diff options
Diffstat (limited to 'projects/hsm')
-rw-r--r-- | projects/hsm/Makefile | 10 | ||||
-rw-r--r-- | projects/hsm/mgmt-cli.c | 14 | ||||
-rw-r--r-- | projects/hsm/mgmt-misc.c | 138 |
3 files changed, 135 insertions, 27 deletions
diff --git a/projects/hsm/Makefile b/projects/hsm/Makefile index 37c552d..a2b7c0d 100644 --- a/projects/hsm/Makefile +++ b/projects/hsm/Makefile @@ -16,6 +16,8 @@ CFLAGS += -DNUM_RPC_TASK=4 CFLAGS += -I$(LIBHAL_SRC) CFLAGS += -I$(LIBCLI_SRC) +CFLAGS += -I$(LIBTFM_BLD) +CFLAGS += -Wno-missing-field-initializers LIBS += $(LIBHAL_BLD)/libhal.a $(LIBTFM_BLD)/libtfm.a LIBS += $(LIBCLI_BLD)/libcli.a @@ -32,6 +34,14 @@ ifdef DO_TASK_METRICS CFLAGS += -DDO_TASK_METRICS endif +ifdef DO_TIMING +CFLAGS += -DDO_TIMING +CFLAGS += -I../cli-test +CFLAGS += -DCLI_STACK_SIZE=65536 +OBJS += ../cli-test/mgmt-timing.o $(TOPLEVEL)/stm-dwt.o +LDFLAGS += -lm +endif + all: $(PROJ:=.elf) %.elf: %.o $(BOARD_OBJS) $(OBJS) $(LIBS) diff --git a/projects/hsm/mgmt-cli.c b/projects/hsm/mgmt-cli.c index 2b5be1f..fd5c90a 100644 --- a/projects/hsm/mgmt-cli.c +++ b/projects/hsm/mgmt-cli.c @@ -4,6 +4,8 @@ * Management CLI code. * * Copyright (c) 2016-2017, NORDUnet A/S All rights reserved. + * Copyright: 2020, The Commons Conservancy Cryptech Project + * SPDX-License-Identifier: BSD-3-Clause * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are @@ -15,9 +17,9 @@ * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * - * - Neither the name of the NORDUnet nor the names of its contributors may - * be used to endorse or promote products derived from this software - * without specific prior written permission. + * - Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED @@ -49,6 +51,9 @@ #include "mgmt-keystore.h" #include "mgmt-masterkey.h" #include "mgmt-task.h" +#ifdef DO_TIMING +#include "mgmt-timing.h" +#endif #undef HAL_OK #define HAL_OK LIBHAL_OK @@ -197,6 +202,9 @@ int cli_main(void) configure_cli_bootloader(cli); configure_cli_misc(cli); configure_cli_task(cli); +#ifdef DO_TIMING + configure_cli_timing(cli); +#endif while (1) { control_mgmt_uart_dma_rx(DMA_RX_START); diff --git a/projects/hsm/mgmt-misc.c b/projects/hsm/mgmt-misc.c index 72ee1f2..116197d 100644 --- a/projects/hsm/mgmt-misc.c +++ b/projects/hsm/mgmt-misc.c @@ -3,7 +3,9 @@ * ----------- * Miscellaneous CLI functions. * - * Copyright (c) 2016, NORDUnet A/S All rights reserved. + * Copyright (c) 2016-2018, NORDUnet A/S All rights reserved. + * Copyright: 2020, The Commons Conservancy Cryptech Project + * SPDX-License-Identifier: BSD-3-Clause * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are @@ -15,9 +17,9 @@ * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * - * - Neither the name of the NORDUnet nor the names of its contributors may - * be used to endorse or promote products derived from this software - * without specific prior written permission. + * - Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED @@ -155,32 +157,108 @@ static int cmd_reboot(struct cli_def *cli, const char *command, char *argv[], in return CLI_OK; } -static int cmd_keywrap_core(struct cli_def *cli, const char *command, char *argv[], int argc) +static int cmd_rsa_blinding(struct cli_def *cli, const char *command, char *argv[], int argc) { - command = command; + if (argc != 1) { + cli_print(cli, "Wrong number of arguments (%i).", argc); + cli_print(cli, "Syntax: %s <on|off|clear>", command); + return CLI_ERROR; + } + + if (strcmp(argv[0], "on") == 0) + hal_rsa_set_blinding(1); + else if (strcmp(argv[0], "off") == 0) + hal_rsa_set_blinding(0); + else if (strcmp(argv[0], "clear") == 0) + hal_rsa_clear_blinding_cache(); + else { + cli_print(cli, "Argument must be 'on', 'off', or 'clear' - not '%s'", argv[0]); + return CLI_ERROR; + } + + return CLI_OK; +} + +static int cmd_rsa_crt(struct cli_def *cli, const char *command, char *argv[], int argc) +{ + int onoff; + + if (argc != 1) { + cli_print(cli, "Wrong number of arguments (%i).", argc); + cli_print(cli, "Syntax: %s <on|off>", command); + return CLI_ERROR; + } + + if (strcmp(argv[0], "on") == 0) + onoff = 1; + else if (strcmp(argv[0], "off") == 0) + onoff = 0; + else { + cli_print(cli, "Argument must be 'on' or 'off' - not '%s'", argv[0]); + return CLI_ERROR; + } + + hal_rsa_set_crt(onoff); + + return CLI_OK; +} + +static int cmd_rsa_modexpng(struct cli_def *cli, const char *command, char *argv[], int argc) +{ + int onoff; - if (argc == 1) { - int onoff = -1; - if (strcmp(argv[0], "on") == 0) - onoff = 1; - else if (strcmp(argv[0], "off") == 0) - onoff = 0; - if (onoff >= 0) { - int ret = hal_aes_use_keywrap_core(onoff); - if (ret) - cli_print(cli, "keywrap core enabled"); - else if (onoff) - cli_print(cli, "keywrap core not found"); - else - cli_print(cli, "keywrap core disabled"); - return CLI_OK; - } + if (argc != 1) { + cli_print(cli, "Wrong number of arguments (%i).", argc); + cli_print(cli, "Syntax: %s <on|off>", command); + return CLI_ERROR; } - cli_print(cli, "Syntax: keywrap core <on|off>"); + if (strcmp(argv[0], "on") == 0) + onoff = 1; + else if (strcmp(argv[0], "off") == 0) + onoff = 0; + else { + cli_print(cli, "Argument must be 'on' or 'off' - not '%s'", argv[0]); + return CLI_ERROR; + } + + hal_error_t err; + if ((err = hal_modexp_use_modexpng(onoff)) == LIBHAL_OK) + return CLI_OK; + + cli_print(cli, hal_error_string(err)); return CLI_ERROR; } +static int cmd_keywrap_core(struct cli_def *cli, const char *command, char *argv[], int argc) +{ + int onoff; + + if (argc != 1) { + cli_print(cli, "Wrong number of arguments (%i).", argc); + cli_print(cli, "Syntax: %s <on|off>", command); + return CLI_ERROR; + } + + if (strcmp(argv[0], "on") == 0) + onoff = 1; + else if (strcmp(argv[0], "off") == 0) + onoff = 0; + else { + cli_print(cli, "Argument must be 'on' or 'off' - not '%s'", argv[0]); + return CLI_ERROR; + } + + int ret = hal_aes_use_keywrap_core(onoff); + if (ret) + cli_print(cli, "keywrap core enabled"); + else if (onoff) + cli_print(cli, "keywrap core not found"); + else + cli_print(cli, "keywrap core disabled"); + return CLI_OK; +} + void configure_cli_misc(struct cli_def *cli) { struct cli_command *c_keywrap = cli_register_command(cli, NULL, "keywrap", NULL, 0, 0, NULL); @@ -196,7 +274,19 @@ void configure_cli_misc(struct cli_def *cli) /* profile stop */ cli_register_command(cli, c_profile, "stop", cmd_profile_stop, 0, 0, "Stop collecting profiling data"); -#endif +#endif + + struct cli_command *c_rsa = cli_register_command(cli, NULL, "rsa", NULL, 0, 0, NULL); + + /* rsa blinding */ + cli_register_command(cli, c_rsa, "blinding", cmd_rsa_blinding, 0, 0, "Set use of RSA blinding"); + + /* rsa crt */ + cli_register_command(cli, c_rsa, "crt", cmd_rsa_crt, 0, 0, "Set use of RSA CRT"); + + /* rsa modexpng */ + cli_register_command(cli, c_rsa, "modexpng", cmd_rsa_modexpng, 0, 0, "Set use of ModExpNG"); + /* reboot */ cli_register_command(cli, NULL, "reboot", cmd_reboot, 0, 0, "Reboot the STM32"); } |