[Cryptech-Commits] [sw/libhal] branch master updated (1295f7e -> 052a078)

git at cryptech.is git at cryptech.is
Thu May 11 11:33:09 UTC 2017

Previous message (by thread): [Cryptech-Commits] [sw/pkcs11] branch master updated (1d60161 -> ccef1b5)
Next message (by thread): [Cryptech-Commits] [sw/stm32] branch master updated (fe94d97 -> 1175ff6)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This is an automated email from the git hooks/post-receive script.

sra at hactrn.net pushed a change to branch master
in repository sw/libhal.

from 1295f7e Restructure hal_slip_recv_char so caller can pass in a char directly.
add c2b116a Revised keystore API, part one. Not usable yet.
add 65e8ef4 Move in-memory keystore from client to server. Whack with club until compiles.
add 5af178d Code to convert between text and internal forms of UUIDs.
add b15af56 Fencepost error in hal_uuid_format().
add 771f5c2 Test both in-memory and on-flash keystores.
add 1e1604b Plug pkey handle leak.
add 97ee7df New keystore index internal API. Compiles, not yet integrated or tested.
add b121408 Simplify hal_rpc_pkey_find() by removing `type` argument.
add 13718c8 Missed a few instances of type-based key naming in keystore drivers.
add 8677e58 Fencepost error in ks_find().
add d56ce9a Rewrite ks_volatile driver to use new ks_index infrastructure.
add 52bafc9 Portable fix for ks_find() fencepost error.
add 421626c Explicit initialization of keystore drivers instead of guessing.
add 73d62a8 Doh, allow keystore reinitialization after unclean reboot.
add 8c3743e CRC-32 code for use in ks_flash, stm32 DFU, possibly elsewhere.
add 38c4b78 Cleanup prior to rewriting ks_flash.c.
add e99f94d Revised ks_flash. Compiles, not yet tested.
add 95b79e1 Debug new ks_flash code.
add 3b23638 Use subsectors instead of sectors in keystore.
add 9811b42 Rewrite block_erase_maybe() to run the "maybe" check in constant time.
add 84aaee3 More ks_flash cleanup.
add 5e12757 Add hal_ks_index_replace().
add a9c0ad1 Fix swapped memmove() arguments in hal_ks_index_replace().
add 19a31e1 Write updated PIN block before updating index.
add 4a2bede Redesign ks_flash block header.
add 378bcae Multi-block object support in keystore.
add db32574 Checkpoint along the way to adding keystore attribute support.
add b89d9e3 Stop whining about POSIX strnlen() function.
add 45061e2 Fix session handle arguments in RPC calls.
add 015eefa Per-session objects in ks_volatile; more untested ks_attribute code.
add 46e73ec Keystore attribute code. Not really tested.
add 534f465 Fencepost error in ks_heapsort().
add 4ebe932 Debug keystore attribute code; handle name properly in ks_index_replace().
add 426353e First cut at Python interface to native libhal RPC.
add c982e2e Use correct RPC function code in hash_get_digest_algorithm_id().
add b252694 Shake first round of bugs out of hal_rpc_pkey_match().
add d715708 Add handle objects to make API a bit more Pythonic.
add 7c47b57 Fix HAL_KEY_TYPE_* symbols, add Attribute class.
add bbb84e2 Better enum handling, more readable RPC methods.
add 87f0998 Tweak enum handling to handle more of the C enum definition syntax.
add dcf3c67 Make previous_uuid an input-only argument to hal_rpc_pkey_match().
add 41bc63d Flesh out key object access control.
add dca4161 Uppercase HAL_DIGEST_ALGORITHM_ symbols for API consistency.
add 1c2e11c Fix pure-remote-mode hal_rpc_pkey_{sign,verify}().
add 36f823d Add PyCrypto-based mixed-mode support to Python RPC client.
add 3d3f71c Version 0.1 of a set of HSM unit tests, using the Python RPC API.
add 82b698a Mixed mode needs to support PKCS #1.5 DigestInfo for RSA.
add 1310831 Add a bunch of static key tests, including a mixed-mode workout suite.
add 65e3711 Use public RPC API when dispatching from RPC server.
add 641a95f Preliminary libhal.py test code superseded by unit-tests.py
add b1d9922 Continue fleshing out libhal Python unit tests.
add 59fe931 Interop tests against Python RSA and ECDSA implementations.
add f7c3a15 hal_ks_index_fsck() and a pile of debugging code.
add e2793cf Clean out debugging code (flash I/O ring log).
add e391580 Fix hal_rpc_pkey_match() calling convention.
add d3301ac More Pythonic API for certain pkey calls.
add d844d76 Add hal_rpc_pkey_get_key_curve().
add c593d44 Fix pkey_get_attribute(), handle XDR encoding of base types properly.
add 8b0b27b Test pkey_match() attribute handling.
add 2a19591 Debug dict() support, add set() support.
add 130995b Archive verbose version of pkey_match() tests before reducing to assertions.
add f8bf9c9 Get rid of libhal.Attribute (dict suffices).
add bfc8465 Convert pkey_match() test into a proper assertion-based unit test.
add e5d197b Fix sign error in ks_name_cmp(), confusion in hal_ks_index_fsck().
add 1863db8 Reorder writing of new chunks in ks_set_attribute().
add 7f0f3b7 Add keystore attribute tests; add wrapper for Python crypto.
add 203b8af More attribute bloat tests, pinwheel to monitor progress.
add 620671d Doh, tests should not assume an empty keystore.
add 8ffe3e5 .set_attribute() speed tests.
add 1d7ff81 ks_list() was returning garbage for keys not visible to current session.
add 8670115 Add attribute read timing tests.
add 0bd1d5a Debug most recent changes to C client RPC API.
add 9d03d73 Add hal_rpc_pkey_match() tests to C client test code.
add 09a065b First cut at multi-attribute get/set/delete API.
add 1f78f1b First cut at ks_flash support for attribute get/set/delete API.
add 2ff0328 Clean out huge swacks of RPC API we don't need anymore.
add 584fdaa Drag C pkey test code up to current RPC API.
add 58a9ca8 Remove now-gratuitous check which kept attribute deletion from working.
add d6e9917 hal_rpc_pkey_find() -> hal_rpc_pkey_open().
add b448b28 More API cleanup: remove hal_rpc_pkey_list().
add 2806585 Tweak pkey access control to allow wheel to see keys.
add ecbc49a Allow keystore reinitialization without re-allocating static memory.
add 306c1de Support queries for attribute length and presence.
add f4b6098 Move UUID utilities to hal.h; change attribute values to (const void *).
add 834924b pkey_match() should just skip keys it lacks permission to read.
add 15efcdb Whack attribute code with a club until it works with PKCS #11.
add 7dce4d6 Clean up ks_set_attributes() a bit.
add 3bf4f4a Merge branch 'master' into ksng
add 9e725cd Merge broke forced selection of software-only hash cores in client builds.
add 147208e Add hal_ks_init_read_only_pins_only() so bootloader can use PINs.
add 0c9048b Experimental libhal RPC MUX based on PySerial and Tornado.
add 17366b5 Convert "daemon" mode of C client code to use Python RPC MUX.
add 3c20fd1 Whack multiplexer to handle console too.
add 65dded3 Handle connection close events properly, use logging library.
add 1763969 Add internal port probing code (like running cryptech_probe first).
add e499bfb Cleanup.
add 0f0ce51 Refactor and simplify, whole program fits on one screen now.
add 56c2309 Finish logging code, skip initialization for missing devices.
add 31ce1c8 Probing wants a brief delay after probe string on some machines.
add 9ec8140 Enable low-level debugging support in libhal.py.
add 6a6cc04 Add locking around keystore operations.
add a118a9b Clean up csprng driver.
add 70cad01 Debug logging for pkey open/close/delete events.
add f205126 Unit test cleanup.
add 33c843a Add some comments for things I figured out while reviewing code.
add c05eb9f Merge branch 'pymux' of git.cryptech.is:sw/libhal into pymux
add 44652e5 Erase new head of free list in ks_store().
add 8dd40de Track change to stm32 keystore API.
add a94d48d Compile-time configuration of software-only hash cores.
add 623ed00 Compute public key if necessary when loading a private key.
add a33470b Merge ECDSA private key fix from branch ksng into branch pymux.
add 17c53b5 Fix race condition in pkey_slot allocation.
add 533b1b5 Don't use assert() for point-on-curve checks.
add 89e84c7 Add --io-log option to unit-tests.py.
add 2abfa2b Bump size of some static tables, particuarly pkey slots.
add 72bddf4 Debugging code to track message flow.
add 67b94e0 Add timestamps to debug logging.
add bcb43f6 Support setting attributes via keyword arguments.
add 99407a5 First attempt at using Pavel's ecdsa256 core. Not working yet.
add 9afc5d0 Refactor to add P384 support. Untested.
add c2f499e Fix dumb copy/paste errors.
add 91bb044 Merge branch 'pymux' into hw_ecdsa_p256
add ad9bca7 Doh! Works better if one tests the right status bit.
add 00d93e0 Cleanup.
add 7343b9a Clean up libhal build system a bit.
add 640ff7b Merge branch 'hw_ecdsa_p256' into pymux
add a8c03ad Backport ECDSA core support to ksng branch.
add 1f20362 Merge branch 'ksng' into pymux
add 70afb31 Typo.
add 6e3faad Snapshot PKCS #8 Python hacks.
add e36bfa8 PKCS #8 ASN.1 wrapper functions.
add 33694de PKCS #8 code for RSA and ECDSA.
add 813f1c6 Obscure C syntax nit.
add faf6905 Unit tests mostly working with PKCS #8.
add c6f35b5 Race condition in test was triggering HAL_ERROR_KEY_NOT_FOUND.
add a3a5883 Merge branch 'pymux' into pkcs8
add d246435 PKCS #8 bumps max key buffer size up by a few bytes.
add afe4be7 Fix strnagely-named test.
add 34d240a Rework PKCS #8 PrivateKeyInfo wrapper code.
add fb4933f First cut at key backup code. Not tested yet.
add b1c86e4 Fix a few dumb compile-time bugs.
add 07f5d9d First cut at libhal.py support for key backup.
add 29e55d6 Shake bugs out of hal_rpc_pkey_export().
add 3828bd1 Initial test and debug script for key backup.
add 1386e9b Defend against Bleichenbacher's Attack in hal_rpc_pkey_import().
add a5491cb Shake bugs out of hal_rpc_pkey_import().
add d52a62a Enforce key usage flags.
add a031d72 Pull key type information from uploaded key in hal_rpc_pkey_load().
add d0df322 Tighten up hal_rpc_pkey_import() a bit more.
add 3c7c7e2 Unit tests for key backup operations.
add a90d24e First cut at HSM backup script.
add cc46a69 API cleanup: pkey_open() and pkey_match().
add 482cc1a Reject malformed messages from RPC UART, not just too-short ones.
add 9798cf2 Merge branch 'pymux' into pkcs8
add fa06f54 Move login tests to "slow" test category.
add 5291c46 Log packet drops.
add 038287d Merge branch 'pymux' into pkcs8
add 8956d3e Fix buffer size check when crossing token->volatile boundary in pkey_match().
add 46836ba Python interface API will need to be cryptech.libhal for installation.
add 91ce934 Clean up and document cryptech_backup.
add 7c8dd26 Logging infrastructure.
add 3e9a6bb Typo.
add 5357c6d Add console log support to muxd.
add a8c5577 Write to console socket and console log in parallel.
add 17a5034 Remove a redundant 'err' variable in ks_fetch() that was masking error conditions.
add f79826a Make sure hal_aes_keyunwrap() frees the core in all error cases.
add c2820e9 Retry a couple of times on HAL_ERROR_CORE_BUSY. This doesn't guarantee success, but reduces the failure rate on a busy server.
add 22a5821 Move hal_rpc_server_main() to test code.
add 18c297c adapt to the new experimental tasking system
add ffe5b3a Log exit conditions
add f502844 Handle error conditions when deleting keys by UUID.
add c9fc4a5 Avoid deadlock triggered by low-probability race condition.
add 42aefa3 Wrap keyslot clearing in a critical section.
add bf19937 Don't intefere with sys.exit().
add 9c9f26f Lower PBKDF2 password iterations and add delay on bad PIN.
add 018b238 Decorator doesn't work properly with --all-tests, use runtime check.
add a76a684 Merge branch 'ksng' into no-rtos
add bbd9c11 Tweak PySerial write_timeout setting.
add 08b3af1 hal_rpc_pkey_match() works better with response buffer sized correctly.
add a49b534 Update README.md.
add 052a078 Work around known bugs in PyCrypto ASN.1 code.

No new revisions were added by this update.

Previous message (by thread): [Cryptech-Commits] [sw/pkcs11] branch master updated (1d60161 -> ccef1b5)
Next message (by thread): [Cryptech-Commits] [sw/stm32] branch master updated (fe94d97 -> 1175ff6)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Commits mailing list