| Age | Commit message (Collapse) | Author |
|---|
|
Running this check in constant time probably isn't necessary, but it
plugs a (somewhat far-fetched) timing leak and is easy enough. While
we're at this, we also skip the CRC check, which is irrelevant here.
|
|
|
|
|
|
|
|
Whack masterkey code to meet libhal coding standards, such as they
are.
Started layout of new ks_flash data structures but no changes to
functions or flash usage yet.
MKM initialization from flash placed under compile-time conditional
with warning because it's a dangerous kludge that should go away.
Started getting rid of obsolete keystore code; ks_mmap.c kept for now,
until I get around to merging the useful bits into ks_volatile.
|
|
This is an open source C99 CRC-32 implementation generated by pycrc,
see notes in source on copyright status and pycrc options used.
crc32.c contains two different implementations of the CRC-32 algorithm
with the same API, one optimized for speed, the other optimized for
much smaller code space at the expense of speed. We use the fast
implementation by default, but maybe the small implementation will be
useful, eg, in the bootloader. Remove the extra later if this turns
out to have been a waste of time.
|
|
PKCS #11 expects a DigestInfo rather than a raw digest when passing a
pre-computed digest for PKCS #1.5 signature or verification, so the
rpc_pkey signature and verification calls do too. This requires
special case handling of RSA when the user passes a digest handle in
mixed mode. Annoying, but PKCS #1.5 is weird enoug that there's no
way to avoid some kind of special case handling, this approach has the
advantage of not requiring us to parse and reconstruct the ASN.1, and
is probably what PKCS #11 has trained software to expect in any case.
|
|
err = hal_foo() || hal_bar() || hal_baz;
maps all errors to 1 (HAL_ERROR_BAD_ARGUMENTS).
|
|
See, reading from an unconfigured FPGA returns all-1, while reading from
empty cores on a configured FPGA returns all-0. The consequence of this is
that the HSM was probing the FPGA once on startup, filling its core table
with 0xff, rendering the FPGA useless.
Along the way, I put the FPGA core table in static memory, rather than
malloc'ing it, because that's not so good in an embedded environment.
But I kept the linked list, because that at least tells us what to do if
HAL_STATIC_CORE_STATE_BLOCKS is 0.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This change allows the RPC MUX daemon to use the same environment
variable scheme to configure the RPC device and line speed as the
stand-alone RPC client code does, the only difference being that the
daemon, being an independent program, still allows one to override
these settings from the command line.
|
|
obscure.
|
|
|
|
This is a hopefully temporary stopgap, in lieu of proper resource
management and/or sharing of cores between threads.
|
|
|
|
|
|
|
|
|
|
Find a suitable core, and mark it busy. Don't forget to release it as soon
as you're done. This has a knock-on effect of un-const'ing core arguments
and struct fields in a lot of places, and it moves some core checks around.
|
|
|
|
|
|
tcsetattr().
With this change, we appear to have working libhal client code on Mac OS X.
|
|
|
|
Too many recent tweaks to same few lines of this Makefile for a
straight merge to work; fortunately, the obvious simplification should
also work as a fix for the most recent problem.
|
|
|
|
|
