Skip to content

Commit

Permalink
Use trussed-core and remove default features for trussed
Browse files Browse the repository at this point in the history
  • Loading branch information
@robin-nitrokey
robin-nitrokey committed Jan 7, 2025
1 parent a3b481d commit eb18414
Show file tree
Hide file tree
Showing 4 changed files with 32 additions and 16 deletions.
3 changes: 3 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,9 @@ SPDX-License-Identifier: CC0-1.0

[Unreleased]: https://github.com/trussed-dev/trussed-rsa-backend/compare/v0.2.0...HEAD

- Use `trussed-core` and remove default features for `trussed`.
- Add `SoftwareRsa::MECHANISMS` constant with the implemented mechanisms.

## [v0.2.1][] (2024-06-21)

[v0.2.1]: https://github.com/trussed-dev/trussed-rsa-backend/compare/v0.2.0...v0.2.1
Expand Down
6 changes: 4 additions & 2 deletions Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,8 @@ postcard = { version = "0.7", default-features = false, features = ["heapless"]
rsa = { version = "0.9", default-features = false, features = ["sha2"]}
serde = { version = "1.0.152", default-features = false, features = ["derive"] }

trussed = "0.1"
trussed = { version = "0.1", default-features = false }
trussed-core = { version = "0.1.0-rc.1", features = ["crypto-client", "rsa2048", "rsa3072", "rsa4096"] }

[dev-dependencies]
hex-literal = "0.3.4"
Expand All @@ -28,6 +29,7 @@ delog = { version = "0.1.6", features = ["std-log"] }
test-log = "0.2.11"
env_logger = "0.10.0"
rand = "0.8.5"
trussed = { version = "0.1", default-features = false, features = ["certificate-client", "clients-1", "crypto-client"] }

[features]

Expand All @@ -45,7 +47,7 @@ log-warn = []
log-error = []

[patch.crates-io]
trussed = { git = "https://github.com/Nitrokey/trussed", rev = "6b9a43fbaaf34fe8d69fac0021f8130dd9a436c9" }
trussed = { git = "https://github.com/trussed-dev/trussed.git", rev = "6bba8fde36d05c0227769eb63345744e87d84b2b" }

[profile.dev.package.rsa]
opt-level = 2
Expand Down
28 changes: 14 additions & 14 deletions src/crypto_traits.rs
View file
Original file line number Diff line number Diff line change
@@ -1,24 +1,24 @@
// Copyright (C) Nitrokey GmbH
// SPDX-License-Identifier: Apache-2.0 or MIT

use trussed::{
use trussed_core::{
api::{
reply,
request::{DeserializeKey, UnsafeInjectKey},
},
client::{ClientError, ClientResult, CryptoClient},
types::{
KeyId, KeySerialization, Location, Mechanism, SignatureSerialization, StorageAttributes,
},
ClientError, ClientResult, CryptoClient,
};

use crate::{RsaImportFormat, RsaPublicParts};

impl<C: CryptoClient> Rsa2048Pkcs1v15 for C {}

/// Helper trait to work with RSA 2048 bit keys through a [`Client`](trussed::Client)
/// Helper trait to work with RSA 2048 bit keys through a [`CryptoClient`][]
///
/// This trait is implemented by all implementors of [`CryptoClient`](trussed::client::CryptoClient)
/// This trait is implemented by all implementors of [`CryptoClient`][]
pub trait Rsa2048Pkcs1v15: CryptoClient {
fn generate_rsa2048pkcs_private_key(
&mut self,
Expand All @@ -45,13 +45,13 @@ pub trait Rsa2048Pkcs1v15: CryptoClient {

/// Serializes an RSA 2048 bit key.
///
/// The resulting [`serialized_key`](trussed::api::reply::SerializeKey::serialized_key) contains a buffer of the parts of the key
/// The resulting [`serialized_key`](trussed_core::api::reply::SerializeKey::serialized_key) contains a buffer of the parts of the key
/// as a serialized [`RsaPublicParts`](crate::RsaPublicParts):
/// ```
///# #[cfg(feature = "virt")]
///# {
///# use trussed_rsa_alloc::*;
///# use trussed::{syscall,types::Location::{Volatile,Internal}};
///# use trussed_core::{syscall,types::Location::{Volatile,Internal}};
///# virt::with_ram_client("rsa tests", |mut client| {
///# let sk = syscall!(client.generate_rsa2048pkcs_private_key(Internal)).key;
///# let pk = syscall!(client.derive_rsa2048pkcs_public_key(sk, Volatile)).key;
Expand Down Expand Up @@ -159,9 +159,9 @@ pub trait Rsa2048Pkcs1v15: CryptoClient {

impl<C: CryptoClient> Rsa3072Pkcs1v15 for C {}

/// Helper trait to work with RSA 3072 bit keys through a [`Client`](trussed::Client)
/// Helper trait to work with RSA 3072 bit keys through a [`CryptoClient`][]
///
/// This trait is implemented by all implementors of [`CryptoClient`](trussed::client::CryptoClient)
/// This trait is implemented by all implementors of [`CryptoClient`][]
pub trait Rsa3072Pkcs1v15: CryptoClient {
fn generate_rsa3072pkcs_private_key(
&mut self,
Expand All @@ -188,13 +188,13 @@ pub trait Rsa3072Pkcs1v15: CryptoClient {

/// Serializes an RSA 3072 bit key.
///
/// The resulting [`serialized_key`](trussed::api::reply::SerializeKey::serialized_key) contains a buffer of the parts of the key
/// The resulting [`serialized_key`](trussed_core::api::reply::SerializeKey::serialized_key) contains a buffer of the parts of the key
/// as a serialized [`RsaPublicParts`](crate::RsaPublicParts):
/// ```
///# #[cfg(feature = "virt")]
///# {
///# use trussed_rsa_alloc::*;
///# use trussed::{syscall,types::Location::{Volatile,Internal}};
///# use trussed_core::{syscall,types::Location::{Volatile,Internal}};
///# virt::with_ram_client("rsa tests", |mut client| {
///# let sk = syscall!(client.generate_rsa3072pkcs_private_key(Internal)).key;
///# let pk = syscall!(client.derive_rsa3072pkcs_public_key(sk, Volatile)).key;
Expand Down Expand Up @@ -302,9 +302,9 @@ pub trait Rsa3072Pkcs1v15: CryptoClient {

impl<C: CryptoClient> Rsa4096Pkcs1v15 for C {}

/// Helper trait to work with RSA 4096 bit keys through a [`Client`](trussed::Client)
/// Helper trait to work with RSA 4096 bit keys through a [`CryptoClient`][]
///
/// This trait is implemented by all implementors of [`CryptoClient`](trussed::client::CryptoClient)
/// This trait is implemented by all implementors of [`CryptoClient`][]
pub trait Rsa4096Pkcs1v15: CryptoClient {
fn generate_rsa4096pkcs_private_key(
&mut self,
Expand All @@ -331,13 +331,13 @@ pub trait Rsa4096Pkcs1v15: CryptoClient {

/// Serializes an RSA 4096 bit key.
///
/// The resulting [`serialized_key`](trussed::api::reply::SerializeKey::serialized_key) contains a buffer of the parts of the key
/// The resulting [`serialized_key`](trussed_core::api::reply::SerializeKey::serialized_key) contains a buffer of the parts of the key
/// as a serialized [`RsaPublicParts`](crate::RsaPublicParts):
/// ```
///# #[cfg(feature = "virt")]
///# {
///# use trussed_rsa_alloc::*;
///# use trussed::{syscall,types::Location::{Volatile,Internal}};
///# use trussed_core::{syscall,types::Location::{Volatile,Internal}};
///# virt::with_ram_client("rsa tests", |mut client| {
///# let sk = syscall!(client.generate_rsa4096pkcs_private_key(Internal)).key;
///# let pk = syscall!(client.derive_rsa4096pkcs_public_key(sk, Volatile)).key;
Expand Down
11 changes: 11 additions & 0 deletions src/lib.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,17 @@ pub use crypto_traits::{Rsa2048Pkcs1v15, Rsa3072Pkcs1v15, Rsa4096Pkcs1v15};
#[derive(Clone, Copy, PartialEq, Eq, PartialOrd, Ord, Debug, Default, Hash)]
pub struct SoftwareRsa;

impl SoftwareRsa {
pub const MECHANISMS: &[Mechanism] = &[
Mechanism::Rsa2048Pkcs1v15,
Mechanism::Rsa3072Pkcs1v15,
Mechanism::Rsa4096Pkcs1v15,
Mechanism::Rsa2048Raw,
Mechanism::Rsa3072Raw,
Mechanism::Rsa4096Raw,
];
}

/// The bool returned points at wether the mechanism is raw RSA
fn bits_and_kind_from_mechanism(mechanism: Mechanism) -> Result<(usize, key::Kind, bool), Error> {
match mechanism {
Expand Down

0 comments on commit eb18414

Please sign in to comment.