Add generate and destroy key to TS provider

ionut-arm · ionut-arm · commit d4090bee825e · 2021-01-28T16:16:49.000Z
This commit adds functionality for generating and destroying
keys in the Trusted Service provider.

Signed-off-by: Ionut Mihalcea &lt;ionut.mihalcea@arm.com&gt;
diff --git a/.gitignore b/.gitignore
@@ -1,8 +1,26 @@
+# Cargo build directory
 /target
+
+# Mbed Crypto key files
 *.psa_its
+
+# Editor swap files
 *.swp
+
+
 tags
+
+# MacOS folder attributes file
 *DS_Store
+
+# VS Code config folder
+*vscode
+
+# Git patch files
 *.patch
+
+# Parsec key info mappings directory
 mappings/
+
+# TPM simulator state file
 NVChip
diff --git a/src/providers/mbed_crypto/key_management.rs b/src/providers/mbed_crypto/key_management.rs
@@ -81,14 +81,22 @@ fn create_key_id(max_current_id: &AtomicU32) -> Result<key::psa_key_id_t> {
     Ok(new_key_id)
 }
 
-fn remove_key_id(key_triple: &KeyTriple, store_handle: &mut dyn ManageKeyInfo) -> Result<()> {
+/// Remove the info for a key triple from the Key Info Manager
+pub fn remove_key_id(key_triple: &KeyTriple, store_handle: &mut dyn ManageKeyInfo) -> Result<()> {
     // ID Counter not affected as overhead and extra complication deemed unnecessary
     match store_handle.remove(key_triple) {
         Ok(_) => Ok(()),
         Err(string) => Err(key_info_managers::to_response_status(string)),
     }
 }
 
+/// Check whether any key info exists for a given key triple in the Key Info Manager
+pub fn key_info_exists(key_triple: &KeyTriple, store_handle: &dyn ManageKeyInfo) -> Result<bool> {
+    store_handle
+        .exists(key_triple)
+        .map_err(key_info_managers::to_response_status)
+}
+
 impl Provider {
     pub(super) fn psa_generate_key_internal(
         &self,
diff --git a/src/providers/mbed_crypto/mod.rs b/src/providers/mbed_crypto/mod.rs
@@ -31,7 +31,7 @@ mod asym_sign;
 mod generate_random;
 mod hash;
 mod key_agreement;
-mod key_management;
+pub(super) mod key_management;
 
 const SUPPORTED_OPCODES: [Opcode; 15] = [
     Opcode::PsaGenerateKey,
diff --git a/src/providers/mod.rs b/src/providers/mod.rs
@@ -110,7 +110,7 @@ impl ProviderConfig {
             ProviderConfig::CryptoAuthLib {
                 ref key_info_manager,
                 ..
-            } =
+            } => key_info_manager,
             ProviderConfig::TrustedService {
                 ref key_info_manager,
                 ..
diff --git a/src/providers/trusted_service/context/key_management.rs b/src/providers/trusted_service/context/key_management.rs
@@ -0,0 +1,71 @@
+// Copyright 2020 Contributors to the Parsec project.
+// SPDX-License-Identifier: Apache-2.0
+use super::ts_protobuf::{
+    CloseKeyIn, DestroyKeyIn, DestroyKeyOut, GenerateKeyIn, GenerateKeyOut, KeyAttributes,
+    KeyLifetime, KeyPolicy, Opcode, OpenKeyIn, OpenKeyOut,
+};
+use super::Context;
+use log::info;
+use parsec_interface::operations::psa_key_attributes::Attributes;
+use parsec_interface::requests::ResponseStatus;
+use psa_crypto::types::status::Error;
+use std::convert::{TryFrom, TryInto};
+
+impl Context {
+    pub fn generate_key(&self, key_attrs: Attributes, id: u32) -> Result<(), ResponseStatus> {
+        info!("Handling GenerateKey request");
+        let proto_req = GenerateKeyIn {
+            attributes: Some(KeyAttributes {
+                r#type: u16::try_from(key_attrs.key_type)? as u32,
+                key_bits: key_attrs.bits.try_into()?,
+                lifetime: KeyLifetime::Persistent as u32,
+                id,
+                policy: Some(KeyPolicy {
+                    usage: key_attrs.policy.usage_flags.try_into()?,
+                    alg: key_attrs.policy.permitted_algorithms.try_into()?,
+                }),
+            }),
+        };
+        let GenerateKeyOut { handle } =
+            self.send_request(&proto_req, Opcode::GenerateKey, self.rpc_caller)?;
+
+        let proto_req = CloseKeyIn { handle };
+        self.send_request(&proto_req, Opcode::CloseKey, self.rpc_caller)?;
+
+        Ok(())
+    }
+
+    pub fn destroy_key(&self, id: u32) -> Result<(), ResponseStatus> {
+        info!("Handling DestroyKey request");
+        if !self.check_key_exists(id)? {
+            return Err(ResponseStatus::PsaErrorDoesNotExist);
+        }
+        let proto_req = OpenKeyIn { id };
+        let OpenKeyOut { handle } =
+            self.send_request(&proto_req, Opcode::OpenKey, self.rpc_caller)?;
+
+        let proto_req = DestroyKeyIn { handle };
+        let _proto_resp: DestroyKeyOut =
+            self.send_request(&proto_req, Opcode::DestroyKey, self.rpc_caller)?;
+        Ok(())
+    }
+
+    pub fn check_key_exists(&self, id: u32) -> Result<bool, Error> {
+        info!("Handling CheckKey request");
+        let proto_req = OpenKeyIn { id };
+        match self.send_request(&proto_req, Opcode::OpenKey, self.rpc_caller) {
+            Ok(OpenKeyOut { handle }) => {
+                let proto_req = CloseKeyIn { handle };
+                self.send_request(&proto_req, Opcode::CloseKey, self.rpc_caller)?;
+                Ok(true)
+            }
+            Err(e) => {
+                if e == Error::DoesNotExist {
+                    Ok(false)
+                } else {
+                    Err(e)
+                }
+            }
+        }
+    }
+}
diff --git a/src/providers/trusted_service/context/mod.rs b/src/providers/trusted_service/context/mod.rs
@@ -1,10 +1,16 @@
 // Copyright 2020 Contributors to the Parsec project.
 // SPDX-License-Identifier: Apache-2.0
-use log::info;
+use log::{error, info, trace};
+use prost::Message;
+use psa_crypto::types::status::{Error as PsaError, Status};
+use std::convert::TryInto;
 use std::ffi::{c_void, CString};
 use std::io::{Error, ErrorKind};
 use std::ptr::null_mut;
+use std::slice;
+use std::sync::Mutex;
 use ts_binding::*;
+use ts_protobuf::Opcode;
 
 #[allow(
     non_snake_case,
@@ -24,6 +30,8 @@ pub mod ts_binding {
     include!(concat!(env!("OUT_DIR"), "/ts_bindings.rs"));
 }
 
+mod key_management;
+
 #[allow(
     non_snake_case,
     non_camel_case_types,
@@ -42,11 +50,17 @@ mod ts_protobuf {
     include!(concat!(env!("OUT_DIR"), "/ts_crypto.rs"));
 }
 
+// TODO:
+// * RPC caller error handling
+// * proper logging
+// * docs
+
 #[derive(Debug)]
 pub struct Context {
     rpc_caller: *mut rpc_caller,
     service_context: *mut service_context,
     rpc_session_handle: *mut c_void,
+    call_mutex: Mutex<()>,
 }
 
 impl Context {
@@ -82,10 +96,70 @@ impl Context {
             rpc_caller,
             service_context,
             rpc_session_handle,
+            call_mutex: Mutex::new(()),
         };
 
         Ok(ctx)
     }
+
+    fn send_request<T: Message + Default>(
+        &self,
+        req: &impl Message,
+        opcode: Opcode,
+        rpc_cl: *mut rpc_caller,
+    ) -> Result<T, PsaError> {
+        let _mutex_guard = self.call_mutex.try_lock().expect("Call mutex poisoned");
+        info!("Beginning call to Trusted Service");
+
+        let mut buf_out = null_mut();
+        let call_handle = unsafe { rpc_caller_begin(rpc_cl, &mut buf_out, req.encoded_len()) };
+        if call_handle == null_mut() {
+            error!("Call handle was null");
+            return Err(PsaError::CommunicationFailure);
+        } else if buf_out == null_mut() {
+            error!("Call buffer was null");
+            return Err(PsaError::CommunicationFailure);
+        }
+        let mut buf_out = unsafe { slice::from_raw_parts_mut(buf_out, req.encoded_len()) };
+        req.encode(&mut buf_out).map_err(|e| {
+            unsafe { rpc_caller_end(rpc_cl, call_handle) };
+            format_error!("Failed to serialize Protobuf request", e);
+            PsaError::CommunicationFailure
+        })?;
+
+        trace!("Invoking RPC call");
+        let mut opstatus = 0;
+        let mut resp = T::default();
+        let mut resp_buf = null_mut();
+        let mut resp_buf_size = 0;
+        let status = unsafe {
+            rpc_caller_invoke(
+                rpc_cl,
+                call_handle,
+                i32::from(opcode).try_into().unwrap(),
+                &mut opstatus,
+                &mut resp_buf,
+                &mut resp_buf_size,
+            )
+        };
+        if status != 0 || opstatus != 0 {
+            unsafe { rpc_caller_end(rpc_cl, call_handle) };
+            error!(
+                "Error on call invocation: status = {}, opstatus = {}",
+                status, opstatus as i32
+            );
+            Status::from(opstatus as i32).to_result()?;
+        }
+        let resp_buf = unsafe { slice::from_raw_parts_mut(resp_buf, resp_buf_size) };
+        resp.merge(&*resp_buf).map_err(|e| {
+            unsafe { rpc_caller_end(rpc_cl, call_handle) };
+            format_error!("Failed to serialize Protobuf request", e);
+            PsaError::CommunicationFailure
+        })?;
+        unsafe { rpc_caller_end(rpc_cl, call_handle) };
+
+        Ok(resp)
+    }
 }
 
 impl Drop for Context {
diff --git a/src/providers/trusted_service/key_management.rs b/src/providers/trusted_service/key_management.rs
@@ -0,0 +1,76 @@
+// Copyright 2020 Contributors to the Parsec project.
+// SPDX-License-Identifier: Apache-2.0
+use super::Provider;
+use crate::authenticators::ApplicationName;
+use crate::key_info_managers::KeyTriple;
+use crate::providers::mbed_crypto::key_management::{
+    create_key_id, get_key_id, insert_key_id, key_info_exists, remove_key_id,
+};
+use parsec_interface::operations::{psa_destroy_key, psa_generate_key};
+use parsec_interface::requests::{ProviderID, ResponseStatus, Result};
+
+impl Provider {
+    pub(super) fn psa_generate_key_internal(
+        &self,
+        app_name: ApplicationName,
+        op: psa_generate_key::Operation,
+    ) -> Result<psa_generate_key::Result> {
+        let key_name = op.key_name;
+        let key_attributes = op.attributes;
+        let key_triple = KeyTriple::new(app_name, ProviderID::TrustedService, key_name);
+        let mut store_handle = self
+            .key_info_store
+            .write()
+            .expect("Key store lock poisoned");
+        if key_info_exists(&key_triple, &*store_handle)? {
+            return Err(ResponseStatus::PsaErrorAlreadyExists);
+        }
+        let key_id = create_key_id(&self.id_counter)?;
+
+        match self.context.generate_key(key_attributes, key_id) {
+            Ok(_) => {
+                if let Err(e) =
+                    insert_key_id(key_triple, key_attributes, &mut *store_handle, key_id)
+                {
+                    if self.context.destroy_key(key_id).is_err() {
+                        error!("Failed to destroy the previously generated key.");
+                    }
+                    Err(e)
+                } else {
+                    Ok(psa_generate_key::Result {})
+                }
+            }
+            Err(error) => {
+                let error = ResponseStatus::from(error);
+                format_error!("Generate key error", error);
+                Err(error)
+            }
+        }
+    }
+
+    pub(super) fn psa_destroy_key_internal(
+        &self,
+        app_name: ApplicationName,
+        op: psa_destroy_key::Operation,
+    ) -> Result<psa_destroy_key::Result> {
+        let key_name = op.key_name;
+        let key_triple = KeyTriple::new(app_name, ProviderID::TrustedService, key_name);
+        let mut store_handle = self
+            .key_info_store
+            .write()
+            .expect("Key store lock poisoned");
+        let key_id = get_key_id(&key_triple, &*store_handle)?;
+
+        match self.context.destroy_key(key_id) {
+            Ok(()) => {
+                remove_key_id(&key_triple, &mut *store_handle)?;
+                Ok(psa_destroy_key::Result {})
+            }
+            Err(error) => {
+                let error = ResponseStatus::from(error);
+                format_error!("Destroy key status: ", error);
+                Err(error)
+            }
+        }
+    }
+}
diff --git a/src/providers/trusted_service/mod.rs b/src/providers/trusted_service/mod.rs
