pico-hsm

Author	SHA1	Message	Date
Pol Henarejos	72eb5a2a69	Enable OTP to store a permanent secret key. It can be used by HSM or Fido to protect the keys and use it as MKEK.	2024-09-11 23:16:23 +02:00
Pol Henarejos	7cb0bbf982	Merge branch 'development' into esp32 Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2024-06-03 13:06:39 +02:00
Pol Henarejos	25c93c279f	Fix potential crash on loading dkek. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2024-04-17 19:42:47 +02:00
Pol Henarejos	35d5d5e94e	Use search_file() method. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2024-04-17 19:19:45 +02:00
Pol Henarejos	b034303193	Use new methods search_file() and file_put_data(). Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2024-04-17 16:36:34 +02:00
Pol Henarejos	d6456b4dde	First attempt to add support to ESP32. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2024-04-08 19:41:39 +02:00
Pol Henarejos	2b92d89ab7	Fix size_t casting. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2024-01-02 19:56:38 +01:00
Pol Henarejos	d9a8826a32	Stupid bug integer overflow. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2024-01-01 02:01:22 +01:00
Pol Henarejos	d82affa880	Added support for building emulation in Windows. It has not been tested but it should not break any linux build. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2024-01-01 01:55:49 +01:00
Pol Henarejos	ed2925cfb6	Use new Pico Keys SDK. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-11-06 14:25:42 +01:00
Pol Henarejos	6b1eeb4004	Fix DKEK import when no logged. DKEK shall accept import even if it is not logged in. However, to store the DKEK, the PIN is used for MKEK, which is not available if it is nog logged in. I added a queueing system to store a pending DKEK after login. Therefore, to import a DKEK, the user must import it AND call VERIFY command if it is not already logged in. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-10-12 17:42:31 +02:00
Pol Henarejos	0990805fb6	More code style. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-03-20 20:08:29 +01:00
Pol Henarejos	1c7bc18161	Added support for AES 512 bit key size. AES XTS uses two keys. Therefore, XTS with 2 AES 256 implies 64 bytes key length. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-03-19 20:22:40 +01:00
Pol Henarejos	2a3b9b7474	Fix wrapping points. Now it uses mbedtls_ecp_point_write_binary() for better control. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-03-13 18:01:20 +01:00
Pol Henarejos	963456051e	If public point is not found, it is computed automatically. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-03-07 23:45:10 +01:00
Pol Henarejos	cd6e280f4f	Switching to new style. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-02-15 00:10:35 +01:00
Pol Henarejos	daaa5bf402	Harmonize coding style. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-02-14 23:13:46 +01:00
Pol Henarejos	af16be64a2	Adding checks on ec import. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-02-13 23:30:27 +01:00
Pol Henarejos	68071825c2	Fix EC public key computation when importing. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-02-13 23:24:04 +01:00
Pol Henarejos	c01940b62b	Fix accessing way to data. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-01-12 20:05:59 +01:00
Pol Henarejos	00279da8d5	Adding Secure Lock to lock the device with a random 256 bit key. This is an extra layer of security to avoid brute force attacks if PIN is too weak. At every hard reset (on device plug), the device must be unlocked prior any other command. Once unlocked, the device can be used as usual. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-10-31 15:09:54 +01:00
Pol Henarejos	b9ec473aaa	Fix critical bug saving SO-PIN securely. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-10-10 00:27:46 +02:00
Pol Henarejos	aebb68724a	Removing trailing spaces. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-08-19 01:44:27 +02:00
Pol Henarejos	87feed1222	Renaming KEK files. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-08-13 13:47:43 +02:00

24 Commits