fixup ecdsa signer implementation

Signed-off-by: Arthur Gautier <[email protected]>

Author: baloo

Cargo.lock

@@ -19,7 +19,7 @@ p256 = { version = "0.13.2", features = ["pkcs8"] }
 p384 = { version = "0.13.0", features = ["pkcs8"] }
 k256 = { version = "0.13.2", features = ["pkcs8"] }
 rsa = "0.9.6"
-signature = { version = "2.2.0", features = ["digest"] }
+signature = { version = "2.2.0", features = ["derive", "digest"] }
 sha1 = { version = "0.10", features = ["oid"] }
 sha2 = { version = "0.10", features = ["oid"] }
 spki = "0.7.3"

cryptoki-rustcrypto/Cargo.toml

@@ -19,7 +19,7 @@ use ecdsa::{
     hazmat::DigestPrimitive,
     PrimeCurve, Signature, VerifyingKey,
 };
-use signature::digest::Digest;
+use signature::{digest::Digest, DigestSigner};
 use spki::{
     AlgorithmIdentifier, AlgorithmIdentifierRef, AssociatedAlgorithmIdentifier,
     SignatureAlgorithmIdentifier,
@@ -103,6 +103,7 @@ impl_sign_algorithm!(p256::NistP256);
 impl_sign_algorithm!(p384::NistP384);
 impl_sign_algorithm!(k256::Secp256k1);
 
+#[derive(signature::Signer)]
 pub struct Signer<C: SignAlgorithm, S: SessionLike> {
     session: S,
     private_key: ObjectHandle,
@@ -177,12 +178,12 @@ impl<C: SignAlgorithm, S: SessionLike> signature::Keypair for Signer<C, S> {
     }
 }
 
-impl<C: SignAlgorithm, S: SessionLike> signature::Signer<Signature<C>> for Signer<C, S>
+impl<C: SignAlgorithm, S: SessionLike> DigestSigner<C::Digest, Signature<C>> for Signer<C, S>
 where
     <<C as ecdsa::elliptic_curve::Curve>::FieldBytesSize as Add>::Output: ArrayLength<u8>,
 {
-    fn try_sign(&self, msg: &[u8]) -> Result<Signature<C>, signature::Error> {
-        let msg = C::Digest::digest(msg);
+    fn try_sign_digest(&self, digest: C::Digest) -> Result<Signature<C>, signature::Error> {
+        let msg = digest.finalize();
 
         let bytes = self
             .session
@@ -208,3 +209,18 @@ where
     const SIGNATURE_ALGORITHM_IDENTIFIER: AlgorithmIdentifierRef<'static> =
         Signature::<C>::ALGORITHM_IDENTIFIER;
 }
+
+impl<C: SignAlgorithm, S: SessionLike> DigestSigner<C::Digest, ecdsa::der::Signature<C>>
+    for Signer<C, S>
+where
+    ecdsa::der::MaxSize<C>: ArrayLength<u8>,
+    <FieldBytesSize<C> as Add>::Output: Add<ecdsa::der::MaxOverhead> + ArrayLength<u8>,
+    Self: DigestSigner<C::Digest, Signature<C>>,
+{
+    fn try_sign_digest(
+        &self,
+        digest: C::Digest,
+    ) -> Result<ecdsa::der::Signature<C>, signature::Error> {
+        DigestSigner::<C::Digest, Signature<C>>::try_sign_digest(self, digest).map(Into::into)
+    }
+}

cryptoki-rustcrypto/src/ecdsa.rs

@@ -65,7 +65,7 @@ fn sign_verify() -> TestResult {
     let signer =
         ecdsa::Signer::<p256::NistP256, _>::new(&session, label).expect("Lookup keys from HSM");
 
-    let signature = signer.sign(&data);
+    let signature: p256::ecdsa::Signature = signer.sign(&data);
 
     let verifying_key = signer.verifying_key();
     verifying_key.verify(&data, &signature)?;

cryptoki-rustcrypto/tests/ecdsa.rs

@@ -5,9 +5,15 @@ mod common;
 
 use crate::common::USER_PIN;
 use common::init_pins;
-use cryptoki::{mechanism::Mechanism, object::Attribute, session::UserType, types::AuthPin};
-use cryptoki_rustcrypto::rsa::pss;
-use der::{pem::LineEnding, EncodePem};
+use cryptoki::{
+    mechanism::Mechanism,
+    object::{Attribute, KeyType},
+    session::UserType,
+    types::AuthPin,
+};
+use cryptoki_rustcrypto::{ecdsa, rsa::pss};
+use der::{pem::LineEnding, Encode, EncodePem};
+use p256::pkcs8::AssociatedOid;
 use serial_test::serial;
 use signature::Keypair;
 use spki::SubjectPublicKeyInfoOwned;
@@ -80,3 +86,69 @@ fn pss_create_ca() -> TestResult {
 
     Ok(())
 }
+
+#[test]
+#[serial]
+fn ecdsa_create_ca() -> TestResult {
+    let (pkcs11, slot) = init_pins();
+
+    // open a session
+    let session = pkcs11.open_rw_session(slot)?;
+
+    // log in the session
+    session.login(UserType::User, Some(&AuthPin::new(USER_PIN.into())))?;
+
+    // get mechanism
+    let mechanism = Mechanism::EccKeyPairGen;
+
+    let secp256r1_oid: Vec<u8> = p256::NistP256::OID.to_der().unwrap();
+
+    let label = b"demo-signer";
+
+    // pub key template
+    let pub_key_template = vec![
+        Attribute::Token(true),
+        Attribute::Private(false),
+        Attribute::KeyType(KeyType::EC),
+        Attribute::Verify(true),
+        Attribute::EcParams(secp256r1_oid.clone()),
+        Attribute::Label(label.to_vec()),
+    ];
+
+    // priv key template
+    let priv_key_template = vec![
+        Attribute::Token(true),
+        Attribute::Private(true),
+        Attribute::Sign(true),
+        Attribute::Label(label.to_vec()),
+    ];
+
+    // generate a key pair
+    let (public, private) =
+        session.generate_key_pair(&mechanism, &pub_key_template, &priv_key_template)?;
+
+    let signer =
+        ecdsa::Signer::<p256::NistP256, _>::new(&session, label).expect("Lookup keys from HSM");
+
+    let serial_number = SerialNumber::from(42u32);
+    let validity = Validity::from_now(Duration::new(5, 0)).unwrap();
+    let profile = Profile::Root;
+    let subject =
+        Name::from_str("CN=World domination corporation,O=World domination Inc,C=US").unwrap();
+    let pub_key = SubjectPublicKeyInfoOwned::from_key(signer.verifying_key()).unwrap();
+
+    let builder =
+        CertificateBuilder::new(profile, serial_number, validity, subject, pub_key, &signer)
+            .expect("Create certificate");
+
+    let certificate = builder.build::<p256::ecdsa::DerSignature>().unwrap();
+
+    let pem = certificate.to_pem(LineEnding::LF).expect("generate pem");
+    println!("{}", pem);
+
+    // delete keys
+    session.destroy_object(public)?;
+    session.destroy_object(private)?;
+
+    Ok(())
+}

cryptoki-rustcrypto/tests/x509-ca.rs

@@ -752,6 +752,7 @@ fn aes_key_attributes_test() -> TestResult {
         Attribute::Class(ObjectClass::SECRET_KEY),
         Attribute::Token(true),
         Attribute::Sensitive(true),
+        Attribute::Value(vec![0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f]),
         Attribute::ValueLen(16.into()),
         Attribute::KeyType(KeyType::AES),
         Attribute::Label(b"testAES".to_vec()),