aboutsummaryrefslogtreecommitdiff
path: root/tests
AgeCommit message (Collapse)Author
2020-07-13Whack all Python shebangs to Python 3Rob Austein
2020-06-10Fix remaining Python 3 unit test string encoding bugRob Austein
Really just one bug, but confusingly masked by an interaction between generators and our XDR context manager, so don't use the context manager in the one generator method in the cryptech.libhal API. Also run reindent.py on a few old test modules.
2020-05-26Wow, python-version-independent hexadecimal is painfulRob Austein
2020-05-25Untested conversion to support Python 3Rob Austein
2019-04-02Small cleanups in RPC code, e.g. to support null arguments.Paul Selkirk
- Add support for null pointer arguments in RPCs for get_digest_algorithm_id and get_public_key. This is years overdue, and would have obviated the need for get_public_key_len as a separate RPC. - Refactor pkey_local_get_public_key_len in terms of pkey_local_get_public_key. - Add more parameter sanity checks to rpc_api.c. - Add a len_max parameter to hal_xdr_decode_variable_opaque, rather than having len be an in/out parameter. This brings xdr slightly more in line with the rest of the code base (again after literal years), and slightly simplifies several calls in rpc_client.c.
2019-03-31Hashsig cleanup.Paul Selkirk
- Move hashsig.h contents into hal.h. - Uppercase lmots and lms algorithm types, because we have a convention that enum values are uppercase. - Change all I to hal_uuid_t, because that how we're using them, and it seems silly to have two different 16-byte array types. - Change all "memcpy(&this, &that, sizeof(this))" to "this = that", because it's more succinct, more type-safe, and harder to get wrong. - Slightly tighten up lmots_generate, lmots_sign, and lmots_public_key_candidate. - Remove verbatim draft text, now that I'm pretty sure I implemented it correctly.
2019-03-04Restructure hashsig test programPaul Selkirk
2019-03-04Use the hashsig pseudorandom key generation method if the key is exportable.Paul Selkirk
2018-12-03add some more statistics to parallel-signatures.pyPaul Selkirk
2018-08-12Simplify makefile to make them easier to use with non-default directory namesPaul Selkirk
2018-08-12Clean up builds for *BSD/clang.Paul Selkirk
Move lm[ot]s_algorithm_t definitions to hal.h, prefix all public symbols with 'hal_'. Remove some unused functions. Wrap hal_pkey_slot_t initializers in an extra set of curly braces. Remove an unused-argument kludge (x=x;) because gcc doesn't care, and clang complains. Make timersub a proper macro. Add some casts to printf arguments, because !@#$ printf formats.
2018-08-11Un-break builds on MacOS.Rob Austein
timersub() is a macro on *BSD, including MacOS, so redefinition as a function in hashsig test code was breaking the whole build. Clang has other comments on the hashsig code, leaving those for Paul.
2018-07-25Merge branch 'hashsig'Paul Selkirk
2018-05-20Better hal_core_alloc() semantics, assert() and printf() cleanup.Rob Austein
Various fixes extracted from the abandoned(-for-now?) reuse-cores branch, principally: * Change hal_core_alloc*() to support core reuse and to pick the least-recently-used core of a particular type otherwise; * Replace assert() and printf() calls with hal_assert() and hal_log(), respectively. assert() is particularly useless on the HSM, since it sends its error message into hyperspace then hangs the HSM.
2018-05-20Clean up parallel signature test script.Rob Austein
Aside from not really needing to use every crayon in the box, using a simpler control structure makes exceptions behave more as one expects.
2018-04-19Reconstruct the hashsig hash tree(s) on device restart.Paul Selkirk
2018-04-19Update to draft-10: clarifications and Test Case 2;Paul Selkirk
add ability to export public key to xdr for interop testing
2018-04-19Add Test Case 2 from draft-mcgrew-09Paul Selkirk
2018-04-19Implement hash-based signatures, per draft-mcgrew-hash-sigs-08.txtPaul Selkirk
2018-04-19Refactor XDR code, add support for fixed-length opaque data.Paul Selkirk
2018-03-30More accurate timing.Rob Austein
2018-03-30Tweak report output.Rob Austein
Copy ContextManagedUnpacker from latest version of libhal.py so that this script won't depend on the current development code.
2018-03-30First cut at parallel signature timing test.Rob Austein
At the moment this only handles RSA keys, and can only handle one size of key at a time. More bells and whistles will follow eventually, now that the basic asynchronous API to our RPC protocol works.
2017-12-13Merge branch systolic_crt into master.Rob Austein
This branch was sitting for long enough that master had been through a cleanup pass, so beware of accidental reversions.
2017-10-23Cleanup signed/unsigned mismatches, mostly in loop countersPaul Selkirk
2017-09-13Preliminary support for parallel core RSA CRT.Rob Austein
2017-09-09Whack with club until compiles.Rob Austein
2017-07-03Fencepost error (1-based counting using xrange(), sigh).Rob Austein
2017-06-27Key generation timing.Rob Austein
Initial version, very basic, RSA-only. Gussy up later.
2017-04-17Move hal_rpc_server_main() to test code.Paul Selkirk
2017-04-11API cleanup: pkey_open() and pkey_match().Rob Austein
pkey_open() now looks in both keystores rather than requiring the user to know. The chance of collision with randomly-generated UUID is low enough that we really ought to be able to present a single namespace. So now we do. pkey_match() now takes a couple of extra arguments which allow a single search to cover both keystores, as well as matching for specific key flags. The former interface was pretty much useless for anything involving flags, and required the user to issue a separate call for each keystore. User wheel is now exempt from the per-session key lookup constraints, Whether this is a good idea or not is an interesting question, but the whole PKCS #11 derived per-session key thing is weird to begin with, and having keystore listings on the console deliberately ignore session keys was just too confusing.
2017-04-07Pull key type information from uploaded key in hal_rpc_pkey_load().Rob Austein
Now that we use PKCS #8 format for private keys, all key formats we use include ASN.1 AlgorithmIdentifier field describing the key, so specifying key type and curve as arguments to hal_rpc_pkey_load() is neither necessary nor particularly useful.
2016-11-21Whack attribute code with a club until it works with PKCS #11.Rob Austein
PKCS #11 supports zero-length attributes (eg, CKA_LABEL) so hack of using zero length attribute as NIL value won't work, instead we use a slightly more portable version of the hack PKCS #11 uses (PKCS #11 stuffs -1 into a CK_ULONG, we stuff 0xFFFFFFFF into a uint32_t). ks_attribute.c code was trying too hard and tripping over its own socks. Instead of trying to maintain attributes[] in place during modification, we now perform the minimum necessary change then re-scan the block. This is (very slightly) slower but more robust, both because the scan code has better error checking and because it's the scan code that we want to be sure is happy before committing a change. Rename hal_rpc_pkey_attribute_t to hal_pkey_attribute_t.
2016-11-11Drag C pkey test code up to current RPC API.Rob Austein
2016-11-10Clean out huge swacks of RPC API we don't need anymore.Rob Austein
pkey attribute API is now just set_attributes() and get_attributes().
2016-11-05Add hal_rpc_pkey_match() tests to C client test code.Rob Austein
2016-10-25Uppercase HAL_DIGEST_ALGORITHM_ symbols for API consistency.Rob Austein
2016-10-16Debug keystore attribute code; handle name properly in ks_index_replace().Rob Austein
hal_rpc_pkey_match() still untested.
2016-09-02Test both in-memory and on-flash keystores.Rob Austein
2016-09-02Code to convert between text and internal forms of UUIDs.Rob Austein
Includes a few cosmetic fixes to address gcc format string warnings and git trailing whitespace warnings.
2016-09-01Move in-memory keystore from client to server. Whack with club until compiles.Rob Austein
Fixes for various minor issues found while integrating with sw/stm32. Moving the in-memory keystore (PKCS #11 session objects, etc) from the client library to the HSM was on the near term to-do list in any case, doing it now turned out to be the easiest way to solve one of the build problems.
2016-08-10Merge branch 'resource_management'Paul Selkirk
2016-07-06Add a couple more testsPaul Selkirk
2016-07-05Attempt to add resource management, for multiple cores of the same type.Paul Selkirk
Find a suitable core, and mark it busy. Don't forget to release it as soon as you're done. This has a knock-on effect of un-const'ing core arguments and struct fields in a lot of places, and it moves some core checks around.
2016-06-26Update libhal makefiles to use new LIBxxx_SRC / LIBxxx_BLD scheme so libhal ↵Rob Austein
can find tfm.h again.
2016-06-25Rename GNUmakefile to Makefile for consistency.Paul Selkirk
2016-06-24Support VPATH builds.Rob Austein
2016-06-14Collapse RPC_CLIENT and RPC_SERVER makefile settings into a single RPC_MODE ↵Rob Austein
setting.
2016-06-14Add support for ModExpA7Paul Selkirk
2016-06-10Another attempt to clean up the libhal makefile hairball.Rob Austein