crypto: Move to keylime library

Move the crypto module from keylime-agent to the keylime library. Signed-off-by: Anderson Toshiyuki Sasaki <[email protected]>
keylime · Feb 8, 2024 · 6610d39 · 6610d39
1 parent e282423
commit 6610d39
Show file tree

Hide file tree

Showing 10 changed files with 106 additions and 88 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/keylime-agent/Cargo.toml b/keylime-agent/Cargo.toml
@@ -21,8 +21,6 @@ keylime.workspace = true
 libc.workspace = true
 log.workspace = true
 openssl.workspace = true
-picky-asn1-der.workspace = true
-picky-asn1-x509.workspace = true
 pretty_env_logger.workspace = true
 reqwest.workspace = true
 serde.workspace = true

diff --git a/keylime-agent/src/common.rs b/keylime-agent/src/common.rs
@@ -2,22 +2,19 @@
 // Copyright 2021 Keylime Authors
 
 use crate::{
-    crypto::{AES_128_KEY_LEN, AES_256_KEY_LEN},
     error::{Error, Result},
     permissions,
 };
 
 use keylime::algorithms::{
     EncryptionAlgorithm, HashAlgorithm, SignAlgorithm,
 };
-use keylime::tpm;
-use log::*;
-use openssl::{
-    hash::{hash, MessageDigest},
-    pkey::PKey,
-    x509::X509,
+use keylime::{
+    crypto::{hash, tss_pubkey_to_pem, AES_128_KEY_LEN, AES_256_KEY_LEN},
+    tpm,
 };
-use picky_asn1_x509::SubjectPublicKeyInfo;
+use log::*;
+use openssl::hash::MessageDigest;
 use serde::{Deserialize, Serialize};
 use serde_json::{json, Value};
 use std::{
@@ -255,8 +252,8 @@ impl AgentData {
 /// This is used as the agent UUID when the configuration option 'uuid' is set as 'hash_ek'
 pub(crate) fn hash_ek_pubkey(ek_pub: Public) -> Result<String> {
     // Calculate the SHA-256 hash of the public key in PEM format
-    let pem = crate::crypto::tss_pubkey_to_pem(ek_pub)?;
-    let hash = crate::crypto::hash(&pem, MessageDigest::sha256())?;
+    let pem = tss_pubkey_to_pem(ek_pub)?;
+    let hash = hash(&pem, MessageDigest::sha256())?;
     Ok(hex::encode(hash))
 }
 

diff --git a/keylime-agent/src/error.rs b/keylime-agent/src/error.rs
@@ -61,7 +61,7 @@ pub(crate) enum Error {
     #[error("Number parsing error: {0}")]
     NumParse(#[from] std::num::ParseIntError),
     #[error("Crypto error: {0}")]
-    Crypto(#[from] crate::crypto::CryptoError),
+    Crypto(#[from] keylime::crypto::CryptoError),
     #[cfg(feature = "with-zmq")]
     #[error("ZMQ error: {0}")]
     Zmq(#[from] zmq::Error),
@@ -83,8 +83,6 @@ pub(crate) enum Error {
     Persist(#[from] tempfile::PersistError),
     #[error("Error joining threads: {0}")]
     Join(#[from] tokio::task::JoinError),
-    #[error("Asn1DerError: {0}")]
-    PickyAsn1(#[from] picky_asn1_der::Asn1DerError),
     #[error("Error sending internal message: {0}")]
     Sender(String),
     #[error("Error receiving internal message: {0}")]

diff --git a/keylime-agent/src/main.rs b/keylime-agent/src/main.rs
@@ -33,7 +33,6 @@
 
 mod common;
 mod config;
-mod crypto;
 mod error;
 mod errors_handler;
 mod keys_handler;
@@ -56,7 +55,7 @@ use futures::{
     future::{ok, TryFutureExt},
     try_join,
 };
-use keylime::{ima::MeasurementList, list_parser::parse_list, tpm};
+use keylime::{crypto, ima::MeasurementList, list_parser::parse_list, tpm};
 use log::*;
 use openssl::{
     pkey::{PKey, Private, Public},

diff --git a/keylime/Cargo.toml b/keylime/Cargo.toml
@@ -19,6 +19,8 @@ serde_derive.workspace = true
 static_assertions.workspace = true
 thiserror.workspace = true
 tss-esapi.workspace = true
+picky-asn1-der.workspace = true
+picky-asn1-x509.workspace = true
 
 [dev-dependencies]
 tempfile.workspace = true