dearsky/pico-fido
1
0
Fork 0
Code Issues 46 Pull Requests 1 Actions Packages Projects Releases 22 Wiki Activity
831 Commits 2 Branches 30 Tags
ab6cc09c08cbee194f51140624807e21095d4481
Commit Graph

48 Commits

Author SHA1 Message Date
Pol Henarejos
3c20800839 Add rtc to credential. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2026-01-24 01:14:46 +01:00
Pol Henarejos
ac7e34522a Fixed resident credential storage when two userId have the same prefix. 
Added a specific test for this case.

Fixes #241.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2026-01-05 12:34:04 +01:00
Pol Henarejos
a59cdef8e6 Merge branch 'main' into development 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>

# Conflicts:
#	pico-keys-sdk
 2025-10-26 20:12:26 +01:00
Pol Henarejos
d4f2d04487 Relicense project under the GNU Affero General Public License v3 (AGPLv3) 
and add the Enterprise / Commercial licensing option.

Main changes:
- Replace GPLv3 headers with AGPLv3 headers in source files.
- Update LICENSE file to the full AGPLv3 text.
- Add ENTERPRISE.md describing the dual-licensing model:
  * Community Edition: AGPLv3 (strong copyleft, including network use).
  * Enterprise / Commercial Edition: proprietary license for production /
    multi-user / OEM use without the obligation to disclose derivative code.
- Update README with a new "License and Commercial Use" section pointing to
  ENTERPRISE.md and clarifying how companies can obtain a commercial license.

Why this change:
- AGPLv3 ensures that modified versions offered as a service or deployed
  in production environments must provide corresponding source code.
- The Enterprise / Commercial edition provides organizations with an
  alternative proprietary license that allows internal, large-scale, or OEM
  use (bulk provisioning, policy enforcement, inventory / revocation,
  custom attestation, signed builds) without AGPL disclosure obligations.

This commit formally marks the first release that is dual-licensed:
AGPLv3 for the Community Edition and a proprietary commercial license
for Enterprise customers.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-10-26 20:10:06 +01:00
Pol Henarejos
6b93938040 Fix warnings. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-10-12 18:56:14 +02:00
Pol Henarejos
d424f0dea7 Add sanity check. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-10-07 21:11:50 +02:00
Pol Henarejos
665f029593 Fix build for non-pico boards. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-09-22 23:41:55 +02:00
Pol Henarejos
b25e4bed6c Fix build for non-pico boards. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-09-22 23:35:55 +02:00
Pol Henarejos
54fb02995f Add 4 pseudorandom bytes to allow indexing used by some RP entities. 
Fixes #185

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-09-11 11:31:45 +02:00
Pol Henarejos
56d5c61044 Add compatibility of old resident key system with the new one. 
Related to #184.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-09-06 19:14:27 +02:00
Pol Henarejos
1ac628d241 Major refactor on resident keys. 
Now, credential ids have shorter and fixed length (40) to avoid issues with some servers, which have maximum credential id length constraints.

Fixes #184

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-09-04 21:57:53 +02:00
Pol Henarejos
ce7d3ea72f Silent credential shall be mixed with RP. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-02-23 20:22:47 +01:00
Pol Henarejos
f43bc9701f Added support for silent authentication. 
Fixes #91.

It requires FIDO22 credential protocol, meaning that old credentials have to be reissued.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-02-08 15:00:12 +01:00
Pol Henarejos
bbf474811b Add sanity checks. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-12-11 21:58:25 +01:00
Pol Henarejos
902a988350 Fix memory cleanups. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-08-24 02:34:15 +02:00
Pol Henarejos
6c74db9763 Fix warnings. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-08-23 13:17:51 +02:00
Pol Henarejos
1b4dd9bed0 Fix ESP32 build. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-08-18 23:53:18 +02:00
Pol Henarejos
1f0e1fb8f4 Use latest Pico Keys SDK. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-05-05 00:58:51 +02:00
Pol Henarejos
d78d9d10aa Use new names and defines. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-06 15:22:28 +01:00
Pol Henarejos
332debea6d Code style. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-09-17 19:11:39 +02:00
Pol Henarejos
c00c83dfe6 Added support for thirdPartyPayment extension. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-08-13 21:12:49 +02:00
Pol Henarejos
8b2be54ede Update code style. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-04 14:05:30 +01:00
Pol Henarejos
4f33d999e3 Adjusting code to work with the emulated interface. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-01-09 18:07:41 +01:00
Pol Henarejos
b1fdb9b1d1 Cleaning unused includes. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-12-30 19:39:01 +01:00
Pol Henarejos
87bdea7e28 Fix uninitialized var. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-12-28 17:04:13 +01:00
Pol Henarejos
703e4697ec Fix loading large blob key from a credential id. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-12-12 00:39:49 +01:00
Pol Henarejos
a151dc72e4 Embed largeBlobKey presence in credId. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-12-07 21:02:23 +01:00
Pol Henarejos
860cca53e0 Added key derivation for large blob. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-12-07 17:07:16 +01:00
Pol Henarejos
8e9eafaec5 Fix important potential buffer overflow deriving the credential key. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-12-07 16:35:19 +01:00
Pol Henarejos
9d79505c5a Embed credBlob onto credId. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-12-07 15:54:10 +01:00
Pol Henarejos
19d8f16056 Clean struct before return. 
Signed-off-by: trocotronic <trocotronic@redyc.com>
 2022-10-19 16:46:31 +02:00
Pol Henarejos
2d295d0d98 Fix severe bug zeroing outside memory. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-10-05 11:09:03 +02:00
Pol Henarejos
bb069c5651 Get assertion also returns userName and userDisplayName. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-10-02 20:24:29 +02:00
Pol Henarejos
b1b9dad9f5 Only increase rps if it is not an update. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-09-28 22:57:02 +02:00
Pol Henarejos
1e7d711c03 Adding cred_mgmt. Not finished. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-09-28 17:48:47 +02:00
Pol Henarejos
b8568d834a Adding CRED_PROTO. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-09-28 11:54:39 +02:00
Pol Henarejos
174241c0a0 Fix generating random IV on credential creation. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-09-28 11:52:48 +02:00
Pol Henarejos
d558941311 Credentials now include a flag to mark whether they are resident or not. 
It is used by get assertion to attach userId, regardless allowList is present.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-09-23 17:30:18 +02:00
Pol Henarejos
2c4c618e3b Loading credential if it belongs to U2F. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-09-23 11:40:39 +02:00
Pol Henarejos
73c846e985 Credentials are reset on reset, as the device key also changes. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-09-22 19:25:26 +02:00
Pol Henarejos
e0d8ce7637 Fix encoding credential. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-09-22 10:24:38 +02:00
Pol Henarejos
cf206bf158 Credentials CANNOT be regenerated, as they depend on random IV. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-09-21 19:53:36 +02:00
Pol Henarejos
4ab898378a More fixes 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-09-21 16:30:49 +02:00
Pol Henarejos
99fc76a385 Finalizing get assertion. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-09-21 14:29:28 +02:00
Pol Henarejos
c938d47bf7 Adding extensions struct. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-09-20 23:59:52 +02:00
Pol Henarejos
3a3ec97c90 Fix saving creds. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-09-20 19:56:20 +02:00
Pol Henarejos
8a379d9702 Adding Credential manager. 
Also adding resident credentials.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-09-20 19:50:33 +02:00
Pol Henarejos
72ebb2b596 Adding Credential management. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-09-20 17:31:09 +02:00