aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-04-06First cut at libhal.py support for key backup.Rob Austein
2017-04-06Fix a few dumb compile-time bugs.Rob Austein
2017-04-05First cut at key backup code. Not tested yet.Rob Austein
Still missing Python script to drive backup process, and need to do something about setting the EXPORTABLE key flag for this to be useful.
2017-04-04Rework PKCS #8 PrivateKeyInfo wrapper code.Rob Austein
Handle AlgorithmIdentifier.parameters as in SubjectPublicKeyInfo: the field is OPTIONAL, but it's usually set to NULL if no OID is present. I have a vague memory that this is fallout from a specification error years ago in which the OPTIONAL was accidently left out. Whatever.
2017-04-04Fix strnagely-named test.Rob Austein
2017-04-03PKCS #8 bumps max key buffer size up by a few bytes.Rob Austein
2017-04-03Merge branch 'pymux' into pkcs8Rob Austein
2017-04-03Race condition in test was triggering HAL_ERROR_KEY_NOT_FOUND.Rob Austein
2017-04-03Unit tests mostly working with PKCS #8.Rob Austein
A few parsing problems remaining, mostly with objects large enough that PKCS #8 may have pushed them over some buffer size or another. These are all with RSA, where the Python code (PyCrypto) already supported PKCS #8, so most likely it's a problem in the new C code. Python ECDSA PKCS #8 shim code is nasty and could use some cleanup. If practical, we might want to sub-class ecdsa.keys.SigningKey; we might also want to flesh this out into something we can send upstream to the author of the Python ecdsa library.
2017-04-03Obscure C syntax nit.Rob Austein
2017-04-03PKCS #8 code for RSA and ECDSA.Rob Austein
Compiles, not yet tested. Existing tests need conversion to PKCS #8 before we can do anything useful with this. Once everything uses PKCS #8 instead of algorithm-specific formats, we can revisit API issues like whether hal_rpc_pkey_load() should still be taking `type` and `curve` arguments.
2017-04-02PKCS #8 ASN.1 wrapper functions.Rob Austein
2017-03-28Snapshot PKCS #8 Python hacks.Rob Austein
This will almost certainly merge into test scripts or libhal.py at some later date, right now just get it into git for archive.
2017-03-10Typo.Rob Austein
2017-03-09Merge branch 'ksng' into pymuxRob Austein
2017-03-09Backport ECDSA core support to ksng branch.Rob Austein
Support for the core/pkey/ecdsa{256,384} cores is cooked before the branch on which it was based. Oops. Time to backport. See pymux branch for original commit history. git should do the right thing when the pymux branch is cooked enough to merge back to the ksng or master branches.
2017-03-09Merge branch 'hw_ecdsa_p256' into pymuxRob Austein
Support for core/pkey/ecdsa256 and core/pkey/ecdsa384.
2017-03-08Clean up libhal build system a bit.Rob Austein
Exporting CFLAGS as an environment variable turns out to interact badly with certain other settings here. I *think* this only happens when we use one of the shorthand targets which re-runs make in the same directory with non-default settings, but this is complicated enough without having to remember which voodoo triggers it. So instead of exporting CFLAGS as an environment variable we just pass it on the command line in the handful of cases where it's needed.
2017-03-08Cleanup.Rob Austein
2017-03-06Support setting attributes via keyword arguments.Rob Austein
2017-03-06Add timestamps to debug logging.Rob Austein
2017-03-06Debugging code to track message flow.Rob Austein
2017-03-06Bump size of some static tables, particuarly pkey slots.Rob Austein
2017-03-04Add --io-log option to unit-tests.py.Rob Austein
2017-03-04Don't use assert() for point-on-curve checks.Rob Austein
The stock assert() implementation turns out to be problematic in the stm32 environment, due to the lack of an output device, which makes "assert(foo)" equivalent to "if (!foo) abort()", leading to silent hangs. We probably ought to reimplement assert() to do something more useful, but, for now, avoid using it for "impossible" conditions which we do seem to be triggering anyway, like the occasional point-not-on-curve errors we get for points we ourselves have picked when testing multiple ECDSA clients in parallel. This should never happen, and we need to figure out what's causing it, but hanging the HSM when it happens does not help very much. assert() is somewhat problematic in an embedded environment in any case, since anything that can go wrong really should have some kind of recovery action, but in some of the low-probability cases it's far from obvious what sane recovery action we could possibly take.
2017-03-03Fix race condition in pkey_slot allocation.Rob Austein
2017-03-03Doh! Works better if one tests the right status bit.Rob Austein
2017-03-02Merge branch 'pymux' into hw_ecdsa_p256Rob Austein
2017-03-02Fix dumb copy/paste errors.Rob Austein
2017-03-02Refactor to add P384 support. Untested.Rob Austein
2017-03-01Merge ECDSA private key fix from branch ksng into branch pymux.Rob Austein
2017-03-01Compute public key if necessary when loading a private key.Rob Austein
libhal and PKCS #11 have slightly different models of private keys: in libhal, a "private key" object is really a keypair, while in PKCS #11 a private key really is a naked private key. This was a deliberate design decision in libhal, both for simplicity and to better support user interfaces other than PKCS #11, so we'd rather not change it. This difference doesn't matter very much for RSA keys in PKCS #11, where the private key components are a superset of the public key components anyway, but the PKCS #11 template for ECDSA private keys doesn't allow setting public key components with C_CreateObject(). Fortunately, computing the public components of an ECDSA key pair from the private key is straightforward, so we just do that when needed.
2017-02-27Compile-time configuration of software-only hash cores.Rob Austein
2017-02-27Track change to stm32 keystore API.Rob Austein
2017-02-14Erase new head of free list in ks_store().Rob Austein
2017-02-14Merge branch 'pymux' of git.cryptech.is:sw/libhal into pymuxRob Austein
Merge Paul's review comments.
2017-02-13Add some comments for things I figured out while reviewing code.Paul Selkirk
2017-02-03Unit test cleanup.Rob Austein
Log exceptions immediately when failing a test; doesn't replace backtrace at end of test run, but since a full test run can take a while it's useful to know what failed closer to when it happened. More conditionals to skip tests which require external Python crypto packages when those packages aren't installed.
2017-02-03Debug logging for pkey open/close/delete events.Rob Austein
2017-02-03Clean up csprng driver.Rob Austein
2017-02-02Add locking around keystore operations.Rob Austein
2017-01-31Enable low-level debugging support in libhal.py.Rob Austein
2017-01-26First attempt at using Pavel's ecdsa256 core. Not working yet.Rob Austein
Attempts to use Pavel's ecdsa256 base point multiplier instead of software point multiplier when selecting new random points (that is, when generating P-256 keys or P-256 signatures). Resulting points pass the point validation test (point_is_on_curve()) but the resulting signatures are invalid. Don't know why yet. Seems like an odd combination, as one would expect random garbage to fail validation. In any case: this commit is intended to archive progress so far, and perhaps see if somebody else can spot what's wrong. As presently coded, this wouldn't be suitable for production use even if it worked. NB: As I understand it, the ecdsa256 core is *not* a general purpose point multiplier even just for the P-256 curve. Rather, it is strictly a base point multiplier: it takes a single scalar as input, and returns the X,Y affine coordinates of the curve's base point multiplied by that scalar. This is essentially the eliptic curve portion of the computation involved in picking a random point for key or signature generation, but is not useful for signature validation. See the README.md in Pavel's source repository for further details.
2017-01-12Probing wants a brief delay after probe string on some machines.Rob Austein
Probably reached the point of diminishing returns for trying to get probing to work better. Best option, where practical, is to avoid probing completely; when necessary, best run it once then avoid repeating it. cryptech_muxd will probe if requested, but probing is never going to be reliable. Dedicated VID:PID would be much better.
2017-01-12Finish logging code, skip initialization for missing devices.Rob Austein
2017-01-12Refactor and simplify, whole program fits on one screen now.Rob Austein
2017-01-11Cleanup.Rob Austein
2017-01-11Add internal port probing code (like running cryptech_probe first).Rob Austein
Internal probe code mostly works, probably about as well as cryptech_probe ever did, but almost certainly needs timeouts around its I/O calls, and perhaps additional error handling. At the moment, it works except when it doesn't, just like cryptech_probe. Some day we'll get away from this kludge, but not today.
2017-01-10Handle connection close events properly, use logging library.Rob Austein
2017-01-05Whack multiplexer to handle console too.Rob Austein
Renamed multiplexer to cryptech_muxd, since it now handles both RPC and CTY. Added new program cryptech_console to act as client for CTY multiplexer. Might want to add console logging capability eventually, not today. Probably want to incorporate UART probing (what cryptech_probe does now) eventually, also not today.