Age | Commit message (Collapse) | Author | |
---|---|---|---|
2016-06-23 | Implement master key for wrapping keys in the keystore. | Fredrik Thulin | |
The KEK (Key Encryption Key) is first fetched from the FPGA that gets it from the volatile Master Key Memory (that in theory has tamper*kek_len = len protection with wiping), and secondly from flash. The flash option is meant for development/evaluation use using an Alpha board where the Master Key Memory is not battery backed. For any serious use of an Alpha, an option is to enter the master key into the volatile MKM on each power-on as a way to unlock the keystore. | |||
2016-06-14 | Doh, don't build RPC client transport code when we're building the | Rob Austein | |
server library, even if the old makefile (sometimes) did do that. | |||
2016-06-14 | Collapse RPC_CLIENT and RPC_SERVER makefile settings into a single RPC_MODE ↵ | Rob Austein | |
setting. | |||
2016-06-12 | Turn hardware modexp off again, as it has problems with some of the key ↵ | Rob Austein | |
sizes hsmbully tries. | |||
2016-06-10 | Helps to get the makefile variable names right. | Rob Austein | |
2016-06-10 | Another attempt to clean up the libhal makefile hairball. | Rob Austein | |
2016-06-09 | hash.c triggers gcc's strict-aliasing warnings. | Rob Austein | |
2016-06-03 | mkmif.o got lost in makefile cleanup (9ad64e1) | Paul Selkirk | |
2016-06-02 | Add RPC client daemon. | Paul Selkirk | |
2016-06-01 | Make the makefile hopefully a little more readable/maintainable. | Paul Selkirk | |
2016-05-25 | Start cleaning up PIN code. | Rob Austein | |
2016-05-24 | Add mkmif | Paul Selkirk | |
2016-03-29 | Client includes rsa, ecdsa, asn1. | Paul Selkirk | |
Server includes rpc_api because rpc_pkey.c calls hal_rpc_hash_* Remote client uses software modexp. Mixed client uses software hash. Add convenience targets for client, server, etc. | |||
2016-03-21 | Merge branch 'master' into rpc | Paul Selkirk | |
2016-03-21 | stupid fixes | Paul Selkirk | |
2016-03-21 | Don't build position-independent code for stm32. | Paul Selkirk | |
2016-03-16 | Added serial RPC transport and lots more... | Paul Selkirk | |
Added RPC function to get server version number. Substantially reworked GNUMakefile with conditionals. Renamed rpc_*() and xdr_*() to hal_*() for consistency. Moved hal_io_fmc.c from stm32 repo. | |||
2016-03-12 | Merge branch 'master' into rpc | Rob Austein | |
2016-03-12 | Disable ECDSA static-test-vectors hack, fix call to hal_get_random() | Rob Austein | |
which was using the old (pre-hal_core_t) calling sequence. | |||
2016-02-25 | RPC over loopback socket, just to work out the mechanics for serialization ↵ | Paul Selkirk | |
and dispatch. | |||
2015-12-23 | RPC interface to TRNG and (incomplete) PIN code. | Rob Austein | |
2015-12-21 | Fix names of private key DER functions. | Rob Austein | |
2015-12-20 | RPC server stuff mostly written. Compiles, not yet tested. RPC | Rob Austein | |
public key extraction functions on hold pending ASN.1 cleanup. | |||
2015-12-13 | Merge Paul's copyright updates. | Rob Austein | |
2015-12-13 | whack copyrights | Paul Selkirk | |
2015-12-13 | Add rpc_hash.c. Convert dynamic allocator in hash.c to use private | Rob Austein | |
pool of pre-configured state blocks, suitable for an embedded system. | |||
2015-12-11 | RPC API dispatch, skeleton client functions, mixed-mode handlers for | Rob Austein | |
local hashing with remote pkey. | |||
2015-11-13 | Merge branch 'config_core_selector' | Paul Selkirk | |
2015-10-29 | change CFLAGS assignment to += for cross-building | Paul Selkirk | |
2015-10-26 | Use ${AR} for cross-building. | Paul Selkirk | |
Regular ar is fine, but this feels cleaner. | |||
2015-10-04 | Whack libhal API to use current configure_core_selector mechanism. | Rob Austein | |
Compiles, not yet tested. | |||
2015-10-04 | off_t => hal_addr_t. | Rob Austein | |
2015-08-24 | First stumblings towards ECDSA test code. | Rob Austein | |
2015-08-21 | Snapshot along the way to ECDSA. Code mostly written, except for | Rob Austein | |
ecdsa_verify(). Untested. Point addition and doubling algorithms are the ones from libtomcrypt, main point of this commit is to save those before replacing them with faster algorithms from hyperelliptic.org. | |||
2015-07-07 | Track move of third party libraries to /sw/thirdparty/. | Rob Austein | |
2015-07-05 | NULL-terminate string list, doh. | Rob Austein | |
2015-07-05 | Get rid of autoconf, as we don't really need it. Add eim_peek_poke | Rob Austein | |
utility program, based on Paul's example in the core/platform/novena repository. |