components/appid/
checker_signature.rs

1// Licensed under the Apache License, Version 2.0 or the MIT License.
2// SPDX-License-Identifier: Apache-2.0 OR MIT
3// Copyright Tock Contributors 2024.
4
5//! Components for signature credential checkers.
6
7use core::mem::MaybeUninit;
8use kernel::component::Component;
9use kernel::hil::{digest, public_key_crypto};
10
11#[macro_export]
12macro_rules! app_checker_signature_component_static {
13    ($S:ty, $H:ty, $HL:expr, $SL:expr $(,)?) => {{
14        let hash_buffer = kernel::static_buf!([u8; $HL]);
15        let signature_buffer = kernel::static_buf!([u8; $SL]);
16        let checker = kernel::static_buf!(
17            capsules_system::process_checker::signature::AppCheckerSignature<
18                'static,
19                $S,
20                $H,
21                $HL,
22                $SL,
23            >
24        );
25
26        (checker, hash_buffer, signature_buffer)
27    };};
28}
29
30pub type AppCheckerSignatureComponentType<S, H, const HL: usize, const SL: usize> =
31    capsules_system::process_checker::signature::AppCheckerSignature<'static, S, H, HL, SL>;
32
33pub struct AppCheckerSignatureComponent<
34    S: kernel::hil::public_key_crypto::signature::SignatureVerify<'static, HL, SL>
35        + kernel::hil::public_key_crypto::keys::SelectKey<'static>
36        + 'static,
37    H: kernel::hil::digest::DigestDataHash<'static, HL> + 'static,
38    const HL: usize,
39    const SL: usize,
40> {
41    hasher: &'static H,
42    verifier: &'static S,
43    credential_type: tock_tbf::types::TbfFooterV2CredentialsType,
44}
45
46impl<
47        S: kernel::hil::public_key_crypto::signature::SignatureVerify<'static, HL, SL>
48            + kernel::hil::public_key_crypto::keys::SelectKey<'static>,
49        H: kernel::hil::digest::DigestDataHash<'static, HL>,
50        const HL: usize,
51        const SL: usize,
52    > AppCheckerSignatureComponent<S, H, HL, SL>
53{
54    pub fn new(
55        hasher: &'static H,
56        verifier: &'static S,
57        credential_type: tock_tbf::types::TbfFooterV2CredentialsType,
58    ) -> Self {
59        Self {
60            hasher,
61            verifier,
62            credential_type,
63        }
64    }
65}
66
67impl<
68        S: kernel::hil::public_key_crypto::signature::SignatureVerify<'static, HL, SL>
69            + kernel::hil::public_key_crypto::keys::SelectKey<'static>,
70        H: kernel::hil::digest::DigestDataHash<'static, HL> + kernel::hil::digest::Digest<'static, HL>,
71        const HL: usize,
72        const SL: usize,
73    > Component for AppCheckerSignatureComponent<S, H, HL, SL>
74{
75    type StaticInput = (
76        &'static mut MaybeUninit<
77            capsules_system::process_checker::signature::AppCheckerSignature<'static, S, H, HL, SL>,
78        >,
79        &'static mut MaybeUninit<[u8; HL]>,
80        &'static mut MaybeUninit<[u8; SL]>,
81    );
82
83    type Output = &'static capsules_system::process_checker::signature::AppCheckerSignature<
84        'static,
85        S,
86        H,
87        HL,
88        SL,
89    >;
90
91    fn finalize(self, s: Self::StaticInput) -> Self::Output {
92        let hash_buffer = s.1.write([0; HL]);
93        let signature_buffer = s.2.write([0; SL]);
94
95        let checker = s.0.write(
96            capsules_system::process_checker::signature::AppCheckerSignature::new(
97                self.hasher,
98                self.verifier,
99                hash_buffer,
100                signature_buffer,
101                self.credential_type,
102            ),
103        );
104
105        digest::Digest::set_client(self.hasher, checker);
106        kernel::hil::public_key_crypto::keys::SelectKey::set_client(self.verifier, checker);
107        public_key_crypto::signature::SignatureVerify::set_verify_client(self.verifier, checker);
108
109        checker
110    }
111}