-
Notifications
You must be signed in to change notification settings - Fork 97
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
429: sgxs crate changes to enable offline signing r=[Pagten] a=arai-fortanix This change adds new interfaces to the `sgxs` crate to make it possible to sign enclaves separately from creating the sigstructs. This is useful, for example, for performing signing via an HSM. The first two commits in this sequence come from this pull request from ravenac95: #327. I did not include the changes to the command-line sgx-sign tool from that pull request. I think we can have a separate discussion about whether we want to support that model. The library changes should be less controversial. I also included a change to expose the hash bytes from an EnclaveHash object. That comes from #341 from trevor-crypto. This change should be backward-compatible with old code using this crate. New code that wants to use the new `cat_sign()` method and is using a custom key implementation will need to provide the new `SgxRsaPubOps()` trait for calculating the Q1 and Q2 values from a signature, instead of doing this during signing. Co-authored-by: Reuven V. Gonzales <reuven@oasislabs.com> Co-authored-by: Daniel Arai <daniel@fortanix.com>
- Loading branch information
Showing
5 changed files
with
123 additions
and
37 deletions.
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
# Version 0.7.4 - 2022-12-21 | ||
|
||
## New Features | ||
- Refactored the signing APIs to permit signatures to be generated separately (for example using an HSM). | ||
The way to use this new functionality is to construct a Sigstruct as usual and call | ||
`sigstruct.unsigned_hash()` to produce the hash that must be signed externally. Once the signature is | ||
available, reconstruct the sigstruct and call `sigstruct.cat_sign()` with the signature to get the signed | ||
and populated Sigstruct. | ||
- If you are using a custom key implementation, you will need to implement the new `SgxRsaPubOps()` | ||
trait for your key. This trait must provide a `calculate_q1_q2()` method that calculates the q1 and q2 | ||
values for a given signature. The q1 and q2 calculation is the same as for the existing | ||
`sign_sha256_pkcs1v1_5_with_q1_q2()` method, but the `calculate_q1_q2()` method takes the signature | ||
as a parameter instead of creating the signature. | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters