aboutsummaryrefslogtreecommitdiff
path: root/projects/hsm/hsm.c
AgeCommit message (Collapse)Author
2019-01-12Timing tests for RSA signing and sub-components thereof.Paul Selkirk
This is not the sort of thing that should go anywhere near production code, so it's on a dangling branch. I may rebase it from time to time.
2018-07-25Merge branch 'hashsig'Paul Selkirk
2018-05-20Mutex for RSA blinding factors cache.Rob Austein
2018-04-19Reconstruct the hashsig hash tree(s) on device restart.Paul Selkirk
This can take long enough (several minutes for h=10) that we do it in a background task, which is then converted to an RPC dispatch task. Also add a very limited form of free(), to free the topmost allocation in the sdram "heap". I don't want to deal with real heap management, but I do want to be able to recover memory upon deleting a hashsig key, if it's easy to do so.
2018-04-19Implement hash-based signatures, per draft-mcgrew-hash-sigs-08.txtPaul Selkirk
2018-04-06Merge branch 'profiling'Paul Selkirk
2017-10-17Overhaul UART APIPaul Selkirk
MGMT is the default UART, and no one should have to explicitly refer to the UART unless they need USER (hsm.c:hal_serial_send_char). The default UART is now exposed in the header file, so that the default-using functions can be macros, which saves a few bytes in code space, and a few microseconds in function call overhead.
2017-10-11Cleanup: signed/unsigned mismatches, mostly in loop countersPaul Selkirk
2017-09-07Rebase branch 'profiling' from masterPaul Selkirk
2017-09-07Add task_yield_maybePaul Selkirk
2017-08-31Withdraw SysTick_hook (commit 9ffead1), because it turns out there was ↵Paul Selkirk
already a user-callback mechanism with HAL_SYSTICK_IRQHandler() and HAL_SYSTICK_Callback().
2017-07-31Adapt uart_rx_thread to the post-thread tasking model, because we're stillPaul Selkirk
subject to the same forces that made it a good idea in the first place. commit 2b6b9f8 Change RPC UART to have a high-priority thread monitoring a large(ish) DMA buffer, because we've observed out-of-order receives under load.
2017-05-24Add task_yield_maybePaul Selkirk
2017-05-02Merge branch 'init_cleanup' into no-rtosPaul Selkirk
Clean up Makefiles and initialization code.
2017-04-30Merge branch 'ksng' into no-rtosRob Austein
Required minor manual intervention to resolve merge issues git had no way of understanding: git is clever, but not quite clever enough to understand that a commit in branch had removed the entire RTOS that a commit in the other branch was using. No big deal, just a couple of osDelay() calls needing conversion to HAL_Delay() or task_delay().
2017-04-29Add minimal mutexes to the minimal tasking systemPaul Selkirk
2017-04-27Replace the RTOS with a simple cooperative tasker.Paul Selkirk
There are no priorities and no preemption, so tasks run in a round-robin fashion, and explicitly yield control.
2017-04-26Add support for hal_sleep().Rob Austein
2017-04-17Add a short delay to osMailAlloc, since we're no longer calling it in an ISR.Paul Selkirk
2017-04-01Change RPC UART to have a high-priority thread monitoring a large(ish) DMAPaul Selkirk
buffer, because we've observed out-of-order receives under load.
2017-03-02Try to be a bit more robust in the face of normal errors.Paul Selkirk
If hal_rpc_server_dispatch() returns an XDR decode error because the request packet was too short, don't call Error_Handler() and kill the dispatch thread, just drop the request. Add more ibuf_queue entries, but don't panic and kill the dispatch thread if we can't get one, just drop the incoming character (which will lead to an XDR decode error if/when we finally get an ibuf).
2017-02-02Add locking around keystore operations.Rob Austein
2016-12-19Merge branch 'master' into ksng.Rob Austein
Drag in UART-related changes from master.
2016-09-23Use subsectors instead of sectors in keystore.Rob Austein
2016-09-20Still some problem with uart receive under heavy load, so change to a 2-byte ↵Paul Selkirk
receive buffer with half-complete callbacks, and raise the dma priority.
2016-08-23Multi-client testing revealed race conditions in uart receive codePaul Selkirk
(dropped characters, improper handoff of message buffers). Fixed by a) changing the uart receiver from interrupt to DMA mode, and b) replacing the dispatch mutex and rpc semaphore with a mail queue (memory pool + message queue).
2016-08-11Multiple threads and multiple cores, to deal with multiple clients.Paul Selkirk
2016-07-13probe_cores() finally does the right thing, so we don't have to call it early.Paul Selkirk
2016-07-07Drop bad request packets.Paul Selkirk
Also, if the UART receive callback fails to re-enable receive (because dispatch_thread is in the middle of transmitting a response), signal dispatch_thread to re-enable receive after it's done.
2016-07-07Default to one RPC worker thread.Paul Selkirk
2016-07-06Add uart_set_default() to make debugging output easier.Paul Selkirk
2016-06-30RPC wire format now includes client handle in all requests, and opcode andPaul Selkirk
client handle in all responses.
2016-06-14Import cli-test into hsm pretty much as-is.Paul Selkirk
2016-06-13RSA keygen needs even more stack space than I thought.Paul Selkirk
Also, it turns out the linker wants to include initializers for sdram variables in the .elf and .bin files, even though it should handle it like bss. So now we manage sdram directly with a pseudo-malloc.
2016-06-09Put thread stack buffers in SDRAM, because pkey uses a lot of stack.Paul Selkirk
Also rearchitect the way we handle RPC requests - have a bunch of waiting dispatch threads rather than continually creating and deleting threads.
2016-06-09Rename main.c to hsm.c for consistency and a slightly simpler Makefile.Paul Selkirk