[Cryptech Tech] road to berlin

[Pavel Shatov]

Hello!

My comments on hardware and low-level things are below.

On 26.04.2016 0:34, Paul Selkirk wrote:
>
> 1. FPGA: The alpha board will have a newer, larger FPGA natively
> mounted.
>
> To generate the bitstream, we'll use the same Xilinx toolchain, but
> will have to update at least the UCF, and port the Spartan-6 modexp
> core to Artix-7. Pavel will do the heavy lifting, and I'll update the
> Makefile.

Yes, I'm already working on this. I will also have to port the clock
manager module, because Artix-7 has different internal clocking
primitives and we don't have that "apoptosis" feature found in Novena.

> To configure the FPGA with the bitstream, the initial plan is to use
> JTAG. In the longer term, we need a software reconfiguration method
> (host -> stm32 -> config memory). This will be initiated through the
> admin interface (see below), although it might use the application
> interface for the data transfer. Fredrik has offered to help on
> that, but we need to work out the details.

This can be split into two parts: higher-level (host -> stm32) and 
lower-level (stm32 -> config mem). I can supply code, that handles 
access to the config memory (lower-level part), so what higher-level 
part has to do is receive new bitstream, find out how many sectors to 
erase and then write entire bitstream page-by-page.

>
> 9. Documentation: At the very least, this will include a Quick
> Start, for using canned software for dnssec signing. There should be
>  developers' guides at all levels, from PKCS #11, to the client-side
>  RPC interface, to the server-side HAL interface, to the FPGA cores.
>  Because documentation is one of the things we do best.

And maybe a picture that explains what all those on-board jumpers and 
headers do.


-- 
With best regards,
Pavel Shatov