[KeyManager] Implement FFI for KEM and binding key generation#645
[KeyManager] Implement FFI for KEM and binding key generation#645NilanjanDaw merged 9 commits intogoogle:mainfrom
Conversation
NilanjanDaw
force-pushed
the
add-generatekem-ffi
branch
from
9a877ec to
f6f14ae
Compare
NilanjanDaw
force-pushed
the
add-generatekem-ffi
branch
2 times, most recently
from
efc963e to
1cba7cd
Compare
NilanjanDaw
force-pushed
the
add-generatekem-ffi
branch
from
1cba7cd to
3bb0553
Compare
NilanjanDaw
force-pushed
the
add-generatekem-ffi
branch
from
3bb0553 to
69706f4
Compare
NilanjanDaw
force-pushed
the
add-generatekem-ffi
branch
from
69706f4 to
13fbcf6
Compare
| if out_pubkey.is_null() || out_pubkey_len.is_null() || out_uuid.is_null() { | ||
| return -1; | ||
| } |
There was a problem hiding this comment.
Nit: Seems like all the parameter validation could be moved to the very top, I think that would make it easier to read.
There was a problem hiding this comment.
Similarly, it's good to isolate the unsafe code as much as possible so it can be easy to see where the unsafe review should be focused. This check is all safe code so it would be good to remove it from the unsafe block.
There was a problem hiding this comment.
Ack, thank you, this is a good advice. Updated the function to separate the safety checks and the business logic, and also tried to reduce the scope of the unsafe blocks.
| pub unsafe extern "C" fn key_manager_generate_kem_keypair( | ||
| algo: HpkeAlgorithm, | ||
| binding_pubkey: *const u8, | ||
| binding_pubkey_len: usize, | ||
| expiry_secs: u64, | ||
| out_uuid: *mut u8, | ||
| out_pubkey: *mut u8, | ||
| out_pubkey_len: *mut usize, | ||
| ) -> i32 { |
There was a problem hiding this comment.
Right now this function is mixing business logic & FFI safety invariants.
I recommend checking safety invariants (null ptr, buffer size, etc) in this function, converting it into safe types, and calling a safe function that operates on the sanitized data.
That will reduce the surface area of this FFI boundary.
There was a problem hiding this comment.
Thank you, make sense, updated the function to separate the safety checks and the business logic, and also tried to reduce the scope of the unsafe blocks.
| pub unsafe extern "C" fn key_manager_generate_binding_keypair( | ||
| algo: HpkeAlgorithm, | ||
| expiry_secs: u64, | ||
| out_uuid: *mut u8, | ||
| out_pubkey: *mut u8, | ||
| out_pubkey_len: *mut usize, | ||
| ) -> i32 { |
There was a problem hiding this comment.
Same comment on mixing business & validation logic
There was a problem hiding this comment.
Thank you, make sense, updated the function to separate the safety checks and the business logic, and also tried to reduce the scope of the unsafe blocks.
| if out_pubkey.is_null() || out_pubkey_len.is_null() || out_uuid.is_null() { | ||
| return -1; | ||
| } |
There was a problem hiding this comment.
Similarly, it's good to isolate the unsafe code as much as possible so it can be easy to see where the unsafe review should be focused. This check is all safe code so it would be good to remove it from the unsafe block.
There was a problem hiding this comment.
This same file shows up as new in #643. Similar to other core files. Makes it a bit hard to keep track of which feedback has been given.
There was a problem hiding this comment.
My apologies. The PRs are stacked which is making the diff difficult to review. The parent PR has been merged. So this one should now be easier to review.
Introduces FFI-accessible functions for generating and managing
cryptographic keys within the Key Protection Service (KPS) and
Workload Service (WS).
Key Changes:
- FFI Compatibility: Configured prost_build in km_common to apply
#[repr(C)] to the HpkeAlgorithm struct, enabling its use in C-style
interfaces.
- Key Generation Logic: Added create_key_record in km_common to
centralize secure keypair generation (X25519), ensuring private keys
are immediately moved to secure Vault storage and zeroized from
temporary memory.
- Key Management: Implemented KeyRegistry and a global registry instance
in both KPS and WS to track generated keys by UUID.
- FFI Exports:
- Added key_manager_generate_kem_keypair to KPS for generating
KEM keys with associated binding public keys.
- Added key_manager_generate_binding_keypair to WS for generating
standard binding keys.
- Testing: Added comprehensive unit tests for FFI functions, including
error handling for invalid algorithms and null pointers.
Extend both key_manager_generate_binding_keypair (WSD KCC) and key_manager_generate_kem_keypair (KPS KCC) to also output the public key via out_pubkey/out_pubkey_len parameters. This enables the Go orchestration layer to pass the binding public key from WSD to KPS when generating KEM keypairs. Changes: - Rust FFI: add out_pubkey and out_pubkey_len params to both functions - Updated Rust tests for new signatures
- Updated FFI layers in key_protection_service and workload_service to use PublicKey::try_from and as_bytes(). - Refactored create_key_record to use PrivateKey::into_secret() for secure transition to protected memory. - Added into_secret() to PrivateKey and X25519PrivateKey to facilitate secure ownership transfer of key material. - Cleaned up unused zeroize imports and duplicate tests in km_common. - Made X25519PublicKey internal field pub(crate) for internal module compatibility.
NilanjanDaw
force-pushed
the
add-generatekem-ffi
branch
from
13fbcf6 to
74e1d5a
Compare
| /// X25519-based public key implementation. | ||
| #[derive(Debug, Clone, PartialEq, Eq)] | ||
| pub struct X25519PublicKey([u8; 32]); | ||
| pub struct X25519PublicKey(pub(crate) [u8; 32]); |
There was a problem hiding this comment.
BTW, the spec calls for sanitizing the public key in 7.1.2.
This is already being done by BoringSSL, correct?
5 participants
Introduces FFI-accessible functions for generating and managing cryptographic keys within the Key Protection Service (KPS) and Workload Service (WS).
Key Changes:
prost_buildin km_common to apply#[repr(C)]to theHpkeAlgorithmstruct, enabling its use in C-style interfaces.KeyRegistryand a global registry instance in both KPS and WS to track generated keys by UUID.key_manager_generate_kem_keypairto KPS for generating KEM keys with associated binding public keys.key_manager_generate_binding_keypairto WS for generating standard binding keys.This PR is built on top of PR #643 [KeyManager] Add HPKE and DHKEM crypto primitives.
Please review commit #38731051 onwards