stefanberger
commented
3 years ago I sent a PR today (#19 ) that does the following:
- Extends the existing function for parsing public keys with parsing a pkcs11 URI as a public key and returns a pkcs11uri object for it
- Extends the existing function for parsing a private key file content that describes the private key in form of yaml; the actual key is also described as a pkcs11 URI; the function then returns a pkcs11uri object for the private key
- Implements a function to parse a pkcs11 config file that is needed for declaring the paths where pkcs11 modules are to be found on a distro; it also allows to restrict the modules that can be used; the entries found in the config file are used as parameters to a pkcs11uri object; the assumption is that pkcs11 URIs can use
module-name=softhsm2to describe /path/to/libsofthsm2.so since this would allow for system-independent support for picking a client shared library (as described in RFC 7512) - Adds a low level Encrypt function that supports OAEP encryption using pkcs11 URI objects and *rsa.PublicKey objects (multiple recipients); it generates a JSON object with the encrypted blob base 64 encoded and embedded in a per-recipient entry
- Adds a low level Decrypt function that supports decryption using pkcs11 URI objects describing private keys; all keys will be tried with all entries found in the given JSON and once a decryption succeeds, the plaintext is returned
- Adds test cases for setting up a SoftHSM2 (starting with Ubuntu Bionic, SoftHSM 2.2) covering the Encrypt and Decrypt function as well as parsing of private key files (yaml format) and pkcs11 config files influencing the module search behavior of the pkcs11uri library objects
I do NOT think that the encrypted packet format (the JSON it creates) will be backed by PKCS11 but this would have to be our extension. Ideally pkcs11 support would be part of the pkcs7 or JWE implementation...
My suggestion is to base the higher level code, such as that from #18 on top of #19 or modify it so that it does.
As the commit message there states, parts of the code was reused from @Gsealy.
In the future we will likely need to extend the code there to support pkcs11 libraries for HSM devices for example that may not have the same restrictions as SoftHSM does, such as OAEP with SHA1 hash algorithm only. We may need to extend it with listing features the device supports and picking the best one, possibly writing the parameters 'somewhere' in case the Decrypt function needs them...
This thread contains discussion and implementation/design direction for PKCS#11 support for ocicrypt. This was started from https://github.com/containers/ocicrypt/pull/18 created by @Gsealy, and initial discussions from @stefanberger @jejb @jamjoom @lumjjb
The overall plan is to have the feature be experimental, and be formed based on usecases and features requested through discussions of the community. Once it is reached a more stable state, it will become part of the spec. Until then, it is not an officially supported protocol.
Below are some points from discussions within the PRs + side conversations.
Initial experimental prototype
org.opencontainers.image.enc.keys.experimental.pkcs11Experimental prototype iteration
EncryptWithandDecryptWithpassing a PKCS11 URI, this will provideDecryptConfigand the role of consumersMore iterations including other features as asks/discussion create
Future: