dearsky/pico-hsm
1
0
Fork 0
Code Issues 17 Pull Requests 4 Actions Packages Projects Releases 26 Wiki Activity
1,203 Commits 2 Branches 32 Tags
master
Commit Graph

77 Commits

Author SHA1 Message Date
Pol Henarejos
7c877ebea2 Using file_out parameter. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-11-07 22:31:19 +01:00
Pol Henarejos
e1983f7bcc Now is possible pipe encrypt & decrypt commands. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-11-07 22:16:10 +01:00
Pol Henarejos
a5e025a4e5 If no applet is selected, then select it. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-11-07 21:37:42 +01:00
Pol Henarejos
a7682d2639 Adding Extended Cipher feature. 
With this new subcommand, Pico HSM will support newer cipher algorithms.
ChaCha20-Poly1305 is the first. It will be based on a custom P2 subcommand to support an arbitrary structure with multiple parameters (AAD, IV, etc.)

pico-hsm-tool.py shall be used.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-11-07 21:37:11 +01:00
Pol Henarejos
30301c68f1 Linux uses the generic interface. Needs deep testing. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-11-07 13:14:37 +01:00
Pol Henarejos
abf980d84e Fixes in windows backend. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-11-03 18:41:02 +01:00
Pol Henarejos
8718f55df2 Adding secure_key for windows. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-11-03 18:26:35 +01:00
Pol Henarejos
d1a3a24527 Import secure_key only when needed. 
Now, it does not block anymore the entire execution of pico tool.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-11-03 16:09:42 +01:00
Pol Henarejos
f363b77a07 Adding secure_key for macOS. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-11-03 16:06:06 +01:00
Pol Henarejos
f1058ea611 Merge branch 'master' into small-fixes 2022-11-03 15:48:33 +01:00
Pol Henarejos
00279da8d5 Adding Secure Lock to lock the device with a random 256 bit key. 
This is an extra layer of security to avoid brute force attacks if PIN is too weak.
At every hard reset (on device plug), the device must be unlocked prior any other command. Once unlocked, the device can be used as usual.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-10-31 15:09:54 +01:00
Reiner Rottmann
1a6cfd17cb Small fix in ModuleNotFoundError handling. 2022-10-30 08:51:57 +01:00
Pol Henarejos
3835507e00 Fix displaying error message if pycvc is missing. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-10-29 11:35:54 +02:00
Pol Henarejos
4536589e2c Added error message if package is missing. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-10-10 11:02:07 +02:00
Pol Henarejos
1e39558fbc Typo 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-10-10 00:39:32 +02:00
Pol Henarejos
67ea640a14 Fix endianness of patcher (again) 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-10-09 22:20:41 +02:00
Pol Henarejos
8b29b137a8 Small fixes. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-10-09 22:04:30 +02:00
Pol Henarejos
9e1747e539 Upgrading pico-hsm-sdk version to v3.0 2022-08-31 14:09:02 +02:00
Pol Henarejos
a7396dc698 Fix the endianness of vid/pid patcher. 2022-08-31 14:08:29 +02:00
Pol Henarejos
67699bd24c Before initializing, we select the applet. 2022-08-30 17:55:56 +02:00
Pol Henarejos
6e5db3c292 Upgrading pico-ccid to version 2.2 2022-08-29 11:31:47 +02:00
Pol Henarejos
4fb26559f4 Adding --so-pin flag for initialize command. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-08-25 13:47:42 +02:00
Pol Henarejos
c366c1d1a3 Added datetime and options menu to manipulate the RTC and options (press-to-confirm button and optional counter for each key). 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-08-25 13:38:09 +02:00
Pol Henarejos
138af5c113 Adding --pin parameter for initialization. 
If provided, it unlocks MKEK before initialization.
If not, it will generate a new MKEK and device certificate.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-08-25 01:51:16 +02:00
Pol Henarejos
cd6f898f8e Fix storing certs in DER format. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-08-25 01:51:16 +02:00
Pol Henarejos
9ef088971b Integrate all commands to a single script 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-08-25 01:51:16 +02:00
Pol Henarejos
e399b1c0b1 Renaming the tools and moving to tools/ folder. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-08-25 01:51:16 +02:00