[Cryptech-Commits] [sw/libhal] branch master updated: ks_flash returns all-ones instead of all-zeros for "blank" memory, cope.
git at cryptech.is
git at cryptech.is
Fri Jun 24 03:15:10 UTC 2016
This is an automated email from the git hooks/post-receive script.
sra at hactrn.net pushed a commit to branch master
in repository sw/libhal.
The following commit(s) were added to refs/heads/master by this push:
new c521d7f ks_flash returns all-ones instead of all-zeros for "blank" memory, cope.
c521d7f is described below
commit c521d7f590ecafaaed378c20e03aa657361f1638
Author: Rob Austein <sra at hactrn.net>
AuthorDate: Thu Jun 23 23:06:11 2016 -0400
ks_flash returns all-ones instead of all-zeros for "blank" memory, cope.
This will need refactoring once we have a proper test for whether the
HSM is initializing after receiving a fresh software load.
---
ks.c | 26 +++++++++++++++++---------
rpc_misc.c | 5 ++++-
2 files changed, 21 insertions(+), 10 deletions(-)
diff --git a/ks.c b/ks.c
index d252620..48d4751 100644
--- a/ks.c
+++ b/ks.c
@@ -371,27 +371,35 @@ hal_error_t hal_ks_get_pin(const hal_user_t user,
default: return HAL_ERROR_BAD_ARGUMENTS;
}
+#warning Need better "Have we been initialized yet?" test
/*
* If we were looking for the WHEEL PIN and it appears to be
* completely unset, return the compiled-in last-gasp PIN. This is
- * not a great answer, but we need some kind of bootstrapping
+ * a terrible answer, but we need some kind of bootstrapping
* mechanism. Feel free to suggest something better.
*
* We probably need some more general "have we been initialized?"
* state somewhere, and might want to refuse to do things like
* storing keys until we've been initialized and the appropriate
* PINs have been set.
+ *
+ * Just to make things more fun, some drivers return all zeros for
+ * "this has never been set", some return all ones to indicate the
+ * same thing. REALLY need a flag somewhere.
*/
- if (user == HAL_USER_WHEEL && (*pin)->iterations == 0) {
- uint8_t u = 0;
- for (int i = 0; i < sizeof((*pin)->pin); i++)
- u |= (*pin)->pin[i];
- for (int i = 0; i < sizeof((*pin)->salt); i++)
- u |= (*pin)->salt[i];
- if (u == 0)
- *pin = &hal_last_gasp_pin;
+ uint8_t u00 = 0x00, uFF = 0xFF;
+ for (int i = 0; i < sizeof((*pin)->pin); i++) {
+ u00 |= (*pin)->pin[i];
+ uFF &= (*pin)->pin[i];
+ }
+ for (int i = 0; i < sizeof((*pin)->salt); i++) {
+ u00 |= (*pin)->salt[i];
+ uFF &= (*pin)->salt[i];
}
+ if (user == HAL_USER_WHEEL && ((u00 == 0x00 && (*pin)->iterations == 0x00000000) ||
+ (uFF == 0xFF && (*pin)->iterations == 0xFFFFFFFF)))
+ *pin = &hal_last_gasp_pin;
return HAL_OK;
}
diff --git a/rpc_misc.c b/rpc_misc.c
index 18f4083..8176c6f 100644
--- a/rpc_misc.c
+++ b/rpc_misc.c
@@ -210,7 +210,10 @@ static hal_error_t set_pin(const hal_client_handle_t client,
hal_ks_pin_t p = *pp;
- if (p.iterations == 0)
+ /*
+ * Another all-zeros vs all-ones disagreement between drivers.
+ */
+ if (p.iterations == 0x00000000 || p.iterations == 0xffffffff)
p.iterations = HAL_PIN_DEFAULT_ITERATIONS;
if ((err = hal_get_random(NULL, p.salt, sizeof(p.salt))) != HAL_OK ||
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Commits
mailing list