16 Aug, 2016

1 commit

  • PKCS #11's notion of a "read-only" session is odd: read-only sessions
    can still create/modify/destroy objects, just not "token" objects.
    
    C_SeedRandom() has its own special "nope, didn't implement that" error
    code, apparently the one everything else uses wasn't good enough.
    
    C_Login() has different error codes for "you're already logged in" and
    "you're already logged in as somebody else".
    Rob Austein
     

14 Aug, 2016

1 commit


10 Aug, 2016

3 commits

  • Apparently this is how the cool kids handle hiding library-internal
    symbols now, using objcopy is old hat.  Ondrey tells us that this
    should work on GNU/Linux and on *BSD, which, at the moment, just
    leaves OSX, which we already handle with an OSX-specific kludge.
    Rob Austein
     
  • Rob Austein
     
  • Oleg found a cute bug where C_SignUpdate() and C_SignFinal() would
    generate an incorrect signature which C_VerifyUpdate() and
    C_VerifyFinal() would think was fine because the verification code had
    essentially the same bug as the signature code.  None of this applied
    to the (much) more commonly used C_Sign() and C_Verify() functions,
    which is why nobody noticed until now.
    
    Bug fixed in sw/libhal commit 36dfaf0adbddbb9f1f7852911228b3ab24ba01aa
    but we need a regression test to make sure we don't reintroduce the
    bug.  So we add a test which computes the signature both ways, then
    verifies it with PyCrypto as well as both ways with our own code.
    
    We should probably be doing more comparisons of RSA results with
    PyCrypto.  For ECDSA with non-deterministic signatures it's a bit
    harder, but more checking against the Python ecdsa library would still
    be a good idea.
    Rob Austein
     

13 Jul, 2016

1 commit


12 Jul, 2016

3 commits


07 Jul, 2016

2 commits


30 Jun, 2016

1 commit


28 Jun, 2016

1 commit


27 Jun, 2016

1 commit


26 Jun, 2016

2 commits


25 Jun, 2016

1 commit


24 Jun, 2016

1 commit


23 Jun, 2016

2 commits


16 Jun, 2016

5 commits


14 Jun, 2016

1 commit


13 Jun, 2016

3 commits


12 Jun, 2016

1 commit


10 Jun, 2016

3 commits


25 May, 2016

1 commit


19 May, 2016

1 commit


18 May, 2016

2 commits


17 May, 2016

2 commits


16 May, 2016

1 commit