Skip to content

sys/psa_crypto: Implement persistent key storage#20099

Merged
mguetschow merged 1 commit intoRIOT-OS:masterfrom
Einhornhool:feature/psa-crypto-persistent-storage
Apr 17, 2024
Merged

sys/psa_crypto: Implement persistent key storage#20099
mguetschow merged 1 commit intoRIOT-OS:masterfrom
Einhornhool:feature/psa-crypto-persistent-storage

Conversation

@Einhornhool
Copy link
Copy Markdown
Contributor

@Einhornhool Einhornhool commented Nov 21, 2023

Contribution description

This is an implementation of persistent key storage in PSA Crypto. It uses VFS with littlefs2 and MTD.
PSA keys are encoded in CBOR, written to files and stored in flash (or emulated flash, depending on the MTD implementation).

So far this works on native and the nRF52840dk and it requires that the board supports MTD. This is why it is optional and must be enabled explicitly when building PSA Crypto.

Testing procedure

tests/sys/psa_crypto_persistent_storage and tests/sys/psa_crypto_cbor_encoder should pass successfully on the supported platforms.
examples/psa_crypto should still build and run without problems.

Issues/PRs references

Probably needs to be updated once #19992 is merged, since this does not yet include the module separation.

@github-actions github-actions bot added Area: doc Area: Documentation Area: tests Area: tests and testing framework Area: sys Area: System Area: Kconfig Area: Kconfig integration labels Nov 21, 2023
@Einhornhool Einhornhool force-pushed the feature/psa-crypto-persistent-storage branch 2 times, most recently from 4003957 to 29f2020 Compare November 21, 2023 15:57
mguetschow
mguetschow requested changes Dec 22, 2023
View reviewed changes
Copy link
Copy Markdown
Contributor

@mguetschow mguetschow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice job, thank you! 🎉

I've finally taken the time to do a partial review (excluding the test applications and without actually running the code). A few first comments below.

mguetschow
mguetschow requested changes Jan 2, 2024
View reviewed changes
Copy link
Copy Markdown
Contributor

@mguetschow mguetschow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some more comments below on the tests. Thanks again for your work!

@Einhornhool
Copy link
Copy Markdown
Contributor Author

Einhornhool commented Jan 3, 2024

@mguetschow thank you for the nice and detailed feedback! I didn't finish everything today, but I'm working on it =)

@mguetschow
Copy link
Copy Markdown
Contributor

mguetschow commented Jan 5, 2024

Two more things I thought about:

  1. The keys are stored in plain-text on the (external) flash memory and could be easily read out by anyone getting their hands on the flash module. Securing this is out of scope for this PR, I'd say, but at least it should be mentioned in the documentation (maybe in a warning box?).
  2. CONFIG_PSA_SINGLE_KEY_COUNT and friends only refers to in-memory key slots, this PR supports a virtually unlimited number of (additional) persistent keys, right? Maybe that should be explicitly mentioned in the docs, too.

@Einhornhool Einhornhool force-pushed the feature/psa-crypto-persistent-storage branch from 29f2020 to 74f2b9a Compare January 9, 2024 15:17
mguetschow
mguetschow requested changes Jan 18, 2024
View reviewed changes
Copy link
Copy Markdown
Contributor

@mguetschow mguetschow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for adapting to my feedback. The CBOR format and code is much more concise now, I like!

Second round of review below. It's quite an extensive PR, so I'd expect some more.

Just a small comment: Could you maybe avoid rebasing before pushing the changes so that Github can show me a nice diff of the actual new changes?

@Einhornhool
Copy link
Copy Markdown
Contributor Author

Einhornhool commented Jan 23, 2024

Just a small comment: Could you maybe avoid rebasing before pushing the changes so that Github can show me a nice diff of the actual new changes?

Sorry, I did a rebase, because the first version of this PR was still based on the code before the changes we made in #19992 and I wanted to have most current version. But I will consider this in the future =)

@Einhornhool Einhornhool mentioned this pull request Jan 30, 2024
Open
@Einhornhool Einhornhool force-pushed the feature/psa-crypto-persistent-storage branch from 472e07f to bf6a943 Compare February 21, 2024 16:12
@mguetschow mguetschow added the CI: ready for build If set, CI server will compile all applications for all available boards for the labeled PR label Mar 14, 2024
@riot-ci
Copy link
Copy Markdown

riot-ci commented Mar 14, 2024
edited
Loading

Murdock results

✔️ PASSED

cbadc4f sys/psa_crypto: implement persistent key storage

Success Failures Total Runtime
10065 0 10066 13m:57s

Artifacts

mguetschow
mguetschow requested changes Mar 15, 2024
View reviewed changes
Copy link
Copy Markdown
Contributor

@mguetschow mguetschow left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm sorry that I didn't think of this before, but keys marked as persistent should really be stored to flash unconditionally, right?

Edit: Alright, scratch that, just had another look and found the call to persist the key in psa_finish_key_creation.

@Einhornhool Einhornhool force-pushed the feature/psa-crypto-persistent-storage branch from bf6a943 to 9b4228d Compare April 3, 2024 14:32
@github-actions github-actions bot removed the Area: Kconfig Area: Kconfig integration label Apr 3, 2024
mguetschow
mguetschow approved these changes Apr 3, 2024
View reviewed changes
Copy link
Copy Markdown
Contributor

@mguetschow mguetschow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks again for your work! LGTM :)

@Teufelchen1 are we allowed to merge this for the next release? 👉👈

@Teufelchen1 Teufelchen1 enabled auto-merge April 3, 2024 15:00
auto-merge was automatically disabled April 10, 2024 10:00

Head branch was pushed to by a user without write access

@Einhornhool Einhornhool force-pushed the feature/psa-crypto-persistent-storage branch 2 times, most recently from 07faa14 to 9a1255b Compare April 10, 2024 15:25
@Einhornhool Einhornhool force-pushed the feature/psa-crypto-persistent-storage branch from 9a1255b to cbadc4f Compare April 16, 2024 09:05
@mguetschow mguetschow added this pull request to the merge queue Apr 16, 2024
Merged via the queue into RIOT-OS:master with commit b302b03 Apr 17, 2024
@mguetschow
Copy link
Copy Markdown
Contributor

mguetschow commented Apr 17, 2024

Great, congrats! 🎉

@Ollrogge
Copy link
Copy Markdown
Member

Ollrogge commented May 2, 2024

Hey, short question: Why does this only work on the nrf52840dk and native ?

@mguetschow
Copy link
Copy Markdown
Contributor

mguetschow commented May 3, 2024

I think™ the implementation should work on all boards supporting MTD, but has only been tested on native and nrf52840dk for now. @Einhornhool could correct me if I'm wrong, and you should be able to test it on a suitable board using USEMODULE += psa_persistent_storage.

@Einhornhool
Copy link
Copy Markdown
Contributor Author

Einhornhool commented May 3, 2024

Hey, short question: Why does this only work on the nrf52840dk and native ?

As Mikolai said, it should work with Boards that support MTD. I just haven't tested it with all of them and can't guarantee that it works.
Of course you can try it.

@mguetschow mguetschow added this to the Release 2024.07 milestone Jul 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mguetschow mguetschow mguetschow approved these changes

@leandrolanzieri leandrolanzieri Awaiting requested review from leandrolanzieri leandrolanzieri is a code owner

@jia200x jia200x Awaiting requested review from jia200x

@MrKevinWeiss MrKevinWeiss Awaiting requested review from MrKevinWeiss

@smlng smlng Awaiting requested review from smlng

@aabadie aabadie Awaiting requested review from aabadie aabadie is a code owner

@MichelRottleuthner MichelRottleuthner Awaiting requested review from MichelRottleuthner MichelRottleuthner is a code owner

@fjmolinas fjmolinas Awaiting requested review from fjmolinas

Assignees

No one assigned

Labels

Area: doc Area: Documentation Area: sys Area: System Area: tests Area: tests and testing framework CI: ready for build If set, CI server will compile all applications for all available boards for the labeled PR

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@Einhornhool @mguetschow @riot-ci @Ollrogge