sw/libhal - Cryptech libhal: crypto software, HSM management, RPC

Age	Commit message (Collapse)	Author
2016-07-05	export RPC_MODE for tests	Paul Selkirk

2016-07-01	generated by cgit v1.2.3 (git 2.25.1) at 2025-04-16 23:32:07 +0000 brute-force attack, and 100k iterations takes almost a minute, which makes a terrible first impression.
2016-06-25	Rename GNUmakefile to Makefile for consistency.	Paul Selkirk

2016-06-24	Support VPATH builds.	Rob Austein

2016-06-24	Merge branch 'master' of git.cryptech.is.:sw/libhal	Fredrik Thulin

2016-06-24	Use hal_error_t as suggested by Rob.	Fredrik Thulin

2016-06-23	ks_flash returns all-ones instead of all-zeros for "blank" memory, cope.	Rob Austein
	This will need refactoring once we have a proper test for whether the HSM is initializing after receiving a fresh software load.
2016-06-23	Preserve externally supplied LDFLAGS value (Lintian whines otherwise).	Rob Austein

2016-06-23	Implement master key for wrapping keys in the keystore.	Fredrik Thulin
	The KEK (Key Encryption Key) is first fetched from the FPGA that gets it from the volatile Master Key Memory (that in theory has tamper*kek_len = len protection with wiping), and secondly from flash. The flash option is meant for development/evaluation use using an Alpha board where the Master Key Memory is not battery backed. For any serious use of an Alpha, an option is to enter the master key into the volatile MKM on each power-on as a way to unlock the keystore.
2016-06-16	Merge branch 'master' into ft-ks_flash	Fredrik Thulin

2016-06-14	Doh, don't build RPC client transport code when we're building the	Rob Austein
	server library, even if the old makefile (sometimes) did do that.
2016-06-14	test-mkmif was missing from .gitignore.	Rob Austein

2016-06-14	Collapse RPC_CLIENT and RPC_SERVER makefile settings into a single RPC_MODE ↵	Rob Austein
	setting.
2016-06-14	Add support for ModExpA7	Paul Selkirk

2016-06-13	Allow NULL der_len parameter in hal-rsa_private_key_to_der().	Rob Austein

2016-06-12	Turn hardware modexp off again, as it has problems with some of the key ↵	Rob Austein
	sizes hsmbully tries.
2016-06-10	Allow host-side libhal build without access to secure hardware to	Rob Austein
	store unencrypted public keys (we don't allow this for private keys). Yet another screwball feature to support PKCS #11, sigh. Anyway, with this change, mixed-mode builds should work again.
2016-06-10	Helps to get the makefile variable names right.	Rob Austein

2016-06-10	Another attempt to clean up the libhal makefile hairball.	Rob Austein

2016-06-09	Fix duplicate dispatch vectors when building for RPC_CLIENT_LOCAL.	Rob Austein

2016-06-09	Typo in SHA-224/SHA-256 software core.	Rob Austein

2016-06-09	some cleanup, and fix delete operation	Fredrik Thulin

2016-06-09	Sort out the redeclaration of HAL_OK with Rob's help.	Fredrik Thulin
	Thanks Rob!
2016-06-09	bugfixes and cleanups, seems to sort-of work now	Fredrik Thulin

2016-06-09	hash.c triggers gcc's strict-aliasing warnings.	Rob Austein

2016-06-08	Implement flash keystore storage. Most of it is still untested.	Fredrik Thulin

2016-06-03	mkmif.o got lost in makefile cleanup (9ad64e1)	Paul Selkirk

2016-06-02	Add RPC client daemon.	Paul Selkirk

2016-06-02	Refactor serial and slip.	Paul Selkirk

2016-06-01	Add hal_rpc_client_close() where needed.	Paul Selkirk

2016-06-01	Make the makefile hopefully a little more readable/maintainable.	Paul Selkirk

2016-05-31	SHA-224 driver and soft core.	Rob Austein

2016-05-31	Conditionalize "mixed" operations so we can build a clean remote client.	Paul Selkirk
	Note that mixed mode doesn't actually work, because aes_keywrap tries to hal_io_write to the AES core.
2016-05-26	correct BPKDF2 -> PBKDF2 ;)	Fredrik Thulin

2016-05-25	Doh, helps if one actually uses the argument one just parsed.	Rob Austein

2016-05-25	PBKDF2 works better if we generate the right number of output bytes.	Rob Austein

2016-05-25	Start cleaning up PIN code.	Rob Austein

2016-05-25	correct PBPDF2 -> PBKDF2	Fredrik Thulin