diff options
author | Paul Selkirk <paul@psgd.org> | 2020-04-29 11:44:17 -0400 |
---|---|---|
committer | Paul Selkirk <paul@psgd.org> | 2020-04-29 11:44:17 -0400 |
commit | 042f99af11085a1979ca5b2670b11672ad934654 (patch) | |
tree | de540e20fc80cc66ff6a7a66cac16c952007db44 /projects/hsm | |
parent | f09f1b8f4494e90ee672e92f3357229bdfb7d0ae (diff) |
The new keywrap core now talks directly to the MKM, so there are some API changes.
Diffstat (limited to 'projects/hsm')
-rw-r--r-- | projects/hsm/mgmt-masterkey.c | 11 | ||||
-rw-r--r-- | projects/hsm/mgmt-misc.c | 32 |
2 files changed, 8 insertions, 35 deletions
diff --git a/projects/hsm/mgmt-masterkey.c b/projects/hsm/mgmt-masterkey.c index e63e0e0..97e62a0 100644 --- a/projects/hsm/mgmt-masterkey.c +++ b/projects/hsm/mgmt-masterkey.c @@ -70,7 +70,7 @@ static int cmd_masterkey_status(struct cli_def *cli, const char *command, char * cli_print(cli, "Status of master key:\n"); - status = hal_mkm_volatile_read(NULL, 0); + status = hal_keywrap_mkm_status(NULL); cli_print(cli, " volatile: %s / %s", _status2str(status), hal_error_string(status)); status = hal_mkm_flash_read(NULL, 0); @@ -170,11 +170,16 @@ static int _masterkey_set(struct cli_def *cli, char *argv[], int argc, return CLI_OK; } +static hal_error_t _mkm_volatile_write(const uint8_t *kek, const size_t kek_len) +{ + return hal_keywrap_mkm_write(NULL, kek, kek_len); +} + static int cmd_masterkey_set(struct cli_def *cli, const char *command, char *argv[], int argc) { command = command; - return _masterkey_set(cli, argv, argc, "volatile", hal_mkm_volatile_write); + return _masterkey_set(cli, argv, argc, "volatile", _mkm_volatile_write); } static int cmd_masterkey_erase(struct cli_def *cli, const char *command, char *argv[], int argc) @@ -185,7 +190,7 @@ static int cmd_masterkey_erase(struct cli_def *cli, const char *command, char *a argv = argv; argc = argc; - if ((err = hal_mkm_volatile_erase(KEK_LENGTH)) == LIBHAL_OK) { + if ((err = hal_keywrap_mkm_erase(NULL, KEK_LENGTH)) == LIBHAL_OK) { cli_print(cli, "Erased master key from volatile memory"); } else { cli_print(cli, "Failed erasing master key from volatile memory: %s", hal_error_string(err)); diff --git a/projects/hsm/mgmt-misc.c b/projects/hsm/mgmt-misc.c index e732484..377af73 100644 --- a/projects/hsm/mgmt-misc.c +++ b/projects/hsm/mgmt-misc.c @@ -230,40 +230,8 @@ static int cmd_rsa_modexpng(struct cli_def *cli, const char *command, char *argv return CLI_ERROR; } -static int cmd_keywrap_core(struct cli_def *cli, const char *command, char *argv[], int argc) -{ - int onoff; - - if (argc != 1) { - cli_print(cli, "Wrong number of arguments (%i).", argc); - cli_print(cli, "Syntax: %s <on|off>", command); - return CLI_ERROR; - } - - if (strcmp(argv[0], "on") == 0) - onoff = 1; - else if (strcmp(argv[0], "off") == 0) - onoff = 0; - else { - cli_print(cli, "Argument must be 'on' or 'off' - not '%s'", argv[0]); - return CLI_ERROR; - } - - hal_error_t err; - if ((err = hal_aes_use_keywrap_core(onoff)) == LIBHAL_OK) - return CLI_OK; - - cli_print(cli, hal_error_string(err)); - return CLI_ERROR; -} - void configure_cli_misc(struct cli_def *cli) { - struct cli_command *c_keywrap = cli_register_command(cli, NULL, "keywrap", NULL, 0, 0, NULL); - - /* keywrap core */ - cli_register_command(cli, c_keywrap, "core", cmd_keywrap_core, 0, 0, "Set use of the keywrap core"); - #ifdef DO_PROFILING struct cli_command *c_profile = cli_register_command(cli, NULL, "profile", NULL, 0, 0, NULL); |