rename generate_with_id to generate_for_hardware

Signed-off-by: Berend Sliedrecht <[email protected]>

Cargo.toml

@@ -48,7 +48,6 @@ once_cell = "1.5"
 serde = { version = "1.0", features = ["derive"] }
 serde_cbor = "0.11"
 serde_json = "1.0"
-uuid = { version = "1.8.0", features = ["v4"] }
 zeroize = "1.5"
 
 [dependencies.askar-crypto]

askar-crypto/Cargo.toml

@@ -27,8 +27,8 @@ default = ["alloc", "any_key", "all_keys", "crypto_box"]
 ec_curves = ["elliptic-curve", "k256", "p256", "p384"]
 ed25519 = ["curve25519-dalek", "ed25519-dalek", "x25519-dalek"]
 getrandom = ["rand/getrandom"]
-p256_hardware = ["secure-env", "p256"]
-std = ["alloc", "serde/std", "serde-json-core/std", "std_rng"]
+p256_hardware = ["secure-env", "p256", "uuid", "getrandom"]
+std = ["alloc", "serde/std", "serde-json-core/std", "std_rng", "uuid/std"]
 std_rng = ["getrandom", "rand/std", "rand/std_rng"]
 
 [dev-dependencies]
@@ -106,6 +106,7 @@ serde = { version = "1.0", default-features = false, features = ["derive"] }
 serde-json-core = { version = "0.5", default-features = false }
 sha2 = { version = "0.10", default-features = false }
 subtle = "2.4"
+uuid = { version = "1.8.0", default-features = false, optional = true, features = ["v4"] }
 x25519-dalek = { version = "2", default-features = false, features = [
     "static_secrets",
     "zeroize",

askar-crypto/src/alg/any.rs

@@ -95,7 +95,7 @@ pub trait AnyKeyCreate: Sized {
     fn generate_with_rng(alg: KeyAlg, rng: impl KeyMaterial) -> Result<Self, Error>;
 
     /// Generate a new key with an id for the given key algorithm.
-    fn generate_with_id(alg: KeyAlg, id: &str) -> Result<Self, Error>;
+    fn generate_for_hardware(alg: KeyAlg) -> Result<Self, Error>;
 
     /// Get a key by id for hardware-based key
     fn get_with_id(alg: KeyAlg, id: &str) -> Result<Self, Error>;
@@ -106,11 +106,6 @@ pub trait AnyKeyCreate: Sized {
         Self::generate_with_rng(alg, crate::random::default_rng())
     }
 
-    /// Generate a new random key for the given key algorithm and id.
-    fn random_with_id(alg: KeyAlg, id: &str) -> Result<Self, Error> {
-        Self::generate_with_id(alg, id)
-    }
-
     /// Generate a new random key for the given key algorithm.
     fn random_det(alg: KeyAlg, seed: &[u8]) -> Result<Self, Error> {
         Self::generate_with_rng(alg, crate::random::RandomDet::new(seed))
@@ -143,8 +138,8 @@ impl AnyKeyCreate for Box<AnyKey> {
         generate_any_with_rng(alg, rng)
     }
 
-    fn generate_with_id(alg: KeyAlg, id: &str) -> Result<Self, Error> {
-        generate_any_with_id(alg, id)
+    fn generate_for_hardware(alg: KeyAlg) -> Result<Self, Error> {
+        generate_any_for_hardware(alg)
     }
 
     fn get_with_id(alg: KeyAlg, id: &str) -> Result<Self, Error> {
@@ -186,8 +181,8 @@ impl AnyKeyCreate for Arc<AnyKey> {
         generate_any_with_rng(alg, rng)
     }
 
-    fn generate_with_id(alg: KeyAlg, id: &str) -> Result<Self, Error> {
-        generate_any_with_id(alg, id)
+    fn generate_for_hardware(alg: KeyAlg) -> Result<Self, Error> {
+        generate_any_for_hardware(alg)
     }
 
     fn get_with_id(alg: KeyAlg, id: &str) -> Result<Self, Error> {
@@ -268,21 +263,23 @@ fn generate_any_with_rng<R: AllocKey>(alg: KeyAlg, rng: impl KeyMaterial) -> Res
         #[cfg(feature = "p384")]
         KeyAlg::EcCurve(EcCurves::Secp384r1) => P384KeyPair::generate(rng).map(R::alloc_key),
         #[allow(unreachable_patterns)]
-        _ => {
-            println!("Unsupported algorithm '{alg:?}' for key generation with rng");
-            Err(err_msg!(
-                Unsupported,
-                "Unsupported algorithm for key generation with rng"
-            ))
-        }
+        _ => Err(err_msg!(
+            Unsupported,
+            "Unsupported algorithm for key generation with rng"
+        )),
     }
 }
 
 #[inline]
-fn generate_any_with_id<R: AllocKey>(alg: KeyAlg, id: &str) -> Result<R, Error> {
+fn generate_any_for_hardware<R: AllocKey>(alg: KeyAlg) -> Result<R, Error> {
     match alg {
         #[cfg(feature = "p256_hardware")]
-        KeyAlg::EcCurve(EcCurves::Secp256r1) => P256HardwareKeyPair::generate(id).map(R::alloc_key),
+        KeyAlg::EcCurve(EcCurves::Secp256r1) => P256HardwareKeyPair::generate(
+            uuid::Uuid::new_v4()
+                .hyphenated()
+                .encode_lower(&mut uuid::Uuid::encode_buffer()),
+        )
+        .map(R::alloc_key),
         _ => Err(err_msg!(
             Unsupported,
             "Unsupported algorithm for key generation with id"

src/ffi/key.rs

@@ -1,7 +1,3 @@
-use ffi_support::{rust_string_to_c, ByteBuffer, FfiStr};
-use std::{os::raw::c_char, str::FromStr};
-use uuid::Uuid;
-
 use super::{
     handle::ArcHandle,
     secret::{EncryptedBuffer, SecretBuffer},
@@ -11,6 +7,8 @@ use crate::kms::{
     crypto_box, crypto_box_open, crypto_box_random_nonce, crypto_box_seal, crypto_box_seal_open,
     derive_key_ecdh_1pu, derive_key_ecdh_es, KeyAlg, KeyBackend, LocalKey,
 };
+use ffi_support::{rust_string_to_c, ByteBuffer, FfiStr};
+use std::{os::raw::c_char, str::FromStr};
 
 pub type LocalKeyHandle = ArcHandle<LocalKey>;
 
@@ -38,10 +36,7 @@ pub extern "C" fn askar_key_generate(
 
         let key = match backend {
             KeyBackend::Software => LocalKey::generate_with_rng(alg, ephemeral != 0),
-            KeyBackend::SecureElement =>  {
-                let id = Uuid::new_v4().to_string();
-                LocalKey::generate_with_id(alg, &id, ephemeral != 0)
-            }
+            KeyBackend::SecureElement => LocalKey::generate_for_hardware(alg, ephemeral != 0)
         }?;
 
         unsafe { *out = LocalKeyHandle::create(key) };

src/kms/local_key.rs

@@ -76,9 +76,9 @@ impl LocalKey {
         Ok(Self { inner, ephemeral })
     }
 
-    /// Create a new random keypair with an id
-    pub fn generate_with_id(alg: KeyAlg, id: &str, ephemeral: bool) -> Result<Self, Error> {
-        let inner = Box::<AnyKey>::generate_with_id(alg, id)?;
+    /// Create a new random keypair backed by hardware
+    pub fn generate_for_hardware(alg: KeyAlg, ephemeral: bool) -> Result<Self, Error> {
+        let inner = Box::<AnyKey>::generate_for_hardware(alg)?;
         Ok(Self { inner, ephemeral })
     }