pico-fido

Author	SHA1	Message	Date
Pol Henarejos	aa9df892d3	Revert "Move EDDSA to another branch." This reverts commit `1867f0330f`.	2025-12-11 15:41:47 +01:00
Pol Henarejos	7ac2ce30f0	Revert "Move other curves to another branch." This reverts commit `46720fb387`.	2025-12-11 15:40:16 +01:00
Pol Henarejos	46720fb387	Move other curves to another branch. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2025-12-09 18:52:13 +01:00
Pol Henarejos	1867f0330f	Move EDDSA to another branch. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2025-12-09 15:56:31 +01:00
Pol Henarejos	a59cdef8e6	Merge branch 'main' into development Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es> # Conflicts: # pico-keys-sdk	2025-10-26 20:12:26 +01:00
Pol Henarejos	d4f2d04487	Relicense project under the GNU Affero General Public License v3 (AGPLv3) and add the Enterprise / Commercial licensing option. Main changes: - Replace GPLv3 headers with AGPLv3 headers in source files. - Update LICENSE file to the full AGPLv3 text. - Add ENTERPRISE.md describing the dual-licensing model: * Community Edition: AGPLv3 (strong copyleft, including network use). * Enterprise / Commercial Edition: proprietary license for production / multi-user / OEM use without the obligation to disclose derivative code. - Update README with a new "License and Commercial Use" section pointing to ENTERPRISE.md and clarifying how companies can obtain a commercial license. Why this change: - AGPLv3 ensures that modified versions offered as a service or deployed in production environments must provide corresponding source code. - The Enterprise / Commercial edition provides organizations with an alternative proprietary license that allows internal, large-scale, or OEM use (bulk provisioning, policy enforcement, inventory / revocation, custom attestation, signed builds) without AGPL disclosure obligations. This commit formally marks the first release that is dual-licensed: AGPLv3 for the Community Edition and a proprietary commercial license for Enterprise customers. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2025-10-26 20:10:06 +01:00
Pol Henarejos	b25e4bed6c	Fix build for non-pico boards. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2025-09-22 23:35:55 +02:00
Pol Henarejos	9b254a0738	Add support to PIN POLICY URL via VendorConfig. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2025-09-11 19:20:20 +02:00
Pol Henarejos	e4f8caa1ba	Add VendorConfig upload EA command to get_info(). Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2025-09-11 18:20:36 +02:00
Pol Henarejos	b3b3a5eecc	Add other PHY commands to get_info(). Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2025-09-11 12:23:45 +02:00
Pol Henarejos	3fe3a9d2ec	Fix build for emulation. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2025-09-01 20:50:44 +02:00
Pol Henarejos	35a043f261	Fix automatic build. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2025-09-01 20:41:23 +02:00
Pol Henarejos	44c5ad4adb	Some VIDs do not support VENDOR_CONFIG values. Fixes #172. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2025-09-01 20:38:07 +02:00
Pol Henarejos	292a9e8d8a	Add support for hmac-secret-mc extension. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2025-08-28 01:04:09 +02:00
Pol Henarejos	2b640a5c36	Add support for FIDO 2.2 Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2025-08-27 12:51:34 +02:00
Pol Henarejos	bfb8a4cb20	Only send secp256k1 if explicitly enabled. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2025-03-11 19:28:22 +01:00
Pol Henarejos	0f5a24c9b6	Fix encoding get info with variable curves. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2025-03-11 19:19:28 +01:00
Pol Henarejos	dd207bd031	Fix emulation build. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2025-03-11 19:11:49 +01:00
Pol Henarejos	6069cf949b	ES256K1 is disabled by default for compatibility. It can be enabled via Pico Commissioner. Fixes #109. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2025-03-11 19:05:28 +01:00
Pol Henarejos	297c34914b	Do not report EDDSA on get info if not supported. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2025-03-11 15:19:49 +01:00
Pol Henarejos	bdbdd92be8	Enable alwaysUv if pin is set and alwaysUv is a device options or there's current Uv in memory. It will force the prompt of a PIN. Fixes #113. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2025-02-24 12:02:03 +01:00
Pol Henarejos	8ae4ab5af4	Upgrade to version 5.12 Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2024-09-02 20:21:58 +02:00
Pol Henarejos	6c74db9763	Fix warnings. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2024-08-23 13:17:51 +02:00
Pol Henarejos	f49833291f	Major refactor of USB CCID and USB HID interfaces. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2024-08-23 10:04:00 +02:00
Pol Henarejos	d2c25b69bc	Merge branch 'main' into eddsa Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2024-08-20 10:18:08 +02:00
Pol Henarejos	163e936231	Fix potential bug in CBOR encoding. It happen if a keepalive packet is sent in the middle of an encoding. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2024-08-18 23:59:52 +02:00
Pol Henarejos	911dab031e	Merge branch 'development' into eddsa Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-08-17 01:36:35 +02:00
Pol Henarejos	b7ceec8d49	Using COSE keys write functions. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-08-17 01:19:45 +02:00
Pol Henarejos	3a71275bc8	Add EDDSA algorithm in get_info. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-08-16 18:06:29 +02:00
Pol Henarejos	8ffd1bfe38	Added support for ES256K algorithm. It uses secp256k1 curve with SHA-256. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-08-16 12:18:42 +02:00
Pol Henarejos	5105545df0	Added thirdPartyPayment to supported extensions. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-08-14 21:44:34 +02:00
Pol Henarejos	8b2be54ede	Update code style. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-03-04 14:05:30 +01:00
Pol Henarejos	4f33d999e3	Adjusting code to work with the emulated interface. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-01-09 18:07:41 +01:00
Pol Henarejos	cb24927a80	Update get info command to add max large blob array length. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-12-14 19:42:09 +01:00
Pol Henarejos	e87ae34ab5	Adde largeBlobs to get info. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-12-12 00:31:05 +01:00
Pol Henarejos	315f01372e	Adding largeBlobKey in getInfo. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-12-07 21:02:08 +01:00
Pol Henarejos	d7016f6065	Add MAX_MSG_SIZE in getInfo. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-12-07 17:01:01 +01:00
Pol Henarejos	4cb0af5045	Defining max length for credBlobs Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-12-07 15:48:46 +01:00
Pol Henarejos	196430517f	Added credBlob in getInfo. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-12-07 15:07:02 +01:00
Pol Henarejos	3f1aba889e	Adding algorithms to get info. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-12-01 20:13:28 +01:00
Pol Henarejos	8b70c864a4	Added support for enterprise attestation. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-11-28 17:39:21 +01:00
Pol Henarejos	6b2e95deb0	Adding support for minPinLength extension. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-11-23 19:11:03 +01:00
Pol Henarejos	d45fa9aae0	Added support for setMinPinLength. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-11-23 17:01:18 +01:00
Pol Henarejos	4577e4430c	Moving AUT UNLOCK to Vendor command instead of using VendorConfig. To do this a MSE command is added, to manage a secure environment. It performs a ephemeral ECDH exchange to derive a shared secret that will be used by vendor commands to convey ciphered data. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-10-30 00:47:50 +02:00
Pol Henarejos	e21d985344	Adding support for specific vendor HID command (0x41). It is a self implementation, based on CBOR command. data[0] conveys the command and the contents mapped in CBOR encoding. The map uses the authConfig template, where the fist item in the map is the subcommand (enable/disable at this moment), the second is a map of the parameters, the third and fourth are the pinUvParam and pinUvProtocol. With this format only a single vendor HID command is necessary (0x41), which will be used for all my own commands, by using the command id in data[0] like with CBOR. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-10-29 19:41:00 +02:00
Pol Henarejos	43cd8869f9	Adding support for backup. Now it is possible to backup and restore the internal keys to recover a pico fido. The process is splitted in two parts: a list of 24 words and a file, which stores the security key. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-10-28 00:31:50 +02:00
Pol Henarejos	40065217fd	Add a config command to unlock. Signed-off-by: trocotronic <trocotronic@redyc.com>	2022-10-19 16:46:31 +02:00
Pol Henarejos	4425722a71	Adding support for CBOR CONFIG. This first support includes a vendor command for encrypting the key device with external key. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-10-17 17:37:39 +02:00
Pol Henarejos	4fd9e80e92	Adding credProtect on getinfo. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-09-25 18:13:03 +02:00
Pol Henarejos	01a3c0c60e	Adding firmware field on getinfo. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-09-25 18:12:19 +02:00

1 2

56 Commits