A new uberapp (uhsign) for calculating a SHA1-HMAC on a data buffer. Where the HMAC key is protected by the hypervisor, and the calling code is attested to be allowed to perform the hypercall. The call returns with the hash value for the data using the hypervisor’s key.
Quick question @Cap: Does the PR selectively hook in the uhsign uapp into the micro-hypervisor? In other words, uhsign should only be included and active if explicitly specified during build (e.g., via a #ifdef…#endif configuration variable)
Within uxmhf-rpi3/core/*.c, you can wrap all your uhsign related addition using:
#if defined (__ENABLE_UAPP_UHSIGN__)
... your uhsign specific code hook ...
#endif
uxmhf-rpi3/configure seems to be included in version control in this PR – that should not be the case since its autogenerated from configure.ac
uxmhf-rpi3/rgapps/linux/rgapp-uhcallmod/ has a bunch of temporary module output files in version control within the PR (e.g., *.cmd, *.symvers, *.order, *.mod.c, *.ko, *.mod)
Let me know if you have any further questions as you revise the PR; thanks for your contribution!