[KCC] Add generate_kem_keypair and generate_binding_keypair FFIs

[meetrajvala]

No description provided.

[atulpatildbz]

On-going review. Will continue tomorrow. Meanwhile you can start working on these comments.

[atulpatildbz]

MmapMut doesn't implement Zeroize it seems. https://docs.rs/memmap2/latest/memmap2/struct.MmapMut.html#trait-implementations

Implement Drop manually to zero the mmap contents via self.mmap[..].zeroize() before unmapping.

[atulpatildbz]

MFD_SECRET isn't a valid flag for memfd_create. https://man7.org/linux/man-pages/man2/memfd_create.2.html

1. Call the actual memfd_secret syscall . (man page reference)
2. Use ftruncate to set the size.
3. Use mmap to write the data (since memfd_secret fds don't support write()).

[NilanjanDaw]

Yeah I think I wrote MFD_SECRET in my doc. It should be MFD_NOEXEC_SEAL instead. We should add it to prevent this memory from ever being executable.

[NilanjanDaw]

Regarding using ftruncate, while it is a valid method. A memory write() should have similar effects. As the man-page mentions:

The initial size of the file is set to 0. Following the call, the
file size should be set using ftruncate(2). (Alternatively, the
file may be populated by calls to write(2) or similar.)

So I think the file.write_all(data)?; below should be good enough to set the file size.

Regarding write() not being supported, I am not sure why that will be. Unless we add F_SEAL_WRITE we should be able to write to the fd location similar to memfd backed files.

[atulpatildbz]

in linux/memfd.h 0x0008 points to MFD_NOEXEC_SEAL

LMK if i'm missing something

[NilanjanDaw]

Thanks for working on this, added some initial comments.

[NilanjanDaw]

As discussed today, we need to separate these out into individual Key Management Agents, one for the Workload daemon, and the other for the Key Protection Service.

[NilanjanDaw]

The binding key lifespan is a parameter passed down from the orchestration layer.

[NilanjanDaw]

Even though for initial phases, we will exclusively support X25519, we need to make these configurable. The KemAlgorithm will be passed as parameter indicating the DHKEM algorithm to use for the request.

[NilanjanDaw]

Again the exact algorithm chain should be passed from the orchestration layer and not hardcoded here.

[NilanjanDaw]

I would prefer defining the Algorithms below as a common protobuf definition and not in rust. And then use Prost to have a Rust binding for those protos. That would allow us to have a common definition between both the orchestration and the custody core components.

[NilanjanDaw]

For each of these, we should have a default unknown definition, like KEM_ALGORITHM_UNSPECIFIED to prevent accidental values from being set.

[NilanjanDaw]

Yeah I think I wrote MFD_SECRET in my doc. It should be MFD_NOEXEC_SEAL instead. We should add it to prevent this memory from ever being executable.

[NilanjanDaw]

The KEM keys and the Binding keys will share the same UUID. When creating the binding keys, a new UUID will be generated and returned back to the orchestration layer. This same UUID will be passed back to the generate_kem_keypair FFI. So when the KEM keys are generated, these keys are mapped to the same UUID and not a new one. This way we can look up the correct KEM key <-> Binding Key pair during the "decap and seal" and subsequent "open" operation.

[NilanjanDaw]

I think we should move this to a protobuf file, to ensure a single definition across the orchestration and custody core layers.

[NilanjanDaw]

Let's make this configurable?