I was able to discover the crux of the problem from last week. Previously, we were baffled by the fact that the size of the private key that is generated by the server application appears to much smaller than the private key that was generated by XCA, even though they both are using the same elliptic curve algorithm and key length. It turns out there is actually two ways of encoding an ECC key, i.e in a compressed format or Read more
This is my ninth week of being an intern at Aeste Works. This week was testing whether the lwIP stack had been configured correctly and whether the interface can be successfully initialized. To initialize the network stack in a lwIP single-threaded core, the function lwip_init is called and then the network interface is brought up by netif_add and netif_setup. To test whether the network interface could be brought up, the netif_is_up function was used which takes in the pre-allocated network structure that was Read more
So last week, we discovered that client certificates could not successfully be imported in both macOS and Windows operating systems. Testing out with a manually generated certificate using XCA, we were able to confirm that the problem was that the PKCS#12 generated by our application does not contain the full certificate chain (i.e: from end-entity certificate to all the way to the root certificate), or so we thought. Currently, the server application generates PKCS#12 files using OpenSSL’s libraries since Botan Read more
The Setup Now that I have access to the production server, I had to pull the project’s code from our git repository into the server’s filesystem. Shortly after that, I needed to check if the server application could be built and executed. No major issues in that regard. Everything seemed to be going well at that point. Dr Shawn had already set up the actual Woocommerce site and gave me access as a Store Manager. Before doing anything else in Read more
This is my eighth week of being an intern at Aeste Works. This week was about setting up and integrating the lwIP stack with the USB CDC ECM device. The device currently does not run with an operating system and so must be configured for the lwIP NOSYS mode using the raw (or native API). The first step was to create a cc.h file that that describes the compiler and machine architecture to lwIP. The following are defined here: data types, printf formatters for Read more
Time was passing really fast and this was the eighth week of internship. In this week I was working on a Wishbone RAM. To start off, I had to understand the mechanism of a dual port RAM. The dual port RAM fundamentally consisted of an instruction port (read only) and a read/write port. An address of 0x00000000 would be passed into the instruction port whereas 0x80000000 would be passed into the read/write port. However, they should have the same data Read more
So I managed to implement the reusing of private keys as part of the renewal process. The problem was that I was calling the wrong API for Botan, which yields an unexpected outcome. Shortly after that, Dr Shawn wanted me to implement one more feature for the application. It basically involves checking whether the user receives the email for the certificate download or not. This can be done using the Post Office Protocol version 3 (POP3). When we send the Read more
In this week I was modifying the Wishbone switch so that it would gave correct signal outputs. To give an overview, the strobe signal from the previous wire must be passed to the next wire after one clock cycle, until it reached the I/O port. As a result, the I/O would asset an acknowledgement signal, which would negate the current strobe signal. And the acknowledgement signal would be passed to the next wire after one clock cycle as well. This Read more
This is my seventh week as an intern at Aeste Works. This week was about figuring out which part of my USB CDC ECM code interfaces between the host and device in sending and receiving network packets so that I could integrate the lwIP TCP/IP stack later on. There are two functions that were found in the code that sends and receives data. First, the application can send data to the Host by using the USB_DEVICE_CDC_Write function. This function requests Read more
Nothing much to be said for this week. I attempted to implement based on what Dr Shawn suggested to me last week, i.e storing the public and private key pairs in the database, so that the private key could be reused for subsequent certificate renewals. This relies on the user having to present the old certificate, which contains the public key that would be used to find the matching private key in the database. If no certificate is given, then Read more