aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2020-10-152 years later, Ubuntu is still shipping a broken newlib, and Rob pointsPaul Selkirk
out writing 4 bytes into a 1-byte value is probably not a good idea. So sscanf the string into an array of uint16_t, and copy out the low bytes. It's a kludge, but the alternatives are worse (e.g. bypass sscanf, and parse raw bytes).
2020-09-06Kludge cryptech_backup into working with Python 3.8Rob Austein
PyCrypto is past EOL and we really should move on, but not this close to a release. Working around the deprecated time.clock function is sick but appears to be harmless given the way that function is used in PyCrypto's internal RNG. Would be better just to use os.urandom() but that would be a much larger change. In theory, PyCryptodome is a drop-in replacement for PyCrypto which would solve this problem for us. Unfortunately, it's much less of a drop-in than its documentation suggests, even before one gets into Debian and pip disagreeing on what its name should be. Maybe someday, but not today.
2020-09-06Can't write bytes to JSON, only strRob Austein
2020-09-02Well of course there had to be one last dumb Python3 string bugpython3Rob Austein
2020-09-01Work around PyCrypto being EOL and therefore not tracking Python 3.8Rob Austein
This is a short term kludge to let the old unit test code continue to work under Python 3.8. Medium term, we should replace all use of PyCrypto with PyCryptodome (API-compatible successor package). Long term we might want a newer API, but that can wait.
2020-07-13Whack all Python shebangs to Python 3Rob Austein
2020-06-10Fix remaining Python 3 unit test string encoding bugRob Austein
Really just one bug, but confusingly masked by an interaction between generators and our XDR context manager, so don't use the context manager in the one generator method in the cryptech.libhal API. Also run reindent.py on a few old test modules.
2020-06-09Whack with club until Python 2 works again and Python 3 almost worksRob Austein
There's still something wrong with XDR for attribute lists in Python 3, XDR complains that there's unconsumed data and attributes coming back are (sometimes truncated). Python 2 works. Probably data type issue somewhere but haven't spotted it yet.
2020-05-26Wow, python-version-independent hexadecimal is painfulRob Austein
2020-05-25Untested conversion to support Python 3Rob Austein
2020-05-06If a hash core can't restore state, use a soft core instead.Paul Selkirk
2020-05-04Re-enable support for HAL_MKM_FLASH_BACKUP_KLUDGE.Paul Selkirk
2020-04-29The new keywrap core now talks directly to the MKM, so I split the codePaul Selkirk
that talks to that core out of aes_keywrap.c. The HSM will now be built with just the keywrap core, with no user access to aes or mkmif.
2020-03-25Reduce keywrap to 16 core blocks, to match how it's actually built now.Paul Selkirk
2020-03-10trivial cleanupPaul Selkirk
2020-03-10alloc mkmif core around both reads (status + KEK)Paul Selkirk
2020-03-10fallthrough comments to silence compiler warningsPaul Selkirk
2020-03-10auto-detect coresPaul Selkirk
2020-03-04Take advantage of ModExpNG core's blinding factor mutation.Paul Selkirk
2020-02-26Merge branch 'js_keywrap' to 'master'Paul Selkirk
2020-02-26Remove init checks from hal_io_[write|read], since initialization is donePaul Selkirk
in stm_init, and the checks add unneccesary delays to critical code paths.
2020-02-26Merge branch 'modexpng' to 'master'Paul Selkirk
2020-02-18timing tests for RSA signingmodexpngPaul Selkirk
2020-02-07driver for Pavel's ModExpNG corePaul Selkirk
2019-04-10Allow multiple iterations in verify, for better timing measurement.Paul Selkirk
2019-04-10Add hashsig interop tests.Paul Selkirk
2019-04-09Huh, I forgot to add a Python RPC handler for pkey_generate_hashsig,Paul Selkirk
over a year ago.
2019-04-09In pkey_local_sign_hashsig, don't create the digest in the signaturePaul Selkirk
buffer, because hal_hashsig_sign assembles the signature incrementally, and will overwrite the digest before it's ready to sign it.
2019-04-05Update FPGA core name/version listPaul Selkirk
2019-04-05The FPGA register interface now does byte-swapping in hardware, so we canPaul Selkirk
just call memcpy here. (Although it turns out to be more efficient to use an inline version of memcpy than the library function.)
2019-04-02The all-singing, all-dancing key management appPaul Selkirk
2019-04-02Small cleanups in RPC code, e.g. to support null arguments.Paul Selkirk
- Add support for null pointer arguments in RPCs for get_digest_algorithm_id and get_public_key. This is years overdue, and would have obviated the need for get_public_key_len as a separate RPC. - Refactor pkey_local_get_public_key_len in terms of pkey_local_get_public_key. - Add more parameter sanity checks to rpc_api.c. - Add a len_max parameter to hal_xdr_decode_variable_opaque, rather than having len be an in/out parameter. This brings xdr slightly more in line with the rest of the code base (again after literal years), and slightly simplifies several calls in rpc_client.c.
2019-03-31Hashsig cleanup.Paul Selkirk
- Move hashsig.h contents into hal.h. - Uppercase lmots and lms algorithm types, because we have a convention that enum values are uppercase. - Change all I to hal_uuid_t, because that how we're using them, and it seems silly to have two different 16-byte array types. - Change all "memcpy(&this, &that, sizeof(this))" to "this = that", because it's more succinct, more type-safe, and harder to get wrong. - Slightly tighten up lmots_generate, lmots_sign, and lmots_public_key_candidate. - Remove verbatim draft text, now that I'm pretty sure I implemented it correctly.
2019-03-31Add support for hashsig key export/import.Paul Selkirk
2019-03-04Restructure hashsig test programPaul Selkirk
2019-03-04On device restart, if a hashsig key was generated using the pseudorandomPaul Selkirk
method, and it's missing one or more lmots keys, those keys can be regenerated. OTOH, if an lms key is damaged or missing, it's still a fatal error, because that's the only place we record the current q value.
2019-03-04Use the hashsig pseudorandom key generation method if the key is exportable.Paul Selkirk
2019-02-28Increase volatile keystore size to allow for multi-level hashsig trees.Paul Selkirk
2019-02-01Clean up mkm.cPaul Selkirk
2019-02-01Remove global stored core pointer from mkm.c.Paul Selkirk
This forces each hal_mkmif_* function to alloc/free the core, which is a miniscule performance hit, but the only sane thing to do in a tasking environment. Otherwise (with a stored/shared core pointer), one task will initiate a read, yield in hal_io_wait, another task will initiate a read, and both will be unhappy.
2018-12-03add some more statistics to parallel-signatures.pyPaul Selkirk
2018-11-14Add some yields to hal_hashsig_ks_init, so other tasks can run while we're ↵Paul Selkirk
rebuilding the hash tree.
2018-11-14Change scanf/printf %hhx format strings to %x, because not every libc ↵Paul Selkirk
supports it. In particular, the version of newlib distributed by Ubuntu is not configured with --enable-newlib-io-c99-formats, and now includes guard code that treats %hhx as an error, rather than silently interpreting it as %hx. The net effect was to break hal_uuid_parse. (Ironically, vfprintf.c does not (yet) include this guard code, but it's probably only a matter of time, and it seemed expedient to change hal_uuid_format at the same time.)
2018-11-01Tornado 5.0 made an incompatible API change in iostream.BaseIOStream.Paul Selkirk
Found when upgrading Ubuntu to 18.10.
2018-10-29Sigh, add8e03 botched handling of 0-length hal_xdr_encode_fixed_opaque requests.Paul Selkirk
It's an edge case, but it's supported, and it's used in a few places.
2018-10-25Enable bloat tests, since they work with the current 8K keystore block size.Paul Selkirk
2018-10-25Change explicitly signed XDR buffer overflow checks to explicitly unsigned.Paul Selkirk
This fixes CT-01-006 MCU: Value cast allows a bypass of the size checks (Critical)
2018-10-25Add buffer overflow checks before allocating stack arrays.Paul Selkirk
This fixes CT-01-005: OOB writes through dynamic stack allocations (Critical)
2018-09-11Track Joachim's latest keywrap core - unroll bank-switched memory into a ↵Paul Selkirk
number of core register blocks.
2018-08-27fix pkey_remote_get_attributesPaul Selkirk
t;sra@hactrn.net> 2016-10-07 17:32:14 -0400 Checkpoint along the way to adding keystore attribute support.' href='/sw/libhal/commit/Makefile?id=db32574d6c85bb48a2f01d80eec6e241152704ff'>db32574
b3744cd
282617c
9ad64e1
282617c
38c4b78
9ad64e1

282617c





79559c5
6603db3
282617c


d3c3894
282617c



79559c5
65e8ef4

282617c
65e8ef4
282617c
17366b5
282617c
65e8ef4
9ad64e1

65e8ef4

282617c
65e8ef4
282617c
65e8ef4
9ad64e1
79559c5
282617c
b3744cd
290d6ff
282617c
3ed08b6
290d6ff
282617c
d3c3894
9e725cd
282617c
3ed08b6
9e725cd
940dd77
a1e4e4f
dcc90e0



64e5fe8

93941c6
64e5fe8





d101286
c60b4bb

86b35d7
dcc90e0
64e5fe8
dcc90e0
8642938





dcc90e0
e1c57ef
dcc90e0
fa13a84
dcc90e0

9ad64e1
940dd77
3ed08b6
940dd77

3ed08b6
940dd77

3ed08b6
940dd77
3ed08b6


17366b5
febe3ed

f94203f
fa13a84
93941c6
fa13a84
7e46c24
93941c6
083d017


79559c5
65e8ef4
083d017


c8a5dd6
f50805b
282617c
f50805b

93941c6
17366b5
f50805b
65f6634
f50805b

526e451
f50805b


36f9b66
f50805b
290d6ff


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260