Make SignKM accept generic crypto.Signer

werwurm · werwurm · commit 318545e4fd60 · 2024-09-06T12:53:18.000-07:00
Accepting crypto.PrivateKey uneccessarily restricts this library to
software crypto algorithms provided by the golang crypto packages. By
allowing the more generic crypto.Signer interface alternative
implementations, e.g., backed by HSMs, can be supported.
diff --git a/cmd/core/bg-prov/cmd.go b/cmd/core/bg-prov/cmd.go
@@ -2,6 +2,7 @@ package main
 
 import (
 	"bytes"
+	"crypto"
 	"encoding/binary"
 	"fmt"
 	"os"
@@ -858,7 +859,7 @@ func (s *signKMCmd) Run(ctx *context) error {
 	if err != nil {
 		return err
 	}
-	bKMSigned, err := bg.SignKM(s.SignAlgo, privkey)
+	bKMSigned, err := bg.SignKM(s.SignAlgo, privkey.(crypto.Signer))
 	if err != nil {
 		return err
 	}
diff --git a/pkg/provisioning/bootguard/bootguard.go b/pkg/provisioning/bootguard/bootguard.go
@@ -419,7 +419,7 @@ func (b *BootGuard) StitchBPM(pubKey crypto.PublicKey, signature []byte) ([]byte
 }
 
 // SignKM signs an unsigned KM with signAlgo and private key as input
-func (b *BootGuard) SignKM(signAlgo string, privkey crypto.PrivateKey) ([]byte, error) {
+func (b *BootGuard) SignKM(signAlgo string, signer crypto.Signer) ([]byte, error) {
 	buf := new(bytes.Buffer)
 	switch b.Version {
 	case bgheader.Version10:
@@ -433,7 +433,7 @@ func (b *BootGuard) SignKM(signAlgo string, privkey crypto.PrivateKey) ([]byte,
 			return nil, err
 		}
 		unsignedKM := buf.Bytes()[:b.VData.BGkm.KeyAndSignatureOffset()]
-		if err := b.VData.BGkm.SetSignature(signAlgo, privkey.(crypto.Signer), unsignedKM); err != nil {
+		if err := b.VData.BGkm.SetSignature(signAlgo, signer, unsignedKM); err != nil {
 			return nil, err
 		}
 	case bgheader.Version20:
@@ -447,7 +447,7 @@ func (b *BootGuard) SignKM(signAlgo string, privkey crypto.PrivateKey) ([]byte,
 			return nil, err
 		}
 		unsignedKM := buf.Bytes()[:b.VData.CBNTkm.KeyAndSignatureOffset()]
-		if err = b.VData.CBNTkm.SetSignature(signAlgo, b.VData.CBNTkm.PubKeyHashAlg, privkey.(crypto.Signer), unsignedKM); err != nil {
+		if err = b.VData.CBNTkm.SetSignature(signAlgo, b.VData.CBNTkm.PubKeyHashAlg, signer, unsignedKM); err != nil {
 			return nil, err
 		}
 	default:

Original file line number	Diff line number	Diff line change
`@@ -419,7 +419,7 @@ func (b *BootGuard) StitchBPM(pubKey crypto.PublicKey, signature []byte) ([]byte`
`419`	`419`	`}`
`420`	`420`
`421`	`421`	`// SignKM signs an unsigned KM with signAlgo and private key as input`
`422`		`-func (b *BootGuard) SignKM(signAlgo string, privkey crypto.PrivateKey) ([]byte, error) {`
	`422`	`+func (b *BootGuard) SignKM(signAlgo string, signer crypto.Signer) ([]byte, error) {`
`423`	`423`	`buf := new(bytes.Buffer)`
`424`	`424`	`switch b.Version {`
`425`	`425`	`case bgheader.Version10:`
`@@ -433,7 +433,7 @@ func (b *BootGuard) SignKM(signAlgo string, privkey crypto.PrivateKey) ([]byte,`
`433`	`433`	`return nil, err`
`434`	`434`	`}`
`435`	`435`	`unsignedKM := buf.Bytes()[:b.VData.BGkm.KeyAndSignatureOffset()]`
`436`		`- if err := b.VData.BGkm.SetSignature(signAlgo, privkey.(crypto.Signer), unsignedKM); err != nil {`
	`436`	`+ if err := b.VData.BGkm.SetSignature(signAlgo, signer, unsignedKM); err != nil {`
`437`	`437`	`return nil, err`
`438`	`438`	`}`
`439`	`439`	`case bgheader.Version20:`
`@@ -447,7 +447,7 @@ func (b *BootGuard) SignKM(signAlgo string, privkey crypto.PrivateKey) ([]byte,`
`447`	`447`	`return nil, err`
`448`	`448`	`}`
`449`	`449`	`unsignedKM := buf.Bytes()[:b.VData.CBNTkm.KeyAndSignatureOffset()]`
`450`		`- if err = b.VData.CBNTkm.SetSignature(signAlgo, b.VData.CBNTkm.PubKeyHashAlg, privkey.(crypto.Signer), unsignedKM); err != nil {`
	`450`	`+ if err = b.VData.CBNTkm.SetSignature(signAlgo, b.VData.CBNTkm.PubKeyHashAlg, signer, unsignedKM); err != nil {`
`451`	`451`	`return nil, err`
`452`	`452`	`}`
`453`	`453`	`default:`