search

OP-TEE / optee_os

Trusted side of the TEE
Other
1.59k stars 1.07k forks source link

Generating key pairs based on secret seeds #5828

Closed PrithviAPai closed 1 year ago

PrithviAPai commented 1 year ago

Would OP-TEE (TEE_GenerateKey) allows developer to pass some secret value based on which it can generate ECC or RSA key pairs ?

PrithviAPai commented 1 year ago

@jforissier can you please help on this ?

jbech-linaro commented 1 year ago

I'd say no. The spec also says that it generates a random key or key-pair. I think that is expected behavior as well for RSA and ECC, since you need find/base it on prime numbers. What you're asking for is more something you'd see if you want to salt a regular password, that could be used for HMAC's for example. Perhaps I misunderstand your intentions?

PrithviAPai commented 1 year ago

@jbech-linaro mbedTLS allows developers to provide random number generator function as input to gen_key functions as below. So, I wanted to pass my own random number generator functions in OP-TEE as well for generating key pairs based on my own random number(which could be a static number)

int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid,
                  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
int mbedtls_rsa_gen_key(mbedtls_rsa_context *ctx,
                        int (*f_rng)(void *, unsigned char *, size_t),
                        void *p_rng,
                        unsigned int nbits, int exponent)
PrithviAPai commented 1 year ago

I have a requirement to generate key-pairs which remain same is there any way I can do that ?

quduoduo1 commented 1 year ago

Hello, I have the same problem. If TEE_GenerateKey does not accept input, does it mean that the last parameter uint32_t paramCount can only be 1 or 0?

quduoduo1 commented 1 year ago

@jbech-linaro Can you please help on this?

jforissier commented 1 year ago

Hello @quduoduo1, for some reason I can't find your last comment anymore. I noticed:

attrs[0].attributeID = TEE_ATTR_ECC_CURVE;
attrs[0].content.value.a = TEE_ECC_CURVE_SM2;

This is wrong, for SM2 key pair generation you should not set the TEE_ATTR_ECC_CURVE attribute. You do not need a seed either so you should remove this too:

attrs[1].attributeID = TEE_ATTR_SECRET_VALUE;
attrs[1].content.ref.buffer = salt;
attrs[1].content.ref.length = salt_size;

No attribute is needed at all, see the GlobalPlatform specification 1.3.1 table 5-12.

PrithviAPai commented 1 year ago

@jforissier for ECDSA key pair generation with secret seeds do we have support from OP-TEE ? Any examples will definitely help

quduoduo1 commented 1 year ago

@PrithviAPai You can try this: `objectType = TEE_TYPE_ECDSA_KEYPAIR; keysize = 192/224/...,; res = TEE_AllocateTransientObject(objectType , key_size, &transient_key);

attrs[0].attributeID = TEE_ATTR_ECC_CURVE; attrs[0].content.value.a = TEE_ECC_CURVE_NIST_P192/TEE_ECC_CURVE_NIST_P224/...; res = TEE_GenerateKey(transient_key, key_size, attrs, 1);` (although i'm not sure yet

quduoduo1 commented 1 year ago

@jforissier Thanks for the answer! it seems that I did get confused...

PrithviAPai commented 1 year ago

@quduoduo1 but, where is that we are passing secret seed here ?

quduoduo1 commented 1 year ago

@PrithviAPai TEE_GenerateKey does not require secret seed. Maybe you can look at TEE_DeriveKey?it accepts the other party’s public key as a parameter.But the two interfaces serve very different purposes,and TEE_DeriveKey's algorithm is also limited.

PrithviAPai commented 1 year ago

Thanks for the answer @quduoduo1 I will check if TEE_DeriveKey suits my requirement

PrithviAPai commented 1 year ago

Closing the issue as OP-TEE doesnt support passing seeds while generating key pairs