[Cryptech Tech] Documentation, I2C, and an embarrassment of options

Joachim Strömbergson joachim at secworks.se
Fri Nov 7 13:47:23 UTC 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Aloha!

Sorry for a late reply.

Rob Austein wrote:
> It seems that we have (at least) two different I2C interfaces to the 
> digest cores on the Novena, with very different APIs:

Dunno what there are two different I2C interfaces. Paul?


> I think we are going to have to bump the priority of documentation. 
> We really need descriptions of current state, how to build, and
> advice in cases where we're offering multiple ways of doing the same
> thing.

Ok. I'll try to do better here.


> I am also puzzled by the repository naming scheme.  I thought we
> were trying for something where we had some separation between 
> device-independent cores and board-support stuff, but it all seems
> to be jumbled together in the core/ directory, along with at least
> four separate test frameworks.

I think we had a discussion about this. I'm fairly certain I proposed to
have something like core/ test/ system/ sw/. And tools/, <user>/.


Right now at least in HW space we have two things: core and test

core/ contains HW stuff that are supposed to be usable for an
application in some way. This includes single function cores such as
sha256 and systems such as trng, which dependes on (instantiates) other
cores such as chacha and sha512.

This also includes subsystems for talking to HW functions via a defined
interface such as i2c, uart and eim on the novena. (i2c and uart being
cores too) These systems with multiple cores may primarily be used for
the development and test of Cryptech HW, but they are not exeperimental
things.

When I have implemented fore example coretest_hashes on different
platforms I've placed platform specific stuff under
coretest_hashes/toolruns/quartus/c5g (for the C5G board). This means
that there really is only one coretest_hashes system core, but then it
contains fixes for different platforms.

Paul has choosen another scheme and created novena-something-cores for
the adaptations for the novena platform.

These different versions might be a wee bit confusing and we should
probably decide on one scheme and update accordingly.

But in general it is not that confusing, if one had been able to get an
introduction to the scheme. ;-)


test/ contains cores that are for testing ideas before promoting them to
a real cryptech core. Things in here may never become usable in any
sense of the word.


> Last, I noticed that, at present, there seems to be no I2C interface 
> to any of the TRNG stuff.  This is a pity, as we've put a lot of
> work into the TRNG and the HAL API really wants a source of
> randomness. I'd consider volunteering to do something about this, but
> I suspect that the TRNG would be a particularly bad first Verilog
> project, since the output is supposed to be (very high quality)
> garbage.

We need to create a coretest_trng or similar system to interface the
trng with for axample the novena with i2c, eim etc. Doing it with i2c
might work and should be fairly easy (as judged by the success Paul have
had with the coretest hashes on the Novena via i2c.) But we haven't been
able to interface any of the entropy providers on the Novena yet. And
before that happens, the trng will be dead and not be able to start
generating any values.

- -- 
Med vänlig hälsning, Yours

Joachim Strömbergson - Alltid i harmonisk svängning.
========================================================================
 Joachim Strömbergson          Secworks AB          joachim at secworks.se
========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCAAGBQJUXM1rAAoJEF3cfFQkIuyNvkMP/2bbBwIJm4t0Wl8uXr6dwQTn
40zThGhOZo7f6u/lPNlLpJmQ/dnB31GJ5kurla1C+v4EpLFmVxIzKI08W1Czff8Y
igZnTpq6k3T6P5Hp52Kyw4KLY+XSL9tffgZ9NP7+QkbMnbwsaUDitHS+lkHKzFrq
WLVvvfcD+Mkyq0zfHfIZ3TWNVSqD7MB76HOw5FOr6sSii4GJvhfGhdqlwu5Jqh0j
6y1e+RINx6cwZUZlpQBRHEiRsm1oE8ScSsp0RgHjQJPsMAuBhFJDberndnd2nuNA
ANmqwtNpXWgrahfaFD/0SyB7JfQfjqZnrGkrS4ZXoTdkxfcDD9QZFri6upB32mFq
m2Sfu4XddFg5EaqDAufIfxbB+PhWfgEv+8Ow0BBu3G7vMRzBFCVoGwokxB2FACcY
mx6HXbl7pdwnDflu+9jsAjRj4eCw6RiUiWGWsDC0yq8Ib7jO0Fc+rUbCWyhgStmp
NwspqwQQ+qBqzGPYZ963X0UkhuyDVrzyAUqMorjokeSc5+m7TqiOkP3nPPKVEW4H
ew+winTTHmghMFn2e1FnX63rfZcC/+gEL6piC4hxNg1JzP55EmixTCJJQRX2dapN
xazeXxC5I+H+6oxTXjD4DvsWkA3/cI3jjtjPhl+lLu3wCliSbh9koaFtaB32KDkW
ynz7dxjo5W+o6Zfbpn8S
=9Bbg
-----END PGP SIGNATURE-----


More information about the Tech mailing list