dearsky/pico-fido
1
0
Fork 0
Code Issues 46 Pull Requests 1 Actions Packages Projects Releases 22 Wiki Activity
803 Commits 2 Branches 30 Tags
7ed90007ef7003c5d9b20bd0af8dcdd243a8303e
Commit Graph

62 Commits

Author SHA1 Message Date
Pol Henarejos
7ed90007ef Add support for slots 3 & 4 in OTP. 
Both slots are activated by clicking three or four times the BOOTSEL button.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2026-01-19 16:37:19 +01:00
Pol Henarejos
a59cdef8e6 Merge branch 'main' into development 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>

# Conflicts:
#	pico-keys-sdk
 2025-10-26 20:12:26 +01:00
Pol Henarejos
d4f2d04487 Relicense project under the GNU Affero General Public License v3 (AGPLv3) 
and add the Enterprise / Commercial licensing option.

Main changes:
- Replace GPLv3 headers with AGPLv3 headers in source files.
- Update LICENSE file to the full AGPLv3 text.
- Add ENTERPRISE.md describing the dual-licensing model:
  * Community Edition: AGPLv3 (strong copyleft, including network use).
  * Enterprise / Commercial Edition: proprietary license for production /
    multi-user / OEM use without the obligation to disclose derivative code.
- Update README with a new "License and Commercial Use" section pointing to
  ENTERPRISE.md and clarifying how companies can obtain a commercial license.

Why this change:
- AGPLv3 ensures that modified versions offered as a service or deployed
  in production environments must provide corresponding source code.
- The Enterprise / Commercial edition provides organizations with an
  alternative proprietary license that allows internal, large-scale, or OEM
  use (bulk provisioning, policy enforcement, inventory / revocation,
  custom attestation, signed builds) without AGPL disclosure obligations.

This commit formally marks the first release that is dual-licensed:
AGPLv3 for the Community Edition and a proprietary commercial license
for Enterprise customers.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-10-26 20:10:06 +01:00
Pol Henarejos
eae22a97fb Fix conditional build. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-09-23 17:17:01 +02:00
Pol Henarejos
b25e4bed6c Fix build for non-pico boards. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-09-22 23:35:55 +02:00
Pol Henarejos
91aaee5beb Force 8-digit serial number 
Fixes #149.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-05-19 10:01:07 +02:00
Pol Henarejos
b6bf2e6c66 Do not update CFG_FLAGS if slot is ChalResp. 
Fixes #142

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-04-10 16:23:20 +02:00
Pol Henarejos
3212f95915 Fixes update OTP when LT_CHAL is enabled. 
Fixes #141.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-04-08 18:59:50 +02:00
Pol Henarejos
b152ff15a8 Fix challenge length calculation for LT64. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-03-23 23:27:52 +01:00
Pol Henarejos
751fcf0538 Fix HMAC-SHA1 calculation. 
Fixes #127.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-03-23 23:13:21 +01:00
Pol Henarejos
4e4c28a479 Fix CONFIG_TOUCH status report. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-03-23 22:44:35 +01:00
Pol Henarejos
37d7d7faeb OTP can flow through FIDO interface as a report type 3. 
Fixes #123.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-03-19 19:05:06 +01:00
Pol Henarejos
49c0179ccf Fix swap files. 
When a dynamic file is deleted, all scoped references to other dynamic files are invalidated.

Fixes #124

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-03-19 13:33:35 +01:00
Pol Henarejos
eacb8a040c Increase config_seq on swap and update. 
Fixes #124.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-03-19 11:07:02 +01:00
Pol Henarejos
cb99b8f401 Fix emulation build. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-03-19 01:28:07 +01:00
Pol Henarejos
94f8d5f65f Add support for Require Touch in ChalResp OTP slots. 
Fixes #123 #104

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-03-19 01:22:14 +01:00
Pol Henarejos
353d782970 Fix OTP command issues in Linux. 
Fixes #96.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-01-31 12:01:29 +01:00
Pol Henarejos
ed9c46ded0 Fix slot deletion. 
Fixes #89.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-01-19 19:55:16 +01:00
Pol Henarejos
1f805b1df2 Use more uint16 funcs. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-12-23 21:25:46 +01:00
Pol Henarejos
1d20321d69 Add BE/LE functions to pack uint16, uint32 and uint64. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-12-23 20:51:09 +01:00
Pol Henarejos
3fad6baf89 Rename CCID_ code names to PICOKEY_ 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-11-05 18:21:42 +01:00
Pol Henarejos
6c74db9763 Fix warnings. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-08-23 13:17:51 +02:00
Pol Henarejos
f49833291f Major refactor of USB CCID and USB HID interfaces. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-08-23 10:04:00 +02:00
Pol Henarejos
8d49ed5ffc Fix potential crash invoking OTP. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-08-20 14:28:09 +02:00
Pol Henarejos
ed12d6f8e9 Fix emulation build. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-08-19 13:18:03 +02:00
Pol Henarejos
1b4dd9bed0 Fix ESP32 build. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-08-18 23:53:18 +02:00
Pol Henarejos
f21e203093 Fix compilation 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-07-20 20:05:00 +02:00
Pol Henarejos
1f0e1fb8f4 Use latest Pico Keys SDK. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-05-05 00:58:51 +02:00
Pol Henarejos
e757ad2945 Removing SHORT_TICKET limitation. 
It is not used to return the half of ticket, but to combine with static to produce hex scancodes.

Fixes #29.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-21 11:53:47 +01:00
Pol Henarejos
1ce0d98c34 OTP callbacks must be initialized on ctor. 
Fixes #30.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-21 11:50:42 +01:00
Pol Henarejos
96de6efed6 OTP static passwords are 38 bytes length. 
A static password uses fixed, uid and key fields (sum 38). However, Yubikey sets short_ticket flag which implies the half of the password is sent.

Fixes #29.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-16 20:16:23 +01:00
Pol Henarejos
d78d9d10aa Use new names and defines. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-06 15:22:28 +01:00
Pol Henarejos
cb2744cab3 Move some OTP functions from HID to OTP. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-06 11:49:18 +01:00
Pol Henarejos
da94a82487 Fix AID selection. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-10-28 20:57:53 +02:00
Pol Henarejos
c24be5a631 Adapted to new selection AID method. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-10-28 20:53:06 +02:00
Pol Henarejos
332debea6d Code style. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-09-17 19:11:39 +02:00
Pol Henarejos
c258dad8e6 Fix OTP applet selection. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-08-16 17:32:52 +02:00
Pol Henarejos
51cbfe5fe9 Fix enabled cap detection when applet is already selected. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-08-14 21:09:54 +02:00
Pol Henarejos
aa7362f88f Fix enabled capabilities detection. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-08-14 20:49:29 +02:00
Pol Henarejos
2b1227b105 Added support for management via Yubikey Manager to enable/disable specific interfaces individually. 
All interfaces are enabled by default.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-08-14 19:55:17 +02:00
Pol Henarejos
a79842b33f Fix OTP slot deletion. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-08-14 18:45:36 +02:00
Pol Henarejos
7e10e25f96 Added management application. 
Used for Yubico clients.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-04-02 01:05:19 +02:00
Pol Henarejos
9052c66a7f Fix returning otp status over ccid. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-04-02 00:29:22 +02:00
Pol Henarejos
443ca69547 Added get config capabilities command. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-04-02 00:17:39 +02:00
Pol Henarejos
d87c1530c7 Return otp_status if selected applet OTP id. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-04-01 23:48:47 +02:00
Pol Henarejos
f90baaf095 Do not respond a challenge-response command if no challenge-response app is configured. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-04-01 23:37:51 +02:00
Pol Henarejos
1d7bdb0861 Added support for swap. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-04-01 23:35:19 +02:00
Pol Henarejos
fa811e2a0f If slot is configured with a challenge-response app, do nothing when pressed. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-04-01 23:25:57 +02:00
Pol Henarejos
ff498ebfdf Added support for update config. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-04-01 19:11:00 +02:00
Pol Henarejos
cceb735cc0 Fix order of fields of Yubico OTP. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-04-01 01:15:59 +02:00