aboutsummaryrefslogtreecommitdiff
path: root/tests/test-rpc_pkey.c
AgeCommit message (Collapse)Author
2017-04-11API cleanup: pkey_open() and pkey_match().Rob Austein
pkey_open() now looks in both keystores rather than requiring the user to know. The chance of collision with randomly-generated UUID is low enough that we really ought to be able to present a single namespace. So now we do. pkey_match() now takes a couple of extra arguments which allow a single search to cover both keystores, as well as matching for specific key flags. The former interface was pretty much useless for anything involving flags, and required the user to issue a separate call for each keystore. User wheel is now exempt from the per-session key lookup constraints, Whether this is a good idea or not is an interesting question, but the whole PKCS #11 derived per-session key thing is weird to begin with, and having keystore listings on the console deliberately ignore session keys was just too confusing.
2017-04-07Pull key type information from uploaded key in hal_rpc_pkey_load().Rob Austein
Now that we use PKCS #8 format for private keys, all key formats we use include ASN.1 AlgorithmIdentifier field describing the key, so specifying key type and curve as arguments to hal_rpc_pkey_load() is neither necessary nor particularly useful.
2016-11-21Whack attribute code with a club until it works with PKCS #11.Rob Austein
PKCS #11 supports zero-length attributes (eg, CKA_LABEL) so hack of using zero length attribute as NIL value won't work, instead we use a slightly more portable version of the hack PKCS #11 uses (PKCS #11 stuffs -1 into a CK_ULONG, we stuff 0xFFFFFFFF into a uint32_t). ks_attribute.c code was trying too hard and tripping over its own socks. Instead of trying to maintain attributes[] in place during modification, we now perform the minimum necessary change then re-scan the block. This is (very slightly) slower but more robust, both because the scan code has better error checking and because it's the scan code that we want to be sure is happy before committing a change. Rename hal_rpc_pkey_attribute_t to hal_pkey_attribute_t.
2016-11-11Drag C pkey test code up to current RPC API.Rob Austein
2016-11-10Clean out huge swacks of RPC API we don't need anymore.Rob Austein
pkey attribute API is now just set_attributes() and get_attributes().
2016-11-05Add hal_rpc_pkey_match() tests to C client test code.Rob Austein
2016-10-16Debug keystore attribute code; handle name properly in ks_index_replace().Rob Austein
hal_rpc_pkey_match() still untested.
2016-09-02Test both in-memory and on-flash keystores.Rob Austein
2016-09-01Move in-memory keystore from client to server. Whack with club until compiles.Rob Austein
Fixes for various minor issues found while integrating with sw/stm32. Moving the in-memory keystore (PKCS #11 session objects, etc) from the client library to the HSM was on the near term to-do list in any case, doing it now turned out to be the easiest way to solve one of the build problems.
2016-06-01Add hal_rpc_client_close() where needed.Paul Selkirk
2016-03-29Remove unneeded hal_internal.hPaul Selkirk
2016-03-12Test RPC key generation API.Rob Austein
2016-03-12Doh, helps to specify the curve.Rob Austein
2016-03-12Basic RPC ECDSA tests.Rob Austein
2016-03-11First round of debugging based on RPC pkey tests: mostly ASN.1Rob Austein
silliness, with a bit of PKCS #1.5 padding silliness for desert.
2016-03-11First step towards RPC PKEY tests. Currently RSA-only, test-vectorRob Austein
only, requires AES core (for key wrapping).