Google Git
Sign in
chromium/chromium/src/crypto/058af966a3ba02ef1321e58a3bf40c1b5266d3c7
commit
058af966a3ba02ef1321e58a3bf40c1b5266d3c7
[log]
author
Jan Wilken Dörrie <jdoerrie@chromium.org>
Wed May 27 09:55:47 2026
committer
Copybara-Service <copybara-worker@google.com>
Wed May 27 09:57:39 2026
tree
c9194f39919e6b60d9a85cfc9a5d6d618cdf7a8e
parent
754c888afc968f7e8a6fa1f08bb9928fa6ab371f [diff]
[dbsc] Implement Rust TPM response parser for key certification

This CL introduces the memory-safe Rust parser for TPM2_Certify
responses, specifically validating the TPM2B_ATTEST and TPMT_SIGNATURE
structures. The parsed results are securely bounded and returned across
the CXX boundary via a CertifyResponse struct.

Bug: 501306222
Change-Id: Iacaf6b6c6325c0969b3939ef2dd782436a6a6964
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7830199
Reviewed-by: Elly <ellyjones@chromium.org>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Commit-Queue: Jan Wilken Dörrie <jdoerrie@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1636806}
NOKEYCHECK=True
GitOrigin-RevId: 962f4cd8c41baab61806dcd5bdf1a8ce3afe793b
3 files changed
tree: c9194f39919e6b60d9a85cfc9a5d6d618cdf7a8e
  1. apple/
  2. obsolete/
  3. test/
  4. aead.cc
  5. aead.h
  6. aead_unittest.cc
  7. aes_cbc.cc
  8. aes_cbc.h
  9. aes_cbc_unittest.cc
  10. aes_ctr.cc
  11. aes_ctr.h
  12. aes_ctr_unittest.cc
  13. BUILD.gn
  14. chaps_support.cc
  15. chaps_support.h
  16. cose.cc
  17. cose.h
  18. cose_unittest.cc
  19. crypto_export.h
  20. DEPS
  21. DIR_METADATA
  22. ecdsa_utils.cc
  23. ecdsa_utils.h
  24. ecdsa_utils_unittest.cc
  25. encrypt.cc
  26. encrypt.h
  27. encrypt_unittest.cc
  28. evp.cc
  29. evp.h
  30. evp_unittest.cc
  31. features.cc
  32. features.gni
  33. features.h
  34. hash.cc
  35. hash.h
  36. hash_unittest.cc
  37. hkdf.cc
  38. hkdf.h
  39. hmac.cc
  40. hmac.h
  41. hmac_unittest.cc
  42. hpke.cc
  43. hpke.h
  44. hpke_unittest.cc
  45. kdf.cc
  46. kdf.h
  47. kdf_unittest.cc
  48. kex.cc
  49. kex.h
  50. kex_unittest.cc
  51. keypair.cc
  52. keypair.h
  53. keypair_unittest.cc
  54. mock_unexportable_key.cc
  55. mock_unexportable_key.h
  56. mock_unexportable_key_provider.cc
  57. mock_unexportable_key_provider.h
  58. nss_crypto_module_delegate.h
  59. nss_key_util.cc
  60. nss_key_util.h
  61. nss_key_util_unittest.cc
  62. nss_util.cc
  63. nss_util.h
  64. nss_util_chromeos.cc
  65. nss_util_internal.h
  66. nss_util_unittest.cc
  67. openssl_util.cc
  68. openssl_util.h
  69. OWNERS
  70. pem.cc
  71. pem.h
  72. pem_unittest.cc
  73. PLAN.md
  74. process_bound_string.cc
  75. process_bound_string.h
  76. process_bound_string_unittest.cc
  77. random.cc
  78. random.h
  79. random_unittest.cc
  80. README.md
  81. scoped_capi_types.h
  82. scoped_cng_types.h
  83. scoped_fake_unexportable_key_provider.cc
  84. scoped_fake_unexportable_key_provider.h
  85. scoped_fake_user_verifying_key_provider.cc
  86. scoped_fake_user_verifying_key_provider.h
  87. scoped_mock_unexportable_key_provider.cc
  88. scoped_mock_unexportable_key_provider.h
  89. scoped_nss_types.h
  90. scoped_test_nss_chromeos_user.cc
  91. scoped_test_nss_chromeos_user.h
  92. scoped_test_nss_db.cc
  93. scoped_test_nss_db.h
  94. scoped_test_system_nss_key_slot.cc
  95. scoped_test_system_nss_key_slot.h
  96. secure_hash.cc
  97. secure_hash.h
  98. secure_hash_unittest.cc
  99. secure_util.cc
  100. secure_util.h
  101. sha2.cc
  102. sha2.h
  103. sha2_unittest.cc
  104. sign.cc
  105. sign.h
  106. sign_unittest.cc
  107. signature_verifier.cc
  108. signature_verifier.h
  109. signature_verifier_unittest.cc
  110. subtle_passkey.cc
  111. subtle_passkey.h
  112. test_support.cc
  113. test_support.h
  114. tpm.rs
  115. tpm_unittest.rs
  116. unexportable_key.cc
  117. unexportable_key.h
  118. unexportable_key_metrics.cc
  119. unexportable_key_metrics.h
  120. unexportable_key_metrics_unittest.cc
  121. unexportable_key_software_unsecure.cc
  122. unexportable_key_unittest.cc
  123. unexportable_key_win.cc
  124. unexportable_key_win.h
  125. user_verifying_key.cc
  126. user_verifying_key.h
  127. user_verifying_key_mac.mm
  128. user_verifying_key_mac_unittest.mm
  129. user_verifying_key_win.cc
README.md

//crypto README

This directory contains implementations of crypto primitives for use in Chromium. Most of these are either:

  • Wrappers around platform-specific APIs (DPAPI, libsecret, etc), so that code elsewhere in Chromium can use cross-platform abstractions, or
  • Wrappers around BoringSSL APIs that use Chromium-native types like base::span and similar

There is very little actual cryptographic code in //crypto - it is mostly wrappers.

This directory is actively being refactored as of 2025-06. See PLAN.md.

Commonly-Used Interfaces

Many interfaces in this directory are deprecated and being changed or removed; check the comment at the top of the header file before using them.

Advice For Clients

  • Ciphertext, keys, certificates, and other cryptographic material are generally sequences of bytes, not characters, so prefer using byte-oriented types to represent them: vector<uint8_t>, array<uint8_t>, and span<uint8_t> rather than string and string_view.
  • To serialize private keys, use keypair::PrivateKey::ToPrivateKeyInfo(), which returns a PKCS#8 PrivateKeyInfo structure serialized as a byte vector. To unserialize keys in this format, use keypair::PrivateKey::FromPrivateKeyInfo().
  • To serialize public keys, use keypair::PublicKey::ToSubjectPublicKeyInfo() or keypair::PrivateKey::ToSubjectPublicKeyInfo(), which return a X.509 SubjectPublicKeyInfo structure serialized as a byte vector. To unserialize public keys in this format, use keypair::PublicKey::FromPublicKeyInfo().
  • SubjectPublicKeyInfo and PrivateKeyInfo can represent many kinds of keys, so code that expects a specific kind of key must check the kind after deserialization.
  • To serialize symmetric keys (AEAD, HMAC, or symmetric encryption keys), use a raw sequence of bytes for the key material. Represent these keys in memory using vector<uint8_t>, array<uint8_t>, or span<uint8_t> directly.