aboutsummaryrefslogtreecommitdiff
path: root/projects/hsm
AgeCommit message (Collapse)Author
2018-11-26Add loop unrolling to bring the profilable mem* functions closer toPaul Selkirk
newlib, because memset is called a LOT in the course of RSA signing, and we need to understand how much time we're actually spending there.
2018-11-14Increase cli task, and move it to SDRAM, because main RAM is getting full.Paul Selkirk
2018-09-05When erasing the whole keystore, optionally preserve the login PINs.Paul Selkirk
2018-09-04Make parsing and display of masterkey values consistent with one another,Paul Selkirk
so the user might be able to copy and paste a generated key into the CLI for recovery. Display had been a 32-byte hexdump. Parsing (manual re-entry of the KEK) had been 8 32-bit little-endian values. This has been a pain point for literally two years, albeit at a low enough pain level that I've managed to cringe and ignore it.
2018-07-25Merge branch 'hashsig'Paul Selkirk
2018-05-20Mutex for RSA blinding factors cache.Rob Austein
2018-04-19Reconstruct the hashsig hash tree(s) on device restart.Paul Selkirk
This can take long enough (several minutes for h=10) that we do it in a background task, which is then converted to an RPC dispatch task. Also add a very limited form of free(), to free the topmost allocation in the sdram "heap". I don't want to deal with real heap management, but I do want to be able to recover memory upon deleting a hashsig key, if it's easy to do so.
2018-04-19Implement hash-based signatures, per draft-mcgrew-hash-sigs-08.txtPaul Selkirk
2018-04-06Merge branch 'profiling'Paul Selkirk
2017-12-14Revert a clean up 'fix' which actually broke FPGA upload.Paul Selkirk
2017-10-17Overhaul UART APIPaul Selkirk
MGMT is the default UART, and no one should have to explicitly refer to the UART unless they need USER (hsm.c:hal_serial_send_char). The default UART is now exposed in the header file, so that the default-using functions can be macros, which saves a few bytes in code space, and a few microseconds in function call overhead.
2017-10-15Cleanup: All drivers return HAL_StatusTypeDef rather than magic values.Paul Selkirk
Note: This affects libhal/ks_token.c, which uses the keystore driver directly.
2017-10-11Cleanup 'unused parameter' warnings, a couple of which are actual coding errors.Paul Selkirk
2017-10-11Cleanup: signed/unsigned mismatches, mostly in loop countersPaul Selkirk
2017-09-21cleanupPaul Selkirk
2017-09-07Rebase branch 'profiling' from masterPaul Selkirk
2017-09-07Add task_yield_maybePaul Selkirk
2017-09-07Sigh, right offset for the wrong register. Get the PC (the address wePaul Selkirk
interrupted) rather than LR (the return address from the function we interrupted). Also, change u_short and u_int to unsigned short and unsigned int, since gcc recently decided that those aren't part of the C99 standard. Finally, add profilable versions of memcpy, memset, and friends, because they get called a lot in the course of unit testing, and it would be nice to know who's calling them.
2017-09-07Port profiling code, using a new SysTick hook and new CLI commands.Paul Selkirk
2017-09-07Add some task metrics.Paul Selkirk
2017-08-31Withdraw SysTick_hook (commit 9ffead1), because it turns out there was ↵Paul Selkirk
already a user-callback mechanism with HAL_SYSTICK_IRQHandler() and HAL_SYSTICK_Callback().
2017-07-31Report UART receive queue length, so we can tune it.Paul Selkirk
2017-07-31Adapt uart_rx_thread to the post-thread tasking model, because we're stillPaul Selkirk
subject to the same forces that made it a good idea in the first place. commit 2b6b9f8 Change RPC UART to have a high-priority thread monitoring a large(ish) DMA buffer, because we've observed out-of-order receives under load.
2017-05-28Track API changes in libhal ks9 branch.Rob Austein
2017-05-24Add task_yield_maybePaul Selkirk
2017-05-13Merge branch 'task_metrics' into profilingPaul Selkirk
2017-05-10Sigh, right offset for the wrong register. Get the PC (the address wePaul Selkirk
interrupted) rather than LR (the return address from the function we interrupted). Also, change u_short and u_int to unsigned short and unsigned int, since gcc recently decided that those aren't part of the C99 standard. Finally, add profilable versions of memcpy, memset, and friends, because they get called a lot in the course of unit testing, and it would be nice to know who's calling them.
2017-05-05Port profiling code, using a new SysTick hook and new CLI commands.Paul Selkirk
2017-05-03Add some task metrics.Paul Selkirk
2017-05-02Merge branch 'init_cleanup' into no-rtosPaul Selkirk
Clean up Makefiles and initialization code.
2017-04-30Merge branch 'ksng' into no-rtosRob Austein
Required minor manual intervention to resolve merge issues git had no way of understanding: git is clever, but not quite clever enough to understand that a commit in branch had removed the entire RTOS that a commit in the other branch was using. No big deal, just a couple of osDelay() calls needing conversion to HAL_Delay() or task_delay().
2017-04-29Add minimal mutexes to the minimal tasking systemPaul Selkirk
2017-04-29Simplify hsm makefile.Paul Selkirk
2017-04-27Replace the RTOS with a simple cooperative tasker.Paul Selkirk
There are no priorities and no preemption, so tasks run in a round-robin fashion, and explicitly yield control.
2017-04-27Refactor cryptech_upload to work either directly or via cryptech_muxd.Rob Austein
2017-04-26Add support for hal_sleep().Rob Austein
2017-04-17Add a short delay to osMailAlloc, since we're no longer calling it in an ISR.Paul Selkirk
2017-04-17Merge remote-tracking branch 'origin/uart_rx_thread' into ksngPaul Selkirk
2017-04-16Switch to libhal's CRC-32 code.Rob Austein
2017-04-15Missing include files, doh.Rob Austein
2017-04-15sw/stm32 Makefiles are a mess.Rob Austein
Apparently it's easier to duplicate source files into multiple project directories than to write Makefiles that do something sane. Feh.
2017-04-15Move hal_log() support to separate module.Rob Austein
2017-04-15Logging implementation for Alpha hardware.Rob Austein
2017-04-12Handle race condition while fetching key metadata for display.Rob Austein
Fetching a list of keys and all of their metadata isn't an atomic process, nor, probably, should it be, so we need to cope with things like a key being deleted via the RPC interface while we're fetching its metadata for display on the console interface.
2017-04-11Track API changes on sw/libhal pkcs8 branch.Rob Austein
2017-04-01Change RPC UART to have a high-priority thread monitoring a large(ish) DMAPaul Selkirk
buffer, because we've observed out-of-order receives under load.
2017-03-02Try to be a bit more robust in the face of normal errors.Paul Selkirk
If hal_rpc_server_dispatch() returns an XDR decode error because the request packet was too short, don't call Error_Handler() and kill the dispatch thread, just drop the request. Add more ibuf_queue entries, but don't panic and kill the dispatch thread if we can't get one, just drop the incoming character (which will lead to an XDR decode error if/when we finally get an ibuf).
2017-02-23Add --pin and --quiet options.Paul Selkirk
2017-02-23Speed up file upload enormously.Paul Selkirk
We need to start with a long serial timeout, in order to catch the reboot messages for a firmware upload (this has to be done through the bootloader). But once we start sending the file, cut the serial timeout to 1ms. (I've tested it down to 1us, but that may not work for everyone, and it doesn't improve performance in a statistically significant way.) This brings the time to upload a 4.5MB bitstream from 38:23 to 1:25.
2017-02-22Refactor flash code.Paul Selkirk