[PM-5693] CryptoService using memfd_secret on Linux #7
Conversation
Otherwise some Drop implementations can crash
|
No New Or Fixed Issues Found |
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #7 +/- ##
==========================================
- Coverage 63.85% 63.47% -0.38%
==========================================
Files 186 192 +6
Lines 12905 14106 +1201
==========================================
+ Hits 8240 8954 +714
- Misses 4665 5152 +487 ☔ View full report in Codecov by Sentry. |
There was a problem hiding this comment.
I've taken an initial look at this. I think the general concept is solid, there are some potential areas for improvements.
However the biggest pieces would be:
- Documentation, we need to ensure we write solid documentation on the difference areas and ensure we are clear about how it's intended to be used.
- Improve test coverage, since we're dealing with cryptography we want to be really sure nothing breaks in the future.
| @@ -23,6 +23,10 @@ pub enum CryptoError { | |||
| MissingKey(Uuid), | |||
| #[error("The item was missing a required field: {0}")] | |||
| MissingField(&'static str), | |||
| #[error("Missing Key for Ref. {0}")] | |||
| MissingKey2(String), | |||
There was a problem hiding this comment.
MissingKey2 😭 Will this be removed once we remove all usages of the old interfaces?
There was a problem hiding this comment.
Yeah, that's removed in the other PR that starts using this code in the rest of the SDK:
https://github.com/bitwarden/sdk-internal/pull/8/files#diff-3a39fb8ed55a85cd232b4ac7681c85bb81462727f6d311b1a4c33be7c5b7f4ed
I didn't want to update it here to avoid needing to touch up code which was going to need to be updated in the other PR anyway
There was a problem hiding this comment.
Do we have any documentation for why we need to implement our own slice vs using built in?
There was a problem hiding this comment.
Added some doc comments here:
| ) -> Result<Output, crate::CryptoError>; | ||
| } | ||
|
|
||
| // Basic Encryptable/Decryptable implementations to and from bytes |
There was a problem hiding this comment.
I've mostly added these to split up and organize all the Encryptable/Decryptable implementations.
They all look very similar and when I didn't have these comments is was quite annoying to find one in particular. Maybe what that is telling us is that we should move those impls into separate modules or separate files.
| use key_store::KeyStore; | ||
|
|
||
| #[derive(Clone)] | ||
| pub struct CryptoService<SymmKeyRef: SymmetricKeyRef, AsymmKeyRef: AsymmetricKeyRef> { |
There was a problem hiding this comment.
question: We define a Keys struct which essentially acts as the KeyStore. Would it be a cleaner interface to define a KeyStore trait which both CryptoService and Keys implements, and CryptoService simply forwards calls to the inner store.
There was a problem hiding this comment.
Initially I think I've tried to do something like that, but it was hard to get a good API when using a trait here and then also trying to be generic over key type / Encryptable implementation.
# Conflicts: # crates/bitwarden-crypto/src/lib.rs
|
I've made a few changes while documenting this a bit, plus some of the review suggestions are included here as well:
|
🎟️ Tracking
https://bitwarden.atlassian.net/browse/PM-5693
📔 Objective
Migrated from bitwarden/sdk-sm#979
I've been looking into using
memfd_secretto protect keys in memory on Linux.The
memfd_secretAPI is similar to malloc in that we get some memory range allocated for us, but this memory is only visible to the process that has access to the file descriptor, which should protect us from any memory dumping from anything other than a kernel driver.https://man.archlinux.org/man/memfd_secret.2.en
Using this requires changing how we store keys, so this is the perfect moment to go through removing the raw keys from the API surface.
Changes
KeyReftrait andSymmetricKeyRef/AsymmetricKeyRefsubtraits to represent the key types. Also a small macro to quickly implement them.KeyRefimplementations are user defined types that implementsEq+Hash+Copy, and don't contain any key materialKeyEncryptable/KeyDecryptableare nowDecryptable/Encryptable, and instead of taking the key as parameter, they take aCryptoServiceContextand aKeyRef. This way keys are never exposed to the clients.KeyLocatortrait is replaced byUsesKey. This trait only returns theKeyRefof the key required to decrypt it, instead of fetching the key itself.KeyStoretrait, with some simple CRUD methods. We have two implementations, one based onmemfd_secretfor Linux, and another one based on a Rust boxed slice, that also appliesmlockif possible.mlockandmemfd_secretapply their protection over a specified memory area, we need a Rust data structure that is laid out linearly and also doesn't reallocate by itself. Also becausememfd_secretallocates the memory for us, we can't use a std type like Vec (reason is the Vec must be allocated by the Rust allocator [ref]). This basically only leaves us with a Rust slice, on top of which we'd need to implement insert/get/delete. To allow for reuse and easier testing I've createdSliceKeyStore, which implements the CRUD methods from theKeyStoretrait on top of a plain slice. Then the actualmlockandmemfd_secretimplementations just need to implement a trait casting their data to a slice. The data is stored as a slice ofOption<(KeyRef, KeyMaterial)>, and the keys are unique and sorted in the slice for easier lookups.CryptoService, which contains theKeyStores and some encrypt/decrypt utility functions. From aCryptoServiceyou can also initialize aCryptoServiceContextCryptoServiceContextcontains a read only view of the keys inside theCryptoService, plus a read-write ephemeral key store, for use byDecryptable/Encryptableimplementations when they need to temporarily store some keys (Cipher keys, attachment keys, send keys...).Migrated the codebase to use these changes in a separate PR: bitwarden/sdk-sm#1117
📸 Screenshots
⏰ Reminders before review
team
🦮 Reviewer guidelines
:+1:) or similar for great changes:memo:) or ℹ️ (:information_source:) for notes or general info:question:) for questions:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmedissue and could potentially benefit from discussion
:art:) for suggestions / improvements:x:) or:warning:) for more significant problems or concerns needing attention:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt:pick:) for minor or nitpick changes