External secrets - Fortanix SDKMS support

Cargo.toml

@@ -9,6 +9,7 @@ members = [
     "net",
     "openpgp",
     "openpgp-ffi",
+    "openpgp-sdkms",
     "sq",
     "sqv",
     "store",

README.md

@@ -1,3 +1,91 @@
+sq-sdkms
+========
+
+This fork of [Sequoia-PGP][Sequoia] leverages
+[sdkms-client-rust][sdkms-client-rust] to perform OpenPGP operations with keys
+stored in the [Fortanix Self-Defending Key-Management System][SDKMS], adding
+options to the existing CLI Sequoia frontend, `sq`.
+
+### Motivation
+
+Sequoia-PGP defines the [Decryptor][sequoia::Decryptor] and
+[Signer][sequoia::Signer] traits for low-level cryptographic operations
+with secret key material, and abstracts over these traits for PGP formatting.
+This fork implements Decryptor and Signer for secrets stored inside
+Fortanix SDKMS, enabling the production of PGP material without the need to
+export private keys.
+
+### Additional requirements
+
+Install requirements for [rust-mbedtls][rust-mbedtls]. The following
+variables need to be set in order to communicate with SDKMS.
+
+- `FORTANIX_API_ENDPOINT`, your SDKMS API endpoint,
+- `FORTANIX_API_KEY`, your app's API key.
+
+
+### Example usage of added options
+
+In the following example, Alice holds a PGP key whose secrets are stored in
+SDKMS, and Bob and Charlie hold regular PGP keys.
+
+1. Generate an SDKMS key for Alice, and local keys for Bob and Charlie
+```
+$  sq key generate --sdkms-key="alice" --cipher-suite="nistp521" --userid="Alice <[email protected]>"
+$  sq key generate --cipher-suite="rsa3k" --userid="Bob <[email protected]> --export="bob.asc"
+$  sq key generate --userid="Charlie <[email protected]> --export="charlie.asc"
+```
+
+2. Recover Alice's Transferable Public Key (TPK)
+```
+$ sq key extract-cert --sdkms-key="alice" > alice.asc
+```
+
+3. Create a file, sign it with Alices's key, and verify it
+```
+$ echo "Hello, World!" > msg.txt
+
+$ sq sign --sdkms-key="alice" msg.txt > msg.txt.signed
+
+$ sq verify --signer-cert=alice.asc msg.txt.signed
+Good signature from B4C961DE2204FD02
+Hello, World!
+1 good signature.
+```
+
+4. Encrypt a file to Alice, signed by Bob, and decrypt it
+```
+$ sq encrypt --recipient-cert=alice.asc --signer-key=bob.asc msg.txt > to_alice.asc
+$ sq decrypt --sdkms-key="alice" --signer-cert=bob.asc to_alice.asc
+Encrypted using AES with 256-bit key
+Compressed using ZIP
+Good signature from DC4358B3EA20F2C6
+Hello, World!
+1 good signature.
+```
+
+5. Encrypt a file to Charlie, signed by both Alice and Bob, and decrypt it
+```
+$ sq encrypt --recipient-cert=charlie.asc --signer-sdkms-key=alice --signer-key=bob.asc msg.txt > to_charlie.asc
+$ sq decrypt --recipient-key=charlie.asc --signer-cert=alice.asc --signer-cert=bob.asc to_charlie.asc
+Encrypted using AES with 256-bit key
+Compressed using ZIP
+Good signature from B4C961DE2204FD02
+Good signature from DC4358B3EA20F2C6
+Hello, World!
+2 good signatures.
+```
+
+
+[rust-mbedtls]: https://github.com/fortanix/rust-mbedtls
+[Sequoia]: https://sequoia-pgp.org/
+[sequoia::Signer]: https://docs.sequoia-pgp.org/sequoia_openpgp/crypto/trait.Signer.html
+[sequoia::Decryptor]: https://docs.sequoia-pgp.org/sequoia_openpgp/crypto/trait.Decryptor.html
+[sdkms-client-rust]: https://github.com/fortanix/sdkms-client-rust
+[SDKMS]: https://fortanix.com/products/data-security-manager/sdkms
+
+--------------
+
 Sequoia PGP
 ===========
 

openpgp-sdkms/.rustfmt.toml

@@ -0,0 +1,15 @@
+condense_wildcard_suffixes = true
+enum_discrim_align_threshold = 20
+struct_field_align_threshold = 20
+group_imports = "StdExternalCrate"
+imports_indent = "Block"
+fn_single_line = true
+format_strings = true
+imports_granularity = "Module"
+match_arm_blocks = true
+max_width = 80
+reorder_imports = true
+trailing_semicolon = true
+use_field_init_shorthand = true
+unstable_features = true
+wrap_comments = true

openpgp-sdkms/Cargo.toml

@@ -0,0 +1,29 @@
+[package]
+name = "openpgp-sdkms"
+version = "0.1.0"
+authors = ["zugzwang <[email protected]>"]
+edition = "2018"
+
+# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
+
+[dependencies]
+anyhow = "1.0.18"
+bit-vec = "0.6.3"
+hyper = "0.10"
+hyper-native-tls = "0.3.0"
+ipnetwork = "0.17"
+http = "0.2.4"
+mbedtls = "0.8.0"
+log = "0.4.14"
+sequoia-openpgp = { path = "../openpgp" }
+sdkms = "0.2.1"
+serde = "1.0"
+serde_derive = "1.0"
+serde_json = "1.0"
+uuid = "0.7.4"
+yasna = { version = "0.3.2", features = ["num-bigint", "bit-vec"] }
+
+[build-dependencies]
+lalrpop = ">=0.17"
+# See https://github.com/rust-lang/rust-bindgen/issues/2030
+bindgen57 = { version = "0.57", package = "bindgen", default-features = false, features = ["runtime"] }