Use indirection to implement the default KeyStore
This commit is contained in:
Julien Cretin
@@ -50,7 +50,10 @@ pub struct Error;
|
||||
/// Key of the environment store reserved for the key store.
|
||||
pub const STORE_KEY: usize = 2046;
|
||||
|
||||
impl<T: Env> KeyStore for T {
|
||||
/// Implements a default key store using the environment rng and store.
|
||||
pub trait Helper: Env {}
|
||||
|
||||
impl<T: Helper> KeyStore for T {
|
||||
fn key_handle_encryption(&mut self) -> Result<[u8; 32], Error> {
|
||||
Ok(get_master_keys(self)?.encryption)
|
||||
}
|
||||
@@ -114,8 +117,12 @@ impl From<StoreError> for Error {
|
||||
}
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_key_store() {
|
||||
#[cfg(test)]
|
||||
mod test {
|
||||
use super::*;
|
||||
|
||||
#[test]
|
||||
fn test_key_store() {
|
||||
let mut env = crate::env::test::TestEnv::new();
|
||||
let key_store = env.key_store();
|
||||
|
||||
@@ -133,9 +140,10 @@ fn test_key_store() {
|
||||
let ecdsa_key = key_store.derive_ecdsa(&ecdsa_seed).unwrap();
|
||||
assert_eq!(key_store.derive_ecdsa(&ecdsa_seed), Ok(ecdsa_key));
|
||||
|
||||
// Master keys change after reset. We don't require this for ECDSA seeds because it's not the
|
||||
// case, but it might be better.
|
||||
// Master keys change after reset. We don't require this for ECDSA seeds because it's not
|
||||
// the case, but it might be better.
|
||||
key_store.reset().unwrap();
|
||||
assert!(key_store.key_handle_encryption().unwrap() != encryption_key);
|
||||
assert!(key_store.key_handle_authentication().unwrap() != authentication_key);
|
||||
}
|
||||
}
|
||||
|
||||
3
src/env/test/mod.rs
vendored
3
src/env/test/mod.rs
vendored
@@ -16,6 +16,7 @@ use self::upgrade_storage::BufferUpgradeStorage;
|
||||
use crate::api::connection::{HidConnection, SendOrRecvResult, SendOrRecvStatus};
|
||||
use crate::api::customization::DEFAULT_CUSTOMIZATION;
|
||||
use crate::api::firmware_protection::FirmwareProtection;
|
||||
use crate::api::key_store;
|
||||
use crate::api::user_presence::{UserPresence, UserPresenceResult};
|
||||
use crate::clock::ClockInt;
|
||||
use crate::env::Env;
|
||||
@@ -147,6 +148,8 @@ impl FirmwareProtection for TestEnv {
|
||||
}
|
||||
}
|
||||
|
||||
impl key_store::Helper for TestEnv {}
|
||||
|
||||
impl Env for TestEnv {
|
||||
type Rng = TestRng256;
|
||||
type UserPresence = TestUserPresence;
|
||||
|
||||
3
src/env/tock/mod.rs
vendored
3
src/env/tock/mod.rs
vendored
@@ -16,6 +16,7 @@ pub use self::storage::{TockStorage, TockUpgradeStorage};
|
||||
use crate::api::connection::{HidConnection, SendOrRecvError, SendOrRecvResult, SendOrRecvStatus};
|
||||
use crate::api::customization::{CustomizationImpl, DEFAULT_CUSTOMIZATION};
|
||||
use crate::api::firmware_protection::FirmwareProtection;
|
||||
use crate::api::key_store;
|
||||
use crate::api::user_presence::{UserPresence, UserPresenceError, UserPresenceResult};
|
||||
use crate::clock::{ClockInt, KEEPALIVE_DELAY_MS};
|
||||
use crate::env::Env;
|
||||
@@ -193,6 +194,8 @@ impl FirmwareProtection for TockEnv {
|
||||
}
|
||||
}
|
||||
|
||||
impl key_store::Helper for TockEnv {}
|
||||
|
||||
impl Env for TockEnv {
|
||||
type Rng = TockRng256;
|
||||
type UserPresence = Self;
|
||||
|
||||
Reference in New Issue
Block a user