dearsky/pico-hsm
1
0
Fork 0
Code Issues 17 Pull Requests 4 Actions Packages Projects Releases 26 Wiki Activity
505 Commits 2 Branches 32 Tags
36d250fc2b83ea3ff956f2ea69456e204441a7fc
Commit Graph

505 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Pol Henarejos
57d593561a Moving all SM stuff to EAC. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-10 19:00:52 +02:00
Pol Henarejos
c098d80524 Adding private key of termca. It is the worst thing I can do, but first I need to develop the secure channel, which uses the private key of device. Later, I will figure out how to generate the private key and certificate during initialization, but it will be difficult, as it needs to be signed by the CA. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-10 01:55:57 +02:00
Pol Henarejos
6c892af9f1 Adding authentication command. Not finished. Needs lot of work. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-09 23:44:45 +02:00
Pol Henarejos
b545a1618b Added Manage Security Environment command. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-09 20:50:00 +02:00
Pol Henarejos
dec3d54ddd Adding more SW codes. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-09 20:29:13 +02:00
Pol Henarejos
ce4d0bf102 INS 54h is also occupied too... let's try with 64h. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-08 00:38:03 +02:00
Pol Henarejos
4e6bada892 Fix first AID load. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-08 00:29:15 +02:00
Pol Henarejos
98ad2e3d55 Fix returning card data when selected AID. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-07 23:32:56 +02:00
Pol Henarejos
e686b42934 Merge branch 'master' into eac 2022-04-07 18:34:40 +02:00
Pol Henarejos
239e01c3f8 Update extra_command.md 
Using new extra INS, from 0x88 to 0x54
v1.12 		2022-04-07 18:34:14 +02:00
Pol Henarejos
0d839c3136 Merge branch 'master' into eac 2022-04-07 18:32:49 +02:00
Pol Henarejos
4a57698173 Moving out INS_EXTRAS from 0x88 (taken by ISO 7816) to 0x54 (presumably free). 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-07 18:32:31 +02:00
Pol Henarejos
cc3bfad00a Merge branch 'master' into eac 2022-04-07 18:18:50 +02:00
Pol Henarejos
468051288c Upgrading to version 1.12. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-07 18:18:24 +02:00
Pol Henarejos
565ea12d88 Added dynamic option to enable/disable press to confirm. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-07 18:18:24 +02:00
Pol Henarejos
1c7ef50568 Added custom INS (named EXTRAS) to support different extra commands. At this moment: 
- 0xA: gets/sets the datetime.
- 0x6: enables/disables press to confirm (BOOTSEL). It allows other dynamic device options. At this moment, only press to confirm option is available.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-07 18:18:24 +02:00
Pol Henarejos
878eae9787 Added press button to confirm. Everytime a private/secret key is loaded, the Pico HSM waits for BOOTSEL button press. This mechanism guarantees that no private/secret operations are made without user consent. To confirm the operation, the user must press the BOOTSEL button. In the meanwhile, the device gets into waiting state and no other operation is performed. After release the button, the operation continues normally. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-07 18:18:24 +02:00
Pol Henarejos
24b1d6807b Added support for reading binary data. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-07 18:18:24 +02:00
Pol Henarejos
6bc081a1e1 Added support to write arbitrary data EF. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-07 18:18:24 +02:00
Pol Henarejos
afb16fff65 Fix with ASN1 encapsulation for keypair generation. It only affects RSA 4096 bits. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-07 18:18:24 +02:00
Pol Henarejos
cf81a82645 Added a new custom APDU (88h) for setting and retrieving datetime. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-07 18:18:24 +02:00
Pol Henarejos
dc820a60ae Fixed class with USB-ICC specs, for legacy reasons. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-07 18:18:24 +02:00
Pol Henarejos
c57cc139f6 Update README.md 2022-04-07 00:10:09 +02:00
Pol Henarejos
79426f35cd Update extra_command.md 
Added dynamic options and press-to-confirm enabling/disabling.
 2022-04-07 00:06:44 +02:00
Pol Henarejos
502a7ba81c Create store_data.md 2022-04-06 23:56:29 +02:00
Pol Henarejos
deef209687 Update README.md 
Added press-to-confirm description.
Added links to storage binary data.
Added links to extra command to enable/disable button.
Added links to setting/getting datetime.
 2022-04-06 19:52:10 +02:00
Pol Henarejos
bb09f212d2 Create extra_command.md 
Add get/set datetime explanation.
 2022-04-06 19:51:05 +02:00
Pol Henarejos
1e6556ebdd Upgrading to version 1.12. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-06 19:16:28 +02:00
Pol Henarejos
cfd86df45e Update README.md 
Added led blink meaning.
 2022-04-06 17:25:07 +02:00
Pol Henarejos
c16a7a3c5c Added dynamic option to enable/disable press to confirm. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-06 15:14:23 +02:00
Pol Henarejos
7060d2d2ca Added custom INS (named EXTRAS) to support different extra commands. At this moment: 
- 0xA: gets/sets the datetime.
- 0x6: enables/disables press to confirm (BOOTSEL). It allows other dynamic device options. At this moment, only press to confirm option is available.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-06 14:41:09 +02:00
Pol Henarejos
532d79bcc5 Added press button to confirm. Everytime a private/secret key is loaded, the Pico HSM waits for BOOTSEL button press. This mechanism guarantees that no private/secret operations are made without user consent. To confirm the operation, the user must press the BOOTSEL button. In the meanwhile, the device gets into waiting state and no other operation is performed. After release the button, the operation continues normally. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-06 14:38:22 +02:00
Pol Henarejos
770097d6ab Added support for reading binary data. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-05 18:07:20 +02:00
Pol Henarejos
ce2a1c21de Added support to write arbitrary data EF. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-05 17:28:22 +02:00
Pol Henarejos
d16c9b2324 Update README.md 
Adding operation time for RSA (signature and decrypt). It is relevant for RSA 3K and 4K.
 2022-04-04 22:27:33 +02:00
Pol Henarejos
6e1c47ddf4 Fix with ASN1 encapsulation for keypair generation. It only affects RSA 4096 bits. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-04 22:00:29 +02:00
Pol Henarejos
f1630023c7 Update README.md 
Added keygen time for 3k and 4k.
 2022-04-04 21:56:40 +02:00
Pol Henarejos
d49e7be972 Added a new custom APDU (88h) for setting and retrieving datetime. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-04 15:48:04 +02:00
Pol Henarejos
13d17fc4f7 Fixed class with USB-ICC specs, for legacy reasons. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-04 15:46:53 +02:00
Pol Henarejos
d41a488eda Adding support for Transport PIN. 
Adding support for initialize options.
v1.10 		2022-04-04 10:07:23 +02:00
Pol Henarejos
375a18ebac Update README.md 
Fix RSA 4096 doc link.
 2022-04-04 10:04:47 +02:00
Pol Henarejos
20216ac4ba Update README.md 2022-04-04 10:01:16 +02:00
Pol Henarejos
d27d8b0c5b Upgrading to version 1.10 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-04 09:57:19 +02:00
Pol Henarejos
a619527482 Adding P1=0x2 and P1=0x3 for reset retry counter. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-03 20:59:50 +02:00
Pol Henarejos
85ff92c4de Adding check for device options whether it can reset retry counter with PIN or without. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-03 20:40:16 +02:00
Pol Henarejos
b1121718db Adding capability to reset retry counter without new PIN 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-03 20:37:16 +02:00
Pol Henarejos
2905dcc8c0 Adding custom command to set datetime. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-04-03 19:57:56 +02:00
Pol Henarejos
c9855f7214 Fix displaying device options. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-31 19:43:33 +02:00
Pol Henarejos
853b8f29a2 Fix returning kcv when pin is not provided. It always return 0x0 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-31 19:31:56 +02:00
Pol Henarejos
d5378ffa41 If has_session_pin is true, it returns sw_ok 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-31 19:31:22 +02:00