sw/stm32 - Cryptech HSM on STM-32 ARM processor

Age	Commit message (Collapse)	Author
2018-02-26	Implement hash-based signatures, per draft-mcgrew-hash-sigs-08.txt	Paul Selkirk

2017-12-14	Revert a clean up 'fix' which actually broke FPGA upload.	Paul Selkirk

2017-10-17	Overhaul UART API	Paul Selkirk
	MGMT is the default UART, and no one should have to explicitly refer to the UART unless they need USER (hsm.c:hal_serial_send_char). The default UART is now exposed in the header file, so that the default-using functions can be macros, which saves a few bytes in code space, and a few microseconds in function call overhead.
2017-10-15	Cleanup: All drivers return HAL_StatusTypeDef rather than magic values.	Paul Selkirk
	Note: This affects libhal/ks_token.c, which uses the keystore driver directly.
2017-10-11	Cleanup 'unused parameter' warnings, a couple of which are actual coding errors.	Paul Selkirk

2017-10-11	Cleanup: signed/unsigned mismatches, mostly in loop counters	Paul Selkirk

2017-09-21	Make fmc-test less chatty.	Paul Selkirk

2017-08-31	Withdraw SysTick_hook (commit 9ffead1), because it turns out there was ↵	Paul Selkirk
	already a user-callback mechanism with HAL_SYSTICK_IRQHandler() and HAL_SYSTICK_Callback().
2017-07-31	Report UART receive queue length, so we can tune it.	Paul Selkirk

2017-07-31	Adapt uart_rx_thread to the post-thread tasking model, because we're still	Paul Selkirk
	subject to the same forces that made it a good idea in the first place. commit 2b6b9f8 Change RPC UART to have a high-priority thread monitoring a large(ish) DMA buffer, because we've observed out-of-order receives under load.
2017-05-28	Stub out hal_allocate_static_memory() to avoid linker error.	Rob Austein
	This is a quick fix, so that we can get on with testing the ks9 branch changes. A better fix in the long run might be to add a third keystore ("ks_pin_read_only", or some such) which implemented the bare minimum interface that the bootloader needs and left everything else unimplemented. This would require a bit of refactoring the current PIN code to make it work right with both the bootloader's abbreivated keystore and the normal token keystore. Probably worth doing, but a bit of a can of worms, so postponing for now.
2017-05-28	Track API changes in libhal ks9 branch.	Rob Austein

2017-05-02	Merge branch 'init_cleanup' into no-rtos	Paul Selkirk
	Clean up Makefiles and initialization code.
2017-05-01	Addendum to commit e0e97a5: Remove all references to the tasker from cli-test.	Paul Selkirk

2017-04-30	Merge branch 'ksng' into no-rtos	Rob Austein
	Required minor manual intervention to resolve merge issues git had no way of understanding: git is clever, but not quite clever enough to understand that a commit in branch had removed the entire RTOS that a commit in the other branch was using. No big deal, just a couple of osDelay() calls needing conversion to HAL_Delay() or task_delay().
2017-04-29	Add minimal mutexes to the minimal tasking system	Paul Selkirk

2017-04-29	cli-test doesn't use the tasker, even though it might have previously used a ↵	Paul Selkirk
	semaphore from the rtos
2017-04-29	Simplify hsm makefile.	Paul Selkirk

2017-04-29	Port cli-test to the new task API.	Paul Selkirk

2017-04-27	Replace the RTOS with a simple cooperative tasker.	Paul Selkirk
	There are no priorities and no preemption, so tasks run in a round-robin fashion, and explicitly yield control.
2017-04-27	Refactor cryptech_upload to work either directly or via cryptech_muxd.	Rob Austein

2017-04-26	Add support for hal_sleep().	Rob Austein

2017-04-17	Add a short delay to osMailAlloc, since we're no longer calling it in an ISR.	Paul Selkirk

2017-04-17	Merge remote-tracking branch 'origin/uart_rx_thread' into ksng	Paul Selkirk

2017-04-16	Switch to libhal's CRC-32 code.	Rob Austein

2017-04-15	Missing include files, doh.	Rob Austein

2017-04-15	sw/stm32 Makefiles are a mess.	Rob Austein
	Apparently it's easier to duplicate source files into multiple project directories than to write Makefiles that do something sane. Feh.
2017-04-15	Move hal_log() support to separate module.	Rob Austein

2017-04-15	Logging implementation for Alpha hardware.	Rob Austein

2017-04-12	Handle race condition while fetching key metadata for display.	Rob Austein
	Fetching a list of keys and all of their metadata isn't an atomic process, nor, probably, should it be, so we need to cope with things like a key being deleted via the RPC interface while we're fetching its metadata for display on the console interface.
2017-04-11	Track API changes on sw/libhal pkcs8 branch.	Rob Austein

2017-04-01	Change RPC UART to have a high-priority thread monitoring a large(ish) DMA	Paul Selkirk
	buffer, because we've observed out-of-order receives under load.
2017-03-02	Try to be a bit more robust in the face of normal errors.	Paul Selkirk
	If hal_rpc_server_dispatch() returns an XDR decode error because the request packet was too short, don't call Error_Handler() and kill the dispatch thread, just drop the request. Add more ibuf_queue entries, but don't panic and kill the dispatch thread if we can't get one, just drop the incoming character (which will lead to an XDR decode error if/when we finally get an ibuf).
2017-02-23	Add --pin and --quiet options.	Paul Selkirk

2017-02-23	Speed up file upload enormously.	Paul Selkirk
	We need to start with a long serial timeout, in order to catch the reboot messages for a firmware upload (this has to be done through the bootloader). But once we start sending the file, cut the serial timeout to 1ms. (I've tested it down to 1us, but that may not work for everyone, and it doesn't improve performance in a statistically significant way.) This brings the time to upload a 4.5MB bitstream from 38:23 to 1:25.
2017-02-22	Refactor flash code.	Paul Selkirk

2017-02-21	Use libcli return codes where appropriate; show whether PINs are set.	Paul Selkirk

2017-02-21	Use bulk erase in the one place it makes sense.	Paul Selkirk

2017-02-19	Remove unnecessary delays in flash code.	Paul Selkirk

2017-02-19	Simplify spiflash test code slightly, add keystore test code.	Paul Selkirk

2017-02-15	Add performance tests for spiflash_n25q128.c	Paul Selkirk

2017-02-02	Add locking around keystore operations.	Rob Austein

2016-12-23	Don't wrap key number in "keystore show keys".	Rob Austein

2016-12-21	Initialize PINs before trying to use them in bootloader.	Rob Austein

2016-12-21	Rewrite core upload loop to simplify and fix race conditions.	Rob Austein
	The main loop in cryptech_upload:send_file() was much more complicated than necessary, and also contained some hidden assumptions about serial I/O timing which happened to fail on the first two machines I tested. We already had a perfectly good buffered-input function, so rewrote to use that, and simplified control structure in the process. In theory, the new code should work in any environment where the old one did, but this has not yet been confirmed.
2016-12-20	Flush output to serial device after writing.	Rob Austein

2016-12-20	Merge branch 'master' into ksng	Rob Austein
	Bootloader DFU fixes.
2016-12-20	The bootloader upgrade reboots now, so we don't need to log out of the CLI.	Paul Selkirk

2016-12-20	Fix bootloader upload callback routine to write the correct number of bytes ↵	Paul Selkirk
	to flash. While we're at it, propagate error returns.
2016-12-20	cli_receive_data: re-enable UART DMA before returning. Based on Fredrik's ↵	Paul Selkirk
	fix to cli-test, commit ae8ebce.