dearsky/pico-fido
1
0
Fork 0
Code Issues 46 Pull Requests 1 Actions Packages Projects Releases 22 Wiki Activity
774 Commits 2 Branches 30 Tags
31991a31c38343365bd50d00a25ce8635cc2c87a
Commit Graph

66 Commits

Author SHA1 Message Date
Pol Henarejos
a59cdef8e6 Merge branch 'main' into development 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>

# Conflicts:
#	pico-keys-sdk
 2025-10-26 20:12:26 +01:00
Pol Henarejos
d4f2d04487 Relicense project under the GNU Affero General Public License v3 (AGPLv3) 
and add the Enterprise / Commercial licensing option.

Main changes:
- Replace GPLv3 headers with AGPLv3 headers in source files.
- Update LICENSE file to the full AGPLv3 text.
- Add ENTERPRISE.md describing the dual-licensing model:
  * Community Edition: AGPLv3 (strong copyleft, including network use).
  * Enterprise / Commercial Edition: proprietary license for production /
    multi-user / OEM use without the obligation to disclose derivative code.
- Update README with a new "License and Commercial Use" section pointing to
  ENTERPRISE.md and clarifying how companies can obtain a commercial license.

Why this change:
- AGPLv3 ensures that modified versions offered as a service or deployed
  in production environments must provide corresponding source code.
- The Enterprise / Commercial edition provides organizations with an
  alternative proprietary license that allows internal, large-scale, or OEM
  use (bulk provisioning, policy enforcement, inventory / revocation,
  custom attestation, signed builds) without AGPL disclosure obligations.

This commit formally marks the first release that is dual-licensed:
AGPLv3 for the Community Edition and a proprietary commercial license
for Enterprise customers.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-10-26 20:10:06 +01:00
Pol Henarejos
3e9d1a4eb4 Fix silent authentication with resident keys. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-09-28 00:05:25 +02:00
Pol Henarejos
c6dba5df43 Fix silent authentication with new resident key system. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-09-27 23:52:08 +02:00
Pol Henarejos
665f029593 Fix build for non-pico boards. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-09-22 23:41:55 +02:00
Pol Henarejos
b25e4bed6c Fix build for non-pico boards. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-09-22 23:35:55 +02:00
Pol Henarejos
56d5c61044 Add compatibility of old resident key system with the new one. 
Related to #184.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-09-06 19:14:27 +02:00
Pol Henarejos
1ac628d241 Major refactor on resident keys. 
Now, credential ids have shorter and fixed length (40) to avoid issues with some servers, which have maximum credential id length constraints.

Fixes #184

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-09-04 21:57:53 +02:00
Pol Henarejos
c3ea413592 Do not return extensions if they are not requested OR are false. 
Fixes #136

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-03-30 19:32:25 +02:00
Pol Henarejos
bdbdd92be8 Enable alwaysUv if pin is set and alwaysUv is a device options or there's current Uv in memory. It will force the prompt of a PIN. 
Fixes #113.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-02-24 12:02:03 +01:00
Pol Henarejos
3807e23914 Fix silent authentication with resident keys. 
It requires a new silent format, so silent credentials must be reissued.

Related with #113.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-02-23 22:03:06 +01:00
Pol Henarejos
b91ece8ec3 Add EDDSA support as a conditional build. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-02-21 19:00:44 +01:00
Pol Henarejos
964184cd9f Upgrade to v6.4 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-02-19 20:15:06 +01:00
Pol Henarejos
f43bc9701f Added support for silent authentication. 
Fixes #91.

It requires FIDO22 credential protocol, meaning that old credentials have to be reissued.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-02-08 15:00:12 +01:00
Pol Henarejos
d6a060f214 Upgrade to v6.2 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-01-15 15:38:55 +01:00
Pol Henarejos
1f805b1df2 Use more uint16 funcs. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-12-23 21:25:46 +01:00
Pol Henarejos
1d20321d69 Add BE/LE functions to pack uint16, uint32 and uint64. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-12-23 20:51:09 +01:00
Pol Henarejos
8ae4ab5af4 Upgrade to version 5.12 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-09-02 20:21:58 +02:00
Pol Henarejos
02556fcde1 Fix buffer initialization. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-08-25 20:21:43 +02:00
Pol Henarejos
902a988350 Fix memory cleanups. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-08-24 02:34:15 +02:00
Pol Henarejos
6c74db9763 Fix warnings. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-08-23 13:17:51 +02:00
Pol Henarejos
f49833291f Major refactor of USB CCID and USB HID interfaces. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-08-23 10:04:00 +02:00
Pol Henarejos
d2c25b69bc Merge branch 'main' into eddsa 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-08-20 10:18:08 +02:00
Pol Henarejos
163e936231 Fix potential bug in CBOR encoding. 
It happen if a keepalive packet is sent in the middle of an encoding.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-08-18 23:59:52 +02:00
Pol Henarejos
1b4dd9bed0 Fix ESP32 build. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-08-18 23:53:18 +02:00
Pol Henarejos
1f0e1fb8f4 Use latest Pico Keys SDK. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-05-05 00:58:51 +02:00
Pol Henarejos
eb2c92bc5c Merge branch 'development' into eddsa 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-21 13:01:10 +01:00
Pol Henarejos
d78d9d10aa Use new names and defines. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-06 15:22:28 +01:00
Pol Henarejos
911dab031e Merge branch 'development' into eddsa 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-08-17 01:36:35 +02:00
Pol Henarejos
4c3042a8bf Added function for reading COSE keys. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-08-17 01:30:49 +02:00
Pol Henarejos
e8c8ce4d15 Adding support for EdDSA with Ed25519 curve. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-08-16 14:47:34 +02:00
Pol Henarejos
ce040a79f5 Fix signature computation for algorithms ES384 and ES512. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-08-16 12:39:53 +02:00
Pol Henarejos
c00c83dfe6 Added support for thirdPartyPayment extension. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-08-13 21:12:49 +02:00
Pol Henarejos
8b2be54ede Update code style. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-04 14:05:30 +01:00
Pol Henarejos
4f33d999e3 Adjusting code to work with the emulated interface. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-01-09 18:07:41 +01:00
Pol Henarejos
b1fdb9b1d1 Cleaning unused includes. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-12-30 19:39:01 +01:00
Pol Henarejos
0d51d3c727 Number of credentials is always returned in GA, as Pico Fido does not have any display. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-12-10 20:49:09 +01:00
Pol Henarejos
3a92238c0c Fix returning numberOfCredentials based on up and uv flags in the request (not in the response). 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-12-09 14:20:42 +01:00
Pol Henarejos
5c7be811e8 Return largeBlobKey on getAssertion if credential has largeKeyBlob and if requested. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-12-07 21:03:30 +01:00
Pol Henarejos
1376c51528 Fix credProtect should not be returned on getAssertion. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-12-07 15:57:41 +01:00
Pol Henarejos
fa5926a3cc credBlob is returned on getAssertion if requested. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-12-07 15:55:27 +01:00
Pol Henarejos
04868f2d7b Added permissions support. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-11-23 13:00:28 +01:00
Pol Henarejos
ac224063fc Fix freeing memory. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-10-04 16:57:45 +02:00
Pol Henarejos
40b5f70761 Fixes with hmac-secret and ProtocolV2. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-10-03 16:10:12 +02:00
Pol Henarejos
b87eb3f278 Credentials are sequentially returned only if allowList is empty. Also, user data is returned only when more than 1 credential is returned (and thus, are discoverable). 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-10-03 10:43:24 +02:00
Pol Henarejos
6e91694253 Only return user fields on discoverable request. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-10-03 01:24:05 +02:00
Pol Henarejos
0c5b308aef Only return numberOfCredentials if allowList is empty. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-10-03 01:11:51 +02:00
Pol Henarejos
3fc41a12a7 Only return other user fields if credentials > 1. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-10-03 00:53:31 +02:00
Pol Henarejos
bb069c5651 Get assertion also returns userName and userDisplayName. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-10-02 20:24:29 +02:00
Pol Henarejos
cb4827688b Fix missing parameters. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-10-02 00:27:15 +02:00