Age | Commit message (Collapse) | Author | |
---|---|---|---|
2018-04-19 | Reconstruct the hashsig hash tree(s) on device restart. | Paul Selkirk | |
2018-03-15 | Update to draft-10: clarifications and Test Case 2; | Paul Selkirk | |
add ability to export public key to xdr for interop testing | |||
2018-03-10 | Add Test Case 2 from draft-mcgrew-09 | Paul Selkirk | |
2018-02-27 | Implement hash-based signatures, per draft-mcgrew-hash-sigs-08.txt | Paul Selkirk | |
2018-02-27 | Refactor XDR code, add support for fixed-length opaque data. | Paul Selkirk | |
2017-12-13 | Merge branch systolic_crt into master. | Rob Austein | |
This branch was sitting for long enough that master had been through a cleanup pass, so beware of accidental reversions. | |||
2017-10-23 | Cleanup signed/unsigned mismatches, mostly in loop counters | Paul Selkirk | |
2017-09-13 | Preliminary support for parallel core RSA CRT. | Rob Austein | |
2017-09-09 | Whack with club until compiles. | Rob Austein | |
2017-07-03 | Fencepost error (1-based counting using xrange(), sigh). | Rob Austein | |
2017-06-27 | Key generation timing. | Rob Austein | |
Initial version, very basic, RSA-only. Gussy up later. | |||
2017-04-17 | Move hal_rpc_server_main() to test code. | Paul Selkirk | |
2017-04-11 | API cleanup: pkey_open() and pkey_match(). | Rob Austein | |
pkey_open() now looks in both keystores rather than requiring the user to know. The chance of collision with randomly-generated UUID is low enough that we really ought to be able to present a single namespace. So now we do. pkey_match() now takes a couple of extra arguments which allow a single search to cover both keystores, as well as matching for specific key flags. The former interface was pretty much useless for anything involving flags, and required the user to issue a separate call for each keystore. User wheel is now exempt from the per-session key lookup constraints, Whether this is a good idea or not is an interesting question, but the whole PKCS #11 derived per-session key thing is weird to begin with, and having keystore listings on the console deliberately ignore session keys was just too confusing. | |||
2017-04-07 | Pull key type information from uploaded key in hal_rpc_pkey_load(). | Rob Austein | |
Now that we use PKCS #8 format for private keys, all key formats we use include ASN.1 AlgorithmIdentifier field describing the key, so specifying key type and curve as arguments to hal_rpc_pkey_load() is neither necessary nor particularly useful. | |||
2016-11-21 | Whack attribute code with a club until it works with PKCS #11. | Rob Austein | |
PKCS #11 supports zero-length attributes (eg, CKA_LABEL) so hack of using zero length attribute as NIL value won't work, instead we use a slightly more portable version of the hack PKCS #11 uses (PKCS #11 stuffs -1 into a CK_ULONG, we stuff 0xFFFFFFFF into a uint32_t). ks_attribute.c code was trying too hard and tripping over its own socks. Instead of trying to maintain attributes[] in place during modification, we now perform the minimum necessary change then re-scan the block. This is (very slightly) slower but more robust, both because the scan code has better error checking and because it's the scan code that we want to be sure is happy before committing a change. Rename hal_rpc_pkey_attribute_t to hal_pkey_attribute_t. | |||
2016-11-11 | Drag C pkey test code up to current RPC API. | Rob Austein | |
2016-11-10 | Clean out huge swacks of RPC API we don't need anymore. | Rob Austein | |
pkey attribute API is now just set_attributes() and get_attributes(). | |||
2016-11-05 | Add hal_rpc_pkey_match() tests to C client test code. | Rob Austein | |
2016-10-25 | Uppercase HAL_DIGEST_ALGORITHM_ symbols for API consistency. | Rob Austein | |
2016-10-16 | Debug keystore attribute code; handle name properly in ks_index_replace(). | Rob Austein | |
hal_rpc_pkey_match() still untested. | |||
2016-09-02 | Test both in-memory and on-flash keystores. | Rob Austein | |
2016-09-02 | Code to convert between text and internal forms of UUIDs. | Rob Austein | |
Includes a few cosmetic fixes to address gcc format string warnings and git trailing whitespace warnings. | |||
2016-09-01 | Move in-memory keystore from client to server. Whack with club until compiles. | Rob Austein | |
Fixes for various minor issues found while integrating with sw/stm32. Moving the in-memory keystore (PKCS #11 session objects, etc) from the client library to the HSM was on the near term to-do list in any case, doing it now turned out to be the easiest way to solve one of the build problems. | |||
2016-08-10 | Merge branch 'resource_management' | Paul Selkirk | |
2016-07-06 | Add a couple more tests | Paul Selkirk | |
2016-07-05 | Attempt to add resource management, for multiple cores of the same type. | Paul Selkirk | |
Find a suitable core, and mark it busy. Don't forget to release it as soon as you're done. This has a knock-on effect of un-const'ing core arguments and struct fields in a lot of places, and it moves some core checks around. | |||
2016-06-26 | Update libhal makefiles to use new LIBxxx_SRC / LIBxxx_BLD scheme so libhal ↵ | Rob Austein | |
can find tfm.h again. | |||
2016-06-25 | Rename GNUmakefile to Makefile for consistency. | Paul Selkirk | |
2016-06-24 | Support VPATH builds. | Rob Austein | |
2016-06-14 | Collapse RPC_CLIENT and RPC_SERVER makefile settings into a single RPC_MODE ↵ | Rob Austein | |
setting. | |||
2016-06-14 | Add support for ModExpA7 | Paul Selkirk | |
2016-06-10 | Another attempt to clean up the libhal makefile hairball. | Rob Austein | |
2016-06-01 | Add hal_rpc_client_close() where needed. | Paul Selkirk | |
2016-05-31 | SHA-224 driver and soft core. | Rob Austein | |
2016-05-24 | Widen an int in an error message, for consistency. | Paul Selkirk | |
2016-05-24 | Add mkmif | Paul Selkirk | |
2016-05-14 | Trailing whitespace cleanup. | Rob Austein | |
2016-03-29 | Remove unneeded hal_internal.h | Paul Selkirk | |
2016-03-29 | Add test-rpc_get_random | Paul Selkirk | |
2016-03-21 | Merge branch 'master' into rpc | Paul Selkirk | |
2016-03-21 | stupid fixes | Paul Selkirk | |
2016-03-21 | Skip tests we know are going to fail. | Paul Selkirk | |
2016-03-16 | Added serial RPC transport and lots more... | Paul Selkirk | |
Added RPC function to get server version number. Substantially reworked GNUMakefile with conditionals. Renamed rpc_*() and xdr_*() to hal_*() for consistency. Moved hal_io_fmc.c from stm32 repo. | |||
2016-03-12 | Test RPC key generation API. | Rob Austein | |
2016-03-12 | Doh, helps to specify the curve. | Rob Austein | |
2016-03-12 | Basic RPC ECDSA tests. | Rob Austein | |
2016-03-11 | First round of debugging based on RPC pkey tests: mostly ASN.1 | Rob Austein | |
silliness, with a bit of PKCS #1.5 padding silliness for desert. | |||
2016-03-11 | First step towards RPC PKEY tests. Currently RSA-only, test-vector | Rob Austein | |
only, requires AES core (for key wrapping). | |||
2016-03-09 | Tweak handling of byte swapping in software hash cores to get rid of | Rob Austein | |
some unnecessary data copying. | |||
2016-02-25 | RPC over loopback socket, just to work out the mechanics for serialization ↵ | Paul Selkirk | |
and dispatch. |