Nitrokey · daringer · Oct 6, 2022 · Oct 6, 2022 · Oct 6, 2022 · Oct 6, 2022
diff --git a/.github/workflows/firmwares.yml b/.github/workflows/firmwares.yml
diff --git a/Cargo.toml b/Cargo.toml
@@ -24,17 +24,20 @@ postcard = "0.7.0"
 rand_core = "0.6"
 serde = { version = "1.0", default-features = false }
 zeroize = { version = "1.2", default-features = false, features = ["zeroize_derive"] }
+rand_chacha = { version = "0.3.1", default-features = false }
 
 # RustCrypto
-aes = { version = "0.7", default-features = false }
-blake2 = { version = "0.9", default-features = false, optional = true }
-block-modes = { version = "0.8", default-features = false }
-chacha20 = { version = "0.7", default-features = false, features = ["rng"] }
-chacha20poly1305 = { version = "0.8", default-features = false, features = ["heapless", "reduced-round"] }
-des = { version = "0.7", optional = true }
-hmac = "0.11"
-sha-1 = { version = "0.9", default-features = false, optional = true }
-sha2 = { version = "0.9", default-features = false }
+aes = { version = "0.8", default-features = false }
+cbc = "0.1.2"
+blake2 = { version = "0.10", default-features = false, optional = true }
+chacha20 = { version = "0.9", default-features = false }
+chacha20poly1305 = { version = "0.10", default-features = false, features = ["heapless", "reduced-round"] }
+des = { version = "0.8", optional = true }
+hmac = "0.12"
+sha-1 = { version = "0.10", default-features = false, optional = true }
+sha2 = { version = "0.10", default-features = false }
+rsa = { version = "0.6.0", optional = true , default-features = false }
+num-bigint-dig = { version = "0.8.1", optional = true , default-features = false}
 
 # ours
 cosey = "0.3"
@@ -43,13 +46,13 @@ cbor-smol = "0.4"
 heapless-bytes = { version = "0.3.0", features = ["cbor"] }
 interchange = "0.2.1"
 littlefs2 = "0.3.1"
-p256-cortex-m4 = { version = "0.1.0-alpha.5", features = ["prehash", "sec1-signatures"] }
+p256-cortex-m4 = { version = "0.1.0-alpha.6", features = ["prehash", "sec1-signatures"] }
 salty = { version = "0.2.0", features = ["cose"] }
 serde-indexed = "0.1.0"
 
 [dev-dependencies]
 # Testing
-serial_test = { version = "0.6" }
+serial_test = { version = "0.9" }
 entropy = "0.4.0"
 once_cell = "1.13.0"
 # Somehow, this is causing a regression.
@@ -101,6 +104,10 @@ sha256 = []
 tdes = ["des"]
 totp = ["sha-1"]
 trng = ["sha-1"]
+rsa2048 = ["rsa", "alloc", "num-bigint-dig"]
+rsa3072 = ["rsa", "alloc", "num-bigint-dig"]
+rsa4096 = ["rsa", "alloc", "num-bigint-dig"]
+alloc = []
 
 clients-1 = []
 clients-2 = []
@@ -116,9 +123,17 @@ clients-11 = []
 clients-12 = []
 
 test-attestation-cert-ids = []
-# [patch.crates-io]
+
+[patch.crates-io]
 # interchange = { git = "https://github.com/trussed-dev/interchange", branch = "main" }
+littlefs2 = { git = "https://github.com/Nitrokey/littlefs2", tag = "v0.3.2-nitrokey-1" }
 
 [package.metadata.docs.rs]
 features = ["virt"]
 rustdoc-args = ["--cfg", "docsrs"]
+
+[profile.dev.package.rsa]
+opt-level = 2
+
+[profile.dev.package.num-bigint-dig]
+opt-level = 2
diff --git a/src/api.rs b/src/api.rs
@@ -167,7 +167,7 @@ pub mod request {
 
         DeserializeKey:
           - mechanism: Mechanism
-          - serialized_key: Message
+          - serialized_key: SerializedKey
           - format: KeySerialization
           - attributes: StorageAttributes
 
@@ -275,7 +275,7 @@ pub mod request {
 
         UnsafeInjectKey:
           - mechanism: Mechanism        // -> implies key type
-          - raw_key: ShortData
+          - raw_key: SerializedKey
           - attributes: StorageAttributes
           - format: KeySerialization
 
@@ -436,7 +436,7 @@ pub mod reply {
             - bytes: Message
 
         SerializeKey:
-            - serialized_key: Message
+            - serialized_key: SerializedKey
 
         Sign:
             - signature: Signature

diff --git a/src/client.rs b/src/client.rs
@@ -382,7 +382,7 @@ pub trait CryptoClient: PollClient {
         attributes: StorageAttributes,
     ) -> ClientResult<'c, reply::DeserializeKey, Self> {
         let serialized_key =
-            Message::from_slice(serialized_key).map_err(|_| ClientError::DataTooLarge)?;
+            SerializedKey::from_slice(serialized_key).map_err(|_| ClientError::DataTooLarge)?;
         let r = self.request(request::DeserializeKey {
             mechanism,
             serialized_key,
@@ -527,7 +527,7 @@ pub trait CryptoClient: PollClient {
     ) -> ClientResult<'_, reply::UnsafeInjectKey, Self> {
         let r = self.request(request::UnsafeInjectKey {
             mechanism,
-            raw_key: ShortData::from_slice(raw_key).unwrap(),
+            raw_key: SerializedKey::from_slice(raw_key).unwrap(),
             attributes: StorageAttributes::new().set_persistence(persistence),
             format,
         })?;

diff --git a/src/client/mechanisms.rs b/src/client/mechanisms.rs
@@ -385,6 +385,152 @@ pub trait P256: CryptoClient {
     }
 }
 
+#[cfg(feature = "rsa2048")]
+impl<S: Syscall> Rsa2048Pkcs for ClientImplementation<S> {}
+
+pub trait Rsa2048Pkcs: CryptoClient {
+    fn generate_rsa2048pkcs_private_key(
+        &mut self,
+        persistence: Location,
+    ) -> ClientResult<'_, reply::GenerateKey, Self> {
+        self.generate_key(
+            Mechanism::Rsa2048Pkcs,
+            StorageAttributes::new().set_persistence(persistence),
+        )
+    }
+
+    fn derive_rsa2048pkcs_public_key(
+        &mut self,
+        shared_key: KeyId,
+        persistence: Location,
+    ) -> ClientResult<'_, reply::DeriveKey, Self> {
+        self.derive_key(
+            Mechanism::Rsa2048Pkcs,
+            shared_key,
+            None,
+            StorageAttributes::new().set_persistence(persistence),
+        )
+    }
+
+    fn serialize_rsa2048pkcs_key(
+        &mut self,
+        key: KeyId,
+        format: KeySerialization,
+    ) -> ClientResult<'_, reply::SerializeKey, Self> {
+        self.serialize_key(Mechanism::Rsa2048Pkcs, key, format)
+    }
+
+    fn deserialize_rsa2048pkcs_key<'c>(
+        &'c mut self,
+        serialized_key: &[u8],
+        format: KeySerialization,
+        attributes: StorageAttributes,
+    ) -> ClientResult<'c, reply::DeserializeKey, Self> {
+        self.deserialize_key(Mechanism::Rsa2048Pkcs, serialized_key, format, attributes)
+    }
+
+    fn sign_rsa2048pkcs<'c>(
+        &'c mut self,
+        key: KeyId,
+        message: &[u8],
+    ) -> ClientResult<'c, reply::Sign, Self> {
+        self.sign(
+            Mechanism::Rsa2048Pkcs,
+            key,
+            message,
+            SignatureSerialization::Raw,
+        )
+    }
+
+    fn verify_rsa2048pkcs<'c>(
+        &'c mut self,
+        key: KeyId,
+        message: &[u8],
+        signature: &[u8],
+    ) -> ClientResult<'c, reply::Verify, Self> {
+        self.verify(
+            Mechanism::Rsa2048Pkcs,
+            key,
+            message,
+            signature,
+            SignatureSerialization::Raw,
+        )
+    }
+}
+
+#[cfg(feature = "rsa4096")]
+impl<S: Syscall> Rsa4096Pkcs for ClientImplementation<S> {}
+
+pub trait Rsa4096Pkcs: CryptoClient {
+    fn generate_rsa4096pkcs_private_key(
+        &mut self,
+        persistence: Location,
+    ) -> ClientResult<'_, reply::GenerateKey, Self> {
+        self.generate_key(
+            Mechanism::Rsa4096Pkcs,
+            StorageAttributes::new().set_persistence(persistence),
+        )
+    }
+
+    fn derive_rsa4096pkcs_public_key(
+        &mut self,
+        shared_key: KeyId,
+        persistence: Location,
+    ) -> ClientResult<'_, reply::DeriveKey, Self> {
+        self.derive_key(
+            Mechanism::Rsa4096Pkcs,
+            shared_key,
+            None,
+            StorageAttributes::new().set_persistence(persistence),
+        )
+    }
+
+    fn serialize_rsa4096pkcs_key(
+        &mut self,
+        key: KeyId,
+        format: KeySerialization,
+    ) -> ClientResult<'_, reply::SerializeKey, Self> {
+        self.serialize_key(Mechanism::Rsa4096Pkcs, key, format)
+    }
+
+    fn deserialize_rsa4096pkcs_key<'c>(
+        &'c mut self,
+        serialized_key: &[u8],
+        format: KeySerialization,
+        attributes: StorageAttributes,
+    ) -> ClientResult<'c, reply::DeserializeKey, Self> {
+        self.deserialize_key(Mechanism::Rsa4096Pkcs, serialized_key, format, attributes)
+    }
+
+    fn sign_rsa4096pkcs<'c>(
+        &'c mut self,
+        key: KeyId,
+        message: &[u8],
+    ) -> ClientResult<'c, reply::Sign, Self> {
+        self.sign(
+            Mechanism::Rsa4096Pkcs,
+            key,
+            message,
+            SignatureSerialization::Raw,
+        )
+    }
+
+    fn verify_rsa4096pkcs<'c>(
+        &'c mut self,
+        key: KeyId,
+        message: &[u8],
+        signature: &[u8],
+    ) -> ClientResult<'c, reply::Verify, Self> {
+        self.verify(
+            Mechanism::Rsa4096Pkcs,
+            key,
+            message,
+            signature,
+            SignatureSerialization::Raw,
+        )
+    }
+}
+
 #[cfg(feature = "sha256")]
 impl<S: Syscall> Sha256 for ClientImplementation<S> {}
 

diff --git a/src/config.rs b/src/config.rs
@@ -8,14 +8,13 @@ use littlefs2::consts;
 
 pub type MAX_APPLICATION_NAME_LENGTH = consts::U256;
 pub const MAX_LONG_DATA_LENGTH: usize = 1024;
-pub const MAX_MESSAGE_LENGTH: usize = 1024;
 pub type MAX_OBJECT_HANDLES = consts::U16;
 pub type MAX_LABEL_LENGTH = consts::U256;
 pub const MAX_MEDIUM_DATA_LENGTH: usize = 256;
 pub type MAX_PATH_LENGTH = consts::U256;
-pub const MAX_KEY_MATERIAL_LENGTH: usize = 128;
+//pub const MAX_KEY_MATERIAL_LENGTH: usize = 128;
 // must be above + 4
-pub const MAX_SERIALIZED_KEY_LENGTH: usize = 132;
+//pub const MAX_SERIALIZED_KEY_LENGTH: usize = 132;
 cfg_if::cfg_if! {
     if #[cfg(feature = "clients-12")] {
         pub type MAX_SERVICE_CLIENTS = consts::U12;
@@ -44,7 +43,25 @@ cfg_if::cfg_if! {
     }
 }
 pub const MAX_SHORT_DATA_LENGTH: usize = 128;
+
+#[cfg(any(feature = "rsa2048", feature = "rsa3072", feature = "rsa4096"))]
+pub const MAX_SIGNATURE_LENGTH: usize = 512 * 2;
+#[cfg(any(feature = "rsa2048", feature = "rsa3072", feature = "rsa4096"))]
+// FIXME: Value from https://stackoverflow.com/questions/5403808/private-key-length-bytes for Rsa2048 Private key
+pub const MAX_KEY_MATERIAL_LENGTH: usize = 1160 * 2 + 72;
+#[cfg(any(feature = "rsa2048", feature = "rsa3072", feature = "rsa4096"))]
+// This is due to the fact that KEY_MATERIAL_LENGTH is bigger than MESSAGE_LENGTH for RSA.
+pub const MAX_MESSAGE_LENGTH: usize = 1024;
+
+#[cfg(not(any(feature = "rsa2048", feature = "rsa3072", feature = "rsa4096")))]
 pub const MAX_SIGNATURE_LENGTH: usize = 72;
+#[cfg(not(any(feature = "rsa2048", feature = "rsa3072", feature = "rsa4096")))]
+pub const MAX_KEY_MATERIAL_LENGTH: usize = 128;
+#[cfg(not(any(feature = "rsa2048", feature = "rsa3072", feature = "rsa4096")))]
+pub const MAX_MESSAGE_LENGTH: usize = 1024;
+
+// must be MAX_KEY_MATERIAL_LENGTH + 4
+pub const MAX_SERIALIZED_KEY_LENGTH: usize = MAX_KEY_MATERIAL_LENGTH + 4;
 pub const MAX_USER_ATTRIBUTE_LENGTH: usize = 256;
 
 pub const USER_ATTRIBUTE_NUMBER: u8 = 37;