Initial port of Chromium's noise_nk handshake. (#4910)

* Initial port of Chromium's noise_nk handshake. This is a quick and dirty port of https://source.chromium.org/chromium/chromium/src/+/main:third_party/cloud_authenticator/?q=third_party%2Fcloud_authenticator&ss=chromium. Multiple upgrades are needed in follow-on PRs: * Add client-side code, basically just copying from tests. * Clean up rustcrypto.rs interface to the crypto used. * Add support for noise_kk. This is server-side code, but the client side code can be gleaned from tests. The rustcrypto.py file is derived from code influenced by the Ring crypto API, and ideally we should simplify and clean up the interface. It was meant to be used for linking to different crypto backends, but as Ring was first, rustcrypto.rs is basically a hack to conform to Ring's API. This PR adds initial noise-nk support, but for enclaves talking to other enclaves, we probably need noiew-kk, which should be added. * Fix clippy warnings * Updated header comments. * Ran cargo fmt. * Removed refs that clippy says are redundant. * Ran prettier on oak_crypito/Cargo.toml. * Synced to upstream, which required rerunning cargo fmt. * Fixing some nits from reviews * Changed rustcrypto module name to crypto_wrapper. * More changes based on review comments. * Ran cargo update on enclave_apps, micro_rpc_workspace_test, and oak_restricted_kernel_bin. * replaced [u8; 32] with [u8; <long const name>] everywhere. * More changes responding to review feedback. * More changes responding to review feedback. * Added missing tests.rs file. * Added missing tests.rs file. * Commented some bit manipulation * Reran cargo fmt. * Filed issue for TODO. * Build oak_attestation_verification and dependencies with Bazel (#4911) * Bump walkdir from 2.4.0 to 2.5.0 Bumps [walkdir](https://github.com/BurntSushi/walkdir) from 2.4.0 to 2.5.0. - [Commits](BurntSushi/walkdir@2.4.0...2.5.0) --- updated-dependencies: - dependency-name: walkdir dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Force-enable frame pointers and use them for profiling. * Use slices instead of `Bytes` in hashtable lookup data update code * Replace `spinning_top` with `parking_lot` when `std` is available * Revert Linux kernel to version 6.1.33 (#4915) Version 6.7.6 is not compatible with stage 0 on SEV, SEV-ES and SEV-SNP. Version 6.8 is also not compatible. It looks like 6.9 should be compatible once it is released, so we can upgrade then. Reverting for now to an older version we know was compatible untill we can upgrade to a newer compatible version. See b/327367706 * Backed out changes to Cargo.lock files. * Also back out Cargo.log change in oak_restricted_kernel_bin/Cargo.lock * Updated Cargo.log in oak_crypto. * Ran prettier on README.md * Fixed next issue found by xtask format checks. * Fixed clippy error. * Updated Cargo.lock files that depende on oak_crypto. --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: Ernesto Ocampo <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Andri Saar <[email protected]> Co-authored-by: conradgrobler <[email protected]>
project-oak · Mar 20, 2024 · db28d2e · db28d2e
1 parent b469576
commit db28d2e
Show file tree

Hide file tree

Showing 12 changed files with 878 additions and 1 deletion.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/enclave_apps/Cargo.lock b/enclave_apps/Cargo.lock
diff --git a/micro_rpc_workspace_test/Cargo.lock b/micro_rpc_workspace_test/Cargo.lock
diff --git a/oak_crypto/Cargo.toml b/oak_crypto/Cargo.toml
@@ -13,20 +13,31 @@ aes-gcm = { version = "*", default-features = false, features = [
 anyhow = { version = "*", default-features = false }
 async-trait = { version = "*", default-features = false }
 bytes = { version = "*", default-features = false }
+ecdsa = { version = "*", default-features = false, features = [
+  "der",
+  "pem",
+  "pkcs8",
+  "signing",
+] }
+hex = { version = "*", default-features = false, features = ["alloc"] }
 hkdf = { version = "*", default-features = false }
 hpke = { version = "*", default-features = false, features = [
   "alloc",
   "x25519",
 ] }
 p256 = { version = "*", default-features = false, features = [
-  "ecdsa",
   "alloc",
+  "ecdsa",
+  "pem",
 ] }
+pkcs8 = { version = "*", default-features = false, features = ["alloc"] }
+primeorder = { version = "*", default-features = false }
 prost = { version = "*", default-features = false, features = ["prost-derive"] }
 rand_core = { version = "*", default-features = false, features = [
   "getrandom",
 ] }
 sha2 = { version = "*", default-features = false }
+static_assertions = "*"
 zeroize = "*"
 
 [build-dependencies]

diff --git a/oak_crypto/src/lib.rs b/oak_crypto/src/lib.rs
@@ -17,6 +17,7 @@
 #![no_std]
 
 extern crate alloc;
+extern crate static_assertions;
 
 #[cfg(test)]
 extern crate std;
@@ -35,6 +36,7 @@ pub mod proto {
 pub mod encryption_key;
 pub mod encryptor;
 pub mod hpke;
+pub mod noise_handshake;
 pub mod signer;
 #[cfg(test)]
 mod tests;

diff --git a/oak_crypto/src/noise_handshake/README.md b/oak_crypto/src/noise_handshake/README.md
@@ -0,0 +1,14 @@
+# Noise protocol handshake
+
+This is a port from Google's internal enclave app repo, which was approved for
+open sourcing.
+
+- [The noise framework](http://www.noiseprotocol.org/noise.html)
+- [Noise explorer](https://noiseexplorer.com/patterns/NK/]
+
+In general, when communicating secrets to an enclave, it is recommended to use
+one of the well-reviewed noise variants for multi-round communication between
+clients and servers, and HPKE for launch-and-forget style requests.
+
+Currently only noise-NK is supported, but a future PR is planned for adding
+noise-NN support.