Skip to content

sys/suit: add suit_get_public_key()#21560

Merged
benpicco merged 1 commit intoRIOT-OS:masterfrom
benpicco:suit_get_public_key
Aug 14, 2025
Merged

sys/suit: add suit_get_public_key()#21560
benpicco merged 1 commit intoRIOT-OS:masterfrom
benpicco:suit_get_public_key

Conversation

@benpicco
Copy link
Copy Markdown
Contributor

@benpicco benpicco commented Jun 23, 2025

Contribution description

It can be handy to know which public keys are accepted by SUIT.
This adds a simple helper function suit_get_public_key() that gives access to the internal public_key array.

Testing procedure

Issues/PRs references

@github-actions github-actions bot added Area: OTA Area: Over-the-air updates Area: sys Area: System labels Jun 23, 2025
@crasbe crasbe added Type: new feature The issue requests / The PR implemements a new feature for RIOT CI: ready for build If set, CI server will compile all applications for all available boards for the labeled PR labels Jun 23, 2025
@riot-ci
Copy link
Copy Markdown

riot-ci commented Jun 23, 2025
edited
Loading

Murdock results

✔️ PASSED

8bbe166 sys/suit: add suit_get_public_key()

Success Failures Total Runtime
10525 0 10525 12m:44s

Artifacts

crasbe
crasbe reviewed Jun 23, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@crasbe crasbe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure about that function.

Is it a good idea to give an application the address of the key storage? Without memory protection, you could just iterate through the memory and possibly get to the private key storage.
However I'm not sure if that's really a concern, since you could just do that anyways.

Also writing the address to a void pointer-pointer feels somewhat sketchy.

@Teufelchen1
Copy link
Copy Markdown
Contributor

Teufelchen1 commented Jun 24, 2025

Is it a good idea to give an application the address of the key storage? Without memory protection, you could just iterate through the memory and possibly get to the private key storage.
However I'm not sure if that's really a concern, since you could just do that anyways.

I get your feeling but the honest answer is that RIOTs security model does not account for this, sadly. There would be tricks to use the MPU/PMP/etc but without access rights management (maschine-/usermode) thats always a bit pointless. What concerncs me more is that this API would be in conflict with any move towards such memory protection in the future. (I would still ack it)

Also writing the address to a void pointer-pointer feels somewhat sketchy

Yes. I would love to see a bit of Cs "typesafety" here (lol). Isn't the keytype/struct known in advance?

@benpicco benpicco force-pushed the suit_get_public_key branch from eaa0643 to 9f45339 Compare July 24, 2025 11:16
@benpicco
Copy link
Copy Markdown
Contributor Author

benpicco commented Jul 24, 2025

You are right, we can just directly use cose_key_t here.

crasbe
crasbe reviewed Jul 24, 2025
View reviewed changes
@benpicco benpicco force-pushed the suit_get_public_key branch from 9f45339 to 8bbe166 Compare July 24, 2025 11:37
@fabian18
Copy link
Copy Markdown
Contributor

fabian18 commented Aug 14, 2025

Are there remaining concerns about this PR?

I think the changes look fine. The public_key array exists anyway and could be used by anyone.

@benpicco benpicco added this pull request to the merge queue Aug 14, 2025
Merged via the queue into RIOT-OS:master with commit f865852 Aug 14, 2025
26 checks passed
@benpicco benpicco deleted the suit_get_public_key branch August 14, 2025 16:39
@benpicco benpicco added this to the Release 2025.10 milestone Dec 3, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@crasbe crasbe crasbe approved these changes

@kaspar030 kaspar030 Awaiting requested review from kaspar030 kaspar030 is a code owner

@bergzand bergzand Awaiting requested review from bergzand bergzand is a code owner

Assignees

No one assigned

Labels

Area: OTA Area: Over-the-air updates Area: sys Area: System CI: ready for build If set, CI server will compile all applications for all available boards for the labeled PR Type: new feature The issue requests / The PR implemements a new feature for RIOT

Projects

None yet

Milestone

Release 2025.10

Development

Successfully merging this pull request may close these issues.

5 participants

@benpicco @riot-ci @Teufelchen1 @fabian18 @crasbe