Pkcs#11 services through OP-TEE SKS TA #121
Conversation
libsks/include/pkcs11.h
Outdated
| @@ -0,0 +1,265 @@ | |||
| /* Copyright (c) OASIS Open 2016. All Rights Reserved./ | |||
There was a problem hiding this comment.
Looks like the OASIS IPR Policy is not registered to SPDX.
Tricky...
There was a problem hiding this comment.
I think i will go another way.
The opencryptoki project includes a package (opencryptoki) that proposes a pkcs11 cryptoki header under the creative commons license, here.
The header file reflects a slightly older pkcs11 and must be updated with more recent IDs and few crypto parameter structures. From license view, it is more suitable for a project like the OP-TEE. @jenswi-linaro, @jforissier, what do you think?
There was a problem hiding this comment.
[It is the "Common Public License, version 1.0 (CPL-1.0)", SPDX identifier "CPL-1.0". Nothing to do with the Creative Commons licenses AFAICT.]
I think we may have a problem with sections 2.a and 3.a.iv of https://spdx.org/licenses/CPL-1.0.html (source code).
There was a problem hiding this comment.
yes, CPL-1.0, thanks for fixing. From wikipedia, CPL-1.0 is not a good choice.
CPL lacks compatibility with both versions of the GPL because it has a "choice of law" section in section 7, which restricts legal disputes to a certain court. Another source of incompatibility is the differing copyleft requirements. [2]
Rewrite from scratch based on the specs?
libsks/include/pkcs11.h
Outdated
| */ | ||
| #include "pkcs11t.h" | ||
|
|
||
| #define __PASTE(x,y) x##y |
There was a problem hiding this comment.
Rename to __JOIN (or __CONCATENATE) might better describe what this actually does?
Yes, same IDs, labels, structures and prototypes... |
|
Pushed proposal for a new pkcs11.h header file implementation. |
Implement pkcs11.h header file that partially covers the PKCS#11 specification. Resources initially planned to be supported are defined. The header will need to be updated with remaining PKCS#11 definition when related support will be implemented. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Define the few platform macros expected by the cryptolib header files. Initial source file: the API functions from pkcs11_api.c. Build from Makefile or from CMake. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
LOG_ERROR(), LOG_INFO, LOG_DEBUG() currently all calling printf(). ASSERT() exits process on error. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
PKCS#11 specifies library must be initialized prior being used but for 2 APIs: C_Initialize and C_GetFunctionList. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
|
Comments addressed and squashed. |
libsks/src/local_utils.h
Outdated
| #include <stdio.h> | ||
| #include <stdlib.h> | ||
|
|
||
| #define ASSERT(cond) \ |
There was a problem hiding this comment.
Why not use assert() from <assert.h> directly?
libsks/src/pkcs11_api.c
Outdated
| /* | ||
| * Copyright (c) 2017, Linaro Limited | ||
| * | ||
| * SPDX-License-Identifier: BSD-2-Clause |
There was a problem hiding this comment.
// SPDX-License-Identifier: BSD-2-Clause on first line? (should we follow the same rules as in optee_os?)
There was a problem hiding this comment.
not mandated but ok.
libsks/src/pkcs11_api.c
Outdated
| do { \ | ||
| if (!ptr) \ | ||
| return CKR_ARGUMENTS_BAD; \ | ||
| } while (0) |
There was a problem hiding this comment.
Bad idea as per https://www.kernel.org/doc/html/v4.10/process/coding-style.html#macros-enums-and-rtl "Macros that affect control flow".
There was a problem hiding this comment.
ok, i will go another way. thanks to point out.
Makefile
Outdated
| @@ -129,3 +137,6 @@ copy_export: build | |||
| cp -a ${O}/libteec/libteec.a $(DESTDIR)$(LIBDIR) | |||
| cp ${O}/tee-supplicant/tee-supplicant $(DESTDIR)$(BINDIR) | |||
| cp public/*.h $(DESTDIR)$(INCLUDEDIR) | |||
| cp libsks/include/*.h $(DESTDIR)$(INCLUDEDIR) | |||
| cp -a ${O}/libsks/liboptee_cryptoki.so* $(DESTDIR)$(LIBDIR) | |||
There was a problem hiding this comment.
The fact that the library is not called libsks, or rather, that the targets build-libsks and clean-libsks are not called build-liboptee_cryptoki and clean-liboptee_cryptoki, is mildly disturbing. It diverges from libteec.
There was a problem hiding this comment.
true. better be cleaned now. yet it find name libsks a bit short for a quite specific library (optee/pkcs11).
True. I have split initial work into smaller change too easy review. Maybe too much... |
Rename library optee_cryptoki into library sks. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Fix CMake script for header files to no install the CMakeLists.txt file. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
|
all comments not addressed yet. in progress... |
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Do not use BIT. Some components as xtest build with an util.h from optee_os that defines macro BIT() whereas other components can build libsks (and libteec, ...) without relynig on a prebuilt optee_os that provides such util.h. As a consequence, use (1U << pos) rather than BIT(pos) in the code. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Remove ASSERT(). Will use the generic assert() from assert.h when needed. Fix notice. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
fix notice Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
|
Comments addressed, but the one about squashing all the commits into a single one. |
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
libsks/src/pkcs11_api.c
Outdated
|
|
||
| static int inited; | ||
|
|
||
| static int sanity_lib_init(void) |
There was a problem hiding this comment.
Remove. This function sounds like it initializes the library, but actually it does not (C_Initialize() does).
libsks/src/pkcs11_api.c
Outdated
| return inited == 0; | ||
| } | ||
|
|
||
| static int sanity_nonnull_ptr(void *ptr) |
libsks/src/pkcs11_api.c
Outdated
| { | ||
| (void)res; | ||
|
|
||
| if (sanity_lib_init()) |
There was a problem hiding this comment.
if (!inited)
What about thread safety? Is the API supposed to be thread-safe?
There was a problem hiding this comment.
Yes but I would rather postpone this issue to later...
libsks/src/pkcs11_api.c
Outdated
| CK_RV C_GetFunctionList(CK_FUNCTION_LIST_PTR_PTR ppFunctionList) | ||
| { | ||
| /* Note: no need to call sanity_lib_init() here */ | ||
| if (sanity_nonnull_ptr(ppFunctionList)) |
Drop sanity_lib_init()/sanity_nonnull_ptr() in favor to inline instructions. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
| /* Argument currently unused */ | ||
| (void)args; | ||
|
|
||
| if (lib_inited) |
There was a problem hiding this comment.
inited? What about ...initiated? Some comment for the other places further down.
|
Besides a minor suggestion, I think this looks good. Then we have the golden question, whether to merge something in the middle of being developed or not. It would be nice to live up to "submit early and often" and get pieces of the complete implementation merged, one by one ... @OP-TEE/linaro thoughts? |
|
@jbech-linaro generally speaking, my opinion is we should "submit early and often" but into a separate branch, until the code actually provides a real service or at least can be somewhat tested. If I understand correctly, it is the case for this PKCS#11 stuff already? |
|
@jforissier, yes this P-R comes with related P-R in optee_os and optee_test and do provide some test materials. All these P-R rely on configuration directive |
|
@etienne-lms all good then, thanks. I will take all this as soon as 3.2.0 is out, which may be in a couple of days or so (I'd like to better understand OP-TEE/optee_os#2414 and OP-TEE/optee_os#2437). |
|
@jforissier, fine with me. |
|
Superseded by #138. |
This changes introduces an implementation of the Pkcs#11 Cryptoki library that interface a specific trusted application in the secure side.
This P-R implements the basics for the client library. The effective implementation of the services will come later.
This P-R does not introduce the TA API itself that is being reviewed through OP-TEE/optee_os#2342. The client lib will integrate the TA API once its is approved and merged.