pico-hsm

Author	SHA1	Message	Date
Pol Henarejos	41b1467ab7	Fix with empty extended length header. Fix buffer overflow when extended length. APDU shall be reset at every APDU beginning. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-23 12:00:04 +01:00
Pol Henarejos	16bd415fb9	Adding sanity checks. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-22 18:26:02 +01:00
Pol Henarejos	173d64dd0e	Finalizing EC key generation and storage. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-22 15:36:32 +01:00
Pol Henarejos	67698eca94	Fixed bug with size of cvc. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-22 14:27:13 +01:00
Pol Henarejos	f97555a8da	Adding ECC storing keygen. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-22 13:22:09 +01:00
Pol Henarejos	a28f217c57	Inner signature of CVC encodes the full certificate body. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-22 00:55:36 +01:00
Pol Henarejos	e1126b5951	In order to announce the public key, the response must be cvc request authenticated. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-22 00:37:02 +01:00
Pol Henarejos	1688ea540e	Fix: FPI containing wrong file length. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-21 16:24:47 +01:00
Pol Henarejos	2a770ee7c9	DKEKS are also initialized. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-21 16:24:32 +01:00
Pol Henarejos	0ef2ee40ac	Adding update_ef command. Flash is reset when initialize Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-21 16:06:09 +01:00
Pol Henarejos	d4e4cbbb0a	Adding initialize commands. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-21 16:05:32 +01:00
Pol Henarejos	87a47c626b	Fix with extended LE. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-21 13:26:30 +01:00
Pol Henarejos	4e3b43ec35	Adding storage of PRKD and CD. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-21 12:21:16 +01:00
Pol Henarejos	d32620710e	Adding file chains for CC, CE and CD. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-21 12:20:39 +01:00
Pol Henarejos	fe429bf5af	Adding signature to public file. Storing private key in disk. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-21 00:27:53 +01:00
Pol Henarejos	ecfeb63273	Storing private keys as only P and Q for RSA. They are converted on the fly upon a request. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-20 20:05:46 +01:00
Pol Henarejos	e620b891e1	Adding RSA response (unfinished). Adding ECC generation (no response yet). Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-20 01:59:48 +01:00
Pol Henarejos	d904e55aba	Updating CVCA Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-20 01:58:56 +01:00
Pol Henarejos	0ae8733d9b	Adding keypair generation. At this moment, only RSA works but without any security check. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-19 02:16:29 +01:00
Pol Henarejos	67ac86f97d	Fix with endianness and search by path name. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-18 16:42:59 +01:00
Pol Henarejos	d6e7fc7cce	Adding PIN login. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-18 16:19:54 +01:00
Pol Henarejos	eaa0265f74	Adding import dkek shares. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-18 15:46:46 +01:00
Pol Henarejos	e59c0d08c4	Adding initialization. - PINs are never stored, neither in flash nor in RAM. - PINs are stored in flash in doubled salted way. - PINs are stored in RAM in single salted way. - SOPIN in RAM (single salted) is used to encrypt/decrypt DKEK. - PINs in RAM (single salted) are used to encrypt/decrypt private keys related with user/so pins. - DKEK is only used to export/import data. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-18 13:28:41 +01:00
Pol Henarejos	0fa7f4cd54	Added DKEK file. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-18 13:25:32 +01:00
Pol Henarejos	4bb756b17c	Fix when clearing file. It was omitting fid field and thus causing misalignment and corruption data. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-18 13:25:19 +01:00
Pol Henarejos	1630c7b52d	Adding unique_id variable. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-18 10:39:03 +01:00
Pol Henarejos	633f005efd	Adding INS_CHALLENGE for DKEK generation. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-17 19:50:12 +01:00
Pol Henarejos	4ccc457fab	Using mbedtls tag v3.1.0 Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-17 19:46:02 +01:00
Pol Henarejos	f7553a0a75	Fix bug of not refilling after random bytes are requested. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-17 19:45:23 +01:00
Pol Henarejos	c2733e8977	Using files from mbedtls submodule Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-17 19:17:24 +01:00
Pol Henarejos	34a0027e78	Not used as they are pulled from submodule Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-17 19:16:55 +01:00
Pol Henarejos	71cf36bbe1	Adding mbedtls submodule Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-17 19:03:27 +01:00
Pol Henarejos	ad28c3721a	Not used Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-17 19:00:59 +01:00
Pol Henarejos	c8325babb2	Fixed pin reset Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-14 00:29:04 +01:00
Pol Henarejos	86cef892ff	Adding PIN reset counter. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-13 18:27:49 +01:00
Pol Henarejos	7e5352940b	Moving submodule to patches branch. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-13 17:21:00 +01:00
Pol Henarejos	6b86e5dadd	Adding max retries EF Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-13 17:12:03 +01:00
Pol Henarejos	f91c60efa2	Setting tag Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-13 01:20:14 +01:00
Pol Henarejos	e3e7221d09	Adding OpenSC submodule. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-13 01:18:52 +01:00
Pol Henarejos	0017284103	Starting migration from gnuk to own solution. gnuk/openpgp will be left as another pkcs15 app. Lots of work has been done in the meanwhile. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-13 01:17:14 +01:00
Pol Henarejos	210fa98ca4	Added scan procedure to load fixed files (i.e., pins) from flash memory. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-07 11:15:20 +01:00
Pol Henarejos	bb5da16da6	Removing stuff with old read/write. Currently OPENPGP does not work and it won't until we finish the migration. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-07 11:14:33 +01:00
Pol Henarejos	0c43939de2	Fixed lots of write/read stuff. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-07 11:13:37 +01:00
Pol Henarejos	badb1780c6	Added read procedures to take values from the cache. Fixed lockcout bug. Added wait_to_finish procedure, which blocks until all cache is written into the ram. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-07 11:13:13 +01:00
Pol Henarejos	565b61926a	Merge branch 'gnuk' into main	2022-02-05 14:21:20 +01:00
Pol Henarejos	39c7a6f12a	Some other not compiling changes Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-05 10:27:12 +01:00
Pol Henarejos	222471acb1	We also include the fid into flash files. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-05 01:54:38 +01:00
Pol Henarejos	30a517908c	Rewrite flash from scratch. We are migrating to a file system approach. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-05 01:31:24 +01:00
Pol Henarejos	565f64bcbe	Added TokenInfo file. Generate PKCS15_TokenInfo structure with make_pkcs15_to_der script Added applet selection. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-04 00:29:30 +01:00
Pol Henarejos	f7adf39f81	Added support for ACL Added support for READ BINARY (B0 and B1) Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-03 15:35:49 +01:00

1 2

94 Commits