[Open Crypto Project] #31: Create HAL library for use by both Cryptlib and PKCS11

Open Crypto Project trac at cryptech.is
Wed May 20 21:21:17 UTC 2015

Previous message (by thread): [Open Crypto Project] #30: https://cryptech.is/ throws error with NIST DANE tested
Next message (by thread): [Open Crypto Project] #31: Create HAL library for use by both Cryptlib and PKCS11
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

#31: Create HAL library for use by both Cryptlib and PKCS11
--------------------+------------------
 Reporter:  sra     |       Owner:  sra
     Type:  defect  |      Status:  new
 Priority:  major   |   Milestone:
Component:  HAL     |     Version:
 Keywords:          |  Blocked By:
 Blocking:          |
--------------------+------------------
 This is sort of implicit in #29 and #14, but per protocol: I'm working on
 a a HAL library for use by both Cryptlib and PKCS !#11.

 There's some overlap between this and existing code in
 core/platform/novena/sw, but the latter really is the wrong place for,
 well, almost anything in my opinion, except maybe driver software specific
 to the Novena, but since it looks like the Alpha board will have
 substantial hardware and bus overlap with the Novena, this would need
 rethinking soon in any case.

 For the moment I've simply copied over the handful of files I needed into
 the new repository, then modified them for use within a user-facing
 library (so: error codes rather than magic number returns, less scribbling
 on stdout and stderr from the depths of the library, etc.  We will need to
 sort out how we want to handle this fairly soon, before the critical stuff
 (eg, the EIM driver) diverges too much.

 At any rate, current status is a clean library build with CSPRNG and
 digest support (adapted from older HAL code in sw/cryptlib).  No runtime
 tests yet.  Next thing to add is AES keywrap, since that's already written
 and just needs tweaks to use the AES core rather than Cryptlib.

 This library is also where I expect the software side of RSA to live,
 although that has enough complicated stuff that it may need to call into
 the back of Cryptlib (eg, for key parameter generation).

 As mentioned in yesterday's telechat: I'm not actively opposed to the
 notion of multiple libraries so that we can separate drivers from driver-
 independent higher-level code.  For the moment I'm using a single library
 because it's simpler and I needed to start collecting the driver-
 independent HAL stuff.

--
Ticket URL: <https://trac.cryptech.is/ticket/31>
Open Crypto Project <https://wiki.cryptech.is/>

Previous message (by thread): [Open Crypto Project] #30: https://cryptech.is/ throws error with NIST DANE tested
Next message (by thread): [Open Crypto Project] #31: Create HAL library for use by both Cryptlib and PKCS11
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Ticket-BCC mailing list