diff options
| author | Rob Austein <sra@hactrn.net> | 2014-12-13 13:38:50 -0500 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2014-12-13 13:38:50 -0500 |
| commit | 95009f48e05d06fb77a9127731d7f5f2de489055 (patch) | |
| tree | 6db2ce5af8ec1ac7a70291fd37164d5fafa83166 /README.md | |
| parent | 1b88a31f228b4b0eddc23b31d71fb1e5ca6abe66 (diff) | |
Add code to use Cryptech TRNG in place of Cryptlib's default entropy
sources. This may need further attention, particularly once we start
working with buses other than the current I2C kludge.
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 22 |
1 files changed, 9 insertions, 13 deletions
@@ -31,11 +31,9 @@ different protocols: `core/novena_i2c_simple` environment. * An implementation using the `coretest` byt-stream protocol as - implemented by the `test/novena_entropy` FPGA build. This differs - from the others in that it supports the entropy generators. Note - that neither this HAL nor this FPGA build supports any cryptographic - algorithms, nor do they support the Cryptech TRNG. They're just for - testing the entropy generators. + implemented by the `test/novena_trng` FPGA build. This differs from + the others in that it supports the Cryptech TRNG. Note that neither + this HAL nor this FPGA build supports any cryptographic algorithms. All of these HAL implementations are in the `src/` directory. See the `GNUmakefile` for details on how to select the variant you want. @@ -45,10 +43,6 @@ digest algorithms. The current HAL uses the SHA-1, SHA-256, and SHA-512 cores to implement the SHA-1, SHA-256, SHA-384, and SHA-512 digests. SHA-512/224 and SHA-512/256 are not supported. -The TRGN is not yet supported, due to lack of an I2C interface. At -some point we will either add an I2C interface to the TRNG or skip -over I2C entirely and go straight to EIM. - In principal there is no reason why one could not write a HAL which spoke to a Terasic board, perhaps via the `coretest` protocol over a UART, but to date this has not been done. @@ -69,11 +63,13 @@ Packaging Cryptlib this way has two implications: ## Test code ## -The `tests/` directory contains an initial test script, written in -Python, using the standard Cryptlib Python bindings. The Cryptlib -Python environment is a fairly literaly translation of the Cryptlib C +The `tests/` directory contains a few test scripts, written in Python, +using the standard Cryptlib Python bindings. The Cryptlib Python +environment is a fairly literaly translation of the Cryptlib C environment, so portions of it will be a bit, um, surprising to Python -programmers, but the basic functionality works. +programmers, but the basic functionality works. Note that it's normal +for test scripts to fail when the functionality they're testing isn't +loaded on the FPGA. ## Copyright status ## |