aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2022-01-04Convert PyCrypto to PyCryptodomeHEADmasterRob Austein
See commit comments in sw/libhal for details
2020-07-13Missed (one?) script while converting to Python 3python3Rob Austein
2020-07-13Yet another wired-in python versionRob Austein
2020-07-13Whack all Python shebangs to Python 3Rob Austein
2020-06-10Whack with club until works with Python 2 and Python 3Rob Austein
String types are still a bit weird. Amost everything here is currently required to be bytes rather than str in Python 3, which feels a bit unnatural, but everything on the wire has to be bytes and we don't really have enough information to know when we should be converting back to str. In the long term, once we ditch Python 2, we may be able to do a bit better for things like the string versions of attribute names, but for the moment it's simplest to stick with bytes.
2020-05-26Wow, python-version-independent hexadecimal is painfulRob Austein
2020-05-25Untested conversion to support Python 3Rob Austein
2018-08-27Update .gitignore with newish test appsPaul Selkirk
2018-08-27Fix shared library namePaul Selkirk
2018-08-27Support non-standard libhal/libtfm locationPaul Selkirk
2018-07-18Clean up old unused variable warnings.Rob Austein
2018-03-03More useful script output.Rob Austein
Overall performance numbers are still bad. Presumably having a single global PKCS #11 lock does not help here. Need a bitstream with more ModExp and ECDSA cores before this will matter much, but will likely need to figure out some way to do per-session locking instead of global for operations we want to run in parallel. At which point we'll be on the road to deadlock hell, so will need some care.
2018-03-03Doh, mutexes work better when plugged in.Rob Austein
2018-03-03Cleanup.Rob Austein
2018-03-03First cut at timing test using multiple threads.Rob Austein
At the moment this only works with a single worker thread: multiple threads get weird errors from PKCS #11. This is probably a PKCS #11 implementation issue rather than a bug in this script. So, in the spirit of test-driven development, this script is the failing test.
2017-05-20Clean up C_GetTokenInfo().Rob Austein
2017-05-20HMAC notes.Rob Austein
2017-05-20Clean up ancient cruft: p11util, SQL-based hsmbully test.Rob Austein
p11util has long since been overtaken by developments: everything it used to do is now doable on the console, and if for some reason we really needed a tool to change PINs via the RPC port, we could do it in a dozen lines of Python using the cryptech.libhal RPC API. hsmbully may still be a useful test, but all the antics with configuring SQL database and on-disk keystores is long since obsolete.
2017-05-19More access control cleanup.Rob Austein
2017-05-19Start cleaning up info functions.Rob Austein
2017-05-19Consolidate session-state-based access control.Rob Austein
2017-05-18Translate more PKCS #11 attributes into HAL_KEY_FLAG_* settings.Rob Austein
2017-05-18Clean up a few gratuitous obscurities.Rob Austein
2017-05-10Clean up default location of PKCS #11 library.Rob Austein
2017-05-09Update README.md.Rob Austein
2017-05-04Regression tests for today's C_FindObjects() bugfixes.Rob Austein
2017-05-04Doh, C_FindObjects() works better if we preserve its state across calls.Rob Austein
2017-05-04Support using C_GetFunctionList() instead of library symbols.Rob Austein
The Python ctypes library allows us direct access to the public symbols of a shared library, so we never bothered to implement support for using the dispatch vector returned by C_GetFunctionList(). Well, it turns out that there are useful debugging tools like pkcs11-spy which require the dispatch vector support, so refactor to add it.
2017-04-14Python interface API will need to be cryptech.py11 for installation.Rob Austein
2017-04-11Track API changes on sw/libhal pkcs8 branch.Rob Austein
2017-04-08Track API changes in sw/libhal pkcs8 branch.Rob Austein
2017-03-08Check for cryptech_muxd when setting LIBHAL_TARGET.Rob Austein
2017-03-03Clean up time-signature script.Rob Austein
2017-03-01Flip default connection method from "serial" to "daemon".Rob Austein
2017-03-01Test all key types by default.Rob Austein
2017-03-01Timing test script.Rob Austein
2017-01-31Be more careful with handle cleanup, to support parallel testing.Rob Austein
2016-11-22Remove SQLite3 from build, no longer needed.Rob Austein
2016-11-22Doh, C_GetAttributeValue() lost descriptor lookup during conversion from SQL.Rob Austein
Track change from hal_rpc_pkey_attribute_t to hal_pkey_attribute_t.
2016-11-21Start shaking bugs out of new pkcs11.c code. Still pretty broken.Rob Austein
2016-11-20Compiles without SQLite3. Does not run (yet).Rob Austein
2016-11-19New branch for PKCS #11 without SQLite3. Checkpoint, doesn't compile yet.Rob Austein
We're going to want this in a separate branch from ksng at least for a little while, so that we can flip back and forth easily to run the same tests. Current code doesn't even compile yet, but is far enough along to be worth backing up off-machine.
2016-11-14hal_rpc_pkey_find() -> hal_rpc_pkey_open().Rob Austein
2016-10-25Remove unused column from schema.Rob Austein
2016-10-25Track libhal HAL_DIGEST_ALGORITHM_ change.Rob Austein
2016-10-16Clean Python compiled byte code too.Rob Austein
2016-10-07Track changes to libhal RPC pkey API.Rob Austein
2016-09-09Track removal of `type` argument from hal_rpc_pkey_find().Rob Austein
2016-09-03Hack PKCS #11 to work with revised libhal pkey API.Rob Austein
2016-08-16More pkcs11test fixes: nuanced read-only, error code proliferation.Rob Austein
PKCS #11's notion of a "read-only" session is odd: read-only sessions can still create/modify/destroy objects, just not "token" objects. C_SeedRandom() has its own special "nope, didn't implement that" error code, apparently the one everything else uses wasn't good enough. C_Login() has different error codes for "you're already logged in" and "you're already logged in as somebody else".