From d008267960337e9e44b270b26555a7a894808746 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Mon, 24 Apr 2017 08:33:11 -0400 Subject: Clean up pkey slots and volatile keys on client logout. --- hal_internal.h | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) (limited to 'hal_internal.h') diff --git a/hal_internal.h b/hal_internal.h index 56d0936..b20bff2 100644 --- a/hal_internal.h +++ b/hal_internal.h @@ -427,6 +427,12 @@ extern hal_error_t hal_mkm_flash_erase(const size_t len); #endif +/* + * Clean up pkey stuff that's tied to a particular client. + */ + +extern hal_error_t hal_pkey_client_cleanup(const hal_client_handle_t client); + /* * Keystore API for use by the pkey implementation. * @@ -520,6 +526,9 @@ struct hal_ks_driver { uint8_t *attributes_buffer, const size_t attributes_buffer_len); + hal_error_t (*client_cleanup)(hal_ks_t *ks, + const hal_client_handle_t client); + }; @@ -681,6 +690,18 @@ static inline hal_error_t hal_ks_get_attributes(hal_ks_t *ks, attributes_buffer, attributes_buffer_len); } +static inline hal_error_t hal_ks_client_cleanup(hal_ks_t *ks, + const hal_client_handle_t client) +{ + if (ks == NULL) + return HAL_ERROR_BAD_ARGUMENTS; + + if (ks->client_cleanup == NULL || client.handle == HAL_HANDLE_NONE) + return HAL_OK; + + return ks->driver->client_cleanup(ks, client); +} + /* * Keystore index. This is intended to be usable by both memory-based * (in-memory, mmap(), ...) keystores and keystores based on raw flash. -- cgit v1.2.3 From 4ee44177c6da04e210a52528763b2c96a8f3d824 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Mon, 24 Apr 2017 17:23:17 -0400 Subject: Call a portable entrenching tool a portable entrenching tool. --- hal_internal.h | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'hal_internal.h') diff --git a/hal_internal.h b/hal_internal.h index b20bff2..f6c31fe 100644 --- a/hal_internal.h +++ b/hal_internal.h @@ -428,10 +428,10 @@ extern hal_error_t hal_mkm_flash_erase(const size_t len); #endif /* - * Clean up pkey stuff that's tied to a particular client. + * Clean up pkey stuff that's tied to a particular client on logout. */ -extern hal_error_t hal_pkey_client_cleanup(const hal_client_handle_t client); +extern hal_error_t hal_pkey_logout(const hal_client_handle_t client); /* * Keystore API for use by the pkey implementation. @@ -526,8 +526,8 @@ struct hal_ks_driver { uint8_t *attributes_buffer, const size_t attributes_buffer_len); - hal_error_t (*client_cleanup)(hal_ks_t *ks, - const hal_client_handle_t client); + hal_error_t (*logout)(hal_ks_t *ks, + const hal_client_handle_t client); }; @@ -690,16 +690,16 @@ static inline hal_error_t hal_ks_get_attributes(hal_ks_t *ks, attributes_buffer, attributes_buffer_len); } -static inline hal_error_t hal_ks_client_cleanup(hal_ks_t *ks, - const hal_client_handle_t client) +static inline hal_error_t hal_ks_logout(hal_ks_t *ks, + const hal_client_handle_t client) { if (ks == NULL) return HAL_ERROR_BAD_ARGUMENTS; - if (ks->client_cleanup == NULL || client.handle == HAL_HANDLE_NONE) + if (ks->logout == NULL || client.handle == HAL_HANDLE_NONE) return HAL_OK; - return ks->driver->client_cleanup(ks, client); + return ks->driver->logout(ks, client); } /* -- cgit v1.2.3 From 358b3803cdedad607cf649221d0b7e3ce66b45f2 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Tue, 25 Apr 2017 17:14:40 -0400 Subject: Shake dumb compile-time bugs out of new logout code. What I get for writing code while build and test environment is tied up with a multi-day run testing something else. --- hal_internal.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'hal_internal.h') diff --git a/hal_internal.h b/hal_internal.h index f6c31fe..13c79e9 100644 --- a/hal_internal.h +++ b/hal_internal.h @@ -696,7 +696,7 @@ static inline hal_error_t hal_ks_logout(hal_ks_t *ks, if (ks == NULL) return HAL_ERROR_BAD_ARGUMENTS; - if (ks->logout == NULL || client.handle == HAL_HANDLE_NONE) + if (ks->driver->logout == NULL || client.handle == HAL_HANDLE_NONE) return HAL_OK; return ks->driver->logout(ks, client); -- cgit v1.2.3 From 2b4dc660d9d10eed407851319bfe63d5f9c3acd1 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Mon, 22 May 2017 23:22:09 -0400 Subject: First pass on experimental one-size-fits-nobody keystore. Support for variable-length keystore objects significantly complicates the keystore implementation, including serious some serious code bloat and a complex recovery algorithm to deal with crashes or loss of power at exactly the wrong time. Perhaps we don't really need this? So this is an experiment to see whether we can replace variable-length keystore objects with fixed-length, perhaps with a compile time option to let us make the fixed object length be 8192 bytes instead of 4096 bytes when needed to hold things like large RSA keys. First pass on this is just throwing away nearly 1,000 lines of excessively complex code. The result probably won't even compile yet, but it's already significantly easier to read. --- hal_internal.h | 40 +--------------------------------------- 1 file changed, 1 insertion(+), 39 deletions(-) (limited to 'hal_internal.h') diff --git a/hal_internal.h b/hal_internal.h index 3aadb48..aa31585 100644 --- a/hal_internal.h +++ b/hal_internal.h @@ -708,13 +708,6 @@ static inline hal_error_t hal_ks_get_attributes(hal_ks_t *ks, * support a simplistic form of wear leveling in flash-based keystores. * * Key names are kept in a separate array, indexed by block number. - * Key names here are a composite of the key's UUID and a "chunk" - * number; the latter allows storage of keys whose total size exceeds - * one block (whatever a block is). For the moment we keep the UUID - * and the chunk number in a single array, which may provide (very) - * slightly better performance due to reference locality in SDRAM, but - * this may change if we need to reclaim the space wasted by structure - * size rounding. * * The all-zeros UUID, which (by definition) cannot be a valid key * UUID, is reserved for the (non-key) block used to stash PINs and @@ -726,16 +719,11 @@ static inline hal_error_t hal_ks_get_attributes(hal_ks_t *ks, * portion of the API is only concerned with allocation and naming. */ -typedef struct { - hal_uuid_t name; /* Key name */ - uint8_t chunk; /* Key chunk number */ -} hal_ks_name_t; - typedef struct { unsigned size; /* Array length */ unsigned used; /* How many blocks are in use */ uint16_t *index; /* Index/freelist array */ - hal_ks_name_t *names; /* Keyname array */ + hal_uuid_t *names; /* Keyname array */ } hal_ks_index_t; /* @@ -755,27 +743,14 @@ extern hal_error_t hal_ks_index_setup(hal_ks_index_t *ksi); */ extern hal_error_t hal_ks_index_find(hal_ks_index_t *ksi, const hal_uuid_t * const name, - const unsigned chunk, unsigned *blockno, int *hint); -/* - * Find all the blocks in a key, return the block numbers. - */ -extern hal_error_t hal_ks_index_find_range(hal_ks_index_t *ksi, - const hal_uuid_t * const name, - const unsigned max_blocks, - unsigned *n_blocks, - unsigned *blocknos, - int *hint, - const int strict); - /* * Add a key block, return its block number. */ extern hal_error_t hal_ks_index_add(hal_ks_index_t *ksi, const hal_uuid_t * const name, - const unsigned chunk, unsigned *blockno, int *hint); @@ -784,21 +759,9 @@ extern hal_error_t hal_ks_index_add(hal_ks_index_t *ksi, */ extern hal_error_t hal_ks_index_delete(hal_ks_index_t *ksi, const hal_uuid_t * const name, - const unsigned chunk, unsigned *blockno, int *hint); -/* - * Delete all of blocks in a key, returning the block numbers. - */ - -extern hal_error_t hal_ks_index_delete_range(hal_ks_index_t *ksi, - const hal_uuid_t * const name, - const unsigned max_blocks, - unsigned *n_blocks, - unsigned *blocknos, - int *hint); - /* * Replace a key block with a new one, return new block number. * Name of block does not change. This is an optimization of @@ -807,7 +770,6 @@ extern hal_error_t hal_ks_index_delete_range(hal_ks_index_t *ksi, extern hal_error_t hal_ks_index_replace(hal_ks_index_t *ksi, const hal_uuid_t * const name, - const unsigned chunk, unsigned *blockno, int *hint); -- cgit v1.2.3 From dc8c7d92118541bba8d6f76f75a5661416055fb8 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Tue, 23 May 2017 00:57:29 -0400 Subject: Goodbye ancient mmap()-based keystore. The Novena-era mmap()-based keystore is far enough out of date that it's not worth maintaining (and we haven't been doing so): if we ever need one again, it would be easier to rewrite it from scratch. --- hal_internal.h | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'hal_internal.h') diff --git a/hal_internal.h b/hal_internal.h index aa31585..eee2eab 100644 --- a/hal_internal.h +++ b/hal_internal.h @@ -689,9 +689,8 @@ static inline hal_error_t hal_ks_get_attributes(hal_ks_t *ks, /* * Keystore index. This is intended to be usable by both memory-based - * (in-memory, mmap(), ...) keystores and keystores based on raw flash. - * Some of the features aren't really necessary for memory-based keystores, - * but should be harmless. + * and flash-based keystores. Some of the features aren't really + * necessary for memory-based keystores, but should be harmless. * * General approach is multiple arrays, all but one of which are * indexed by "block" numbers, where a block number might be a slot in -- cgit v1.2.3 From 5eccb3e6d7c27149a0092de48eb21baa495879cb Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Thu, 25 May 2017 11:18:39 -0400 Subject: Checkpoint while refactoring. Almost certainly will not compile. --- hal_internal.h | 348 ++++----------------------------------------------------- 1 file changed, 20 insertions(+), 328 deletions(-) (limited to 'hal_internal.h') diff --git a/hal_internal.h b/hal_internal.h index eee2eab..89dfbbb 100644 --- a/hal_internal.h +++ b/hal_internal.h @@ -473,338 +473,30 @@ typedef struct { */ } hal_pkey_slot_t; -typedef struct hal_ks_driver hal_ks_driver_t; - -typedef struct hal_ks hal_ks_t; - -struct hal_ks_driver { - - hal_error_t (*init)(const hal_ks_driver_t * const driver, - const int alloc); - - hal_error_t (*shutdown)(const hal_ks_driver_t * const driver); - - hal_error_t (*open)(const hal_ks_driver_t * const driver, - hal_ks_t **ks); - - hal_error_t (*close)(hal_ks_t *ks); - - hal_error_t (*store)(hal_ks_t *ks, - hal_pkey_slot_t *slot, - const uint8_t * const der, const size_t der_len); - - hal_error_t (*fetch)(hal_ks_t *ks, - hal_pkey_slot_t *slot, - uint8_t *der, size_t *der_len, const size_t der_max); - - hal_error_t (*delete)(hal_ks_t *ks, - hal_pkey_slot_t *slot); - - hal_error_t (*match)(hal_ks_t *ks, - const hal_client_handle_t client, - const hal_session_handle_t session, - const hal_key_type_t type, - const hal_curve_name_t curve, - const hal_key_flags_t mask, - const hal_key_flags_t flags, - const hal_pkey_attribute_t *attributes, - const unsigned attributes_len, - hal_uuid_t *result, - unsigned *result_len, - const unsigned result_max, - const hal_uuid_t * const previous_uuid); - - hal_error_t (*set_attributes)(hal_ks_t *ks, - hal_pkey_slot_t *slot, - const hal_pkey_attribute_t *attributes, - const unsigned attributes_len); - - hal_error_t (*get_attributes)(hal_ks_t *ks, - hal_pkey_slot_t *slot, - hal_pkey_attribute_t *attributes, - const unsigned attributes_len, - uint8_t *attributes_buffer, - const size_t attributes_buffer_len); - -}; - - -struct hal_ks { - const hal_ks_driver_t *driver; - /* - * Any other common portions of hal_ks_t go here. - */ - - /* - * Driver-specific stuff is handled by a form of subclassing: - * driver module embeds this structure at the head of whatever - * else it needs, and performs casts as needed. - */ -}; - -extern const hal_ks_driver_t - hal_ks_volatile_driver[1], - hal_ks_token_driver[1]; - -static inline hal_error_t hal_ks_init(const hal_ks_driver_t * const driver, - const int alloc) -{ - if (driver == NULL) - return HAL_ERROR_BAD_ARGUMENTS; - - if (driver->init == NULL) - return HAL_ERROR_NOT_IMPLEMENTED; - - return driver->init(driver, alloc); -} - -static inline hal_error_t hal_ks_shutdown(const hal_ks_driver_t * const driver) -{ - if (driver == NULL) - return HAL_ERROR_BAD_ARGUMENTS; - - if (driver->shutdown == NULL) - return HAL_ERROR_NOT_IMPLEMENTED; - - return driver->shutdown(driver); -} - -static inline hal_error_t hal_ks_open(const hal_ks_driver_t * const driver, - hal_ks_t **ks) -{ - if (driver == NULL || ks == NULL) - return HAL_ERROR_BAD_ARGUMENTS; - - if (driver->open == NULL) - return HAL_ERROR_NOT_IMPLEMENTED; - - return driver->open(driver, ks); -} - -static inline hal_error_t hal_ks_close(hal_ks_t *ks) -{ - if (ks == NULL || ks->driver == NULL) - return HAL_ERROR_BAD_ARGUMENTS; - - if (ks->driver->close == NULL) - return HAL_ERROR_NOT_IMPLEMENTED; - - return ks->driver->close(ks); -} - -static inline hal_error_t hal_ks_store(hal_ks_t *ks, - hal_pkey_slot_t *slot, - const uint8_t * const der, const size_t der_len) -{ - if (ks == NULL || ks->driver == NULL || slot == NULL || der == NULL) - return HAL_ERROR_BAD_ARGUMENTS; - - if (ks->driver->store == NULL) - return HAL_ERROR_NOT_IMPLEMENTED; - - return ks->driver->store(ks, slot, der, der_len); -} - -static inline hal_error_t hal_ks_fetch(hal_ks_t *ks, - hal_pkey_slot_t *slot, - uint8_t *der, size_t *der_len, const size_t der_max) -{ - if (ks == NULL || ks->driver == NULL || slot == NULL) - return HAL_ERROR_BAD_ARGUMENTS; - - if (ks->driver->fetch == NULL) - return HAL_ERROR_NOT_IMPLEMENTED; - - return ks->driver->fetch(ks, slot, der, der_len, der_max); -} - -static inline hal_error_t hal_ks_delete(hal_ks_t *ks, - hal_pkey_slot_t *slot) -{ - if (ks == NULL || ks->driver == NULL || slot == NULL) - return HAL_ERROR_BAD_ARGUMENTS; - - if (ks->driver->delete == NULL) - return HAL_ERROR_NOT_IMPLEMENTED; - - return ks->driver->delete(ks, slot); -} - -static inline hal_error_t hal_ks_match(hal_ks_t *ks, - const hal_client_handle_t client, - const hal_session_handle_t session, - const hal_key_type_t type, - const hal_curve_name_t curve, - const hal_key_flags_t mask, - const hal_key_flags_t flags, - const hal_pkey_attribute_t *attributes, - const unsigned attributes_len, - hal_uuid_t *result, - unsigned *result_len, - const unsigned result_max, - const hal_uuid_t * const previous_uuid) -{ - if (ks == NULL || ks->driver == NULL) - return HAL_ERROR_BAD_ARGUMENTS; - - if (ks->driver->match == NULL) - return HAL_ERROR_NOT_IMPLEMENTED; - - return ks->driver->match(ks, client, session, type, curve, mask, flags, attributes, attributes_len, - result, result_len, result_max, previous_uuid); -} - -static inline hal_error_t hal_ks_set_attributes(hal_ks_t *ks, - hal_pkey_slot_t *slot, - const hal_pkey_attribute_t *attributes, - const unsigned attributes_len) -{ - if (ks == NULL || ks->driver == NULL || slot == NULL || - attributes == NULL || attributes_len == 0) - return HAL_ERROR_BAD_ARGUMENTS; - - if (ks->driver->set_attributes == NULL) - return HAL_ERROR_NOT_IMPLEMENTED; - - return ks->driver->set_attributes(ks, slot, attributes, attributes_len); -} - -static inline hal_error_t hal_ks_get_attributes(hal_ks_t *ks, - hal_pkey_slot_t *slot, - hal_pkey_attribute_t *attributes, - const unsigned attributes_len, - uint8_t *attributes_buffer, - const size_t attributes_buffer_len) -{ - if (ks == NULL || ks->driver == NULL || slot == NULL || - attributes == NULL || attributes_len == 0) - return HAL_ERROR_BAD_ARGUMENTS; - - if (ks->driver->get_attributes == NULL) - return HAL_ERROR_NOT_IMPLEMENTED; - - return ks->driver->get_attributes(ks, slot, attributes, attributes_len, - attributes_buffer, attributes_buffer_len); -} - /* - * Keystore index. This is intended to be usable by both memory-based - * and flash-based keystores. Some of the features aren't really - * necessary for memory-based keystores, but should be harmless. - * - * General approach is multiple arrays, all but one of which are - * indexed by "block" numbers, where a block number might be a slot in - * yet another static array, the number of a flash sub-sector, or - * whatever is the appropriate unit for holding one keystore record. - * - * The index array contains nothing but flags and block numbers, and - * is deliberately a small data structure so that moving data around - * within it is relatively cheap. - * - * The index array is divided into two portions: the index proper, and - * the free queue. The index proper is ordered according to the names - * (UUIDs) of the corresponding blocks; the free queue is a FIFO, to - * support a simplistic form of wear leveling in flash-based keystores. - * - * Key names are kept in a separate array, indexed by block number. - * - * The all-zeros UUID, which (by definition) cannot be a valid key - * UUID, is reserved for the (non-key) block used to stash PINs and - * other small data which aren't really part of the keystore proper - * but are kept with it because the keystore is the flash we have. - * - * Note that this API deliberately says nothing about how the keys - * themselves are stored, that's up to the keystore driver. This - * portion of the API is only concerned with allocation and naming. - */ - -typedef struct { - unsigned size; /* Array length */ - unsigned used; /* How many blocks are in use */ - uint16_t *index; /* Index/freelist array */ - hal_uuid_t *names; /* Keyname array */ -} hal_ks_index_t; - -/* - * Finish setting up key index. Caller must populate index, free - * list, and name array. - * - * This function checks a few things then sorts the index proper. - * - * If driver cares about wear leveling, driver must supply the free - * list in the desired order (FIFO); figuring out what that order is a - * problem for the keystore driver. - */ -extern hal_error_t hal_ks_index_setup(hal_ks_index_t *ksi); - -/* - * Find a key block, return its block number. - */ -extern hal_error_t hal_ks_index_find(hal_ks_index_t *ksi, - const hal_uuid_t * const name, - unsigned *blockno, - int *hint); - -/* - * Add a key block, return its block number. - */ -extern hal_error_t hal_ks_index_add(hal_ks_index_t *ksi, - const hal_uuid_t * const name, - unsigned *blockno, - int *hint); - -/* - * Delete a key block, returns its block number (driver may need it). + * Keystore is an opaque type, we just pass pointers. */ -extern hal_error_t hal_ks_index_delete(hal_ks_index_t *ksi, - const hal_uuid_t * const name, - unsigned *blockno, - int *hint); - -/* - * Replace a key block with a new one, return new block number. - * Name of block does not change. This is an optimization of - * a delete immediately followed by an add for the same name. - */ - -extern hal_error_t hal_ks_index_replace(hal_ks_index_t *ksi, - const hal_uuid_t * const name, - unsigned *blockno, - int *hint); -/* - * Check the index for errors. At least for the moment, this just - * reports errors, it doesn't attempt to fix them. - */ - -extern hal_error_t hal_ks_index_fsck(hal_ks_index_t *ksi); - -/* - * Keystore attribute utilities, for use by keystore drivers. - */ +typedef struct hal_ks hal_ks_t; -extern const size_t hal_ks_attribute_header_size; - -extern hal_error_t hal_ks_attribute_scan(const uint8_t * const bytes, - const size_t bytes_len, - hal_pkey_attribute_t *attributes, - const unsigned attributes_len, - size_t *total_len); - -extern hal_error_t hal_ks_attribute_delete(uint8_t *bytes, - const size_t bytes_len, - hal_pkey_attribute_t *attributes, - unsigned *attributes_len, - size_t *total_len, - const uint32_t type); - -extern hal_error_t hal_ks_attribute_insert(uint8_t *bytes, const size_t bytes_len, - hal_pkey_attribute_t *attributes, - unsigned *attributes_len, - size_t *total_len, - const uint32_t type, - const uint8_t * const value, - const size_t value_len); +#error Minor re-think needed on keystore init + +// I like current hal_ks_*_init() setup method, but how does anything +// get a handle on the keystore? Make the keystores global variables? +// Right now they're hidden in larger, driver-specific structures, but +// it would be easy enough to break them out. Have already forgotten +// how the old API handled this, except that it involved an init +// method via the driver. Init is going to be special in any case, +// since we can't dispatch through a driver pointer in the keystore +// object, so either we expose the keystore and the driver or we +// expose the keystore and the init function. The latter may be +// simpler. +// +// Another variation would be to keep the current nesting, add global +// pointer variables for the keystores, and have the init functions +// set the pointers. Only real advantage there is that it would give +// us an easy test for whether the keystore had been initialized...but +// we already have several of those, not clear what value another adds. /* * RPC lowest-level send and receive routines. These are blocking, and -- cgit v1.2.3 From f59533ee9807832ea5ca7dd5492592c8991a9f34 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Sun, 28 May 2017 12:11:31 -0400 Subject: Further keystore cleanup and consolidation. Still not yet expected to compile, much less run, but getting closer. --- hal_internal.h | 20 ++------------------ 1 file changed, 2 insertions(+), 18 deletions(-) (limited to 'hal_internal.h') diff --git a/hal_internal.h b/hal_internal.h index 89dfbbb..667c5a4 100644 --- a/hal_internal.h +++ b/hal_internal.h @@ -479,24 +479,8 @@ typedef struct { typedef struct hal_ks hal_ks_t; -#error Minor re-think needed on keystore init - -// I like current hal_ks_*_init() setup method, but how does anything -// get a handle on the keystore? Make the keystores global variables? -// Right now they're hidden in larger, driver-specific structures, but -// it would be easy enough to break them out. Have already forgotten -// how the old API handled this, except that it involved an init -// method via the driver. Init is going to be special in any case, -// since we can't dispatch through a driver pointer in the keystore -// object, so either we expose the keystore and the driver or we -// expose the keystore and the init function. The latter may be -// simpler. -// -// Another variation would be to keep the current nesting, add global -// pointer variables for the keystores, and have the init functions -// set the pointers. Only real advantage there is that it would give -// us an easy test for whether the keystore had been initialized...but -// we already have several of those, not clear what value another adds. +extern hal_ks_t * const hal_ks_token; +extern hal_ks_t * const hal_ks_volatile; /* * RPC lowest-level send and receive routines. These are blocking, and -- cgit v1.2.3 From 2caa6c72640877abc5f3572c4d926a23ff672ab1 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Sun, 28 May 2017 16:11:25 -0400 Subject: Almost compiles. Need to refactor init sequence slightly (again), this time to humor the bootloader, which has its own special read-only view of the PIN block in the token keystore. --- hal_internal.h | 44 ++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 42 insertions(+), 2 deletions(-) (limited to 'hal_internal.h') diff --git a/hal_internal.h b/hal_internal.h index 667c5a4..e998ae3 100644 --- a/hal_internal.h +++ b/hal_internal.h @@ -397,8 +397,6 @@ extern hal_error_t hal_get_pin(const hal_user_t user, extern hal_error_t hal_set_pin(const hal_user_t user, const hal_ks_pin_t * const pin); -extern void hal_ks_init_read_only_pins_only(void); - /* * Master key memory (MKM) and key-encryption-key (KEK). * @@ -482,6 +480,48 @@ typedef struct hal_ks hal_ks_t; extern hal_ks_t * const hal_ks_token; extern hal_ks_t * const hal_ks_volatile; +extern hal_error_t hal_ks_init(hal_ks_t *ks, + const int alloc); + +extern void hal_ks_init_read_only_pins_only(void); + +extern hal_error_t hal_ks_store(hal_ks_t *ks, + hal_pkey_slot_t *slot, + const uint8_t * const der, const size_t der_len); + +extern hal_error_t hal_ks_fetch(hal_ks_t *ks, + hal_pkey_slot_t *slot, + uint8_t *der, size_t *der_len, const size_t der_max); + +extern hal_error_t hal_ks_delete(hal_ks_t *ks, + hal_pkey_slot_t *slot); + +extern hal_error_t hal_ks_match(hal_ks_t *ks, + const hal_client_handle_t client, + const hal_session_handle_t session, + const hal_key_type_t type, + const hal_curve_name_t curve, + const hal_key_flags_t mask, + const hal_key_flags_t flags, + const hal_pkey_attribute_t *attributes, + const unsigned attributes_len, + hal_uuid_t *result, + unsigned *result_len, + const unsigned result_max, + const hal_uuid_t * const previous_uuid); + +extern hal_error_t hal_ks_set_attributes(hal_ks_t *ks, + hal_pkey_slot_t *slot, + const hal_pkey_attribute_t *attributes, + const unsigned attributes_len); + +extern hal_error_t hal_ks_get_attributes(hal_ks_t *ks, + hal_pkey_slot_t *slot, + hal_pkey_attribute_t *attributes, + const unsigned attributes_len, + uint8_t *attributes_buffer, + const size_t attributes_buffer_len); + /* * RPC lowest-level send and receive routines. These are blocking, and * transport-specific (sockets, USB). -- cgit v1.2.3 From 776c4e8cfed92bc2d894f002cb7d222abc65bb50 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Mon, 29 May 2017 13:16:14 -0400 Subject: Simplify per-session keys. Cosmetic cleanup of pkey_slot along the way. --- hal_internal.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'hal_internal.h') diff --git a/hal_internal.h b/hal_internal.h index e998ae3..add7890 100644 --- a/hal_internal.h +++ b/hal_internal.h @@ -449,9 +449,9 @@ extern hal_error_t hal_mkm_flash_erase(const size_t len); */ typedef struct { - hal_client_handle_t client_handle; - hal_session_handle_t session_handle; - hal_pkey_handle_t pkey_handle; + hal_client_handle_t client; + hal_session_handle_t session; + hal_pkey_handle_t pkey; hal_key_type_t type; hal_curve_name_t curve; hal_key_flags_t flags; -- cgit v1.2.3