libhal
======

## Overview ##

This library combines a set of low-level API functions which talk to
the Cryptech FPGA cores with a set of higher-level functions providing
various cryptographic services.

There's some overlap between the low-level code here and the low-level
code in core/platform/novena, which will need sorting out some day,
but at the time this library forked that code, the
core/platform/novena code was all written to support a test harness
rather than a higher-level API.

Current contents of the library:

* Low-level I/O code (EIM and I2C).

* An implementation of AES Key Wrap using the Cryptech AES core.

* An interface to the Cryptech CSPRNG.

* An interface to the Cryptech hash cores, including HMAC.

* An implementation of PBKDF2.

* An implementation of RSA using the Cryptech ModExp core.

* An implementation of ECDSA, currently entirely in software.

* Test code for all of the above.

Most of these are fairly well self-contained, although the PBKDF2
implementation uses the hash-core-based HMAC implementation.

The major exceptions are the RSA and ECDSA implementations, which uses
an external bignum implementation (libtfm) to handle a lot of the
arithmetic.  In the long run, much or all of this may end up being
implemented in Verilog, but for the moment all of the RSA math except
for modular exponentiation is happening in software, as is all of the
math for ECDSA.

## RSA ##

The RSA implementation includes a compile-time option to bypass the
ModExp core and do everything in software, because the ModExp core is
a tad slow at the moment (others are hard at work fixing this).

The RSA implementation includes optional blinding (enabled by default)
and just enough ASN.1 code to read and write private keys; the
expectation is that the latter will be used in combination with the
AES Key Wrap code.

## ECDSA ##

The ECDSA implementation is specific to the NIST prime curves P-256,
P-384, and P-521.

The ECDSA implementation includes a compile-time option to allow test
code to bypass the CSPRNG in order to test against known test vectors.
Do **NOT** enable this in production builds, as ECDSA depends on good
random numbers not just for private keys but for individual
signatures, and an attacker who knows the random number used for a
particular signature can use this to recover the private key.
Arguably, this option should be removed from the code entirely, once
the implementation is stable.

The ECDSA implementation includes enough ASN.1 to read and write ECDSA
signatures and ECDSA private keys in RFC 5915 format; the expectation
is that the latter will be used in combination with AES Key Wrap.

The ECDSA implementation attempts to be constant-time, to reduce the
risk of timing channel attacks.  The algorithms chosen for the point
arithmetic are a tradeoff between speed and code complexity, and can
probably be improved upon even in software; reimplementing at least
the field arithmetic in hardware would probably also help.

The current point addition and point doubling algorithms come from the
[EFD][].  At least at the moment, we're only interested in ECDSA with
the NIST prime curves, so we use algorithms optimized for a=-3.

The point multiplication algorithm is a straightforward double-and-add
loop, which is not the fastest possible algorithm, but is relatively
easy to confirm by inspection as being constant-time within the limits
imposed by the NIST curves.  Point multiplication could probably be
made faster by using a non-adjacent form (NAF) representation for the
scalar, but the author doesn't yet understand that well enough to
implement it as a constant-time algorithm.  In theory, changing to a
NAF representation could be done without any change to the public API.

Points stored in keys and curve parameters are in affine format, but
point arithmetic is performed in Jacobian projective coordinates, with
the coordinates themselves in Montgomery form; final mapping back to
affine coordinates also handles the final Montgomery reduction.

## API ##

Yeah, we ought to document the API, Real Soon Now, perhaps using
[Doxygen][].  For the moment, see the function prototypes in hal.h and
comments in the code.

[EFD]:		http://www.hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html
[Doxygen]:	http://www.doxygen.org/
 id='n34' href='#n34'>34</a>
<a id='n35' href='#n35'>35</a>
<a id='n36' href='#n36'>36</a>
<a id='n37' href='#n37'>37</a>
<a id='n38' href='#n38'>38</a>
<a id='n39' href='#n39'>39</a>
<a id='n40' href='#n40'>40</a>
<a id='n41' href='#n41'>41</a>
<a id='n42' href='#n42'>42</a>
<a id='n43' href='#n43'>43</a>
<a id='n44' href='#n44'>44</a>
<a id='n45' href='#n45'>45</a>
<a id='n46' href='#n46'>46</a>
<a id='n47' href='#n47'>47</a>
<a id='n48' href='#n48'>48</a>
<a id='n49' href='#n49'>49</a>
<a id='n50' href='#n50'>50</a>
<a id='n51' href='#n51'>51</a>
<a id='n52' href='#n52'>52</a>
<a id='n53' href='#n53'>53</a>
<a id='n54' href='#n54'>54</a>
<a id='n55' href='#n55'>55</a>
<a id='n56' href='#n56'>56</a>
<a id='n57' href='#n57'>57</a>
<a id='n58' href='#n58'>58</a>
<a id='n59' href='#n59'>59</a>
<a id='n60' href='#n60'>60</a>
<a id='n61' href='#n61'>61</a>
<a id='n62' href='#n62'>62</a>
<a id='n63' href='#n63'>63</a>
<a id='n64' href='#n64'>64</a>
<a id='n65' href='#n65'>65</a>
<a id='n66' href='#n66'>66</a>
<a id='n67' href='#n67'>67</a>
<a id='n68' href='#n68'>68</a>
<a id='n69' href='#n69'>69</a>
<a id='n70' href='#n70'>70</a>
<a id='n71' href='#n71'>71</a>
<a id='n72' href='#n72'>72</a>
<a id='n73' href='#n73'>73</a>
<a id='n74' href='#n74'>74</a>
<a id='n75' href='#n75'>75</a>
<a id='n76' href='#n76'>76</a>
<a id='n77' href='#n77'>77</a>
<a id='n78' href='#n78'>78</a>
<a id='n79' href='#n79'>79</a>
<a id='n80' href='#n80'>80</a>
<a id='n81' href='#n81'>81</a>
<a id='n82' href='#n82'>82</a>
<a id='n83' href='#n83'>83</a>
<a id='n84' href='#n84'>84</a>
<a id='n85' href='#n85'>85</a>
<a id='n86' href='#n86'>86</a>
<a id='n87' href='#n87'>87</a>
<a id='n88' href='#n88'>88</a>
<a id='n89' href='#n89'>89</a>
<a id='n90' href='#n90'>90</a>
<a id='n91' href='#n91'>91</a>
<a id='n92' href='#n92'>92</a>
<a id='n93' href='#n93'>93</a>
<a id='n94' href='#n94'>94</a>
<a id='n95' href='#n95'>95</a>
<a id='n96' href='#n96'>96</a>
<a id='n97' href='#n97'>97</a>
<a id='n98' href='#n98'>98</a>
<a id='n99' href='#n99'>99</a>
<a id='n100' href='#n100'>100</a>
<a id='n101' href='#n101'>101</a>
<a id='n102' href='#n102'>102</a>
<a id='n103' href='#n103'>103</a>
<a id='n104' href='#n104'>104</a>
<a id='n105' href='#n105'>105</a>
<a id='n106' href='#n106'>106</a>
<a id='n107' href='#n107'>107</a>
<a id='n108' href='#n108'>108</a>
<a id='n109' href='#n109'>109</a>
<a id='n110' href='#n110'>110</a>
<a id='n111' href='#n111'>111</a>
<a id='n112' href='#n112'>112</a>
<a id='n113' href='#n113'>113</a>
<a id='n114' href='#n114'>114</a>
<a id='n115' href='#n115'>115</a>
<a id='n116' href='#n116'>116</a>
<a id='n117' href='#n117'>117</a>
<a id='n118' href='#n118'>118</a>
<a id='n119' href='#n119'>119</a>
<a id='n120' href='#n120'>120</a>
<a id='n121' href='#n121'>121</a>
<a id='n122' href='#n122'>122</a>
<a id='n123' href='#n123'>123</a>
<a id='n124' href='#n124'>124</a>
<a id='n125' href='#n125'>125</a>
<a id='n126' href='#n126'>126</a>
<a id='n127' href='#n127'>127</a>
<a id='n128' href='#n128'>128</a>
<a id='n129' href='#n129'>129</a>
<a id='n130' href='#n130'>130</a>
<a id='n131' href='#n131'>131</a>
<a id='n132' href='#n132'>132</a>
<a id='n133' href='#n133'>133</a>
<a id='n134' href='#n134'>134</a>
<a id='n135' href='#n135'>135</a>
<a id='n136' href='#n136'>136</a>
<a id='n137' href='#n137'>137</a>
<a id='n138' href='#n138'>138</a>
<a id='n139' href='#n139'>139</a>
<a id='n140' href='#n140'>140</a>
<a id='n141' href='#n141'>141</a>
<a id='n142' href='#n142'>142</a>
<a id='n143' href='#n143'>143</a>
<a id='n144' href='#n144'>144</a>
<a id='n145' href='#n145'>145</a>
<a id='n146' href='#n146'>146</a>
<a id='n147' href='#n147'>147</a>
<a id='n148' href='#n148'>148</a>
<a id='n149' href='#n149'>149</a>
<a id='n150' href='#n150'>150</a>
<a id='n151' href='#n151'>151</a>
<a id='n152' href='#n152'>152</a>
<a id='n153' href='#n153'>153</a>
<a id='n154' href='#n154'>154</a>
<a id='n155' href='#n155'>155</a>
<a id='n156' href='#n156'>156</a>
<a id='n157' href='#n157'>157</a>
<a id='n158' href='#n158'>158</a>
<a id='n159' href='#n159'>159</a>
<a id='n160' href='#n160'>160</a>
<a id='n161' href='#n161'>161</a>
<a id='n162' href='#n162'>162</a>
<a id='n163' href='#n163'>163</a>
<a id='n164' href='#n164'>164</a>
<a id='n165' href='#n165'>165</a>
<a id='n166' href='#n166'>166</a>
<a id='n167' href='#n167'>167</a>
<a id='n168' href='#n168'>168</a>
<a id='n169' href='#n169'>169</a>
<a id='n170' href='#n170'>170</a>
<a id='n171' href='#n171'>171</a>
<a id='n172' href='#n172'>172</a>
<a id='n173' href='#n173'>173</a>
<a id='n174' href='#n174'>174</a>
<a id='n175' href='#n175'>175</a>
<a id='n176' href='#n176'>176</a>
<a id='n177' href='#n177'>177</a>
<a id='n178' href='#n178'>178</a>
<a id='n179' href='#n179'>179</a>
<a id='n180' href='#n180'>180</a>
<a id='n181' href='#n181'>181</a>
<a id='n182' href='#n182'>182</a>
<a id='n183' href='#n183'>183</a>
<a id='n184' href='#n184'>184</a>
<a id='n185' href='#n185'>185</a>
<a id='n186' href='#n186'>186</a>
<a id='n187' href='#n187'>187</a>
<a id='n188' href='#n188'>188</a>
<a id='n189' href='#n189'>189</a>
<a id='n190' href='#n190'>190</a>
<a id='n191' href='#n191'>191</a>
<a id='n192' href='#n192'>192</a>
<a id='n193' href='#n193'>193</a>
<a id='n194' href='#n194'>194</a>
<a id='n195' href='#n195'>195</a>
<a id='n196' href='#n196'>196</a>
<a id='n197' href='#n197'>197</a>
<a id='n198' href='#n198'>198</a>
<a id='n199' href='#n199'>199</a>
<a id='n200' href='#n200'>200</a>
<a id='n201' href='#n201'>201</a>
<a id='n202' href='#n202'>202</a>
<a id='n203' href='#n203'>203</a>
<a id='n204' href='#n204'>204</a>
<a id='n205' href='#n205'>205</a>
<a id='n206' href='#n206'>206</a>
<a id='n207' href='#n207'>207</a>
<a id='n208' href='#n208'>208</a>
<a id='n209' href='#n209'>209</a>
<a id='n210' href='#n210'>210</a>
<a id='n211' href='#n211'>211</a>
<a id='n212' href='#n212'>212</a>
<a id='n213' href='#n213'>213</a>
<a id='n214' href='#n214'>214</a>
<a id='n215' href='#n215'>215</a>
<a id='n216' href='#n216'>216</a>
<a id='n217' href='#n217'>217</a>
<a id='n218' href='#n218'>218</a>
<a id='n219' href='#n219'>219</a>
<a id='n220' href='#n220'>220</a>
<a id='n221' href='#n221'>221</a>
<a id='n222' href='#n222'>222</a>
<a id='n223' href='#n223'>223</a>
<a id='n224' href='#n224'>224</a>
<a id='n225' href='#n225'>225</a>
<a id='n226' href='#n226'>226</a>
<a id='n227' href='#n227'>227</a>
<a id='n228' href='#n228'>228</a>
<a id='n229' href='#n229'>229</a>
<a id='n230' href='#n230'>230</a>
<a id='n231' href='#n231'>231</a>
<a id='n232' href='#n232'>232</a>
<a id='n233' href='#n233'>233</a>
<a id='n234' href='#n234'>234</a>
<a id='n235' href='#n235'>235</a>
<a id='n236' href='#n236'>236</a>
<a id='n237' href='#n237'>237</a>
<a id='n238' href='#n238'>238</a>
<a id='n239' href='#n239'>239</a>
<a id='n240' href='#n240'>240</a>
<a id='n241' href='#n241'>241</a>
<a id='n242' href='#n242'>242</a>
<a id='n243' href='#n243'>243</a>
<a id='n244' href='#n244'>244</a>
</pre></td>
<td class='lines'><pre><code><style>pre { line-height: 125%; }
td.linenos .normal { color: inherit; background-color: transparent; padding-left: 5px; padding-right: 5px; }
span.linenos { color: inherit; background-color: transparent; padding-left: 5px; padding-right: 5px; }
td.linenos .special { color: #000000; background-color: #ffffc0; padding-left: 5px; padding-right: 5px; }
span.linenos.special { color: #000000; background-color: #ffffc0; padding-left: 5px; padding-right: 5px; }
.highlight .hll { background-color: #ffffcc }
.highlight .c { color: #888888 } /* Comment */
.highlight .err { color: #a61717; background-color: #e3d2d2 } /* Error */
.highlight .k { color: #008800; font-weight: bold } /* Keyword */
.highlight .ch { color: #888888 } /* Comment.Hashbang */
.highlight .cm { color: #888888 } /* Comment.Multiline */
.highlight .cp { color: #cc0000; font-weight: bold } /* Comment.Preproc */
.highlight .cpf { color: #888888 } /* Comment.PreprocFile */
.highlight .c1 { color: #888888 } /* Comment.Single */
.highlight .cs { color: #cc0000; font-weight: bold; background-color: #fff0f0 } /* Comment.Special */
.highlight .gd { color: #000000; background-color: #ffdddd } /* Generic.Deleted */
.highlight .ge { font-style: italic } /* Generic.Emph */
.highlight .ges { font-weight: bold; font-style: italic } /* Generic.EmphStrong */
.highlight .gr { color: #aa0000 } /* Generic.Error */
.highlight .gh { color: #333333 } /* Generic.Heading */
.highlight .gi { color: #000000; background-color: #ddffdd } /* Generic.Inserted */
.highlight .go { color: #888888 } /* Generic.Output */
.highlight .gp { color: #555555 } /* Generic.Prompt */
.highlight .gs { font-weight: bold } /* Generic.Strong */
.highlight .gu { color: #666666 } /* Generic.Subheading */
.highlight .gt { color: #aa0000 } /* Generic.Traceback */
.highlight .kc { color: #008800; font-weight: bold } /* Keyword.Constant */
.highlight .kd { color: #008800; font-weight: bold } /* Keyword.Declaration */
.highlight .kn { color: #008800; font-weight: bold } /* Keyword.Namespace */
.highlight .kp { color: #008800 } /* Keyword.Pseudo */
.highlight .kr { color: #008800; font-weight: bold } /* Keyword.Reserved */
.highlight .kt { color: #888888; font-weight: bold } /* Keyword.Type */
.highlight .m { color: #0000DD; font-weight: bold } /* Literal.Number */
.highlight .s { color: #dd2200; background-color: #fff0f0 } /* Literal.String */
.highlight .na { color: #336699 } /* Name.Attribute */
.highlight .nb { color: #003388 } /* Name.Builtin */
.highlight .nc { color: #bb0066; font-weight: bold } /* Name.Class */
.highlight .no { color: #003366; font-weight: bold } /* Name.Constant */
.highlight .nd { color: #555555 } /* Name.Decorator */
.highlight .ne { color: #bb0066; font-weight: bold } /* Name.Exception */
.highlight .nf { color: #0066bb; font-weight: bold } /* Name.Function */
.highlight .nl { color: #336699; font-style: italic } /* Name.Label */
.highlight .nn { color: #bb0066; font-weight: bold } /* Name.Namespace */
.highlight .py { color: #336699; font-weight: bold } /* Name.Property */
.highlight .nt { color: #bb0066; font-weight: bold } /* Name.Tag */
.highlight .nv { color: #336699 } /* Name.Variable */
.highlight .ow { color: #008800 } /* Operator.Word */
.highlight .w { color: #bbbbbb } /* Text.Whitespace */
.highlight .mb { color: #0000DD; font-weight: bold } /* Literal.Number.Bin */
.highlight .mf { color: #0000DD; font-weight: bold } /* Literal.Number.Float */
.highlight .mh { color: #0000DD; font-weight: bold } /* Literal.Number.Hex */
.highlight .mi { color: #0000DD; font-weight: bold } /* Literal.Number.Integer */
.highlight .mo { color: #0000DD; font-weight: bold } /* Literal.Number.Oct */
.highlight .sa { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Affix */
.highlight .sb { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Backtick */
.highlight .sc { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Char */
.highlight .dl { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Delimiter */
.highlight .sd { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Doc */
.highlight .s2 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Double */
.highlight .se { color: #0044dd; background-color: #fff0f0 } /* Literal.String.Escape */
.highlight .sh { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Heredoc */
.highlight .si { color: #3333bb; background-color: #fff0f0 } /* Literal.String.Interpol */
.highlight .sx { color: #22bb22; background-color: #f0fff0 } /* Literal.String.Other */
.highlight .sr { color: #008800; background-color: #fff0ff } /* Literal.String.Regex */
.highlight .s1 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Single */
.highlight .ss { color: #aa6600; background-color: #fff0f0 } /* Literal.String.Symbol */
.highlight .bp { color: #003388 } /* Name.Builtin.Pseudo */
.highlight .fm { color: #0066bb; font-weight: bold } /* Name.Function.Magic */
.highlight .vc { color: #336699 } /* Name.Variable.Class */
.highlight .vg { color: #dd7700 } /* Name.Variable.Global */
.highlight .vi { color: #3333bb } /* Name.Variable.Instance */
.highlight .vm { color: #336699 } /* Name.Variable.Magic */
.highlight .il { color: #0000DD; font-weight: bold } /* Literal.Number.Integer.Long */</style><div class="highlight"><pre><span></span><span class="cm">/*</span>
<span class="cm"> * rpc_misc.c</span>
<span class="cm"> * ----------</span>
<span class="cm"> * RPC interface to TRNG and PIN functions</span>
<span class="cm"> *</span>
<span class="cm"> * Authors: Rob Austein</span>
<span class="cm"> * Copyright (c) 2015, NORDUnet A/S All rights reserved.</span>
<span class="cm"> *</span>
<span class="cm"> * Redistribution and use in source and binary forms, with or without</span>
<span class="cm"> * modification, are permitted provided that the following conditions are</span>
<span class="cm"> * met:</span>
<span class="cm"> * - Redistributions of source code must retain the above copyright notice,</span>
<span class="cm"> *   this list of conditions and the following disclaimer.</span>
<span class="cm"> *</span>
<span class="cm"> * - Redistributions in binary form must reproduce the above copyright</span>
<span class="cm"> *   notice, this list of conditions and the following disclaimer in the</span>
<span class="cm"> *   documentation and/or other materials provided with the distribution.</span>
<span class="cm"> *</span>
<span class="cm"> * - Neither the name of the NORDUnet nor the names of its contributors may</span>
<span class="cm"> *   be used to endorse or promote products derived from this software</span>
<span class="cm"> *   without specific prior written permission.</span>
<span class="cm"> *</span>
<span class="cm"> * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS &quot;AS</span>
<span class="cm"> * IS&quot; AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED</span>
<span class="cm"> * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A</span>
<span class="cm"> * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT</span>
<span class="cm"> * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,</span>
<span class="cm"> * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED</span>
<span class="cm"> * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR</span>
<span class="cm"> * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF</span>
<span class="cm"> * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING</span>
<span class="cm"> * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS</span>
<span class="cm"> * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.</span>
<span class="cm"> */</span>

<span class="cp">#include</span><span class="w"> </span><span class="cpf">&lt;assert.h&gt;</span>

<span class="cp">#include</span><span class="w"> </span><span class="cpf">&quot;hal.h&quot;</span>
<span class="cp">#include</span><span class="w"> </span><span class="cpf">&quot;hal_internal.h&quot;</span>

<span class="k">static</span><span class="w"> </span><span class="n">hal_error_t</span><span class="w"> </span><span class="nf">get_version</span><span class="p">(</span><span class="kt">uint32_t</span><span class="w"> </span><span class="o">*</span><span class="n">version</span><span class="p">)</span>
<span class="p">{</span>
<span class="w">  </span><span class="o">*</span><span class="n">version</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">RPC_VERSION</span><span class="p">;</span>
<span class="w">  </span><span class="k">return</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">;</span>
<span class="p">}</span>

<span class="k">static</span><span class="w"> </span><span class="n">hal_error_t</span><span class="w"> </span><span class="nf">get_random</span><span class="p">(</span><span class="kt">void</span><span class="w"> </span><span class="o">*</span><span class="n">buffer</span><span class="p">,</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="kt">size_t</span><span class="w"> </span><span class="n">length</span><span class="p">)</span>
<span class="p">{</span>
<span class="w">  </span><span class="n">assert</span><span class="p">(</span><span class="n">buffer</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="nb">NULL</span><span class="w"> </span><span class="o">&amp;&amp;</span><span class="w"> </span><span class="n">length</span><span class="w"> </span><span class="o">&gt;</span><span class="w"> </span><span class="mi">0</span><span class="p">);</span>

<span class="w">  </span><span class="k">return</span><span class="w"> </span><span class="n">hal_get_random</span><span class="p">(</span><span class="nb">NULL</span><span class="p">,</span><span class="w"> </span><span class="n">buffer</span><span class="p">,</span><span class="w"> </span><span class="n">length</span><span class="p">);</span>
<span class="p">}</span>

<span class="cm">/*</span>
<span class="cm"> * PINs, salt, and iteration count live in the keystore.</span>
<span class="cm"> *</span>
<span class="cm"> * We also need a client table in conventional memory (here, probably)</span>
<span class="cm"> * to record login status.</span>
<span class="cm"> *</span>
<span class="cm"> * The USER and SO PINs correspond to PKCS #11.</span>
<span class="cm"> *</span>
<span class="cm"> * The WHEEL PIN is the one that&#39;s allowed to change the SO PIN.</span>
<span class="cm"> *</span>
<span class="cm"> * It&#39;s a bit unclear how we should manage changes to the WHEEL PIN.</span>
<span class="cm"> * Implementing a factory default would be easy enough (just</span>
<span class="cm"> * pre-compute and compile in a const hal_ks_pin_t), question is</span>
<span class="cm"> * whether doing so provides anything useful.  Certainly adds no real</span>
<span class="cm"> * security, question is whether it would help prevent accidently</span>
<span class="cm"> * bricking the HSM right out of the shrink wrap.</span>
<span class="cm"> *</span>
<span class="cm"> * More interesting question is whether we should ever allow the WHEEL</span>
<span class="cm"> * PIN to be changed a second time without toasting the keystore.</span>
<span class="cm"> */</span>

<span class="k">typedef</span><span class="w"> </span><span class="k">struct</span><span class="w"> </span><span class="p">{</span>
<span class="w">  </span><span class="n">hal_client_handle_t</span><span class="w"> </span><span class="n">handle</span><span class="p">;</span>
<span class="w">  </span><span class="n">hal_user_t</span><span class="w"> </span><span class="n">logged_in</span><span class="p">;</span>
<span class="p">}</span><span class="w"> </span><span class="n">client_slot_t</span><span class="p">;</span>

<span class="cp">#ifndef HAL_PIN_MINIMUM_ITERATIONS</span>
<span class="cp">#define HAL_PIN_MINIMUM_ITERATIONS 10000</span>
<span class="cp">#endif</span>

<span class="cp">#ifndef HAL_PIN_DEFAULT_ITERATIONS</span>
<span class="cp">#define HAL_PIN_DEFAULT_ITERATIONS 20000</span>
<span class="cp">#endif</span>

<span class="cp">#ifndef HAL_STATIC_CLIENT_STATE_BLOCKS</span>
<span class="cp">#define HAL_STATIC_CLIENT_STATE_BLOCKS	10</span>
<span class="cp">#endif</span>

<span class="cp">#if HAL_STATIC_CLIENT_STATE_BLOCKS &gt; 0</span>
<span class="k">static</span><span class="w"> </span><span class="n">client_slot_t</span><span class="w"> </span><span class="n">client_handle</span><span class="p">[</span><span class="n">HAL_STATIC_CLIENT_STATE_BLOCKS</span><span class="p">];</span>
<span class="cp">#endif</span>

<span class="cm">/*</span>
<span class="cm"> * Client handles are supplied by the application, we don&#39;t get to</span>
<span class="cm"> * pick them, we just store them and associate a login state with</span>
<span class="cm"> * them.  HAL_USER_NONE indicates an empty slot in the table.</span>
<span class="cm"> */</span>

<span class="k">static</span><span class="w"> </span><span class="kr">inline</span><span class="w"> </span><span class="n">client_slot_t</span><span class="w"> </span><span class="o">*</span><span class="nf">alloc_slot</span><span class="p">(</span><span class="kt">void</span><span class="p">)</span>
<span class="p">{</span>
<span class="cp">#if HAL_STATIC_CLIENT_STATE_BLOCKS &gt; 0</span>
<span class="w">  </span><span class="k">for</span><span class="w"> </span><span class="p">(</span><span class="kt">int</span><span class="w"> </span><span class="n">i</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span><span class="w"> </span><span class="n">i</span><span class="w"> </span><span class="o">&lt;</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">client_handle</span><span class="p">)</span><span class="o">/</span><span class="k">sizeof</span><span class="p">(</span><span class="o">*</span><span class="n">client_handle</span><span class="p">);</span><span class="w"> </span><span class="n">i</span><span class="o">++</span><span class="p">)</span>
<span class="w">    </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">client_handle</span><span class="p">[</span><span class="n">i</span><span class="p">].</span><span class="n">logged_in</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="n">HAL_USER_NONE</span><span class="p">)</span>
<span class="w">      </span><span class="k">return</span><span class="w"> </span><span class="o">&amp;</span><span class="n">client_handle</span><span class="p">[</span><span class="n">i</span><span class="p">];</span>
<span class="cp">#endif</span>

<span class="w">  </span><span class="k">return</span><span class="w"> </span><span class="nb">NULL</span><span class="p">;</span>
<span class="p">}</span>

<span class="k">static</span><span class="w"> </span><span class="kr">inline</span><span class="w"> </span><span class="n">client_slot_t</span><span class="w"> </span><span class="o">*</span><span class="nf">find_handle</span><span class="p">(</span><span class="k">const</span><span class="w"> </span><span class="n">hal_client_handle_t</span><span class="w"> </span><span class="n">handle</span><span class="p">)</span>
<span class="p">{</span>
<span class="cp">#if HAL_STATIC_CLIENT_STATE_BLOCKS &gt; 0</span>
<span class="w">  </span><span class="k">for</span><span class="w"> </span><span class="p">(</span><span class="kt">int</span><span class="w"> </span><span class="n">i</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span><span class="w"> </span><span class="n">i</span><span class="w"> </span><span class="o">&lt;</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">client_handle</span><span class="p">)</span><span class="o">/</span><span class="k">sizeof</span><span class="p">(</span><span class="o">*</span><span class="n">client_handle</span><span class="p">);</span><span class="w"> </span><span class="n">i</span><span class="o">++</span><span class="p">)</span>
<span class="w">    </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">client_handle</span><span class="p">[</span><span class="n">i</span><span class="p">].</span><span class="n">logged_in</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_USER_NONE</span><span class="w"> </span><span class="o">&amp;&amp;</span><span class="w"> </span><span class="n">client_handle</span><span class="p">[</span><span class="n">i</span><span class="p">].</span><span class="n">handle</span><span class="p">.</span><span class="n">handle</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="n">handle</span><span class="p">.</span><span class="n">handle</span><span class="p">)</span>
<span class="w">      </span><span class="k">return</span><span class="w"> </span><span class="o">&amp;</span><span class="n">client_handle</span><span class="p">[</span><span class="n">i</span><span class="p">];</span>
<span class="cp">#endif</span>

<span class="w">  </span><span class="k">return</span><span class="w"> </span><span class="nb">NULL</span><span class="p">;</span>
<span class="p">}</span>

<span class="k">static</span><span class="w"> </span><span class="n">hal_error_t</span><span class="w"> </span><span class="nf">login</span><span class="p">(</span><span class="k">const</span><span class="w"> </span><span class="n">hal_client_handle_t</span><span class="w"> </span><span class="n">client</span><span class="p">,</span>
<span class="w">                         </span><span class="k">const</span><span class="w"> </span><span class="n">hal_user_t</span><span class="w"> </span><span class="n">user</span><span class="p">,</span>
<span class="w">                         </span><span class="k">const</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">*</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="n">pin</span><span class="p">,</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="kt">size_t</span><span class="w"> </span><span class="n">pin_len</span><span class="p">)</span>
<span class="p">{</span>
<span class="w">  </span><span class="n">assert</span><span class="p">(</span><span class="n">pin</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="nb">NULL</span><span class="w"> </span><span class="o">&amp;&amp;</span><span class="w"> </span><span class="n">pin_len</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="mi">0</span><span class="p">);</span>
<span class="w">  </span><span class="n">assert</span><span class="p">(</span><span class="n">user</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="n">HAL_USER_NORMAL</span><span class="w"> </span><span class="o">||</span><span class="w"> </span><span class="n">user</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="n">HAL_USER_SO</span><span class="w"> </span><span class="o">||</span><span class="w"> </span><span class="n">user</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="n">HAL_USER_WHEEL</span><span class="p">);</span>

<span class="w">  </span><span class="k">const</span><span class="w"> </span><span class="n">hal_ks_pin_t</span><span class="w"> </span><span class="o">*</span><span class="n">p</span><span class="p">;</span>
<span class="w">  </span><span class="n">hal_error_t</span><span class="w"> </span><span class="n">err</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_ks_get_pin</span><span class="p">(</span><span class="n">user</span><span class="p">,</span><span class="w"> </span><span class="o">&amp;</span><span class="n">p</span><span class="p">))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">err</span><span class="p">;</span>

<span class="w">  </span><span class="kt">uint8_t</span><span class="w"> </span><span class="n">buf</span><span class="p">[</span><span class="k">sizeof</span><span class="p">(</span><span class="n">p</span><span class="o">-&gt;</span><span class="n">pin</span><span class="p">)];</span>
<span class="w">  </span><span class="k">const</span><span class="w"> </span><span class="kt">uint32_t</span><span class="w"> </span><span class="n">iterations</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">p</span><span class="o">-&gt;</span><span class="n">iterations</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="mi">0</span><span class="w"> </span><span class="o">?</span><span class="w"> </span><span class="n">HAL_PIN_DEFAULT_ITERATIONS</span><span class="w"> </span><span class="o">:</span><span class="w"> </span><span class="n">p</span><span class="o">-&gt;</span><span class="n">iterations</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_pbkdf2</span><span class="p">(</span><span class="nb">NULL</span><span class="p">,</span><span class="w"> </span><span class="n">hal_hash_sha256</span><span class="p">,</span><span class="w"> </span><span class="p">(</span><span class="k">const</span><span class="w"> </span><span class="kt">uint8_t</span><span class="w"> </span><span class="o">*</span><span class="p">)</span><span class="w"> </span><span class="n">pin</span><span class="p">,</span><span class="w"> </span><span class="n">pin_len</span><span class="p">,</span>
<span class="w">                        </span><span class="n">p</span><span class="o">-&gt;</span><span class="n">salt</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">p</span><span class="o">-&gt;</span><span class="n">salt</span><span class="p">),</span><span class="w"> </span><span class="n">buf</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">buf</span><span class="p">),</span><span class="w"> </span><span class="n">iterations</span><span class="p">))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">err</span><span class="p">;</span>

<span class="w">  </span><span class="kt">unsigned</span><span class="w"> </span><span class="n">diff</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>
<span class="w">  </span><span class="k">for</span><span class="w"> </span><span class="p">(</span><span class="kt">int</span><span class="w"> </span><span class="n">i</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span><span class="w"> </span><span class="n">i</span><span class="w"> </span><span class="o">&lt;</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">buf</span><span class="p">);</span><span class="w"> </span><span class="n">i</span><span class="o">++</span><span class="p">)</span>
<span class="w">    </span><span class="n">diff</span><span class="w"> </span><span class="o">|=</span><span class="w"> </span><span class="n">buf</span><span class="p">[</span><span class="n">i</span><span class="p">]</span><span class="w"> </span><span class="o">^</span><span class="w"> </span><span class="n">p</span><span class="o">-&gt;</span><span class="n">pin</span><span class="p">[</span><span class="n">i</span><span class="p">];</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">diff</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="mi">0</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">HAL_ERROR_PIN_INCORRECT</span><span class="p">;</span>

<span class="w">  </span><span class="n">client_slot_t</span><span class="w"> </span><span class="o">*</span><span class="n">slot</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">find_handle</span><span class="p">(</span><span class="n">client</span><span class="p">);</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">slot</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="nb">NULL</span><span class="w"> </span><span class="o">&amp;&amp;</span><span class="w"> </span><span class="p">(</span><span class="n">slot</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">alloc_slot</span><span class="p">())</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="nb">NULL</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">HAL_ERROR_NO_CLIENT_SLOTS_AVAILABLE</span><span class="p">;</span>

<span class="w">  </span><span class="n">slot</span><span class="o">-&gt;</span><span class="n">handle</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">client</span><span class="p">;</span>
<span class="w">  </span><span class="n">slot</span><span class="o">-&gt;</span><span class="n">logged_in</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">user</span><span class="p">;</span>

<span class="w">  </span><span class="k">return</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">;</span>
<span class="p">}</span>

<span class="k">static</span><span class="w"> </span><span class="n">hal_error_t</span><span class="w"> </span><span class="nf">is_logged_in</span><span class="p">(</span><span class="k">const</span><span class="w"> </span><span class="n">hal_client_handle_t</span><span class="w"> </span><span class="n">client</span><span class="p">,</span>
<span class="w">                                </span><span class="k">const</span><span class="w"> </span><span class="n">hal_user_t</span><span class="w"> </span><span class="n">user</span><span class="p">)</span>
<span class="p">{</span>
<span class="w">  </span><span class="n">assert</span><span class="p">(</span><span class="n">user</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="n">HAL_USER_NORMAL</span><span class="w"> </span><span class="o">||</span><span class="w"> </span><span class="n">user</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="n">HAL_USER_SO</span><span class="w"> </span><span class="o">||</span><span class="w"> </span><span class="n">user</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="n">HAL_USER_WHEEL</span><span class="p">);</span>

<span class="w">  </span><span class="n">client_slot_t</span><span class="w"> </span><span class="o">*</span><span class="n">slot</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">find_handle</span><span class="p">(</span><span class="n">client</span><span class="p">);</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">slot</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="nb">NULL</span><span class="w"> </span><span class="o">||</span><span class="w"> </span><span class="n">slot</span><span class="o">-&gt;</span><span class="n">logged_in</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">user</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">HAL_ERROR_FORBIDDEN</span><span class="p">;</span>

<span class="w">  </span><span class="k">return</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">;</span>
<span class="p">}</span>

<span class="k">static</span><span class="w"> </span><span class="n">hal_error_t</span><span class="w"> </span><span class="nf">logout</span><span class="p">(</span><span class="k">const</span><span class="w"> </span><span class="n">hal_client_handle_t</span><span class="w"> </span><span class="n">client</span><span class="p">)</span>
<span class="p">{</span>
<span class="w">  </span><span class="n">client_slot_t</span><span class="w"> </span><span class="o">*</span><span class="n">slot</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">find_handle</span><span class="p">(</span><span class="n">client</span><span class="p">);</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">slot</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="nb">NULL</span><span class="p">)</span>
<span class="w">    </span><span class="n">slot</span><span class="o">-&gt;</span><span class="n">logged_in</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">HAL_USER_NONE</span><span class="p">;</span>

<span class="w">  </span><span class="k">return</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">;</span>
<span class="p">}</span>

<span class="k">static</span><span class="w"> </span><span class="n">hal_error_t</span><span class="w"> </span><span class="nf">logout_all</span><span class="p">(</span><span class="kt">void</span><span class="p">)</span>
<span class="p">{</span>
<span class="cp">#if HAL_STATIC_CLIENT_STATE_BLOCKS &gt; 0</span>
<span class="w">  </span><span class="k">for</span><span class="w"> </span><span class="p">(</span><span class="kt">int</span><span class="w"> </span><span class="n">i</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span><span class="w"> </span><span class="n">i</span><span class="w"> </span><span class="o">&lt;</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">client_handle</span><span class="p">)</span><span class="o">/</span><span class="k">sizeof</span><span class="p">(</span><span class="o">*</span><span class="n">client_handle</span><span class="p">);</span><span class="w"> </span><span class="n">i</span><span class="o">++</span><span class="p">)</span>
<span class="w">    </span><span class="n">client_handle</span><span class="p">[</span><span class="n">i</span><span class="p">].</span><span class="n">logged_in</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">HAL_USER_NONE</span><span class="p">;</span>
<span class="cp">#endif</span>

<span class="w">  </span><span class="k">return</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">;</span>
<span class="p">}</span>

<span class="k">static</span><span class="w"> </span><span class="n">hal_error_t</span><span class="w"> </span><span class="nf">set_pin</span><span class="p">(</span><span class="k">const</span><span class="w"> </span><span class="n">hal_client_handle_t</span><span class="w"> </span><span class="n">client</span><span class="p">,</span>
<span class="w">                           </span><span class="k">const</span><span class="w"> </span><span class="n">hal_user_t</span><span class="w"> </span><span class="n">user</span><span class="p">,</span>
<span class="w">                           </span><span class="k">const</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">*</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="n">newpin</span><span class="p">,</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="kt">size_t</span><span class="w"> </span><span class="n">newpin_len</span><span class="p">)</span>
<span class="p">{</span>
<span class="w">  </span><span class="n">assert</span><span class="p">(</span><span class="n">newpin</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="nb">NULL</span><span class="w"> </span><span class="o">&amp;&amp;</span><span class="w"> </span><span class="n">newpin_len</span><span class="w"> </span><span class="o">&gt;=</span><span class="w"> </span><span class="n">hal_rpc_min_pin_length</span><span class="w"> </span><span class="o">&amp;&amp;</span><span class="w"> </span><span class="n">newpin_len</span><span class="w"> </span><span class="o">&lt;=</span><span class="w"> </span><span class="n">hal_rpc_max_pin_length</span><span class="p">);</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">user</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_USER_NORMAL</span><span class="w"> </span><span class="o">||</span><span class="w"> </span><span class="n">is_logged_in</span><span class="p">(</span><span class="n">client</span><span class="p">,</span><span class="w"> </span><span class="n">HAL_USER_SO</span><span class="p">)</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span><span class="w"> </span><span class="o">&amp;&amp;</span>
<span class="w">      </span><span class="n">is_logged_in</span><span class="p">(</span><span class="n">client</span><span class="p">,</span><span class="w"> </span><span class="n">HAL_USER_WHEEL</span><span class="p">)</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">HAL_ERROR_FORBIDDEN</span><span class="p">;</span>

<span class="w">  </span><span class="k">const</span><span class="w"> </span><span class="n">hal_ks_pin_t</span><span class="w"> </span><span class="o">*</span><span class="n">pp</span><span class="p">;</span>
<span class="w">  </span><span class="n">hal_error_t</span><span class="w"> </span><span class="n">err</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_ks_get_pin</span><span class="p">(</span><span class="n">user</span><span class="p">,</span><span class="w"> </span><span class="o">&amp;</span><span class="n">pp</span><span class="p">))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">err</span><span class="p">;</span>

<span class="w">  </span><span class="n">hal_ks_pin_t</span><span class="w"> </span><span class="n">p</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="o">*</span><span class="n">pp</span><span class="p">;</span>

<span class="w">  </span><span class="cm">/*</span>
<span class="cm">   * Another all-zeros vs all-ones disagreement between drivers.</span>
<span class="cm">   */</span>
<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">p</span><span class="p">.</span><span class="n">iterations</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="mh">0x00000000</span><span class="w"> </span><span class="o">||</span><span class="w"> </span><span class="n">p</span><span class="p">.</span><span class="n">iterations</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="mh">0xffffffff</span><span class="p">)</span>
<span class="w">    </span><span class="n">p</span><span class="p">.</span><span class="n">iterations</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">HAL_PIN_DEFAULT_ITERATIONS</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_get_random</span><span class="p">(</span><span class="nb">NULL</span><span class="p">,</span><span class="w"> </span><span class="n">p</span><span class="p">.</span><span class="n">salt</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">p</span><span class="p">.</span><span class="n">salt</span><span class="p">)))</span><span class="w">      </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="w"> </span><span class="o">||</span>
<span class="w">      </span><span class="p">(</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_pbkdf2</span><span class="p">(</span><span class="nb">NULL</span><span class="p">,</span><span class="w"> </span><span class="n">hal_hash_sha256</span><span class="p">,</span>
<span class="w">                        </span><span class="p">(</span><span class="k">const</span><span class="w"> </span><span class="kt">uint8_t</span><span class="w"> </span><span class="o">*</span><span class="p">)</span><span class="w"> </span><span class="n">newpin</span><span class="p">,</span><span class="w"> </span><span class="n">newpin_len</span><span class="p">,</span>
<span class="w">                        </span><span class="n">p</span><span class="p">.</span><span class="n">salt</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">p</span><span class="p">.</span><span class="n">salt</span><span class="p">),</span>
<span class="w">                        </span><span class="n">p</span><span class="p">.</span><span class="n">pin</span><span class="p">,</span><span class="w">  </span><span class="k">sizeof</span><span class="p">(</span><span class="n">p</span><span class="p">.</span><span class="n">pin</span><span class="p">),</span><span class="w"> </span><span class="n">p</span><span class="p">.</span><span class="n">iterations</span><span class="p">))</span><span class="w">   </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="w"> </span><span class="o">||</span>
<span class="w">      </span><span class="p">(</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_ks_set_pin</span><span class="p">(</span><span class="n">user</span><span class="p">,</span><span class="w"> </span><span class="o">&amp;</span><span class="n">p</span><span class="p">))</span><span class="w">                          </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">err</span><span class="p">;</span>

<span class="w">  </span><span class="k">return</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">;</span>
<span class="p">}</span>

<span class="k">const</span><span class="w"> </span><span class="n">hal_rpc_misc_dispatch_t</span><span class="w"> </span><span class="n">hal_rpc_local_misc_dispatch</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">{</span>
<span class="w">  </span><span class="n">set_pin</span><span class="p">,</span>
<span class="w">  </span><span class="n">login</span><span class="p">,</span>
<span class="w">  </span><span class="n">logout</span><span class="p">,</span>
<span class="w">  </span><span class="n">logout_all</span><span class="p">,</span>
<span class="w">  </span><span class="n">is_logged_in</span><span class="p">,</span>
<span class="w">  </span><span class="n">get_random</span><span class="p">,</span>
<span class="w">  </span><span class="n">get_version</span>
<span class="p">};</span>

<span class="cm">/*</span>
<span class="cm"> * Local variables:</span>
<span class="cm"> * indent-tabs-mode: nil</span>
<span class="cm"> * End:</span>
<span class="cm"> */</span>
</pre></div>
</code></pre></td></tr></table>
</div> <!-- class=content -->
<div class='footer'>generated by <a href='https://git.zx2c4.com/cgit/about/'>cgit v1.2.3</a> (<a href='https://git-scm.com/'>git 2.25.1</a>) at 2024-11-13 01:14:40 +0000</div>
</div> <!-- id=cgit -->
</body>
</html>