dearsky/pico-hsm
1
0
Fork 0
Code Issues 17 Pull Requests 4 Actions Packages Projects Releases 26 Wiki Activity
478 Commits 2 Branches 32 Tags
55c8a666138beb5d2f410f57fc88ce73340d0b05
Commit Graph

232 Commits

Author SHA1 Message Date
Pol Henarejos
a17a4c0a3c Finished key public registration. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-06-10 11:09:25 +02:00
Pol Henarejos
2437cf09d1 Added EF for PUKs 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-06-10 11:08:47 +02:00
Pol Henarejos
a4d4f9a944 Fix outer CAR value. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-06-09 21:25:17 +02:00
Pol Henarejos
5eb086935e Added INS_PSO. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-06-09 19:02:59 +02:00
Pol Henarejos
83a583a33f Fix CVC verification. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-06-09 19:02:22 +02:00
Pol Henarejos
143c2d279b Added cvc_verify to verify a cvcert with other CA cvcert. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-06-09 14:16:17 +02:00
Pol Henarejos
08dd596883 Added cvc_get_pub(). 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-06-09 14:15:35 +02:00
Pol Henarejos
a4ffcebb0f Added variable puk_store. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-06-09 14:15:17 +02:00
Pol Henarejos
39f7b5284a Added OID definitions. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-06-09 11:53:35 +02:00
Pol Henarejos
4f58cd255b Adding PUK store. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-06-08 20:01:37 +02:00
Pol Henarejos
d96d7a533e Added procedure for verifying CVC (unfinished). 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-06-08 20:01:23 +02:00
Pol Henarejos
0e59166c64 Added MSE for B6 CRT. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-06-08 17:35:30 +02:00
Pol Henarejos
6d8161de73 Added functions to retrieve CAR and CHR from certs. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-06-08 17:34:17 +02:00
Pol Henarejos
d057729675 Fix returning the status of PIN1 when it is not initialized. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-06-07 19:58:21 +02:00
Pol Henarejos
b14a323ef8 Added INS PUK with status query. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-06-07 19:44:47 +02:00
Pol Henarejos
f2b66468ec Adding Public Key Authentication file template. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-06-07 19:44:33 +02:00
Pol Henarejos
48a05f9afc Upgrading to version 2.2. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-06-06 00:13:08 +02:00
Pol Henarejos
4bf5a80a7a Added key usage counter to decryption operations. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-06-03 20:13:18 +02:00
Pol Henarejos
40efcd71c3 Added device option KEY_COUNTER_ALL. 
When it is set, it enables the key usage counter for all keys when generated.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-06-03 20:10:53 +02:00
Pol Henarejos
aca291da9e Key usage counter is added for every generated key. 
When a key is generated, a key usage counter is added. It starts from 2^32-1 and is decremented for every sign request. Once it reaches 0, it forbids more signatures for this key.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-06-03 20:04:14 +02:00
Pol Henarejos
7f6bcdfb11 Addded fast crc32 checksum for DKEK storage. 
It is for checking the integrity of the DKEK and thus, the scret keys, as they are encrypted with DKEK.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-06-03 15:51:52 +02:00
Pol Henarejos
696110a5b0 Key domain deletion and kek deletion are only allowed when key domain is empty. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-06-03 11:36:32 +02:00
Pol Henarejos
73fb61070f Added kek deletion in a particular key domain. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-06-03 11:30:08 +02:00
Pol Henarejos
23da8047bc Fix deleting key domain. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-06-03 11:22:15 +02:00
Pol Henarejos
bf70a08c9f Added key domain deletion. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-06-03 11:16:40 +02:00
Pol Henarejos
ce410dae65 Fix when setup a key domain. 
Now the dkek is cleared before imports.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-06-03 11:01:21 +02:00
Pol Henarejos
94a42c4267 Fix changing PIN with multiple domain. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-06-02 20:09:43 +02:00
Pol Henarejos
f4cc1fed36 Fix meta parsing. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-06-02 19:30:09 +02:00
Pol Henarejos
7c27be784b Fix parsing meta data on key generation. 2022-06-02 14:12:11 +02:00
Pol Henarejos
7d1b22c337 Added meta information for symmetric keys. 2022-06-02 12:12:12 +02:00
Pol Henarejos
2febbe2795 Fix missing comma. 2022-06-01 12:57:42 +02:00
Pol Henarejos
299516f576 Fix set point A. 
mbedtls does not set point A for some curves.
 2022-06-01 11:51:33 +02:00
Pol Henarejos
6edeab6f85 Signatures in CVC are in plain format. 
Plain format concatenates r||s.
 2022-06-01 10:30:20 +02:00
Pol Henarejos
7b79d7ffde Moving CVC procedures to a separate file. 2022-06-01 09:46:23 +02:00
Pol Henarejos
c4f06ccead Not used anymore. 2022-06-01 08:58:58 +02:00
Pol Henarejos
541d5b3c19 Fix CVC signature length. 
Since it is variable, it needs to be recomputed every time.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-05-31 20:38:30 +02:00
Pol Henarejos
d0098015fe Removing OpenSC dependency. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-05-31 19:26:00 +02:00
Pol Henarejos
3660a35c2c Implementing own functions for cvc manipulation. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-05-31 18:51:43 +02:00
Pol Henarejos
9132dd16f0 Fix decoding asn1 integer. 
It caused overflow.
 2022-05-31 01:14:09 +02:00
Pol Henarejos
652551269e Using own asn1 int decoder. 2022-05-31 00:40:29 +02:00
Pol Henarejos
81730f37a9 Removing sc_pkcs1_strip_digest(). 
It is hard coded here (taken from OpenSC).
 2022-05-31 00:25:54 +02:00
Pol Henarejos
4b86e96660 Removing card_context from store_keys(). 
It does not generate PRKD, as it will be stored by the client.
 2022-05-31 00:14:30 +02:00
Pol Henarejos
271240f11c Fix initializing device. 2022-05-31 00:09:21 +02:00
Pol Henarejos
00e8596a0e Adding asn1_find_tag() for searching for a tag in a asn1 string. 2022-05-30 23:31:17 +02:00
Pol Henarejos
39ab429c88 Adding key domain to key generation, wrap, unwrap, export and import. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-05-30 16:13:51 +02:00
Pol Henarejos
4fa8d4ba64 Fix warnings 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-05-27 20:58:45 +02:00
Pol Henarejos
1ac4402f99 res_APDU SHALL NOT BE moved, only memcpied or memmoved. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-05-27 00:58:35 +02:00
Pol Henarejos
8554262aaf Migrating away from tinyUSB. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-05-27 00:36:33 +02:00
Pol Henarejos
d2766b2225 Using printf instead of TU 2022-05-26 14:16:32 +02:00
Pol Henarejos
f124ee52ce Do not add FMD in FCI. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-05-24 23:31:46 +02:00