MAX 128 typedef enum { - HAL_RPC_PKEY_RSA_PRIVATE, HAL_RPC_PKEY_RSA_PUBLIC, - HAL_RPC_PKEY_ECDSA_PRIVATE, HAL_RPC_PKEY_ECDSA_PUBLIC + HAL_RPC_PKEY_RSA_PRIVATE, + HAL_RPC_PKEY_RSA_PUBLIC, + HAL_RPC_PKEY_ECDSA_PRIVATE, + HAL_RPC_PKEY_ECDSA_PUBLIC } hal_rpc_pkey_key_type_t; typedef enum { - HAL_RPC_PKEY_CURVE_ECDSA_P256, HAL_RPC_PKEY_CURVE_ECDSA_P384, HAL_RPC_PKEY_CURVE_ECDSA_P521 + HAL_RPC_PKEY_CURVE_NONE, + HAL_RPC_PKEY_CURVE_ECDSA_P256, + HAL_RPC_PKEY_CURVE_ECDSA_P384, + HAL_RPC_PKEY_CURVE_ECDSA_P521 } hal_rpc_pkey_curve_t; -typedef struct { uint33_t handle; } hal_rpc_pkey_handle_t; +typedef struct { uint32_t handle; } hal_rpc_pkey_handle_t; typedef uint32_t hal_rpc_pkey_flags_t; @@ -164,7 +175,8 @@ typedef uint32_t hal_rpc_pkey_flags_t; extern hal_error_t hal_rpc_pkey_load(const hal_rpc_client_handle_t client, const hal_rpc_session_handle_t session, hal_rpc_pkey_handle_t *pkey, - const hal_rpc_pkey_key_type type, + const hal_rpc_pkey_key_type_t type, + const hal_rpc_pkey_curve_t curve, const uint8_t * const name, const size_t name_len, const uint8_t * const der, const size_t der_len, const hal_rpc_pkey_flags_t flags); @@ -172,7 +184,7 @@ extern hal_error_t hal_rpc_pkey_load(const hal_rpc_client_handle_t client, extern hal_error_t hal_rpc_pkey_find(const hal_rpc_client_handle_t client, const hal_rpc_session_handle_t session, hal_rpc_pkey_handle_t *pkey, - const hal_rpc_pkey_key_type type, + const hal_rpc_pkey_key_type_t type, const uint8_t * const name, const size_t name_len); extern hal_error_t hal_rpc_pkey_generate_rsa(const hal_rpc_client_handle_t client, @@ -192,10 +204,10 @@ extern hal_error_t hal_rpc_pkey_generate_ec(const hal_rpc_client_handle_t client extern hal_error_t hal_rpc_pkey_delete(const hal_rpc_pkey_handle_t pkey); -extern hal_error_t hal_rpc_pkey_get_key_type(const hal_rpc_pkey_handle pkey, - hal_rpc_pkey_key_type_t *key_type); +extern hal_error_t hal_rpc_pkey_get_key_type(const hal_rpc_pkey_handle_t pkey, + hal_rpc_pkey_key_type_t *type); -extern hal_error_t hal_rpc_pkey_get_key_flags(const hal_rpc_pkey_handle pkey, +extern hal_error_t hal_rpc_pkey_get_key_flags(const hal_rpc_pkey_handle_t pkey, hal_rpc_pkey_flags_t *flags); extern size_t hal_rpc_pkey_get_public_key_len(const hal_rpc_pkey_handle_t pkey); @@ -216,7 +228,7 @@ extern hal_error_t hal_rpc_pkey_verify(const hal_rpc_session_handle_t session, uint8_t * output, const size_t output_len); typedef struct { - hal_rpc_pkey_key_type_t key_type; + hal_rpc_pkey_key_type_t type; hal_rpc_pkey_curve_t curve; hal_rpc_pkey_flags_t flags; char name[HAL_RPC_PKEY_NAME_MAX]; @@ -227,7 +239,7 @@ extern hal_error_t hal_rpc_pkey_list(hal_rpc_pkey_key_info_t *result, unsigned *result_len, const unsigned result_max); -#endif /* _HALRPC_H_ */ +#endif /* _HAL_RPC_H_ */ /* * Local variables: diff --git a/rpc_client.c b/rpc_client.c new file mode 100644 index 0000000..4a755af --- /dev/null +++ b/rpc_client.c @@ -0,0 +1,287 @@ +/* + * rpc_client.c + * ------------ + * Remote procedure call client-side private API implementation. + * + * Authors: Rob Austein + * Copyright (c) 2015, NORDUnet A/S All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are + * met: + * - Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * - Neither the name of the NORDUnet nor the names of its contributors may + * be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "rpc_internal.h" + +/* + * RPC calls. Not implemented yet. + */ + +#warning These are all placeholders, waiting to be filled in with the real RPC calls + +static hal_error_t get_random(void *buffer, const size_t length) +{ + return HAL_ERROR_IMPOSSIBLE; +} + +static hal_error_t set_pin(const hal_rpc_user_t which, + const char * const newpin, const size_t newpin_len) +{ + return HAL_ERROR_IMPOSSIBLE; +} + +static hal_error_t login(const hal_rpc_client_handle_t client, + const hal_rpc_user_t user, + const char * const pin, const size_t pin_len) +{ + return HAL_ERROR_IMPOSSIBLE; +} + +static hal_error_t logout(const hal_rpc_client_handle_t client) +{ + return HAL_ERROR_IMPOSSIBLE; +} + +static hal_error_t hash_get_digest_len(const hal_rpc_hash_alg_t alg, size_t *length) +{ + return HAL_ERROR_IMPOSSIBLE; +} + +static hal_error_t hash_get_digest_algorithm_id(const hal_rpc_hash_alg_t alg, + uint8_t *id, size_t *len, const size_t len_max) +{ + return HAL_ERROR_IMPOSSIBLE; +} + +static hal_error_t hash_get_algorithm(const hal_rpc_hash_handle_t hash, hal_rpc_hash_alg_t *alg) +{ + return HAL_ERROR_IMPOSSIBLE; +} + +static hal_error_t hash_initialize(const hal_rpc_client_handle_t client, + const hal_rpc_session_handle_t session, + hal_rpc_hash_handle_t *hash, + const hal_rpc_hash_alg_t alg, + const uint8_t * const key, const size_t key_len) +{ + return HAL_ERROR_IMPOSSIBLE; +} + +static hal_error_t hash_update(const hal_rpc_hash_handle_t hash, + const uint8_t * data, const size_t length) +{ + return HAL_ERROR_IMPOSSIBLE; +} + +static hal_error_t hash_finalize(const hal_rpc_hash_handle_t hash, + uint8_t *digest, const size_t length) +{ + return HAL_ERROR_IMPOSSIBLE; +} + +static hal_error_t pkey_load(const hal_rpc_client_handle_t client, + const hal_rpc_session_handle_t session, + hal_rpc_pkey_handle_t *pkey, + const hal_rpc_pkey_key_type_t type, + const hal_rpc_pkey_curve_t curve, + const uint8_t * const name, const size_t name_len, + const uint8_t * const der, const size_t der_len, + const hal_rpc_pkey_flags_t flags) +{ + return HAL_ERROR_IMPOSSIBLE; +} + +static hal_error_t pkey_find(const hal_rpc_client_handle_t client, + const hal_rpc_session_handle_t session, + hal_rpc_pkey_handle_t *pkey, + const hal_rpc_pkey_key_type_t type, + const uint8_t * const name, const size_t name_len) +{ + return HAL_ERROR_IMPOSSIBLE; +} + +static hal_error_t pkey_generate_rsa(const hal_rpc_client_handle_t client, + const hal_rpc_session_handle_t session, + hal_rpc_pkey_handle_t *pkey, + const uint8_t * const name, const size_t name_len, + const unsigned key_len, + const uint8_t * const exp, const size_t exp_len, + const hal_rpc_pkey_flags_t flags) +{ + return HAL_ERROR_IMPOSSIBLE; +} + +static hal_error_t pkey_generate_ec(const hal_rpc_client_handle_t client, + const hal_rpc_session_handle_t session, + hal_rpc_pkey_handle_t *pkey, + const uint8_t * const name, const size_t name_len, + const hal_rpc_pkey_curve_t curve, + const hal_rpc_pkey_flags_t flags) +{ + return HAL_ERROR_IMPOSSIBLE; +} + +static hal_error_t pkey_delete(const hal_rpc_pkey_handle_t pkey) +{ + return HAL_ERROR_IMPOSSIBLE; +} + +static hal_error_t pkey_get_key_type(const hal_rpc_pkey_handle_t pkey, + hal_rpc_pkey_key_type_t *type) +{ + return HAL_ERROR_IMPOSSIBLE; +} + +static hal_error_t pkey_get_key_flags(const hal_rpc_pkey_handle_t pkey, + hal_rpc_pkey_flags_t *flags) +{ + return HAL_ERROR_IMPOSSIBLE; +} + +static size_t pkey_get_public_key_len(const hal_rpc_pkey_handle_t pkey) +{ + return 0; +} + +static hal_error_t pkey_get_public_key(const hal_rpc_pkey_handle_t pkey, + uint8_t *der, size_t *der_len, const size_t der_len_max) +{ + return HAL_ERROR_IMPOSSIBLE; +} + +static hal_error_t pkey_remote_sign(const hal_rpc_session_handle_t session, + const hal_rpc_pkey_handle_t pkey, + const hal_rpc_hash_handle_t hash, + const uint8_t * const input, const size_t input_len, + uint8_t * output, const size_t output_len) +{ + return HAL_ERROR_IMPOSSIBLE; +} + +static hal_error_t pkey_remote_verify(const hal_rpc_session_handle_t session, + const hal_rpc_pkey_handle_t pkey, + const hal_rpc_hash_handle_t hash, + const uint8_t * const input, const size_t input_len, + uint8_t * output, const size_t output_len) +{ + return HAL_ERROR_IMPOSSIBLE; +} + +static hal_error_t pkey_list(hal_rpc_pkey_key_info_t *result, + unsigned *result_len, + const unsigned result_max) +{ + return HAL_ERROR_IMPOSSIBLE; +} + + +/* + * "Mixed" mode pkey operations, where the public key operation itself + * takes place on the HSM but the hashing takes place locally. If + * we're given a hash context in this case, it's local, so we have to + * pull the digest from the hash context and send that to the HSM. + */ + +static hal_error_t pkey_mixed_sign(const hal_rpc_session_handle_t session, + const hal_rpc_pkey_handle_t pkey, + const hal_rpc_hash_handle_t hash, + const uint8_t * const input, const size_t input_len, + uint8_t * output, const size_t output_len) +{ + if (input != NULL) + return pkey_remote_sign(session, pkey, hash, input, input_len, output, output_len); + + hal_rpc_hash_alg_t alg; + size_t digest_len; + hal_error_t err; + + if ((err = hal_rpc_hash_get_algorithm(hash, &alg)) != HAL_OK || + (err = hal_rpc_hash_get_digest_length(alg, &digest_len)) != HAL_OK) + return err; + + uint8_t digest[digest_len]; + + if ((err = hal_rpc_hash_finalize(hash, digest, digest_len)) != HAL_OK) + return err; + + return pkey_remote_sign(session, pkey, hal_rpc_hash_handle_none, digest, digest_len, output, output_len); +} + +static hal_error_t pkey_mixed_verify(const hal_rpc_session_handle_t session, + const hal_rpc_pkey_handle_t pkey, + const hal_rpc_hash_handle_t hash, + const uint8_t * const input, const size_t input_len, + uint8_t * output, const size_t output_len) +{ + if (input != NULL) + return pkey_remote_verify(session, pkey, hash, input, input_len, output, output_len); + + hal_rpc_hash_alg_t alg; + size_t digest_len; + hal_error_t err; + + if ((err = hal_rpc_hash_get_algorithm(hash, &alg)) != HAL_OK || + (err = hal_rpc_hash_get_digest_length(alg, &digest_len)) != HAL_OK) + return err; + + uint8_t digest[digest_len]; + + if ((err = hal_rpc_hash_finalize(hash, digest, digest_len)) != HAL_OK) + return err; + + return pkey_remote_verify(session, pkey, hal_rpc_hash_handle_none, digest, digest_len, output, output_len); +} + +/* + * Dispatch vectors. + */ + +const hal_rpc_misc_dispatch_t hal_rpc_remote_misc_dispatch = { + set_pin, login, logout, get_random +}; + +const hal_rpc_hash_dispatch_t hal_rpc_remote_hash_dispatch = { + hash_get_digest_len, hash_get_digest_algorithm_id, hash_get_algorithm, hash_initialize, hash_update, hash_finalize +}; + +const hal_rpc_pkey_dispatch_t hal_rpc_remote_pkey_dispatch = { + pkey_load, pkey_find, pkey_generate_rsa, pkey_generate_ec, pkey_delete, + pkey_get_key_type, pkey_get_key_flags, pkey_get_public_key_len, pkey_get_public_key, + pkey_remote_sign, pkey_remote_verify, + pkey_list +}; + +const hal_rpc_pkey_dispatch_t hal_rpc_mixed_pkey_dispatch = { + pkey_load, pkey_find, pkey_generate_rsa, pkey_generate_ec, pkey_delete, + pkey_get_key_type, pkey_get_key_flags, pkey_get_public_key_len, pkey_get_public_key, + pkey_mixed_sign, pkey_mixed_verify, + pkey_list +}; + +/* + * Local variables: + * indent-tabs-mode: nil + * End: + */ diff --git a/rpc_internal.h b/rpc_internal.h new file mode 100644 index 0000000..73e79f7 --- /dev/null +++ b/rpc_internal.h @@ -0,0 +1,191 @@ +/* + * rpc_internal.h + * -------------- + * Internal (not public API) declarations for HAL RPC mechanism. + * + * Authors: Rob Austein, Paul Selkirk + * Copyright (c) 2015, NORDUnet A/S All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are + * met: + * - Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * - Neither the name of the NORDUnet nor the names of its contributors may + * be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef _HAL_RPC_INTERNAL_H_ +#define _HAL_RPC_INTERNAL_H_ + +#include "hal_rpc.h" + +/* + * Everything in this file is part of the internal API, that is, + * subject to change without notice. Nothing outside of libhal itself + * should be looking at this file. Access from outside of libhal + * should use the public hal_rpc_*() API. + * + * In particular, the breakdown of which functions go into which + * dispatch vectors is based entirely on pesky details like making + * sure that the right functions get linked in the right cases, and + * should not be construed as making any particular sense in any + * larger context. + */ + +/* + * In theory eventually we might want a fully general mechanism to + * allow us to dispatch arbitrary groups of functions either locally + * or remotely on a per-user basis. In practice, we probably want to + * run everything on the HSM except for hashing and digesting, so just + * code for that case initially while leaving the design open for a + * more general mechanism later if warranted. + * + * So we have three cases: + * + * - We're the HSM, so we do everything locally (ie, we run the RPC + * server functions. + * + * - We're the host, so we do everything remotely (ie, we do + * everything using the client-side RPC calls. + * + * - We're the host but are doing hashing locally, so we do a mix. + * This is slightly more complicated than it might at first appear, + * because we must handle the case of one of the pkey functions + * taking a hash context instead of a literal hash value, in which + * case we have to extract the hash value from the context and + * supply it to the pkey RPC client code as a literal value. + */ + +typedef struct { + + hal_error_t (*set_pin)(const hal_rpc_user_t which, + const char * const newpin, const size_t newpin_len); + + hal_error_t (*login)(const hal_rpc_client_handle_t client, + const hal_rpc_user_t user, + const char * const newpin, const size_t newpin_len); + + hal_error_t (*logout)(const hal_rpc_client_handle_t client); + + hal_error_t (*get_random)(void *buffer, const size_t length); + +} hal_rpc_misc_dispatch_t; + + +typedef struct { + + hal_error_t (*get_digest_length)(const hal_rpc_hash_alg_t alg, size_t *length); + + hal_error_t (*get_digest_algorithm_id)(const hal_rpc_hash_alg_t alg, + uint8_t *id, size_t *len, const size_t len_max); + + hal_error_t (*get_algorithm)(const hal_rpc_hash_handle_t hash, hal_rpc_hash_alg_t *alg); + + hal_error_t (*initialize)(const hal_rpc_client_handle_t client, + const hal_rpc_session_handle_t session, + hal_rpc_hash_handle_t *hash, + const hal_rpc_hash_alg_t alg, + const uint8_t * const key, const size_t key_length); + + hal_error_t (*update)(const hal_rpc_hash_handle_t hash, + const uint8_t * data, const size_t length); + + hal_error_t (*finalize)(const hal_rpc_hash_handle_t hash, + uint8_t *digest, const size_t length); +} hal_rpc_hash_dispatch_t; + + +typedef struct { + + hal_error_t (*load)(const hal_rpc_client_handle_t client, + const hal_rpc_session_handle_t session, + hal_rpc_pkey_handle_t *pkey, + const hal_rpc_pkey_key_type_t type, + const hal_rpc_pkey_curve_t curve, + const uint8_t * const name, const size_t name_len, + const uint8_t * const der, const size_t der_len, + const hal_rpc_pkey_flags_t flags); + + hal_error_t (*find)(const hal_rpc_client_handle_t client, + const hal_rpc_session_handle_t session, + hal_rpc_pkey_handle_t *pkey, + const hal_rpc_pkey_key_type_t type, + const uint8_t * const name, const size_t name_len); + + hal_error_t (*generate_rsa)(const hal_rpc_client_handle_t client, + const hal_rpc_session_handle_t session, + hal_rpc_pkey_handle_t *pkey, + const uint8_t * const name, const size_t name_len, + const unsigned key_length, + const uint8_t * const public_exponent, const size_t public_exponent_len, + const hal_rpc_pkey_flags_t flags); + + hal_error_t (*generate_ec)(const hal_rpc_client_handle_t client, + const hal_rpc_session_handle_t session, + hal_rpc_pkey_handle_t *pkey, + const uint8_t * const name, const size_t name_len, + const hal_rpc_pkey_curve_t curve, + const hal_rpc_pkey_flags_t flags); + + hal_error_t (*delete)(const hal_rpc_pkey_handle_t pkey); + + hal_error_t (*get_key_type)(const hal_rpc_pkey_handle_t pkey, + hal_rpc_pkey_key_type_t *key_type); + + hal_error_t (*get_key_flags)(const hal_rpc_pkey_handle_t pkey, + hal_rpc_pkey_flags_t *flags); + + size_t (*get_public_key_len)(const hal_rpc_pkey_handle_t pkey); + + hal_error_t (*get_public_key)(const hal_rpc_pkey_handle_t pkey, + uint8_t *der, size_t *der_len, const size_t der_len_max); + + hal_error_t (*sign)(const hal_rpc_session_handle_t session, + const hal_rpc_pkey_handle_t pkey, + const hal_rpc_hash_handle_t hash, + const uint8_t * const input, const size_t input_len, + uint8_t * output, const size_t output_len); + + hal_error_t (*verify)(const hal_rpc_session_handle_t session, + const hal_rpc_pkey_handle_t pkey, + const hal_rpc_hash_handle_t hash, + const uint8_t * const input, const size_t input_len, + uint8_t * output, const size_t output_len); + + hal_error_t (*list)(hal_rpc_pkey_key_info_t *result, + unsigned *result_len, + const unsigned result_max); + +} hal_rpc_pkey_dispatch_t; + + +extern const hal_rpc_misc_dispatch_t hal_rpc_local_misc_dispatch, hal_rpc_remote_misc_dispatch; +extern const hal_rpc_hash_dispatch_t hal_rpc_local_hash_dispatch, hal_rpc_remote_hash_dispatch; +extern const hal_rpc_pkey_dispatch_t hal_rpc_local_pkey_dispatch, hal_rpc_remote_pkey_dispatch, hal_rpc_mixed_pkey_dispatch; + +#endif /* _HAL_RPC_INTERNAL_H_ */ + +/* + * Local variables: + * indent-tabs-mode: nil + * End: + */ -- cgit v1.2.3