dearsky/pico-fido
1
0
Fork 0
Code Issues 46 Pull Requests 1 Actions Packages Projects Releases 22 Wiki Activity
776 Commits 2 Branches 30 Tags
1867f0330fa051209da6f2074338832413fa5f34
Commit Graph

55 Commits

Author SHA1 Message Date
Pol Henarejos
1867f0330f Move EDDSA to another branch. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-12-09 15:56:31 +01:00
Pol Henarejos
b0180711e7 Fix build. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-10-28 09:36:55 +01:00
Pol Henarejos
a59cdef8e6 Merge branch 'main' into development 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>

# Conflicts:
#	pico-keys-sdk
 2025-10-26 20:12:26 +01:00
Pol Henarejos
d4f2d04487 Relicense project under the GNU Affero General Public License v3 (AGPLv3) 
and add the Enterprise / Commercial licensing option.

Main changes:
- Replace GPLv3 headers with AGPLv3 headers in source files.
- Update LICENSE file to the full AGPLv3 text.
- Add ENTERPRISE.md describing the dual-licensing model:
  * Community Edition: AGPLv3 (strong copyleft, including network use).
  * Enterprise / Commercial Edition: proprietary license for production /
    multi-user / OEM use without the obligation to disclose derivative code.
- Update README with a new "License and Commercial Use" section pointing to
  ENTERPRISE.md and clarifying how companies can obtain a commercial license.

Why this change:
- AGPLv3 ensures that modified versions offered as a service or deployed
  in production environments must provide corresponding source code.
- The Enterprise / Commercial edition provides organizations with an
  alternative proprietary license that allows internal, large-scale, or OEM
  use (bulk provisioning, policy enforcement, inventory / revocation,
  custom attestation, signed builds) without AGPL disclosure obligations.

This commit formally marks the first release that is dual-licensed:
AGPLv3 for the Community Edition and a proprietary commercial license
for Enterprise customers.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-10-26 20:10:06 +01:00
Pol Henarejos
6b93938040 Fix warnings. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-10-12 18:56:14 +02:00
Pol Henarejos
665f029593 Fix build for non-pico boards. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-09-22 23:41:55 +02:00
Pol Henarejos
48cc417546 Added support for Brainpool curves and Ed448. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-09-02 15:49:39 +02:00
Pol Henarejos
3807e23914 Fix silent authentication with resident keys. 
It requires a new silent format, so silent credentials must be reissued.

Related with #113.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-02-23 22:03:06 +01:00
Pol Henarejos
b91ece8ec3 Add EDDSA support as a conditional build. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-02-21 19:00:44 +01:00
Pol Henarejos
c443dec4a0 Upgrade to version 6.0 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-11-10 01:50:22 +01:00
Pol Henarejos
ec612a451d Fix ssh-keygen creation. 
Fixes #59

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-09-13 21:03:58 +02:00
Pol Henarejos
c43006f8c2 Protect keydev if available (only for RP2350). 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-09-12 19:01:04 +02:00
Pol Henarejos
8ae4ab5af4 Upgrade to version 5.12 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-09-02 20:21:58 +02:00
Pol Henarejos
5568aa7b69 Fixed thread synchronization. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-08-23 19:25:20 +02:00
Pol Henarejos
6c74db9763 Fix warnings. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-08-23 13:17:51 +02:00
Pol Henarejos
f49833291f Major refactor of USB CCID and USB HID interfaces. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-08-23 10:04:00 +02:00
Pol Henarejos
d2c25b69bc Merge branch 'main' into eddsa 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-08-20 10:18:08 +02:00
Pol Henarejos
a9799dc77f Fix CBOR error. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-08-19 13:12:04 +02:00
Pol Henarejos
1b4dd9bed0 Fix ESP32 build. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-08-18 23:53:18 +02:00
Pol Henarejos
eb2c92bc5c Merge branch 'development' into eddsa 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-21 13:01:10 +01:00
Pol Henarejos
849221fd95 Added backfall compatibility. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-21 12:02:30 +01:00
Pol Henarejos
46ce9390bf Added backfall compatibility. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-10-28 20:52:07 +02:00
Pol Henarejos
7c5bab8b05 Merge branch 'development' into eddsa 2023-09-18 01:38:39 +02:00
Pol Henarejos
9c90095e96 CBOR errors are not sent through CTAPHID_ERROR command, but in CBOR response instead. Fixes #16 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-09-18 01:36:47 +02:00
Pol Henarejos
91e049b997 Merge branch 'development' into eddsa 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-09-17 19:28:41 +02:00
Pol Henarejos
332debea6d Code style. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-09-17 19:11:39 +02:00
Pol Henarejos
8242dc8d80 Merge branch 'development' into eddsa 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-08-18 12:44:52 +02:00
Pol Henarejos
be44947475 Fix writing COSE key when for curves with kty=1. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-08-18 12:43:49 +02:00
Pol Henarejos
2f6e4d5568 Upgraded COSE key functions to accept EDDSA. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-08-17 01:40:22 +02:00
Pol Henarejos
4c3042a8bf Added function for reading COSE keys. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-08-17 01:30:49 +02:00
Pol Henarejos
63e15b19bb Added functions for writing COSE keys. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-08-17 01:19:27 +02:00
Pol Henarejos
51cbfe5fe9 Fix enabled cap detection when applet is already selected. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-08-14 21:09:54 +02:00
Pol Henarejos
8b2be54ede Update code style. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-04 14:05:30 +01:00
Pol Henarejos
03f29f5be6 Fix cbor processing when unknown command is used. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-03 00:23:12 +01:00
Pol Henarejos
6d9208f434 Added support for Fido emulation to automatize tests. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-02 22:05:04 +01:00
Pol Henarejos
4f33d999e3 Adjusting code to work with the emulated interface. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-01-09 18:07:41 +01:00
Pol Henarejos
b1fdb9b1d1 Cleaning unused includes. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-12-30 19:39:01 +01:00
Pol Henarejos
545860ccbc Update some functions to the newer Pico HSM SDK. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-12-20 23:42:06 +01:00
Pol Henarejos
9bcfacfe08 Fix calling large blobs. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-12-14 23:51:03 +01:00
Pol Henarejos
aa4255b875 Add large blob command to cbor. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-12-14 19:41:19 +01:00
Pol Henarejos
ae42e28384 Added support for credMgmt preview, despite this info is not broadcasted. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-11-28 18:27:52 +01:00
Pol Henarejos
e21d985344 Adding support for specific vendor HID command (0x41). 
It is a self implementation, based on CBOR command.
data[0] conveys the command and the contents mapped in CBOR encoding.
The map uses the authConfig template, where the fist item in the map is the subcommand (enable/disable at this moment), the second is a map of the parameters, the third and fourth are the pinUvParam and pinUvProtocol.

With this format only a single vendor HID command is necessary (0x41), which will be used for all my own commands, by using the command id in data[0] like with CBOR.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-10-29 19:41:00 +02:00
Pol Henarejos
4425722a71 Adding support for CBOR CONFIG. 
This first support includes a vendor command for encrypting the key device with external key.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-10-17 17:37:39 +02:00
Pol Henarejos
6a077d0d8f Enabling credential management. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-10-04 16:58:49 +02:00
Pol Henarejos
cc0a181f75 Renaming authenticator selection. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-09-28 12:02:52 +02:00
Pol Henarejos
da577b8e8d Debug all CBOR. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-09-27 22:09:25 +02:00
Pol Henarejos
0ec563c8de Adding authenticatorSelection 0x0B support. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-09-27 12:24:22 +02:00
Pol Henarejos
f045ec8d03 card_init_core1() shall be called from every thread launched on core1. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-09-22 19:24:07 +02:00
Pol Henarejos
226fcc5405 Fixing next get assertion. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-09-21 23:44:47 +02:00
Pol Henarejos
99fc76a385 Finalizing get assertion. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-09-21 14:29:28 +02:00