Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

js: Add ccf.crypto.verifySignature #2661

Merged
merged 11 commits into from
Jun 23, 2021
Merged

js: Add ccf.crypto.verifySignature #2661

merged 11 commits into from
Jun 23, 2021

Conversation

letmaik
Copy link
Member

@letmaik letmaik commented Jun 14, 2021

@letmaik letmaik requested a review from a team as a code owner June 14, 2021 18:26
@ghost
Copy link

ghost commented Jun 14, 2021
edited by ghost
Loading

letmaik/js-verify-signature@27736 aka 20210623.8 vs main ewma over 20 builds from 27398 to 27730

Click to see table
build_id build_number sb_sgx_cft^ sb_sgx_cft_mem sb_sgx_bft^ sb_sgx_bft_mem sb_ws_sgx_cft^ sb_ws_sgx_cft_mem sb_sig_sgx_cft^ sb_sig_sgx_cft_mem tpcc_sgx_cft^ tpcc_sgx_cft_mem tpcc_sgx_bft^ tpcc_sgx_bft_mem ls_sgx_cft^ ls_sgx_cft_mem ls_ws_sgx_cft^ ls_ws_sgx_cft_mem ls_jwt_sgx_cft^ ls_jwt_sgx_cft_mem ls_js_sgx_cft^ ls_js_sgx_cft_mem ls_full_js_sgx_cft^ ls_full_js_sgx_cft_mem ls_js_jwt_sgx_cft^ ls_js_jwt_sgx_cft_mem CHAMP put (/s)^ CHAMP get (/s)^
27398 20210617.38 28978.5 1.29803e+07 13397.5 3.94568e+07 32400.8 1.32424e+07 4881.5 1.03588e+07 6505.31 9.13613e+07 nan nan 21626.4 1.74367e+07 27713.2 1.76989e+07 3710.56 1.35046e+07 2341.34 9.04813e+06 1901.05 1.0621e+07 1575.85 8.52384e+06 1.33073e+06 3.63121e+07
27400 20210618.1 23319.7 1.27181e+07 13716.3 4.05054e+07 32676.6 1.32424e+07 5381.21 1.03588e+07 6634.55 9.29342e+07 nan nan 20898.3 1.74367e+07 28333 1.76989e+07 3928.85 1.4291e+07 2272.46 9.04813e+06 1893.3 8.52384e+06 1616.77 7.73741e+06 1.30921e+06 3.62478e+07
27434 20210618.11 26281.1 1.27181e+07 13486.3 3.94568e+07 30636.8 1.32424e+07 4466.22 1.08831e+07 6465.44 9.08371e+07 nan nan 21674.4 1.74367e+07 28251.4 1.76989e+07 3940.11 1.50774e+07 2343.26 9.04813e+06 1961.99 8.2617e+06 1587.13 8.2617e+06 1.33489e+06 3.59298e+07
27457 20210618.18 26779.7 1.29803e+07 13604 3.91947e+07 31809 1.29803e+07 4996.44 1.0621e+07 6490.61 9.18856e+07 nan nan 23808.5 1.74367e+07 27055.4 1.7961e+07 4133.94 1.50774e+07 2289.45 9.04813e+06 1903.33 1.11453e+07 1547.32 8.2617e+06 1.34171e+06 3.56794e+07
27486 20210618.27 28669.5 1.29803e+07 12433.5 3.9719e+07 28374.4 1.35046e+07 4860.31 1.03588e+07 6432.72 9.24099e+07 nan nan 23710.1 1.74367e+07 28888.6 1.76989e+07 3992.35 1.48153e+07 2358.4 1.14074e+07 1889.85 1.14074e+07 1550.27 8.52384e+06 1.34922e+06 3.5189e+07
27530 20210618.41 28496.4 1.29803e+07 13516.8 3.7884e+07 34500.9 1.32424e+07 4960.54 1.03588e+07 6678.27 9.10992e+07 3138.65 2.11685e+08 22894.7 1.74367e+07 28325.7 1.76989e+07 4350.33 1.50774e+07 2241.58 9.04813e+06 1848.94 1.08831e+07 1616.08 8.2617e+06 1.33402e+06 3.5993e+07
27539 20210618.43 23262.8 1.29803e+07 14179 3.76218e+07 32969.3 1.32424e+07 4993.19 1.03588e+07 6100.69 9.24099e+07 2755.67 2.22695e+08 21093.8 1.71746e+07 28617.2 1.7961e+07 3970.49 1.4291e+07 2688.34 1.00967e+07 2386.3 1.19317e+07 1658 8.78598e+06 1.34789e+06 3.62478e+07
27545 20210618.45 26224.4 1.29803e+07 13671.7 3.91947e+07 34155.5 1.35046e+07 4877.06 1.08831e+07 6366.98 9.34585e+07 2956.3 2.18763e+08 21176.4 1.74367e+07 27288.2 1.76989e+07 4352.98 1.48153e+07 2695.62 9.83456e+06 2587.12 9.31027e+06 1691.99 8.52384e+06 1.33072e+06 3.63114e+07
27565 20210618.50 23122.2 1.27181e+07 13566 4.10297e+07 31190.9 1.29803e+07 5385.6 1.03588e+07 6513.72 9.29342e+07 2866.62 2.18239e+08 22367 1.71746e+07 27449.9 1.76989e+07 4049.33 1.45532e+07 2510.6 9.31027e+06 2619.82 9.31027e+06 1710.51 8.78598e+06 1.33194e+06 3.67025e+07
27567 20210621.1 29114.1 1.32424e+07 13542.4 3.89325e+07 33523.5 1.35046e+07 5386.26 1.00967e+07 6560.04 9.26721e+07 2934.69 2.11948e+08 23607.9 1.76989e+07 29179.5 1.76989e+07 4187.19 1.50774e+07 2450.94 9.83456e+06 2635.42 1.21939e+07 1633.68 8.2617e+06 1.37624e+06 3.69675e+07
27592 20210621.7 24992.5 1.27181e+07 14436.4 4.26026e+07 33652.3 1.32424e+07 4813.29 1.2456e+07 6465.04 9.10992e+07 2962.84 2.18501e+08 21979.7 1.71746e+07 27942.1 1.76989e+07 4044.18 1.48153e+07 2479.56 9.31027e+06 2427.09 9.57242e+06 1681.84 8.2617e+06 1.33029e+06 3.62478e+07
27602 20210621.10 28972.1 1.29803e+07 13383.6 4.41754e+07 30523.7 1.32424e+07 5359.74 1.03588e+07 6645.99 9.16235e+07 2896.45 2.19025e+08 23790 1.71746e+07 27004.3 1.7961e+07 4001.19 1.45532e+07 2753.29 9.57242e+06 2504.37 9.57242e+06 1687.63 8.52384e+06 1.33228e+06 3.62478e+07
27618 20210621.14 25938.1 1.29803e+07 14544.3 6.75062e+07 34421.1 1.32424e+07 4952.05 1.00967e+07 6655.15 9.31964e+07 3036.77 2.06967e+08 22433.4 1.74367e+07 29367.7 1.76989e+07 4358.02 1.45532e+07 2656.25 9.57242e+06 2565.75 9.31027e+06 1751.71 8.2617e+06 1.3315e+06 3.55556e+07
27622 20210622.1 29626.7 1.29803e+07 13930.7 3.89325e+07 32714.3 1.29803e+07 5399.79 1.03588e+07 6803.61 9.03128e+07 3144.88 2.09588e+08 21681.9 1.74367e+07 28578.1 1.76989e+07 4165.17 1.50774e+07 2645.52 9.83456e+06 2535.38 9.31027e+06 1724.5 8.2617e+06 1.32086e+06 3.62478e+07
27654 20210622.11 28531 1.27181e+07 14047 4.07676e+07 34992.2 1.35046e+07 5451.23 1.03588e+07 6692.45 9.18856e+07 2976.82 2.18763e+08 22590.1 1.74367e+07 29180.5 1.82232e+07 4026.66 1.4291e+07 2622.24 9.83456e+06 2484.93 9.31027e+06 1638.36 8.52384e+06 1.34181e+06 3.62478e+07
27671 20210622.15 29160.4 1.29803e+07 14366.5 4.02433e+07 34585.5 1.35046e+07 5199.42 1.08831e+07 6249.49 9.13613e+07 3228.17 1.90976e+08 22400.8 1.74367e+07 28903.1 1.76989e+07 4101.63 1.48153e+07 2675.11 1.35046e+07 2592.53 9.31027e+06 1686.41 8.52384e+06 1.30796e+06 3.63121e+07
27684 20210622.18 26872.6 1.29803e+07 13398.8 4.02433e+07 32296.3 1.32424e+07 4888.89 1.08831e+07 6398.08 9.21478e+07 3201.38 1.94646e+08 21492.1 1.74367e+07 27271.7 1.76989e+07 3881.27 1.40289e+07 2764.65 1.37667e+07 2550.98 9.31027e+06 1720.25 8.52384e+06 1.314e+06 3.63121e+07
27709 20210623.1 26203.3 1.27181e+07 13536.3 3.7884e+07 34486.2 1.35046e+07 5557.39 1.0621e+07 6688.13 9.18856e+07 2739.44 2.29773e+08 20886.6 1.74367e+07 27961.3 1.7961e+07 3903.87 1.50774e+07 2542.43 1.2456e+07 2589.42 9.31027e+06 1754.83 8.52384e+06 1.31467e+06 3.69675e+07
27719 20210623.3 26373.6 1.27181e+07 14567.5 6.01662e+07 32036.1 1.32424e+07 4863.06 1.03588e+07 6423.1 9.39828e+07 2685.65 2.18239e+08 22296.3 1.76989e+07 26388.2 1.74367e+07 3962.71 1.40289e+07 2662.59 9.83456e+06 2449.34 9.57242e+06 1719.92 8.52384e+06 1.34031e+06 3.5993e+07
27730 20210623.7 28703.6 1.29803e+07 14235 3.9719e+07 32335.3 1.32424e+07 4922.07 1.03588e+07 6377.56 9.18856e+07 2763.34 2.25841e+08 21780.9 1.74367e+07 28503.5 1.7961e+07 4219.72 1.48153e+07 2696.41 9.31027e+06 2559.83 9.57242e+06 1755.1 8.52384e+06 1.34005e+06 3.56174e+07

images

achamayou
achamayou reviewed Jun 16, 2021
View reviewed changes
js/ccf-app/src/crypto.ts Outdated Show resolved Hide resolved
achamayou
achamayou reviewed Jun 16, 2021
View reviewed changes
tests/infra/crypto.py Outdated Show resolved Hide resolved
achamayou
achamayou reviewed Jun 18, 2021
View reviewed changes
js/ccf-app/src/global.ts
@@ -251,6 +263,25 @@ export interface CCF {
*/
isValidX509CertChain(chain: string, trusted: string): boolean;

crypto: {
/**
* Returns whether digital signature is valid.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would be good to list the RSA key sizes and EC curve names this supports for clarity, either here or in the definitions of the SigningAlgorithm interfaces.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is no restriction on the RSA key sizes or EC curves. Anything that OE-OpenSSL supports will work. The only limitation is in the supported digest algorithms which is already a TypeScript type and self-documented. I'd like to extend that from SHA-256 eventually to SHA-384 but want to do it across the board, so including ccf.digest(), and currently CCF doesn't have native SHA-384 digest support.
I found https://github.com/openenclave/openenclave/blob/master/docs/OpenSSLSupport.md but it's not that useful.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok, thank you.

achamayou
achamayou approved these changes Jun 18, 2021
View reviewed changes
Copy link
Member

@achamayou achamayou left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@letmaik thank you for this useful API addition. Since this is making new functionality available to users, could you please document it in the Changelog?

@letmaik
Copy link
Member Author

letmaik commented Jun 23, 2021

If this PR is ok I'd like to get it merged and if possible kick off a dev release to consume it together with the new bytecode cache feature.

@letmaik letmaik changed the title js: Add ccf.verifySignature js: Add ccf.crypto.verifySignature Jun 23, 2021
@achamayou achamayou requested a review from a team June 23, 2021 10:16
@letmaik letmaik merged commit c5c85ff into microsoft:main Jun 23, 2021
@letmaik letmaik deleted the letmaik/js-verify-signature branch June 23, 2021 10:17
@letmaik letmaik mentioned this pull request Jun 25, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@achamayou achamayou achamayou approved these changes

@wintersteiger wintersteiger Awaiting requested review from wintersteiger

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@letmaik @achamayou @wintersteiger