aboutsummaryrefslogtreecommitdiff
path: root/ks_flash.c
AgeCommit message (Collapse)Author
2016-09-26Rewrite block_erase_maybe() to run the "maybe" check in constant time.Rob Austein
Running this check in constant time probably isn't necessary, but it plugs a (somewhat far-fetched) timing leak and is easy enough. While we're at this, we also skip the CRC check, which is irrelevant here.
2016-09-23Use subsectors instead of sectors in keystore.Rob Austein
2016-09-16Debug new ks_flash code.Rob Austein
2016-09-16Revised ks_flash. Compiles, not yet tested.Rob Austein
2016-09-13Cleanup prior to rewriting ks_flash.c.Rob Austein
Whack masterkey code to meet libhal coding standards, such as they are. Started layout of new ks_flash data structures but no changes to functions or flash usage yet. MKM initialization from flash placed under compile-time conditional with warning because it's a dangerous kludge that should go away. Started getting rid of obsolete keystore code; ks_mmap.c kept for now, until I get around to merging the useful bits into ks_volatile.
2016-09-12Doh, allow keystore reinitialization after unclean reboot.Rob Austein
2016-09-11Explicit initialization of keystore drivers instead of guessing.Rob Austein
2016-09-09Missed a few instances of type-based key naming in keystore drivers.Rob Austein
2016-09-09Simplify hal_rpc_pkey_find() by removing `type` argument.Rob Austein
Now that key names are UUIDs generated by the HSM, there's no real need to specify type key type when looking up a key, and removing the `type` argument allows a few simplifications of both the internal keystore API and of client code calling the public RPC API.
2016-09-08New keystore index internal API. Compiles, not yet integrated or tested.Rob Austein
2016-09-01Move in-memory keystore from client to server. Whack with club until compiles.Rob Austein
Fixes for various minor issues found while integrating with sw/stm32. Moving the in-memory keystore (PKCS #11 session objects, etc) from the client library to the HSM was on the near term to-do list in any case, doing it now turned out to be the easiest way to solve one of the build problems.
2016-09-01Revised keystore API, part one. Not usable yet.Rob Austein
Changes to implement a revised keystore API. This code probably won't even compile properly yet, and almost certainly will not run, but most of the expected changes are complete at this point. Main points: * Key names are now UUIDs, and are generated by the HSM, not the client. * Keystore API no longer assumes that key database is resident in memory (original API was written on the assumption that the keystore flash would be mapped into the HSM CPU's address space, but apparently the board and flash drivers don't really support that). A few other changes have probably crept in, but the bulk of this changeset is just following through implications of the above, some of which percolate all the way back to the public RPC API.
2016-07-06Return an intelligent error from hal_ks_get_kek.Paul Selkirk
2016-06-24Use hal_error_t as suggested by Rob.Fredrik Thulin
2016-06-23Implement master key for wrapping keys in the keystore.Fredrik Thulin
The KEK (Key Encryption Key) is first fetched from the FPGA that gets it from the volatile Master Key Memory (that in theory has tamper*kek_len = len protection with wiping), and secondly from flash. The flash option is meant for development/evaluation use using an Alpha board where the Master Key Memory is not battery backed. For any serious use of an Alpha, an option is to enter the master key into the volatile MKM on each power-on as a way to unlock the keystore.
2016-06-09some cleanup, and fix delete operationFredrik Thulin
2016-06-09Sort out the redeclaration of HAL_OK with Rob's help.Fredrik Thulin
Thanks Rob!
2016-06-09bugfixes and cleanups, seems to sort-of work nowFredrik Thulin
2016-06-08Implement flash keystore storage. Most of it is still untested.Fredrik Thulin
2016-05-15Tweak keystore API to allow update-in-place, so hal_ks_rename() will work.Rob Austein
2016-03-03Initial implementations of ks_get_kek(). Untested, and none of theseRob Austein
are secure (the one in ks_flash.c is a stub, and the others are for cases where we have no secure hardware in which to store the KEK). These are primarily for testing, since in the long run the entire software implementation of AES-keywrap will be replaced by Verilog which never lets software see the unwrapped key. Or so says current theory. For the moment, we just need something that will let us test the rest of the RPC and keystore mechanisms.
2015-12-23RPC interface to TRNG and (incomplete) PIN code.Rob Austein
2015-12-20RPC server stuff mostly written. Compiles, not yet tested. RPCRob Austein
public key extraction functions on hold pending ASN.1 cleanup.