[Open Crypto Project] #31: Create HAL library for use by both Cryptlib and PKCS11
Open Crypto Project
trac at cryptech.is
Wed May 20 21:21:17 UTC 2015
#31: Create HAL library for use by both Cryptlib and PKCS11
--------------------+------------------
Reporter: sra | Owner: sra
Type: defect | Status: new
Priority: major | Milestone:
Component: HAL | Version:
Keywords: | Blocked By:
Blocking: |
--------------------+------------------
This is sort of implicit in #29 and #14, but per protocol: I'm working on
a a HAL library for use by both Cryptlib and PKCS !#11.
There's some overlap between this and existing code in
core/platform/novena/sw, but the latter really is the wrong place for,
well, almost anything in my opinion, except maybe driver software specific
to the Novena, but since it looks like the Alpha board will have
substantial hardware and bus overlap with the Novena, this would need
rethinking soon in any case.
For the moment I've simply copied over the handful of files I needed into
the new repository, then modified them for use within a user-facing
library (so: error codes rather than magic number returns, less scribbling
on stdout and stderr from the depths of the library, etc. We will need to
sort out how we want to handle this fairly soon, before the critical stuff
(eg, the EIM driver) diverges too much.
At any rate, current status is a clean library build with CSPRNG and
digest support (adapted from older HAL code in sw/cryptlib). No runtime
tests yet. Next thing to add is AES keywrap, since that's already written
and just needs tweaks to use the AES core rather than Cryptlib.
This library is also where I expect the software side of RSA to live,
although that has enough complicated stuff that it may need to call into
the back of Cryptlib (eg, for key parameter generation).
As mentioned in yesterday's telechat: I'm not actively opposed to the
notion of multiple libraries so that we can separate drivers from driver-
independent higher-level code. For the moment I'm using a single library
because it's simpler and I needed to start collecting the driver-
independent HAL stuff.
--
Ticket URL: <https://trac.cryptech.is/ticket/31>
Open Crypto Project <https://wiki.cryptech.is/>
More information about the Ticket-BCC
mailing list