diff options
author | Paul Selkirk <paul@psgd.org> | 2018-02-26 16:06:42 -0500 |
---|---|---|
committer | Paul Selkirk <paul@psgd.org> | 2018-04-19 18:50:32 -0400 |
commit | af127e807008b2153d597e756ff26da69daf9e45 (patch) | |
tree | 6bab36ce01ffbbafa0e9d19f5bfd07e2471f58e6 /projects | |
parent | 33ac5751d8e56b8cbec0cc5ac41a18f2692e4bf9 (diff) |
Implement hash-based signatures, per draft-mcgrew-hash-sigs-08.txt
Diffstat (limited to 'projects')
-rw-r--r-- | projects/hsm/hsm.c | 9 | ||||
-rw-r--r-- | projects/hsm/mgmt-keystore.c | 16 |
2 files changed, 17 insertions, 8 deletions
diff --git a/projects/hsm/hsm.c b/projects/hsm/hsm.c index f20ee64..d971f14 100644 --- a/projects/hsm/hsm.c +++ b/projects/hsm/hsm.c @@ -90,18 +90,11 @@ static uint8_t busy_stack[BUSY_STACK_SIZE]; #endif static uint8_t cli_stack[CLI_STACK_SIZE]; -#ifndef MAX_PKT_SIZE -/* An arbitrary number, more or less driven by the 4096-bit RSA - * keygen test. - */ -#define MAX_PKT_SIZE 4096 -#endif - /* RPC buffers. For each active request, there will be two - input and output. */ typedef struct rpc_buffer_s { size_t len; - uint8_t buf[MAX_PKT_SIZE]; + uint8_t buf[HAL_RPC_MAX_PKT_SIZE]; struct rpc_buffer_s *next; /* for ibuf queue linking */ } rpc_buffer_t; diff --git a/projects/hsm/mgmt-keystore.c b/projects/hsm/mgmt-keystore.c index b79a5fe..a7fdffe 100644 --- a/projects/hsm/mgmt-keystore.c +++ b/projects/hsm/mgmt-keystore.c @@ -180,6 +180,8 @@ static int cmd_keystore_delete_key(struct cli_def *cli, const char *command, cha return CLI_OK; } +#include "ks.h" + static int show_keys(struct cli_def *cli, const char *title) { const hal_client_handle_t client = { -1 }; @@ -198,6 +200,16 @@ static int show_keys(struct cli_def *cli, const char *title) cli_print(cli, title); + size_t avail; + if ((status = hal_ks_available(hal_ks_token, &avail)) == HAL_OK) + cli_print(cli, "Token keystore: %d available", avail); + else + cli_print(cli, "Error reading token keystore: %s", hal_error_string(status)); + if ((status = hal_ks_available(hal_ks_volatile, &avail)) == HAL_OK) + cli_print(cli, "Volatile keystore: %d available", avail); + else + cli_print(cli, "Error reading volatile keystore: %s", hal_error_string(status)); + while (!done) { if ((status = hal_rpc_pkey_match(client, session, HAL_KEY_TYPE_NONE, HAL_CURVE_NONE, @@ -248,6 +260,10 @@ static int show_keys(struct cli_def *cli, const char *title) case HAL_KEY_TYPE_RSA_PUBLIC: type_name = "RSA public"; break; case HAL_KEY_TYPE_EC_PRIVATE: type_name = "EC private"; break; case HAL_KEY_TYPE_EC_PUBLIC: type_name = "EC public"; break; + case HAL_KEY_TYPE_HASHSIG_PRIVATE: type_name = "hashsig private"; break; + case HAL_KEY_TYPE_HASHSIG_PUBLIC: type_name = "hashsig public"; break; + case HAL_KEY_TYPE_HASHSIG_LMS: type_name = "hashsig lms"; break; + case HAL_KEY_TYPE_HASHSIG_LMOTS: type_name = "hashsig lmots"; break; } const char *curve_name = "unknown"; |