You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Add a simple C example to the "Hello, Parsec" demo suite.
Details
A C example would need to look slightly different from the other examples, all of which use a named key to perform RSA decryption of an input string. This pattern cannot be replicated in C, because there is no C interface to Parsec that understands Parsec's notion of named keys. It is therefore not possible to write a C Parsec program that uses a named key that was provisioned in advance using something like the parsec-tool, which is the general pattern of this demo. A C example would need to provision and use its own key and then delete it again at the end. A good starting point would be to copy/paste code from the test suite of the Parsec SE driver here: https://github.com/parallaxsecond/parsec-se-driver/tree/main/ci/c-tests - although this example actually performs an ECC signature, it could trivially be reworked to do the same kind of RSA workflow that the other demos are doing.
The text was updated successfully, but these errors were encountered:
It is therefore not possible to write a C Parsec program that uses a named key that was provisioned in advance using something like the parsec-tool, which is the general pattern of this demo.
There could be a way, but it depends on authentication mechanism. If the service is using Unix Domain Socket Peer Credentials, then you can just use the Parsec tool to generate a key with the "appropriate" name, and have the C application use it directly. I've not tried this, I think - it won't work if Mbed Crypto stores some of its own metadata for the key when creating/importing it.
It is therefore not possible to write a C Parsec program that uses a named key that was provisioned in advance using something like the parsec-tool, which is the general pattern of this demo.
There could be a way, but it depends on authentication mechanism. If the service is using Unix Domain Socket Peer Credentials, then you can just use the Parsec tool to generate a key with the "appropriate" name, and have the C application use it directly. I've not tried this, I think - it won't work if Mbed Crypto stores some of its own metadata for the key when creating/importing it.
Yes, that's possible, but it relies on an undocumented mapping that is essentially an implementation detail of the Parsec SE driver. This isn't something I would want to showcase in example/demo code, unless we were to take the decision to formalise and document this mapping, and perhaps also make it configurable. I think there might be some discussions in Slack on this topic.
Summary
Add a simple C example to the "Hello, Parsec" demo suite.
Details
A C example would need to look slightly different from the other examples, all of which use a named key to perform RSA decryption of an input string. This pattern cannot be replicated in C, because there is no C interface to Parsec that understands Parsec's notion of named keys. It is therefore not possible to write a C Parsec program that uses a named key that was provisioned in advance using something like the
parsec-tool
, which is the general pattern of this demo. A C example would need to provision and use its own key and then delete it again at the end. A good starting point would be to copy/paste code from the test suite of the Parsec SE driver here: https://github.com/parallaxsecond/parsec-se-driver/tree/main/ci/c-tests - although this example actually performs an ECC signature, it could trivially be reworked to do the same kind of RSA workflow that the other demos are doing.The text was updated successfully, but these errors were encountered: