summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--pelican/content/ASICImplementations.md2
-rw-r--r--pelican/content/AlphaBoardComponents.md14
-rw-r--r--pelican/content/AlphaBoardStrategy.md6
-rw-r--r--pelican/content/AlphaSchematics.md2
-rw-r--r--pelican/content/BerlinWorkshop.md2
-rw-r--r--pelican/content/BuildingFromSource.md4
-rw-r--r--pelican/content/CoretestHashesC5G.md12
-rw-r--r--pelican/content/CoretestHashesNovena.md18
-rw-r--r--pelican/content/DNSSEC.md2
-rw-r--r--pelican/content/DevBridgeBoard.md4
-rw-r--r--pelican/content/DevelopersGuide.md8
-rw-r--r--pelican/content/DisasterRecovery.md4
-rw-r--r--pelican/content/DocMeet.md2
-rw-r--r--pelican/content/Documents.md8
-rw-r--r--pelican/content/ExternalProjects.md2
-rw-r--r--pelican/content/ExternalProjectsTorHSM.md2
-rw-r--r--pelican/content/Hardware.md4
-rw-r--r--pelican/content/InterconnectStandards.md68
-rw-r--r--pelican/content/Joachim%20Str%C3%B6mbergson.md14
-rw-r--r--pelican/content/MiscStuff.md8
-rw-r--r--pelican/content/OpenCryptoChip.md16
-rw-r--r--pelican/content/OpenDNSSEC.md4
-rw-r--r--pelican/content/PostAlphaPlan.md6
-rw-r--r--pelican/content/ProjectArchive.md2
-rw-r--r--pelican/content/ProjectMetadata.md18
-rw-r--r--pelican/content/ProjectStatus.md14
-rw-r--r--pelican/content/QuickStart.md14
-rw-r--r--pelican/content/ReleaseNotes.md6
-rw-r--r--pelican/content/RoughV1.md2
-rw-r--r--pelican/content/SideChannel.md2
-rw-r--r--pelican/content/StateOfPlay.md2
-rw-r--r--pelican/content/TRNGDevelopment.md2
-rw-r--r--pelican/content/UpgradeToKSNG.md6
-rw-r--r--pelican/content/Upgrading.md2
-rw-r--r--pelican/content/UsingSTLink.md2
-rw-r--r--pelican/content/WikiStart.md12
-rwxr-xr-xtrac2md.py167
37 files changed, 226 insertions, 237 deletions
diff --git a/pelican/content/ASICImplementations.md b/pelican/content/ASICImplementations.md
index ba997c7..4990471 100644
--- a/pelican/content/ASICImplementations.md
+++ b/pelican/content/ASICImplementations.md
@@ -23,7 +23,7 @@ features from IEEE 1364-2001 (aka Verilog 2001).
All RTL code is divided into modules that contain one process for register updates and reset (*reg_update*), one or more combinational processes for datapath and support logic such as counters. Finally if needed, each module has a separate process that implements the logic for the final state machine that controls the behaviour of the module.
-All cores are divided into a core, for example *sha256_core.v* and a number of submodules the core instantiates. The core provides raw, wide ports (256 bit wide key for AES for example) that is not suitable to use in a stand alone system. Instead each core comes with a top level wrapper, for example *sha256.v*. This top level wrapper contains all registers and logic needed to provide all functionality of the core via a simple 32-bit memory like interface. If the core is going to be used as a tightly integrated submodule, the wrapper can be discarded. Similarly, if the core is going to be used in a bus system that use a specific bus standard such as AMBA AHB, CoreConnect or WISHBONE, only the top level wrapper will be needed to be replaced or modified to match the desired bus standard.
+All cores are divided into a core, for example *sha256_core.v* and a number of submodules the core instantiates. The core provides raw, wide ports (256 bit wide key for AES for example) that is not suitable to use in a stand alone system. Instead each core comes with a top level wrapper, for example *sha256.v*. This top level wrapper contains all registers and logic needed to provide all functionality of the core via a simple 32-bit memory like interface. If the core is going to be used as a tightly integrated submodule, the wrapper can be discarded. Similarly, if the core is going to be used in a bus system that use a specific bus standard such as AMBA AHB, [CoreConnect](CoreConnect.md) or WISHBONE, only the top level wrapper will be needed to be replaced or modified to match the desired bus standard.
The RTL code does not explicitly instantiate any hard macros such as
memories, multipliers, etc. Instead all such functions are left to the
diff --git a/pelican/content/AlphaBoardComponents.md b/pelican/content/AlphaBoardComponents.md
index fe6ac6b..f23477a 100644
--- a/pelican/content/AlphaBoardComponents.md
+++ b/pelican/content/AlphaBoardComponents.md
@@ -7,7 +7,7 @@ This document contains a list of component level description and requirements fo
The document is to be used as a BOM (Bill Of Materials) and PCB design requirement description for discussing with PCB designers on what we want to have designed.
-The block diagram for the Alpha board can be seen at: [Hardware](Hardware)
+The block diagram for the Alpha board can be seen at: [Hardware](Hardware.md)
The Alpha board basically consists of three major sub systems:
@@ -31,7 +31,7 @@ The Alpha board basically consists of three major sub systems:
The Alpha board should preferably be a single board with all three sub systems on the same board.
-We are currently using the [Novena] board, and the Alpha board CPU Sub System functionality from is based on the Novena. We also have a trust in the [http://www.imx6rex.com/ "iMX6 Rex"](http://www.kosagi.com/w/index.php?title=Novena_Main_Page) board. Using the the Novena and/or iMX6 Rex as basis for the Alpha board design might (should) be a good way forward.
+We are currently using the [Novena](http://www.kosagi.com/w/index.php?title=Novena_Main_Page) board, and the Alpha board CPU Sub System functionality from is based on the Novena. We also have a trust in the [iMX6 Rex](http://www.imx6rex.com/) board. Using the the Novena and/or iMX6 Rex as basis for the Alpha board design might (should) be a good way forward.
### Authors and timeline/revision history
@@ -106,7 +106,7 @@ The FPGA pad layout should be compatible with the Xilinx Artix-7 FGG484 used by
* Suggestion for FPGA config memory is [M25P128 EEPROM from Micron](http://www.micron.com/parts/nor-flash/serial-nor-flash/m25p128-vme6gb), with a jumper controlling the write-enable pin.
-* Suggested MUX is the Quad 2-channel Analog Switch: ON Semi. MC14551B [http://www.onsemi.com/pub_link/Collateral/MC14551B-D.PDF](http://www.onsemi.com/pub_link/Collateral/MC14551B-D.PDF)
+* Suggested MUX is the Quad 2-channel Analog Switch: ON Semi. MC14551B [http://www.onsemi.com/pub_link/Collateral/MC14551B-D.PDF]
@@ -130,13 +130,13 @@ Suggested components for the MKM and the switch:
* Memory: Microchip serial SRAM. 23A640, 8 kByte, 8-TSSOP or 8-SOIC
-[http://ww1.microchip.com/downloads/en/DeviceDoc/22127a.pdf](http://ww1.microchip.com/downloads/en/DeviceDoc/22127a.pdf)
+[http://ww1.microchip.com/downloads/en/DeviceDoc/22127a.pdf]
* Quad 2-channel Analog Switch: ON Semi. MC14551B
-[http://www.onsemi.com/pub_link/Collateral/MC14551B-D.PDF](http://www.onsemi.com/pub_link/Collateral/MC14551B-D.PDF)
+[http://www.onsemi.com/pub_link/Collateral/MC14551B-D.PDF]
### Entropy Sources
@@ -201,9 +201,9 @@ The STM32 CPU supports two separate SDRAM banks. We use both of them with as big
* Suggested chip: Microchip MCP79411 or MCP79412 connected to the CPU via I2C.
- [http://www.microchip.com/wwwproducts/Devices.aspx?product=MCP79411](http://www.microchip.com/wwwproducts/Devices.aspx?product=MCP79411)
+ [http://www.microchip.com/wwwproducts/Devices.aspx?product=MCP79411]
- [http://ww1.microchip.com/downloads/en/DeviceDoc/20002266G.pdf](http://ww1.microchip.com/downloads/en/DeviceDoc/20002266G.pdf)
+ [http://ww1.microchip.com/downloads/en/DeviceDoc/20002266G.pdf]
This chip requires an external 32 kHz crystal.
diff --git a/pelican/content/AlphaBoardStrategy.md b/pelican/content/AlphaBoardStrategy.md
index bfe04bf..fc20bd8 100644
--- a/pelican/content/AlphaBoardStrategy.md
+++ b/pelican/content/AlphaBoardStrategy.md
@@ -9,8 +9,8 @@ Develop a first, custom HSM board that can be used to support a first set of app
* The use cases and requirements for the alpha board are specified on the [Dashboard](http://trac.cryptech.is/wiki/Dashboard).
-* The basic blocks of the Alpha board is [shown here](Hardware).
-* The [BOM and component requirements](AlphaBoardComponents).
+* The basic blocks of the Alpha board is [shown here](Hardware.md).
+* The [BOM and component requirements](AlphaBoardComponents.md).
* The detailed [Alpha board functional drawing](http://trac.cryptech.is/browser/doc/design/Alpha_board_drawing.pdf).
@@ -18,7 +18,7 @@ Develop a first, custom HSM board that can be used to support a first set of app
## Plan
1. Choose FPGA and ARM (done)
2. Develop BOM, requirements and functional diagram (done-ish).
-3. Develop complete [schematics](AlphaSchematics) (almost done).
+3. Develop complete [schematics](AlphaSchematics.md) (almost done).
4. Develop dev-board ouorselves to connect chosen ARM to FPGA on Novena, to do some early development and testing in parallell with step 5.
5. Get professional designer to do many-layer PCB from schematics.
6. Manufacture a couple of boards (~10).
diff --git a/pelican/content/AlphaSchematics.md b/pelican/content/AlphaSchematics.md
index dff17aa..e08942a 100644
--- a/pelican/content/AlphaSchematics.md
+++ b/pelican/content/AlphaSchematics.md
@@ -10,4 +10,4 @@ PDF and Eagle files available for download here in the [hardware](source:/hardwa
The schematics are based on the dev-bridge board that we made in the summer of 2015, which is why it is called rev02.
-We are currently seeking review of the schematics to finalize them before starting layout. A log of various peoples review comments is kept [here](AlphaReviewLog).
+We are currently seeking review of the schematics to finalize them before starting layout. A log of various peoples review comments is kept [here](AlphaReviewLog.md).
diff --git a/pelican/content/BerlinWorkshop.md b/pelican/content/BerlinWorkshop.md
index d038a01..18692ec 100644
--- a/pelican/content/BerlinWorkshop.md
+++ b/pelican/content/BerlinWorkshop.md
@@ -29,7 +29,7 @@ Alpha Board cost: if you are an alpha tester and plan to take an alpha board hom
| | - PKCS11, client-side software, how to configure the board (attachment:2016-07-15-berlin-fw.pdf)
| 1100 | Break
| 1130 | Hands-on testing
-| | - get binary packages running on participants' own laptops ([BinaryPackages](BinaryPackages))
+| | - get binary packages running on participants' own laptops ([BinaryPackages](BinaryPackages.md))
| | - [OpenDNSSEC](OpenDNSSEC) is a guide for how to initialize a rev03 board and use it to sign a zone using OpenDNNSSEC - use as a baseline for own testing and experimentation with PKCS11-based applications.
| 1230 | Buffet lunch
| 1330 | Hands-on testing continues
diff --git a/pelican/content/BuildingFromSource.md b/pelican/content/BuildingFromSource.md
index 6d79d7d..e17fc16 100644
--- a/pelican/content/BuildingFromSource.md
+++ b/pelican/content/BuildingFromSource.md
@@ -20,7 +20,7 @@ code then run make", but the details differ.
We check out copies of all the several dozen separate repositories and
carefully arrange them in a tree structure which matches the official
naming scheme. Yes, really. It's tedious, but we have
-[export:/user/sra/build-tools/https-sync-repos.py a script to automate this].
+[a script to automate this](export:/user/sra/build-tools/https-sync-repos.py).
Be warned that this script is a kludge which relies on parsing
XML from this Wiki; this is nasty, but reasonably stable, because the
XML itself is generated by another script.
@@ -39,7 +39,7 @@ goo necessary to make the whole thing work. Do `git help submodule`
for an introduction to git's submodule mechanism.
With this model, one just checks out a copy of
-[source:/releng/alpha the superrepository],
+[the superrepository](source:/releng/alpha),
runs `make` in its top directory, and eventually
the complete package pops out the other side.
diff --git a/pelican/content/CoretestHashesC5G.md b/pelican/content/CoretestHashesC5G.md
index db195ad..57c0310 100644
--- a/pelican/content/CoretestHashesC5G.md
+++ b/pelican/content/CoretestHashesC5G.md
@@ -40,24 +40,24 @@ SHA-1 and SHA-256 hash functions from a host computer via a serial
interface connected to a FPGA device. The subsystem consists of:
-- [browser:/core/sha1 "sha1"]: A HW implementation of the SHA-1 hash function.
+- [sha1](browser:/core/sha1): A HW implementation of the SHA-1 hash function.
-- [browser:/core/sha256 "sha56"]: A HW implementation of the SHA-256 hash function.
+- [sha56](browser:/core/sha256): A HW implementation of the SHA-256 hash function.
-- [browser:/core/coretest "coretest"]: A command parser that accepts read/write commands from a
+- [coretest](browser:/core/coretest): A command parser that accepts read/write commands from a
host, executes the commands and sends the response.
-- [browser:/core/usrt "uart"]: A simple serial interface that connects coretest to the host.
+- [uart](browser:/core/usrt): A simple serial interface that connects coretest to the host.
-- [browser:/core/coretest_hashes "coretest_hashes"]: A top level wrapper that connects all the cores as
+- [coretest_hashes](browser:/core/coretest_hashes): A top level wrapper that connects all the cores as
well as connecting the rxd and txd ports on the uart to external pins as well as clk and reset. This core repo also contains the Python command line program hash_tester we will be using to talk to coretester and perform tests of the sha1 and sha256 cores.
@@ -417,7 +417,7 @@ hash_tester.py
This is a Python2.x program that uses Pyserial [5] to open up a serial
port and talk to coretest via the uart. The command and response format
used is a very simple byte oriented format. For more info, see the
-README.md in [browser:/core/coretest "the top of coretest"].
+README.md in [the top of coretest](browser:/core/coretest).
The program hash_tester.py needs to know which serial interface to
use. This is defined in the main() function (yes, VERY ugly). You will
diff --git a/pelican/content/CoretestHashesNovena.md b/pelican/content/CoretestHashesNovena.md
index fbc40c6..9a8ab57 100644
--- a/pelican/content/CoretestHashesNovena.md
+++ b/pelican/content/CoretestHashesNovena.md
@@ -13,7 +13,7 @@ Cryptech subsystem on a Novena PVT1 development board.
<img src="http://bunniefoo.com/novena/pvt1_release/novena_pvt1e_top_sm.jpg">
-It is a small single-board Linux PC, which happens to include a Xilinx [Spartan-6 FPGA]. This, together with the TerasIC [http://trac.cryptech.is/wiki/CoretestHashesC5G Cyclone 5 GX](http://www.xilinx.com/products/silicon-devices/fpga/spartan-6/lx.html), is what we are using to develop and test the Cryptech cores.
+It is a small single-board Linux PC, which happens to include a Xilinx [Spartan-6 FPGA](http://www.xilinx.com/products/silicon-devices/fpga/spartan-6/lx.html). This, together with the TerasIC [Cyclone 5 GX](http://trac.cryptech.is/wiki/CoretestHashesC5G), is what we are using to develop and test the Cryptech cores.
The Novena includes an HDMI adapter and two USB ports, so you can plug in a monitor, keyboard, and mouse, and have a graphical desktop environment. However, I prefer to run it headless, and ssh to it. To ssh to the Novena, you need to know its IP address, which means you need to either statically configure it, or you need to assign it an address in your DHCP server.
@@ -41,31 +41,31 @@ of the SHA-1 and SHA-2 hash functions from the host computer via an
I2C serial bus. The subsystem consists of:
-- [browser:/core/sha1 sha1]: A HW implementation of the SHA-1 hash function.
+- [sha1](browser:/core/sha1): A HW implementation of the SHA-1 hash function.
-- [browser:/core/sha256 sha256]: A HW implementation of the SHA-256 hash
+- [sha256](browser:/core/sha256): A HW implementation of the SHA-256 hash
function.
-- [browser:/core/sha512 sha512]: A HW implementation of the SHA-512 hash
+- [sha512](browser:/core/sha512): A HW implementation of the SHA-512 hash
function.
-- [browser:/core/coretest coretest]: A command parser that accepts read/write
+- [coretest](browser:/core/coretest): A command parser that accepts read/write
commands from a host, executes the commands and sends the response.
-- [browser:/core/i2c i2c]: A serial interface that connects coretest to the
+- [i2c](browser:/core/i2c): A serial interface that connects coretest to the
host.
-- [browser:/core/novena novena]: A top-level wrapper that connects all
+- [novena](browser:/core/novena): A top-level wrapper that connects all
the cores, and connects i2c to external pins as well as clk and
reset. This repo also contains userland software that talks to
@@ -112,7 +112,7 @@ Step-by-step installation:
Well, not quite. You will need to convince the ISE that you have a license.
-On the page [http://www.xilinx.com/products/design-tools/ise-design-suite/ise-webpack.htm](http://www.xilinx.com/products/design-tools/ise-design-suite/ise-webpack.htm) click on the `Licensing Solutions` link. On the resulting page, expand the section `Obtain a license for Free or Evaluation product`. To download the ISE Webpack, you should have created an account, so now you can go to the Licensing Site and use that account to create a Certificate Based License.
+On the page [http://www.xilinx.com/products/design-tools/ise-design-suite/ise-webpack.htm] click on the `Licensing Solutions` link. On the resulting page, expand the section `Obtain a license for Free or Evaluation product`. To download the ISE Webpack, you should have created an account, so now you can go to the Licensing Site and use that account to create a Certificate Based License.
You do not need to go through the HostID dance, just say Do It. You will then receive a certificate in email (not an X.509 certificate) which you will be able to use. Then start the ISE Webpack by issuing the command `ise`. Go to the Help menu and `Manage Licenses`. Use the resulting new License Manager window to install the .lic file. This process is complex and flakey.
@@ -217,7 +217,7 @@ The expected build time should be something like 5 and 10 minutes, depending on
Some measured build times for the design:
- - 5,30 minutes on MacbookPro 2013 with tools in 64-bit SUSE Linux in VM
+ - 5,30 minutes on [MacbookPro](MacbookPro.md) 2013 with tools in 64-bit SUSE Linux in VM
- 9,20 minutes on AMD A10-6800K with tools in Windows 7 in Virtualbox VM with one CPU core and 4 GByte RAM.
diff --git a/pelican/content/DNSSEC.md b/pelican/content/DNSSEC.md
index abe25b2..471b378 100644
--- a/pelican/content/DNSSEC.md
+++ b/pelican/content/DNSSEC.md
@@ -5,4 +5,4 @@ Date: 2016-12-15 22:43
# DNSSEC
-- [DNSSEC Requirements](DNSSEC/Requirements)
+- [DNSSEC Requirements](DNSSEC/Requirements.md)
diff --git a/pelican/content/DevBridgeBoard.md b/pelican/content/DevBridgeBoard.md
index 54bdcd0..a3e753e 100644
--- a/pelican/content/DevBridgeBoard.md
+++ b/pelican/content/DevBridgeBoard.md
@@ -6,7 +6,7 @@ Modified: 2021-02-14 17:30
# dev-bridge board
-In the process of developing the [AlphaBoardComponents](AlphaBoardComponents) design, the project has made what is known as the "dev-bridge board".
+In the process of developing the [AlphaBoardComponents](AlphaBoardComponents.md) design, the project has made what is known as the "dev-bridge board".
This is a board, 100x70 mm, with about 2/3 of the components intended to be on the Alpha design. What is missing is basically the FPGA and it's supporting circuits.
@@ -42,4 +42,4 @@ you want to avoid scraping them with the bolt head or the nut. I happen to
be using a countersink-head bolt, which is beveled toward the shaft, but
it's probably even better to use a nylon washer.
-All the software, as well as flashing instructions, are at [GitRepositories/sw/stm32](GitRepositories/sw/stm32).
+All the software, as well as flashing instructions, are at [GitRepositories/sw/stm32](GitRepositories/sw/stm32.md).
diff --git a/pelican/content/DevelopersGuide.md b/pelican/content/DevelopersGuide.md
index 438807e..5a9844d 100644
--- a/pelican/content/DevelopersGuide.md
+++ b/pelican/content/DevelopersGuide.md
@@ -8,14 +8,14 @@ Date: 2016-12-15 22:39
## Architecture
-* OpenCryptoChip
-* NoisyDiode
-* AlphaBoard
+* [OpenCryptoChip](OpenCryptoChip.md)
+* [NoisyDiode](NoisyDiode.md)
+* [AlphaBoard](AlphaBoard.md)
## Known Limitations
-* AssuredTooChain
+* [AssuredTooChain](AssuredTooChain.md)
diff --git a/pelican/content/DisasterRecovery.md b/pelican/content/DisasterRecovery.md
index 1c2ba6f..2fae666 100644
--- a/pelican/content/DisasterRecovery.md
+++ b/pelican/content/DisasterRecovery.md
@@ -22,7 +22,7 @@ PIN: <your-wheel-pin>
### Recovering from a bad bootloader install
Well, now you've done it. You'll need to buy an ST-LINK programmer.
-See [UsingSTLink](UsingSTLink).
+See [UsingSTLink](UsingSTLink.md).
## Oh no, I'm locked out of my device
@@ -33,7 +33,7 @@ best case scenario. Log in as wheel with the default PIN
able to reset the PINs.
If you forgot the PIN, I feel sorry for you. The only way out of this is
-via [ST-LINK](UsingSTLink). The easiest way is to debug with `gdb`, set a breakpoint on
+via [ST-LINK](UsingSTLink.md). The easiest way is to debug with `gdb`, set a breakpoint on
`hal_rpc_login`, and issue the gdb command `return 0`.
## Oh no, I forgot (or reset) the master key
diff --git a/pelican/content/DocMeet.md b/pelican/content/DocMeet.md
index fa460b0..f7e31c4 100644
--- a/pelican/content/DocMeet.md
+++ b/pelican/content/DocMeet.md
@@ -13,4 +13,4 @@ Date: 2016-12-15 22:39
## Documents
* [140109.cryptech.pdf Presentation - Overview of Project with Funding Requests]({attach}DocMeet/140109.cryptech.pdf)
-* [141002.cryptech-iij.pdf CrypTech Presentation at Open IIJ Seminar]({attach}DocMeet/141002.cryptech-iij.pdf)
+* [attachment:141002.cryptech-iij.pdf 141002.cryptech-iij.pdf [CrypTech](CrypTech.md) Presentation at Open IIJ Seminar]
diff --git a/pelican/content/Documents.md b/pelican/content/Documents.md
index 6052d99..f5fe104 100644
--- a/pelican/content/Documents.md
+++ b/pelican/content/Documents.md
@@ -13,14 +13,14 @@ Remember that links from this page to files in git repositories should use the "
```
-[RandomnessTesting Randomness Testing Tools]
+[Randomness Testing Tools](RandomnessTesting.md)
-[AlphaBoardStrategy Alpha board strategy]
+[Alpha board strategy](AlphaBoardStrategy.md)
-[export:/doc/design/Alpha_board_drawing.pdf "Alpha board drawing"]
+[Alpha board drawing](export:/doc/design/Alpha_board_drawing.pdf)
-[AlphaBoardPictures Alpha board pictures]
+[Alpha board pictures](AlphaBoardPictures.md)
Placeholder until somebody fills this in with something else interesting.
diff --git a/pelican/content/ExternalProjects.md b/pelican/content/ExternalProjects.md
index 30ffa38..4c353ba 100644
--- a/pelican/content/ExternalProjects.md
+++ b/pelican/content/ExternalProjects.md
@@ -6,4 +6,4 @@ Modified: 2018-09-17 10:27
External projects using [CrypTech](https://cryptech.is/) technology.
-* [TorHSM](ExternalProjectsTorHSM)
+* [TorHSM](ExternalProjectsTorHSM.md)
diff --git a/pelican/content/ExternalProjectsTorHSM.md b/pelican/content/ExternalProjectsTorHSM.md
index 46fe696..e9c9da5 100644
--- a/pelican/content/ExternalProjectsTorHSM.md
+++ b/pelican/content/ExternalProjectsTorHSM.md
@@ -90,6 +90,6 @@ The system at MS6 (to MS8) does not make any part of the process worse from a //
* [Tor directory protocol, version 3](https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt)
-* [CrypTech Alpha system](https://www.crowdsupply.com/cryptech/open-hardware-security-module)
+* [https://www.crowdsupply.com/cryptech/open-hardware-security-module [CrypTech](CrypTech.md) Alpha system]
diff --git a/pelican/content/Hardware.md b/pelican/content/Hardware.md
index 633e90b..17bf827 100644
--- a/pelican/content/Hardware.md
+++ b/pelican/content/Hardware.md
@@ -10,7 +10,7 @@ Various generic FPGA development boards.
## Generation 2
-//[Novena](CoretestHashesNovena)//
+//[Novena](CoretestHashesNovena.md)//
## Generation 3
@@ -29,4 +29,4 @@ For the ARM, we think we want
* All components must be free of any GPL-like virus or restrictions
-[The BOM and board requirements for the alpha board](AlphaBoardComponents).
+[The BOM and board requirements for the alpha board](AlphaBoardComponents.md).
diff --git a/pelican/content/InterconnectStandards.md b/pelican/content/InterconnectStandards.md
index ee13711..11a547c 100644
--- a/pelican/content/InterconnectStandards.md
+++ b/pelican/content/InterconnectStandards.md
@@ -54,10 +54,10 @@ There are also non-technical differences:
## Description of Standards
### AMBA
-AMBA (Advanced Microcontroller Bus Architecture) [#fn1 (1)], [#fn2 (2)] is a family of
+AMBA (Advanced Microcontroller Bus Architecture) [(1)](#fn1), [(2)](#fn2) is a family of
interconnect standards from ARM Ltd. AMBA is widely used in systems
implemented in ASICs (for example mobile phone platforms), but are also
-used in FPGAs. AMBA is for example used by the LEON [#fn3 (3)] processor
+used in FPGAs. AMBA is for example used by the LEON [(3)](#fn3) processor
cores and subsystem GRLIB.
AMBA currently contains four main interconnect types:
@@ -90,9 +90,9 @@ things like tracing etc.)
The license model for AMBA is _Open_ according to ARM. This seems to
mean that one can use AMBA to build a system. But at the same time, ARM
has intellectual properties to parts of the technology as well as
-trademarks. For more information on ARM licensing, see [#fn4 (4)].
+trademarks. For more information on ARM licensing, see [(4)](#fn4).
-The OpenCores project [#fn7 (7)] lists several cores as well as tools for
+The OpenCores project [(7)](#fn7) lists several cores as well as tools for
different AMBA interconnect types.
Pros:
@@ -123,9 +123,9 @@ Cons:
### Avalon
-Avalon [#fn5 (5)] is a proprietary switch fabric interconnect from Altera
+Avalon [(5)](#fn5) is a proprietary switch fabric interconnect from Altera
corporation. It is used in systems developed using the Altera Nios-II
-[#fn6 (6)] family of soft processor cores and related peripherals.
+[(6)](#fn6) family of soft processor cores and related peripherals.
According to Altera, the license for Avalon is open: "Avalon interfaces
are an open standard. No license or royalty is required to develop and
@@ -133,7 +133,7 @@ sell products that use, or are based on Avalon interfaces."
As far as we can discern, Avalon is not generally used outside of Altera
based designs and not supported by a large group of third party
-vendors. The OpenCores project lists only a few cores that uses Avalon
+vendors. The [OpenCores](OpenCores.md) project lists only a few cores that uses Avalon
as interface standard.
=
@@ -159,15 +159,15 @@ Cons:
### CoreConnect
-CoreConnect [#fn8 (8)] is an interconnect standard initially developed by
+CoreConnect [(8)](#fn8) is an interconnect standard initially developed by
IBM. The standard is now used by several vendors, for example the
-FPGA-vendor Xilinx[#fn9 (9)].
+FPGA-vendor Xilinx[(9)](#fn9).
Similarly to AMBA, CoreConnect contains several types of buses providing
simple peripheral access (DCR), high speed access for processor based
systems (OPB), as well as multicore solutions (PLB).
-The license for CoreConnect is granted by IBM [#fn10 (10)]. The license seems to be
+The license for CoreConnect is granted by IBM [(10)](#fn10). The license seems to be
an AS IS-license, but contains a lot of other regulations. IBM holds a
number of patents related to CoreConnect (see the license agreement).
@@ -184,9 +184,9 @@ Cons:
### OCP
-The Open Core Protocol [#fn11 (11)] is a vendor neutral open interconnect standard
-being developed by the EDA standards organisation Accellera [#fn12 (12)]. The
-standards was previously developed by the vendor organisation OCP-IP [#fn13 (13)],
+The Open Core Protocol [(11)](#fn11) is a vendor neutral open interconnect standard
+being developed by the EDA standards organisation Accellera [(12)](#fn12). The
+standards was previously developed by the vendor organisation OCP-IP [(13)](#fn13),
but were transferred to Accellera in October 2013.
Like AMBA, OCP contains a wide range of interconnect types from simple
@@ -198,7 +198,7 @@ very few open cores using OCP. OpenCores only lists a few cores and
they are all bridges used to connect OCP to AMBA or Wishbone.
The license for accessing the specification itself is an amended AS
-IS-type license[#fn14 (14)]. The license for the interconnect seems to be rather
+IS-type license[(14)](#fn14). The license for the interconnect seems to be rather
open.
Pros:
@@ -213,7 +213,7 @@ Cons:
### Wishbone
-Wishbone [#fn15 (15)][#fn16 (16)] (often written WISHBONE) is an open interconnect
+Wishbone [(15)](#fn15)[(16)](#fn16) (often written WISHBONE) is an open interconnect
standard developed by members of the OpenCore project as an alternative
to commercial solutions - primarily AMBA.
@@ -228,7 +228,7 @@ well as creating a Wishbone connected system with different types of
interconnect solutions.
The main use is related to the OpenRISC CPU core platform
-[#fn17 (17)][#fn18 (18)]. OpenCores lists a huge selection of cores with Wishbone
+[(17)](#fn17)[(18)](#fn18). OpenCores lists a huge selection of cores with Wishbone
support. The majority of these cores have LGPL and GPL licenses. There
are also third party commercial vendors that support Wishbone cores and
systems.
@@ -274,41 +274,41 @@ and thus reduce the interest Cryptech as a HSM solution.
## References
-[=#fn1 (1)] https://en.wikipedia.org/wiki/Advanced_Microcontroller_Bus_Architecture
+[(1)](=#fn1) https://en.wikipedia.org/wiki/Advanced_Microcontroller_Bus_Architecture
-[=#fn2 (2)] http://www.arm.com/products/system-ip/amba/amba-open-specifications.php
+[(2)](=#fn2) http://www.arm.com/products/system-ip/amba/amba-open-specifications.php
-[=#fn3 (3)] https://en.wikipedia.org/wiki/LEON
+[(3)](=#fn3) https://en.wikipedia.org/wiki/LEON
-[=#fn4 (4)] http://www.arm.com/products/system-ip/amba/index.php?tab=AMBA+Trademark+Guidelines
+[(4)](=#fn4) http://www.arm.com/products/system-ip/amba/index.php?tab=AMBA+Trademark+Guidelines
-[=#fn5 (5)] http://www.altera.com/literature/manual/mnl_avalon_spec.pdf
+[(5)](=#fn5) http://www.altera.com/literature/manual/mnl_avalon_spec.pdf
-[=#fn6 (6)] http://www.altera.com/devices/processor/nios2/ni2-index.html
+[(6)](=#fn6) http://www.altera.com/devices/processor/nios2/ni2-index.html
-[=#fn7 (7)] http://opencores.org/
+[(7)](=#fn7) http://opencores.org/
-[=#fn8 (8)] https://en.wikipedia.org/wiki/CoreConnect
+[(8)](=#fn8) https://en.wikipedia.org/wiki/CoreConnect
-[=#fn9 (9)] http://www.xilinx.com/products/intellectual-property/dr_pcentral_coreconnect.htm
+[(9)](=#fn9) http://www.xilinx.com/products/intellectual-property/dr_pcentral_coreconnect.htm
-[=#fn10 (10)] http://www.xilinx.com/ipcenter/doc/ibm_click_core_connect_license.pdf
+[(10)](=#fn10) http://www.xilinx.com/ipcenter/doc/ibm_click_core_connect_license.pdf
-[=#fn11 (11)] https://en.wikipedia.org/wiki/Open_Core_Protocol
+[(11)](=#fn11) https://en.wikipedia.org/wiki/Open_Core_Protocol
-[=#fn12 (12)] https://en.wikipedia.org/wiki/Accellera
+[(12)](=#fn12) https://en.wikipedia.org/wiki/Accellera
-[=#fn13 (13)] http://www.ocpip.org/
+[(13)](=#fn13) http://www.ocpip.org/
-[=#fn14 (14)] http://www.ocpip.org/license_signup.php
+[(14)](=#fn14) http://www.ocpip.org/license_signup.php
-[=#fn15 (15)] http://opencores.org/opencores,wishbone
+[(15)](=#fn15) http://opencores.org/opencores,wishbone
-[=#fn16 (16)] https://en.wikipedia.org/wiki/Wishbone_(computer_bus)
+[(16)](=#fn16) https://en.wikipedia.org/wiki/Wishbone_(computer_bus)
-[=#fn17 (17)] http://openrisc.net/
+[(17)](=#fn17) http://openrisc.net/
-[=#fn18 (18)] http://opencores.org/or1k/Main_Page
+[(18)](=#fn18) http://opencores.org/or1k/Main_Page
## Copyright and License
diff --git a/pelican/content/Joachim%20Str%C3%B6mbergson.md b/pelican/content/Joachim%20Str%C3%B6mbergson.md
index da3d55a..f8490fc 100644
--- a/pelican/content/Joachim%20Str%C3%B6mbergson.md
+++ b/pelican/content/Joachim%20Str%C3%B6mbergson.md
@@ -21,8 +21,8 @@ Date: 2016-12-15 22:54
## Work Notes
### Presentations from meeting 2014-03-10 (updated and extended):
-* [browser:/doc/presentations/Cryptech_HW_status_2014-03-10.pdf "Cryptech HW status 2014-03-10"]
-* [browser:/doc/presentations/Cryptech_TRNG_Ideas_2014-03-17.pdf "Cryptech TRNG Ideas 2014-03-17"]
+* [Cryptech HW status 2014-03-10](browser:/doc/presentations/Cryptech_HW_status_2014-03-10.pdf)
+* [Cryptech TRNG Ideas 2014-03-17](browser:/doc/presentations/Cryptech_TRNG_Ideas_2014-03-17.pdf)
### Open EDA Tools
@@ -35,9 +35,9 @@ Date: 2016-12-15 22:54
We need to create an accelerator or possibly a complete implementation of the Curve25519 EC based DH-excgange. We should be able to look at some previous work:
-* http://eprint.iacr.org/2013/375 - NaCl on 8-Bit AVR Microcontrollers. Includes an iterative implementation of Curve25519
+* http://eprint.iacr.org/2013/375 - [NaCl](NaCl.md) on 8-Bit AVR Microcontrollers. Includes an iterative implementation of Curve25519
* http://cryptojedi.org/crypto/index.shtml - The code to the implementation
-* http://nacl.cr.yp.to/ - The main NaCl library by DJB.
+* http://nacl.cr.yp.to/ - The main [NaCl](NaCl.md) library by DJB.
* http://cr.yp.to/ecdh/curve25519-20060209.pdf - The Curve25519 paper by DJB.
@@ -197,7 +197,7 @@ Technology
- Toolchains and languages
- SW
- HW
- - Verilog 2001, 2005, SystemVerilog
+ - Verilog 2001, 2005, [SystemVerilog](SystemVerilog.md)
- Icarus, gplcver
- Vendor specific
- Validation of bitstream
@@ -223,7 +223,7 @@ Technology
- Reuse of existing design, code?
- - Cores - OpenCores
+ - Cores - [OpenCores](OpenCores.md)
- OpenRISC
- AES, SHA, RSA
- SoftHSM - DNSSEC PKCS#11
@@ -331,7 +331,7 @@ Documentation
-------------
- Meetings
- - Discussions, MoMs
+ - Discussions, [MoMs](MoMs.md)
- Decisiona - motivation
diff --git a/pelican/content/MiscStuff.md b/pelican/content/MiscStuff.md
index 8363780..4c619c0 100644
--- a/pelican/content/MiscStuff.md
+++ b/pelican/content/MiscStuff.md
@@ -9,15 +9,15 @@ Advisory board, reviewers etc.
### Elliptic Curves
-* [http://safecurves.cr.yp.to/](http://safecurves.cr.yp.to/). Including Curve3617.
-* [http://www.nsa.gov/ia/_files/nist-routines.pdf](http://www.nsa.gov/ia/_files/nist-routines.pdf). Details for implementing NIST curves.
-* [http://blog.cr.yp.to/20140323-ecdsa.html](http://blog.cr.yp.to/20140323-ecdsa.html) djb on How to design an elliptic-curve signature system
+* [http://safecurves.cr.yp.to/]. Including Curve3617.
+* [http://www.nsa.gov/ia/_files/nist-routines.pdf]. Details for implementing NIST curves.
+* [http://blog.cr.yp.to/20140323-ecdsa.html] djb on How to design an elliptic-curve signature system
### Side channel attacks
-* [http://www.cl.cam.ac.uk/~sps32/](http://www.cl.cam.ac.uk/~sps32/), Dr Sergei Skorobogatov
+* [http://www.cl.cam.ac.uk/~sps32/], Dr Sergei Skorobogatov
* [BSI - Minimum Requirements for Evaluating Side-Channel Attack Resistance of Elliptic Curve Implementations](https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Interpretationen/AIS_46_ECCGuide_e_pdf.pdf)
diff --git a/pelican/content/OpenCryptoChip.md b/pelican/content/OpenCryptoChip.md
index f7e8f6c..6f1fa97 100644
--- a/pelican/content/OpenCryptoChip.md
+++ b/pelican/content/OpenCryptoChip.md
@@ -69,7 +69,7 @@ We need to support key wrapping. Some pointers:
# Rough Cut at v0.01 Proof of Concept Feature Set
-As a proof of concept, to validate as much as possible the assurance of the tools and methods, and as a demonstration of the project tools, team, and architecture, we have a [proposed version 0.01 product](RoughV1) as a proof of concept and a demonstration of the project tools, team, and architecture
+As a proof of concept, to validate as much as possible the assurance of the tools and methods, and as a demonstration of the project tools, team, and architecture, we have a [proposed version 0.01 product](RoughV1.md) as a proof of concept and a demonstration of the project tools, team, and architecture
@@ -92,10 +92,10 @@ As a proof of concept, to validate as much as possible the assurance of the tool
# Ongoing Development
-* [SUNET is sponsoring the first two development steps](SunetInitialDevelopment) currently being done.
-* [ Investigation and planning of a TRNG with entropy sources](TRNGDevelopment)
-* [Investigation of possible EDA tools and ways to do open and assured HW development"](EDAToolchainSurvey")
-* [Collection about side-channel attacks and detection, mitigation methods"](SideChannel")
+* [SUNET is sponsoring the first two development steps](SunetInitialDevelopment.md) currently being done.
+* [ Investigation and planning of a TRNG with entropy sources](TRNGDevelopment.md)
+* [Investigation of possible EDA tools and ways to do open and assured HW development"](EDAToolchainSurvey".md)
+* [Collection about side-channel attacks and detection, mitigation methods"](SideChannel".md)
# v0.1 Major Sub-Projects
@@ -115,7 +115,7 @@ As a proof of concept, to validate as much as possible the assurance of the tool
* TerasIC C5G Cyclone 5 GX Starter Kit. Includes an Altera C5GX FPGA. This board is used for core, subsystem development and verification. Info, documentation and ordering of the TerasIC board can be found here: http://www.terasic.com.tw/cgi-bin/page/archive.pl?Language=English&CategoryNo=167&No=830
-Here is a writeup on how to [setup and run coretest_hashes on the C5G board](CoretestHashesC5G).
+Here is a writeup on how to [setup and run coretest_hashes on the C5G board](CoretestHashesC5G.md).
* TerasIC DE0-Nano board. This tiny, USB powered board is used for core development and verification. Info, documentation, resources, ordering of the TerasIC board can be found here: http://www.terasic.com.tw/cgi-bin/page/archive.pl?Language=English&CategoryNo=139&No=593
@@ -129,7 +129,7 @@ Here is a writeup on how to [setup and run coretest_hashes on the C5G board](Cor
* Research
* Select
-* [On-chip Interconnect Standards](InterconnectStandards) to use.
+* [On-chip Interconnect Standards](InterconnectStandards.md) to use.
## Methods and Validation
@@ -191,4 +191,4 @@ Here is a writeup on how to [setup and run coretest_hashes on the C5G board](Cor
# Future Development
-The v0.1 version of CrypTech is not the last version nor the only possible version. The project for example consider possible [ASIC Implementations](ASICImplementations).
+The v0.1 version of [CrypTech](CrypTech.md) is not the last version nor the only possible version. The project for example consider possible [ASIC Implementations](ASICImplementations.md).
diff --git a/pelican/content/OpenDNSSEC.md b/pelican/content/OpenDNSSEC.md
index ab7105e..8ddb230 100644
--- a/pelican/content/OpenDNSSEC.md
+++ b/pelican/content/OpenDNSSEC.md
@@ -11,13 +11,13 @@ Modified: 2017-05-13 21:34
- A Cryptech Alpha board, preferrably revision "rev03"
- APT on the host system configured to find packages in the Cryptech
- repository, see BinaryPackages for instructions
+ repository, see [BinaryPackages](BinaryPackages.md) for instructions
```
apt-get install cryptech-alpha opendnssec opensc
```
-Once you have the software package installed, you may need to [upgrade your HSM's firmware](Upgrading).
+Once you have the software package installed, you may need to [upgrade your HSM's firmware](Upgrading.md).
## Configure the HSM
diff --git a/pelican/content/PostAlphaPlan.md b/pelican/content/PostAlphaPlan.md
index 421502e..90cfa59 100644
--- a/pelican/content/PostAlphaPlan.md
+++ b/pelican/content/PostAlphaPlan.md
@@ -34,13 +34,13 @@ The software plan is divided into 3 parts: "now", "next week" and "next month".
### Now
-* CLI updates [Done, but waiting on a BSD-friendly license]
+* CLI updates [but waiting on a BSD-friendly license](Done,)
* rewrite keystore code to support larger keysizes and more slots [Done]
* multi-core resource management [Done]
* finish verilog EC point multiplier [Done]
* increase clock speed
* openssl engine [Done]
-* debug log [Mechanism done, nothing using it yet]
+* debug log [done, nothing using it yet](Mechanism)
* usb driver matching rev04 usb updates
@@ -73,4 +73,4 @@ The software plan is divided into 3 parts: "now", "next week" and "next month".
### Eventually
-* Profiling [Mechanism done]
+* Profiling [done](Mechanism)
diff --git a/pelican/content/ProjectArchive.md b/pelican/content/ProjectArchive.md
index 26c51af..596457f 100644
--- a/pelican/content/ProjectArchive.md
+++ b/pelican/content/ProjectArchive.md
@@ -5,4 +5,4 @@ Date: 2016-12-15 22:44
*Page Under Construction*
# Project Archive and Far Future Planning
-## [Assured Tool Chain](AssuredTooChain)
+## [Assured Tool Chain](AssuredTooChain.md)
diff --git a/pelican/content/ProjectMetadata.md b/pelican/content/ProjectMetadata.md
index c9c17ba..ddb53da 100644
--- a/pelican/content/ProjectMetadata.md
+++ b/pelican/content/ProjectMetadata.md
@@ -8,24 +8,24 @@ Date: 2016-12-15 22:43
## Project Logo Files
* See "Attachments" at the bottom of this page
-* PhotoFolder
+* [PhotoFolder](PhotoFolder.md)
== Meeting Presentations and Notes ==
-* DocMeet
-* PrahaWorkshop
-* BerlinWorkshop
+* [DocMeet](DocMeet.md)
+* [PrahaWorkshop](PrahaWorkshop.md)
+* [BerlinWorkshop](BerlinWorkshop.md)
== Technical References ==
-* MiscStuff
-* InterconnectStandards
-* RandomnessTesting
+* [MiscStuff](MiscStuff.md)
+* [InterconnectStandards](InterconnectStandards.md)
+* [RandomnessTesting](RandomnessTesting.md)
== Related Work ==
-* RelatedWork
-* SideChannel
+* [RelatedWork](RelatedWork.md)
+* [SideChannel](SideChannel.md)
diff --git a/pelican/content/ProjectStatus.md b/pelican/content/ProjectStatus.md
index 4b8e01f..7da6977 100644
--- a/pelican/content/ProjectStatus.md
+++ b/pelican/content/ProjectStatus.md
@@ -6,18 +6,18 @@ Date: 2016-12-15 22:44
# Project Status
-## [Project Dashboard](Dashboard)
+## [Project Dashboard](Dashboard.md)
## Crypto Chip Design and Prototype
-* PostAlphaPlan
-* AlphaBoardStrategy
-* AlphaBoardComponents
+* [PostAlphaPlan](PostAlphaPlan.md)
+* [AlphaBoardStrategy](AlphaBoardStrategy.md)
+* [AlphaBoardComponents](AlphaBoardComponents.md)
* [Core Git Repository](http://trac.cryptech.is/wiki/GitRepositories/core)
-* [Hardware](Hardware)
-* [DevBridgeBoard](DevBridgeBoard)
+* [Hardware](Hardware.md)
+* [DevBridgeBoard](DevBridgeBoard.md)
## Pilot Project
-* [Requirements](DNSSEC)
+* [Requirements](DNSSEC.md)
diff --git a/pelican/content/QuickStart.md b/pelican/content/QuickStart.md
index 0ab1839..a6f68bc 100644
--- a/pelican/content/QuickStart.md
+++ b/pelican/content/QuickStart.md
@@ -16,15 +16,15 @@ The active repositories are automatically posted to GitRepositories.
The current hardware is the AlphaBoard. More information (to be organized at some point -- yes, this wiki is a mess, again):
-* AlphaBoardComponents
-* AlphaBoardPictures
-* AlphaBoardReview
-* AlphaBoardStrategy
-* AlphaReviewLog
-* AlphaSchematics
+* [AlphaBoardComponents](AlphaBoardComponents.md)
+* [AlphaBoardPictures](AlphaBoardPictures.md)
+* [AlphaBoardReview](AlphaBoardReview.md)
+* [AlphaBoardStrategy](AlphaBoardStrategy.md)
+* [AlphaReviewLog](AlphaReviewLog.md)
+* [AlphaSchematics](AlphaSchematics.md)
-The Alpha board currently ships with very old firmware, but you can [upgrade it yourself](Upgrading).
+The Alpha board currently ships with very old firmware, but you can [upgrade it yourself](Upgrading.md).
# DNSSEC signing using OpenDNSSEC
diff --git a/pelican/content/ReleaseNotes.md b/pelican/content/ReleaseNotes.md
index 3177d24..52eedbb 100644
--- a/pelican/content/ReleaseNotes.md
+++ b/pelican/content/ReleaseNotes.md
@@ -22,14 +22,14 @@ Modified: 2017-05-13 19:18
* Python client implementations of libhal RPC mechanism and PKCS #11 now installed as `cryptech.libhal` and `cryptech.py11`, respectively.
* Python PKCS #11 client hacked to play nicely with `pkcs11-spy` debugging tool.
* RTOS replaced by simple non-preemptive (voluntary yield) tasking system, eliminating a huge morass of potential race conditions, debugging nightmares, priority inversions, and similar horrors. Lack of preemption means that console acess may have to wait for something else to yield the ARM CPU, but it's more than worth it to get rid of all the stability problems the RTOS was causing.
-* [source:/user/sra/openssl-engine Sample code for using the HSM as an OpenSSL engine] is available. This only works with RSA for the moment, due to apparent limitations of the engine implementation.
+* [Sample code for using the HSM as an OpenSSL engine](source:/user/sra/openssl-engine) is available. This only works with RSA for the moment, due to apparent limitations of the engine implementation.
Getting started with 3.0:
-* [Install the software](BinaryPackages).
-* [Upgrade the firmware](Upgrading). **Please note the warnings about bricking your HSM**, how to avoid that, and what to do if you failed to avoid it.
+* [Install the software](BinaryPackages.md).
+* [Upgrade the firmware](Upgrading.md). **Please note the warnings about bricking your HSM**, how to avoid that, and what to do if you failed to avoid it.
* Set the usual environment variables, perhaps using `cryptech_probe`.
* Start the multiplexer daemon `cryptech_muxd`.
diff --git a/pelican/content/RoughV1.md b/pelican/content/RoughV1.md
index 40fc314..b52a3cf 100644
--- a/pelican/content/RoughV1.md
+++ b/pelican/content/RoughV1.md
@@ -73,7 +73,7 @@ Verilog.
```
-* RSA 2048 & 4096 (move to blue later) [ 1024 for Tor? ]
+* RSA 2048 & 4096 (move to blue later) [for Tor?](1024)
* MACs: HMAC, 1305, uMAC
* DH (move to blue later)
* Device Activation, Move Authorization, Wiping
diff --git a/pelican/content/SideChannel.md b/pelican/content/SideChannel.md
index 9fd350e..d22702a 100644
--- a/pelican/content/SideChannel.md
+++ b/pelican/content/SideChannel.md
@@ -5,7 +5,7 @@ Date: 2016-12-15 22:44
# Side Channel Attacks
-Side Channel attacks on hardware are hard to avoid, detect and mitigate. But this should not stop us from trying. The CrypTech platform should be developed with side channel issues in mind. This page tries to collect information about relevant side channel attacks, mitigation strategies, side channel resistant design methods (blinding for example) and detection.
+Side Channel attacks on hardware are hard to avoid, detect and mitigate. But this should not stop us from trying. The [CrypTech](CrypTech.md) platform should be developed with side channel issues in mind. This page tries to collect information about relevant side channel attacks, mitigation strategies, side channel resistant design methods (blinding for example) and detection.
* http://eprint.iacr.org/2013/579 "On Measurable Side-Channel Leaks inside ASIC Design Primitives"
diff --git a/pelican/content/StateOfPlay.md b/pelican/content/StateOfPlay.md
index 27c7b74..c5ac919 100644
--- a/pelican/content/StateOfPlay.md
+++ b/pelican/content/StateOfPlay.md
@@ -53,7 +53,7 @@ fits together.
At this point I have figured out how to build two different FPGA
images for the Novena PVT1. In both cases, I'm using the Makefile
-rather than attempting to use the XiLinx GUI environment.
+rather than attempting to use the [XiLinx](XiLinx.md) GUI environment.
* `core/novena` builds the current set of digest cores into a
diff --git a/pelican/content/TRNGDevelopment.md b/pelican/content/TRNGDevelopment.md
index aba11d2..cac7d70 100644
--- a/pelican/content/TRNGDevelopment.md
+++ b/pelican/content/TRNGDevelopment.md
@@ -8,6 +8,6 @@ One, if not THE key functionality in the Cryptech system is the True Random Numb
## Information collected
-* [http://digirep.rhul.ac.uk/file/315c7a7e-4963-4a62-189f-4ad198a79f30/5/Paper.pdf](http://digirep.rhul.ac.uk/file/315c7a7e-4963-4a62-189f-4ad198a79f30/5/Paper.pdf) (pdf) Pseudorandom Number Generation in Smart Cards:
+* [http://digirep.rhul.ac.uk/file/315c7a7e-4963-4a62-189f-4ad198a79f30/5/Paper.pdf] (pdf) Pseudorandom Number Generation in Smart Cards:
An Implementation, Performance and Randomness Analysis. A paper that uses Javacard to implement different TRNGs and evluates them.
diff --git a/pelican/content/UpgradeToKSNG.md b/pelican/content/UpgradeToKSNG.md
index c9c6f67..59a3f34 100644
--- a/pelican/content/UpgradeToKSNG.md
+++ b/pelican/content/UpgradeToKSNG.md
@@ -84,7 +84,7 @@ just replace the old package with the new one. Homebrew, on the other
hand, reports the conflict and refuses to proceed until you sort it out.
The following assumes that you already had the Cryptech APT repository
-or Homebrew tap configured; if not, see [BinaryPackages](BinaryPackages).
+or Homebrew tap configured; if not, see [BinaryPackages](BinaryPackages.md).
### Installing cryptech-alpha-ksng package using apt-get on Debian or Ubuntu Linux
@@ -162,7 +162,7 @@ cryptech> masterkey set
If the above procedure somehow goes horribly wrong and bricks your
alpha, you can still recover, but you'll need an ST-LINK programmer.
-There's some discussion of this at [GitRepositories/sw/stm32](GitRepositories/sw/stm32).
+There's some discussion of this at [GitRepositories/sw/stm32](GitRepositories/sw/stm32.md).
Possible sources for the ST-LINK programmer and a suitable cable:
@@ -177,7 +177,7 @@ for it.
The programmer is the important part, you can use any sort of cabling
you like so long as it connects the right pins of the programmer to
-the corresponding pins on the Alpha; the SparkFun cable just happens
+the corresponding pins on the Alpha; the [SparkFun](SparkFun.md) cable just happens
to be a tidy package which matches the relevant SWD headers.
We'll include a more detailed description of the recovery process here
diff --git a/pelican/content/Upgrading.md b/pelican/content/Upgrading.md
index c4151f1..517ffb6 100644
--- a/pelican/content/Upgrading.md
+++ b/pelican/content/Upgrading.md
@@ -50,7 +50,7 @@ your Alpha, see DisasterRecovery.
## Upgrading from 'ksng'
A few intrepid users are already testing the 'ksng' development branch,
-using the instructions at [UpgradeToKSNG](UpgradeToKSNG). In this case, and with future
+using the instructions at [UpgradeToKSNG](UpgradeToKSNG.md). In this case, and with future
upgrades, it it not necessary to either wipe the keystore or upgrade the
bootloader.
diff --git a/pelican/content/UsingSTLink.md b/pelican/content/UsingSTLink.md
index c91cbb4..f5a99c3 100644
--- a/pelican/content/UsingSTLink.md
+++ b/pelican/content/UsingSTLink.md
@@ -12,7 +12,7 @@ Think of it as JTAG if you're more comfortable with that.
ST-LINK is built into all(?) of STM's Nucleo and Discovery evaluation
boards, which can be had for as little as US$10 from [Mouser](http://mouser.com)
-or [element14] ([http://newark.com Newark](http://element14.com) in
+or [element14](http://element14.com) ([Newark](http://newark.com) in
the Americas, [Farnell](http://farnell.com) in Europe).
We have tested with STM32F0DISCOVERY and STM32F4DISCOVERY (both with ST-LINK
diff --git a/pelican/content/WikiStart.md b/pelican/content/WikiStart.md
index 8101eed..325bd79 100644
--- a/pelican/content/WikiStart.md
+++ b/pelican/content/WikiStart.md
@@ -30,7 +30,7 @@ kind.
# About Us
[CrypTech.IS](https://cryptech.is) is a loose international collective
-of [WhoWeAre engineers] trying to improve assurance and privacy on the
+of [engineers](WhoWeAre.md) trying to improve assurance and privacy on the
Internet. It is funded diversely and is administratively quartered outside
the US.
@@ -55,26 +55,26 @@ offering [financial support](https://cryptech.is/funding/) to keep the
work flowing.
# More Information
-## [Quick Start Guide](QuickStart)
+## [Quick Start Guide](QuickStart.md)
* including pointers to the git repositories, information on how to set up and configure the board and software, and HSM requirements
-## [Developers Guide](DevelopersGuide)
+## [Developers Guide](DevelopersGuide.md)
* including the architecture diagrams, and known information
-## [Project Status](ProjectStatus)
+## [Project Status](ProjectStatus.md)
* including information on the chip design and prototypes as well as the pilot project(s)
-## [Project Metadata](ProjectMetadata)
+## [Project Metadata](ProjectMetadata.md)
* including information on presentations and meeting notes, technical references, and related work
-## [Project Archive](ProjectArchive)
+## [Project Archive](ProjectArchive.md)
* including information on dormant and far-future work
diff --git a/trac2md.py b/trac2md.py
index a8a632b..7e17c5c 100755
--- a/trac2md.py
+++ b/trac2md.py
@@ -14,16 +14,23 @@ from base64 import b64decode
from datetime import datetime
from urllib.parse import quote
+content_linebreak_pattern = re.compile(r"\[\[br\]\]|\\\\", re.I)
+
+traclink_pattern = re.compile(r"(?<!\[)\[([^][]+)\]")
+
image_pattern = re.compile(r"\[\[Image\((.*)\)\]\]")
-wikilink_1_pattern = re.compile(r"\[\[(http.*)\]\]|\[(http.*)\]")
-wikilink_2_pattern = re.compile(r"\[\[attachment:([a-zA-Z0-9_/]+)\]\]|\[attachment:([^][]+)\]")
-wikilink_3_pattern = re.compile(r"\[\[(?:wiki:)?([^][]+)\]\]|\[wiki:([^][]+)\]")
+wikilink_pattern = re.compile(r"\[\[(wiki:|attachment:)?([^]|[]+)(?:[|]([^][]+))?\]\]")
+
+strikethrough_pattern = re.compile(r"~~([^~]+)~~")
+bangquote_pattern = re.compile(r"!((?:\w|[#])+)")
+linebreak_pattern = re.compile(r"\\\\$")
+
+camelcase_pattern = re.compile(r"(?:^|(?<=\s))([A-Z][a-z]+[A-Z][a-z][A-Za-z]*)(?:$|(?=\s))")
-strikethrough_pattern = re.compile(r"~~(.*)~~")
-camelcase_pattern = re.compile(r"!((?:\w|[#])+)")
+span_pattern = re.compile(r"\[\[span\((?:[^][]*,)*([^(),]+)\)\]\]")
-span_pattern = re.compile(r"\[\[span\((?:[^][]*,)*\[([^(), ]+)([^(),]+)\]\)\]\]")
+delete_pattern = re.compile(r"\[\[PageOutline\]\]", re.I)
wikiheading_patterns = tuple(
(level, re.compile("^{} (.*)[ \t]*=*$".format("=" * level)))
@@ -36,57 +43,50 @@ def convert_headers(line):
level = header.search(line).group(1)
if level:
line = "%s %s" % ('#' * level_count, level.rstrip("= \r\t"))
- break # No need to check other heading levels
+ break # No need to check other heading levels
except:
- # Try the next heading level
- pass
-
+ pass # Try the next heading level
return line
-def make_mdlink(text, slug, sep):
- if sep in text:
- parts = text.split(sep, 1)
- else:
- parts = [text]
- parts = [p.strip() for p in parts]
- for i, part in enumerate(parts):
- if any(part.startswith(q) and part.endswith(q) for q in ('"', "'")):
- parts[i] = part[1:-1]
- if slug is None:
- return "[{}]({})".format(parts[-1], parts[0])
- else:
- return "[{}]({{attach}}{}/{})".format(parts[-1], slug, parts[0])
-
-
-def convert_wikilinks(line, pattern, slug = None):
- pos = 0
- while True:
- m = pattern.search(line, pos)
- if not m:
- break
- text = m.group(1) or m.group(2)
- if text.lower() == "pageoutline":
- mdlink = ""
- else:
- mdlink = make_mdlink(text, slug, "|" if m.group(0).startswith("[[") else " ")
- line = line.replace(m.group(0), mdlink)
- pos = m.start() + len(mdlink)
+def convert_traclink_to_creolelink(line):
+ # Convert Trac's native link form to Creole's, so that rest of the code only has to deal with one format.
+ # Creole's is easier to parse and harder to confuse with partially converted Markdown.
+
+ for m in traclink_pattern.finditer(line):
+ text = m.group(1).strip()
+ if " " in text:
+ line = line.replace(m.group(0), "[[{0[0]}|{0[1]}]]".format(text.split(" ", 1)))
+ elif any(text.startswith(scheme) for scheme in ("wiki:", "attachment:")) or camelcase_pattern.match(text):
+ line = line.replace(m.group(0), "[[{}]]".format(text))
return line
-def convert_strike(line):
- striked_result = strikethrough_pattern.search(line)
- if striked_result:
- try:
- striked_text = striked_result.group(1)
- if striked_text:
- orig_text = '~~%s~~' % striked_text
- new_text = '<s>%s</s>' % striked_text
- line = line.replace(orig_text, new_text)
- except:
- # Not striked
- pass
+def convert_wikilinks(line, slug):
+ for m in wikilink_pattern.finditer(line):
+ scheme, link, text = [p.strip() if p else p for p in m.groups()]
+ if text is None:
+ text = link
+ if any(link.startswith(q) and link.endswith(q) for q in ('"', "'")):
+ link = link[1:-1]
+ if any(text.startswith(q) and text.endswith(q) for q in ('"', "'")):
+ text = text[1:-1]
+ if scheme == "attachment:":
+ mdlink = "[{}]({{attach}}{}/{})".format(text, slug, link)
+ elif scheme == "wiki:" or (scheme is None and camelcase_pattern.match(link)):
+ mdlink = "[{}]({}.md)".format(text, link)
+ else:
+ mdlink = "[{}]({})".format(text, link)
+ #
+ #whine = "/user/sra/build-tools/https-sync-repos" in line
+ whine = False
+ if whine:
+ print("Old:", line)
+ line = line.replace(m.group(0), mdlink)
+ if whine:
+ print("New:", line)
+ whine = False
+ #
return line
@@ -106,24 +106,14 @@ def convert_image(line, slug):
return line
-def convert_linebreak(line):
- # Markdown spec says linebreak is <SPACE><SPACE><RETURN>, who am I to argue?
- if line.endswith("\\\\"):
- line = line[:-2] + " "
- return line
-
-
def WikiToMD(content, slug):
- # Line breaks in Markdown must be at end of line, so add newlines as needed
- content = content.replace("[[br]]", "\\\\").replace("[[BR]]", "\\\\").replace("\\\\", "\\\\\n")
-
code_block = False
in_list = False
in_table = False
nested_level = 0
prev_indent = 0
- old_content = content.splitlines()
+ old_content = content_linebreak_pattern.sub("\\\\\\\\\n", content).splitlines()
new_content = []
while old_content:
@@ -137,29 +127,27 @@ def WikiToMD(content, slug):
code_block = False
line = line.replace("}}}", "```")
if not code_block:
- #
- # Want to convert tables. References:
+
+ # Convert CamelCase links to explicit links
+ line = camelcase_pattern.sub(r"[[\1]]", line)
+
+ # Convert TracLinks to WikiCreole links to simplify remaining processing
+ line = convert_traclink_to_creolelink(line)
+
+ # Convert tables. References:
# https://github.github.com/gfm/#tables-extension-
# https://permatrac.noc.ietf.org/wiki/WikiFormatting#Tables
+ # Table start: line containing "||"; table end: blank line?
#
- # Table start: line containing "||"
- # Table end: blank line?
- #
- # Figuring out whether there's a real header line is fun,
- # trac doesn't require one, markdown does. Guess we can
- # add a dummy header if no better idea. Markdown requires
- # delimiter line, which we add immediately after the
- # header, both appear to be mandatory. Trac can have
- # label cells anywhere, not just in header, might need to
- # add "*" to those or just ignore the issue.
- # Justification we can sort of figure out from the header,
- # if the rows do anything different, ouch, because
- # markdown specifies in delimiter line.
+ # Figuring out whether there's a real header line is fun, trac doesn't require one, markdown does. Guess we can
+ # add a dummy header if no better idea. Markdown requires delimiter line, which we add immediately after the
+ # header, both appear to be mandatory. Trac can have label cells anywhere, not just in header, might need to
+ # add "*" to those or just ignore the issue. Justification we can sort of figure out from the header,
+ # if the rows do anything different, ouch, because markdown specifies in delimiter line.
#
- # Might do something clever with the "=" markers and
- # alignment, start with just getting the basic table
+ # Might do something clever with the "=" markers and alignment, start with just getting the basic table
# structure to something markdown will believe.
- #
+
if line.strip().startswith("||"):
line = line.replace("=|", "|").replace("|=", "|")
line = line.replace("||", "|")
@@ -171,8 +159,7 @@ def WikiToMD(content, slug):
in_table = False
#
- # Convert bullet lists. The start and end of a list needs
- # an empty line.
+ # Convert bullet lists. The start and end of a list needs an empty line.
#
nested_line = line.lstrip(' ')
if nested_line.startswith('- ') or nested_line.startswith('* '):
@@ -194,11 +181,11 @@ def WikiToMD(content, slug):
nested_level = 0
prev_indent = 0
- # Convert CamelCase
- line = camelcase_pattern.sub(r"\1", line)
+ # Convert !x quoting
+ line = bangquote_pattern.sub(r"\1", line)
# Convert (limited subset of) spans
- line = span_pattern.sub(r"[[\1|\2]]", line)
+ line = span_pattern.sub(r"\1", line)
# Convert headers
line = convert_headers(line)
@@ -206,16 +193,18 @@ def WikiToMD(content, slug):
# Convert images
line = convert_image(line, slug)
+ # Delete Trac macros that have no useful counterpart
+ line = delete_pattern.sub("", line)
+
# Convert wiki links
- line = convert_wikilinks(line, wikilink_1_pattern)
- line = convert_wikilinks(line, wikilink_2_pattern, slug)
- line = convert_wikilinks(line, wikilink_3_pattern)
+ line = convert_wikilinks(line, slug)
# Convert striked through text
- line = convert_strike(line)
+ line = strikethrough_pattern.sub(r"<s>\1</s>", line)
# Convert line breaks
- line = convert_linebreak(line)
+ # Markdown spec says linebreak is <SPACE><SPACE><RETURN>, who am I to argue?
+ line = linebreak_pattern.sub(" ", line)
# Convert bold and italic text (do this last)
line = line.replace("'''", "**") # Convert bold text