New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Queries related to PKCS11 based tests #721
Comments
Hi @anvisriv,
All pkcs11 test from xtest are expected to pass.
Pkcs11 API functions differ from GP TEE API functions in how to get an output buffer size. With Pkcs11, to query an output buffer size, you can either pass a NULL pointer (in which case you get an CKR_OK status with the size output argument set) or you can pass a too small buffer (in which case you get a CKR_BUFFER_TOO_SMALL status and the size output argument set). pkcs11 xtest test are implemented using Pkcs11 cryptoki API functions. |
Hi @etienne-lms
Can you please tell me where the output size is calculated for the ‘NULL buffer case with size as 0’ subtest of PKCS11 Test 1008? |
The trick is done in the cryptoki API library. When a NULL ref is passed by caller, the API passes a 0 size non-null memref to the TA and expects Regarding if (sign_ref && sign_len && *sign_len)
io = ckteec_register_shm(sign_ref, *sign_len,
sign ? CKTEEC_SHM_OUT : CKTEEC_SHM_IN);
else
io = ckteec_alloc_shm(0, sign ? CKTEEC_SHM_OUT : CKTEEC_SHM_IN);
if (!io) {
rv = CKR_HOST_MEMORY;
goto bail;
}
rv = ckteec_invoke_ta(sign ? PKCS11_CMD_SIGN_FINAL :
PKCS11_CMD_VERIFY_FINAL, ctrl, NULL, io,
&io_size, NULL, NULL);
if (sign && sign_len && (rv == CKR_OK || rv == CKR_BUFFER_TOO_SMALL))
*sign_len = io_size;
if (rv == CKR_BUFFER_TOO_SMALL && io_size && !sign_ref)
rv = CKR_OK; The same sequence is implemented in other cryptoki API functions, for example |
Thanks for the explanation regarding the error codes. Could you also explain how the output_size would be handeled in these cases? |
Hi @etienne-lms |
The sequence is:
Does that answer your question? |
Hi @etienne-lms Also, can you please tell which PKCS11 specification(v2.4 or v3.1) does current implementation follow? |
It is part of the GP TEE Internal core API that there are functions that are expected to return
We mainly follow the spec PKCS11 spec v2.4 with some extra support from the spec v3.0, if i'm right. |
Hi @etienne-lms Can you please point me in the GP specification where it says it is supposed to return size in these cases? |
This is described in section 3.4.4 [outbuf] in TEE Internal Core API specification v1.3.1:
|
Hi @etienne-lms Could you also explain why the size is expected in subtest https://github.com/OP-TEE/optee_test/blob/4.0.0/host/xtest/pkcs11_1000.c#L6001? As per section 3.4.4,
Also,
|
Becareful. https://github.com/OP-TEE/optee_test/blob/4.0.0/host/xtest/pkcs11_1000.c#L6001 relies on the PKCS#11 API, not the GP TEE API. PKCS#11 API behave differently: |
Hi @etienne-lms Also, could you please help with the flow for the below test case? xtest_pkcs11_test_1018 |
The test instruction you point to calls
It the pkcs11 returns |
Hi @etienne-lms
|
Libmbedtls integrated in OP-TEE is based on mainline mbedtls (https://github.com/Mbed-TLS/mbedtls.git). Its revision tag depends on the OP-TEE release tag. Latest OP-TEE, since tag 4.0.0 is based on mbedtls-3.4.0; OP-TEE tags 3.19.0 to 3.22.0 were based on mbedtls-2.28.1; etc... See the Git history of OP-TEE OS directory lib/libmbedtls for more information. |
Hi @etienne-lms
|
Hi @etienne-lms |
TEE_ALG_RSASSA_PKCS1_V1_5 is also defined in "Table C-1: Normative References for Algorithms" of the GP TEE Internal Core API spec v1.3.1, see page 364.
You mean the pkcs11 TA should have panicked for that test? We need to cross check this. |
Hi @etienne-lms
The TEE_ALG_RSASSA_PKCS1_V1_5 is used in combination with SHA, but unlike TEE_ALG_RSAES_PKCS1_V1_5, there is no standalone symbol defined for it. Could you please verify once more if this symbol is specific to OPTEE? |
My bad, I was to quick grepping into the spec document. |
Hi @etienne-lms For ECDSA usecase, TA is determining TEE algorithm based on the key size of ECDSA(here) while the GP specification v1.3 in section B.3 Deprecated Algorithm Identifiers Page 352 says:
Can you please confirm what is the right expectation? Adding one more query. |
Hi @etienne-lms did you get a chance to check? |
Hi @etienne-lms In bget there is Assuming all the BGET configurations are disabled. In the above call flow i didn't find where the poolset's freelist is getting modified to return otherwise from bget. Can you please guide and clarify the understanding? |
Hi @etienne-lms Adding one more question to the list :)
But, in case of test 1026, the test client is only setting first 5 attributes for unwrapping key. Will it not cause any issue in TEE_PopulateTransientObject in case of Unwrap usecase? |
Sorry, I've not looked at your request. I'll try to find a bit of time.... |
Hi @etienne-lms |
Hi @etienne-lms Did you got a chance to check? |
Hi @anvisriv, sorry for my late feedback. /Regarding comment #721 (comment):
These API functions are described in the PKCS#11 spec (e.g. https://docs.oasis-open.org/pkcs11/pkcs11-base/v3.0/os/pkcs11-base-v3.0-os.html#_Toc29976646 for /Regarding comment #721 (comment):
Unless I missed something, the pkcs11 TA does consider this constriaint: see https://github.com/OP-TEE/optee_os/blob/4.2.0/ta/pkcs11/src/processing_rsa.c#L562-L593. /Regarding comment #721 (comment) on bget: I'm not shure to understand your question. Do you face issues with bget allocator integration? It's been used since a while in OP-TEE core and TAs. /Regarding comment #721 (comment) on ECDSA and PKCS#11 key wrapping with RSA:
This is still an open point. A pull request was created last summer but stalled before reaching a clean conclusion, see OP-TEE/optee_os#6230. I think the issue is still pending and deserves investigation.
Pkcs11 TA implementation embeds MbedTLS library and supports key wrapping. There is nothing to configure, but ensure the TA heap is sized enough ( |
Hi @etienne-lms
Even in the absence of exponent1, exponent2, and coefficient, the count will continue to increment, potentially leading to complications when invoking TEE_PopulateTransientObject. Can you please reverify on your end? Also, thanks for other references. |
Right @anvisriv, there is a bug. |
Hi @etienne-lms
Sure. I will create a pull request. |
Fix RSA key attributes function load_tee_rsa_key_attrs() that badly checks that the 5 extended RSA attributes are found in the key object. Link: OP-TEE/optee_test#721 (comment) Link: OP-TEE/optee_test#721 (comment) Fixes: 0442c95 ("ta: pkcs11: Add support for RSA signing & verification") Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Hi @anvisriv, I took the liberty of creating a P-R for the RSA attributes in the pkcs11 TA. Please see OP-TEE/optee_os#6815. |
Hi @etienne-lms |
This change ensures that
I guess it is feasible. Proposals are welcome. |
Maybe the statistics PTA could be used to query the TA heap size before and after the test ? |
Hi @etienne-lms, the count will increase regardless of whether the value is NULL or not NULL, as there is no condition to stop the execution or treat it as an error. Furthermore, the code should handle these three scenarios:
How about we consider redefining malloc, calloc, free, and realloc using macro to track memory allocation in libckteec? This approach may require changes in most of the source code of the library.
Sure, will have a look at it for detecting memory leak in TA. |
Would you be ok to post comments in OP-TEE/optee_os#6815 and discuss the fix on that P-R? I think the P-R is okay:
I guess using Valgrind could help. Instrumenting allocation from libckteec looks also a good solution. Feel free to propose change if you have some ideas. |
Sure.
Are there any steps available for using Valgrind on PKCS11 TA/lib or any other OPTEE TA/lib? |
Hi Team
If repos (optee_test,optee_client,optee_os)with tag 4.0.0 is used then,
The text was updated successfully, but these errors were encountered: