Age | Commit message (Collapse) | Author |
|
Whack masterkey code to meet libhal coding standards, such as they
are.
Started layout of new ks_flash data structures but no changes to
functions or flash usage yet.
MKM initialization from flash placed under compile-time conditional
with warning because it's a dangerous kludge that should go away.
Started getting rid of obsolete keystore code; ks_mmap.c kept for now,
until I get around to merging the useful bits into ks_volatile.
|
|
|
|
err = hal_foo() || hal_bar() || hal_baz;
maps all errors to 1 (HAL_ERROR_BAD_ARGUMENTS).
|
|
Find a suitable core, and mark it busy. Don't forget to release it as soon
as you're done. This has a knock-on effect of un-const'ing core arguments
and struct fields in a lot of places, and it moves some core checks around.
|
|
|
|
The KEK (Key Encryption Key) is first fetched from the FPGA that gets it
from the volatile Master Key Memory (that in theory has tamper*kek_len =
len protection with wiping), and secondly from flash.
The flash option is meant for development/evaluation use using an Alpha
board where the Master Key Memory is not battery backed. For any serious
use of an Alpha, an option is to enter the master key into the volatile
MKM on each power-on as a way to unlock the keystore.
|