EC keys: consolidate API for handling keys in TEE #2287
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
cpetrov
force-pushed
the
mr-consolidate-tee-api
branch
from
fd2f8ad to
d318f14
Compare
elshadsm
approved these changes
Feb 5, 2024
cpetrov
force-pushed
the
mr-consolidate-tee-api
branch
2 times, most recently
from
5a584ab to
587a62c
Compare
The `inTee` option and the `teeKeyHandle` format provided a way to create keys in the TEE and export them as opaque handles. While this API made it transparent when a key is really stored in the TEE, it was not convenient in practice, as it required the application to conduct specific checks for hardware support on Android in order to decide whether to store the key in TEE or not. This commit removes the `inTee` option. ECDSA and ECDH keys with `extractable` set to `false` are now generated in the TEE by the platform when the device supports it. When the device does not support it, the key is generated in software. In practice, this means that non-extractable EC* keys are always generated in TEE on iOS, and on Android only when the device supports it. The `"teeKeyHandle"` format has also been removed. The `exportKey` method called for EC* keys with `extractable` set to `false` and the format `"raw"` now returns an opaque handle to the key in the TEE instead of throwing.
cpetrov
force-pushed
the
mr-consolidate-tee-api
branch
from
587a62c to
7e2bcab
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The
inTeeoption and theteeKeyHandleformat provided a way to create keys in the TEE and export them as opaque handles. While this API made it transparent when a key is really stored in the TEE, it was not convenient in practice, as it required the application to conduct specific checks for hardware support on Android in order to decide whether to store the key in TEE or not.This commit removes the
inTeeoption. ECDSA and ECDH keys withextractableset tofalseare now generated in the TEE by the platform when the device supports it. When the device does not support it, the key is generated in software. In practice, this means that non-extractable EC* keys are always generated in TEE on iOS, and on Android only when the device supports it.The
"teeKeyHandle"format has also been removed. TheexportKeymethod called for EC* keys withextractableset tofalseand the format"raw"now returns an opaque handle to the key in the TEE instead of throwing.