dearsky/pico-hsm
1
0
Fork 0
Code Issues 17 Pull Requests 4 Actions Packages Projects Releases 26 Wiki Activity
723 Commits 2 Branches 32 Tags
9cb60ba420cd5cffdac1f603b7f73e23d97fce19
Commit Graph

336 Commits

Author SHA1 Message Date
Pol Henarejos
9cb60ba420 Added AES ECB (insecure), CBC (with custom IV), OFB, CFB and GCM (with 16-byte tag) via AES_EXT command. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-19 19:34:34 +01:00
Pol Henarejos
99f1620e7d Fixes #22. 
SC-HSM returns the result with a 0x04 prepended. This comes from OpenSC but it is not clear the exact reason. 0x04 is usually for encoding uncompressed EC points but in that case it does not seem to make sense.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-18 18:40:27 +01:00
Pol Henarejos
132054c9b9 Public point is calculated everytime a private key is loaded. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-13 18:01:56 +01:00
Pol Henarejos
2a3b9b7474 Fix wrapping points. 
Now it uses mbedtls_ecp_point_write_binary() for better control.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-13 18:01:20 +01:00
Pol Henarejos
4e73723747 Fix checking key domain set. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-10 15:59:52 +01:00
Pol Henarejos
11e5338736 Check if key domain is not already initialized when initializing. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-09 20:09:32 +01:00
Pol Henarejos
3660120b11 Before wrapping, check if DKEK is properly configured. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-09 20:09:03 +01:00
Pol Henarejos
bee6a7bb92 Return error if a non-initialized key domain is deleted. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-09 18:27:47 +01:00
Pol Henarejos
ed674b379c Zeroize ecdh key. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-08 11:15:02 +01:00
Pol Henarejos
6aa8d37d07 If a key does not belong to any key domain, it cannot be wrapped. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-07 23:45:37 +01:00
Pol Henarejos
963456051e If public point is not found, it is computed automatically. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-07 23:45:10 +01:00
Pol Henarejos
d81b21695f If no key domain is found, 0 is used by default. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-07 23:15:50 +01:00
Pol Henarejos
51e9e6722e Reset puk status on failed authentication. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-07 23:14:55 +01:00
Pol Henarejos
ee73c6e781 Code style 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-07 17:28:23 +01:00
Pol Henarejos
2f63966c60 Fix checking status of PUK. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-07 15:55:59 +01:00
Pol Henarejos
e624f9ff72 Fix checking if PKU is enabled. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-07 11:15:07 +01:00
Pol Henarejos
fb4ff9424e Call reset puk store on init. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-07 11:14:42 +01:00
Pol Henarejos
63b245b858 Fix initialize with PUK store memory. 
Now it is cleared.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-07 11:14:13 +01:00
Pol Henarejos
3c160f69c0 Add DV cert to PUK store. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-06 00:40:31 +01:00
Pol Henarejos
d2d038f14d Upgrade to version 3.4 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-04 14:35:33 +01:00
Pol Henarejos
fa60ed5049 Update code style. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-04 14:05:51 +01:00
Pol Henarejos
20c01eb08d Fix name of x963 function. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-02-17 23:54:06 +01:00
Pol Henarejos
420e55901c Fix HMAC computation. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-02-17 22:43:09 +01:00
Pol Henarejos
7b62ca5327 Upgrade to mbedtls v3.3.0 2023-02-16 23:33:13 +01:00
Pol Henarejos
9279773073 Removed printf 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-02-15 19:46:42 +01:00
Pol Henarejos
cd6e280f4f Switching to new style. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-02-15 00:10:35 +01:00
Pol Henarejos
daaa5bf402 Harmonize coding style. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-02-14 23:13:46 +01:00
Pol Henarejos
43a49d2a14 Return reference not found when deleting a key domain. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-02-14 18:51:30 +01:00
Pol Henarejos
3b9c2d159b Fix returning existing key domain. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-02-14 18:47:43 +01:00
Pol Henarejos
14c7852143 Fix returning shared secret. 
I do not know why a 0x04 was prepended.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-02-14 11:28:27 +01:00
Pol Henarejos
0685be5f1e EE_CERTIFICATE is added when importing key. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-02-13 23:53:41 +01:00
Pol Henarejos
af16be64a2 Adding checks on ec import. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-02-13 23:30:27 +01:00
Pol Henarejos
68071825c2 Fix EC public key computation when importing. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-02-13 23:24:04 +01:00
Pol Henarejos
fbabb81acd Fix asymmetric decrypt for OAEP. It only supports SHA256. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-02-12 21:53:47 +01:00
Pol Henarejos
35c42bccb4 List PRKD if exist. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-01-30 01:25:25 +01:00
Pol Henarejos
8976dc1f79 Added support for RSA-PKCSv15-SHA224, SHA384 and SHA512. Also added support for RSA-PSS-SHA224, SHA384 and SHA512. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-01-17 00:41:46 +01:00
Pol Henarejos
9d47e62041 Fix signature for secp521r1. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-01-17 00:05:46 +01:00
Pol Henarejos
0daddfd477 Fix ECDSA-SHA384 and ECDSA-SHA512. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-01-17 00:05:31 +01:00
Pol Henarejos
89d617110f Add asn1_build_prkd_rsa() 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-01-16 18:54:28 +01:00
Pol Henarejos
17941397e9 Fix exporting large ECC key. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-01-16 18:54:20 +01:00
Pol Henarejos
5419ff74ee Using file_has_data() to check contents. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-01-13 18:07:50 +01:00
Pol Henarejos
723011078c Using file_has_data() instead of data directly. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-01-12 20:06:31 +01:00
Pol Henarejos
fe7c0333ab Some emulation fixes. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-01-12 20:06:11 +01:00
Pol Henarejos
c01940b62b Fix accessing way to data. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-01-12 20:05:59 +01:00
Pol Henarejos
7195a8f3ec Fix headers in emulation mode. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-01-12 20:05:46 +01:00
Pol Henarejos
7764de4e10 Unused headers. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-01-12 20:05:16 +01:00
Pol Henarejos
e05c526b4d Fix printf format. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-01-12 20:04:55 +01:00
Pol Henarejos
bc20f98b44 In emulation, return always 1mb of memory. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-01-12 20:04:44 +01:00
Pol Henarejos
742c3f3e3c RTC command is not available in emulation. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-01-12 20:04:23 +01:00
Pol Henarejos
9793977ffc Fixed double counter increment. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-01-12 20:04:05 +01:00