pico-hsm

Author	SHA1	Message	Date
Pol Henarejos	d6456b4dde	First attempt to add support to ESP32. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2024-04-08 19:41:39 +02:00
Pol Henarejos	d82affa880	Added support for building emulation in Windows. It has not been tested but it should not break any linux build. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2024-01-01 01:55:49 +01:00
Pol Henarejos	ed2925cfb6	Use new Pico Keys SDK. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-11-06 14:25:42 +01:00
Pol Henarejos	ee3ee21e40	Added support for signatures based on HD BIP/SLIP. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-05-26 18:07:06 +02:00
Pol Henarejos	daaa5bf402	Harmonize coding style. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-02-14 23:13:46 +01:00
Pol Henarejos	7195a8f3ec	Fix headers in emulation mode. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-01-12 20:05:46 +01:00
Pol Henarejos	a7682d2639	Adding Extended Cipher feature. With this new subcommand, Pico HSM will support newer cipher algorithms. ChaCha20-Poly1305 is the first. It will be based on a custom P2 subcommand to support an arbitrary structure with multiple parameters (AAD, IV, etc.) pico-hsm-tool.py shall be used. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-11-07 21:37:11 +01:00
Pol Henarejos	00279da8d5	Adding Secure Lock to lock the device with a random 256 bit key. This is an extra layer of security to avoid brute force attacks if PIN is too weak. At every hard reset (on device plug), the device must be unlocked prior any other command. Once unlocked, the device can be used as usual. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-10-31 15:09:54 +01:00
Pol Henarejos	62c72c48a5	Moving to new pico-hsm-sdk.	2022-08-30 17:55:42 +02:00
Pol Henarejos	aebb68724a	Removing trailing spaces. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-08-19 01:44:27 +02:00
Pol Henarejos	e6f082d512	Splitting cmd_xxx() functions in separate files. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-08-13 14:59:27 +02:00
Pol Henarejos	36b1bf9875	Added ECDH algorithms for XKEK and AUT. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-08-10 23:28:44 +02:00
Pol Henarejos	d1f0f45525	Added support for native PKCS1.5 and OEP decryption. It is not tested, as it is not supported by pkcs11 modules. For instance, OpenSSL implements OEP in local side, calling a RAW decryption on the device. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-06-14 17:00:23 +02:00
Pol Henarejos	a45303d9e6	Added support for specific purposes. Added support for SHA512 operations. Keys can only be used for the specific purpose provided during the keypair generation. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-06-14 16:12:04 +02:00
Pol Henarejos	40efcd71c3	Added device option KEY_COUNTER_ALL. When it is set, it enables the key usage counter for all keys when generated. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-06-03 20:10:53 +02:00
Pol Henarejos	d0098015fe	Removing OpenSC dependency. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-05-31 19:26:00 +02:00
Pol Henarejos	302f287967	Moving EAC and crypto to core. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-19 19:16:29 +02:00
Pol Henarejos	522860f736	Splitting the core onto another repo, which can be reused by other smart applications. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-19 18:39:52 +02:00
Pol Henarejos	b68920ff45	Added walker function for TLV parsing. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-13 16:55:34 +02:00
Pol Henarejos	c3a93a46ba	Adding unwrap(), to decrypt and verify secure APDU. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-10 20:23:36 +02:00
Pol Henarejos	b545a1618b	Added Manage Security Environment command. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-09 20:50:00 +02:00
Pol Henarejos	dec3d54ddd	Adding more SW codes. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-09 20:29:13 +02:00
Pol Henarejos	c16a7a3c5c	Added dynamic option to enable/disable press to confirm. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-06 15:14:23 +02:00
Pol Henarejos	c9b32ab5d0	Fix return pin blocked sw code. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-31 18:59:54 +02:00
Pol Henarejos	d018e3b9b9	Adding RSA and EC wrap/unwrap, compatible with SC HSM wrap format. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-30 00:59:37 +02:00
Pol Henarejos	1c272842a7	Adding dkek_decode_key for unwrapping. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-29 20:18:08 +02:00
Pol Henarejos	5eb74d8ca3	Adding encode_key with dkek (for wrapping). Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-29 13:45:07 +02:00
Pol Henarejos	2535d0e537	Adding generic aes encryption/decryption. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-28 17:37:53 +02:00
Pol Henarejos	69a406832d	Adding hsm initializing options Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-28 01:37:36 +02:00
Pol Henarejos	a01bd39f21	Adding license headers. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-25 12:08:48 +01:00
Pol Henarejos	37c3028b1c	Adding code for AES derive Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-16 12:02:09 +01:00
Pol Henarejos	7988083d6b	Reorganization of file structure. At this moment I disabled openpgp/gnuk due to missing deep tests. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-07 23:37:10 +01:00

32 Commits