dearsky/pico-hsm
1
0
Fork 0
Code Issues 17 Pull Requests 4 Actions Packages Projects Releases 26 Wiki Activity
969 Commits 2 Branches 32 Tags
ad18577e98595c87c11308ffecce2dc0c624850f
Commit Graph

426 Commits

Author SHA1 Message Date
Pol Henarejos
ad18577e98 Merge branch 'master' into development-eddsa 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-08-14 13:34:40 +02:00
Pol Henarejos
0c2e728c35 Add EF.DIR list aid. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-06-28 22:59:52 +02:00
Pol Henarejos
5630043a4d Fix binary read permission. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-06-28 22:59:16 +02:00
Pol Henarejos
c1a47ed023 Fix EF.DIR selection. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-06-28 22:05:10 +02:00
Pol Henarejos
fd12758551 Upgrade to version 4.0 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-06-24 19:44:58 +02:00
Pol Henarejos
d708158fea Fix key unwrap with latest OpenSC. Fixes #41. 
SC-HSM driver in OpenSC has changed the procedure for unwraping. It stores the wrap into a temporary file (0x2F10) and then it calls unwrap cmd.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-06-23 01:17:01 +02:00
Pol Henarejos
dc979194fa Fix crash in mbedtls 3.6 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-06-23 01:00:14 +02:00
Pol Henarejos
9a7be98e6e Settings proper phy options 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-06-21 22:08:36 +02:00
Pol Henarejos
c4a08aff0f Upgrade to Mbedtls 3.6 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-06-21 21:29:32 +02:00
Pol Henarejos
223fc117dd Enable patch only for RPI 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-06-21 21:15:29 +02:00
Pol Henarejos
d1fb4d0c65 Merge branch 'master' into development 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-06-21 21:14:43 +02:00
Pol Henarejos
47acef71c8 Only when not emulation. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-06-21 21:11:18 +02:00
al heisner
99c777c780 Fix for multiples of 64 bytes on cmd_list_keys 2024-06-21 11:35:05 -05:00
Pol Henarejos
79f76a176d Fix time.h header. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-06-19 23:36:41 +02:00
Pol Henarejos
f20fdc9bda Add missing header. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-06-19 22:42:19 +02:00
Pol Henarejos
b4671c2ecb Merge branch 'esp32' into development 2024-06-19 22:03:47 +02:00
Pol Henarejos
54cdbfc22c Add PHY OPTS. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-06-19 22:01:15 +02:00
fastchain
87ffd21543 Update cmd_extras.c 
This security fix ensures that the extra settings, cannot be silently disabled, if button control enabled. So the button control setting cannot be silently (without button push) disabled, even if the user's PC is fully compromised.
 2024-06-13 16:09:54 +09:00
Pol Henarejos
7cb0bbf982 Merge branch 'development' into esp32 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-06-03 13:06:39 +02:00
Pol Henarejos
218660e694 Only allow change PHY without PIN. PIN is required for other extra options. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-04-22 23:47:08 +02:00
Pol Henarejos
8e8192362c Use macros for referring system fids. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-04-17 19:43:10 +02:00
Pol Henarejos
25c93c279f Fix potential crash on loading dkek. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-04-17 19:42:47 +02:00
Pol Henarejos
001d076fdf Better check for XKEK content. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-04-17 19:42:23 +02:00
Pol Henarejos
35d5d5e94e Use search_file() method. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-04-17 19:19:45 +02:00
Pol Henarejos
b034303193 Use new methods search_file() and file_put_data(). 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-04-17 16:36:34 +02:00
Pol Henarejos
fdc41e5856 Add support for PHY command to store and change VIDPID and LED no. dynamically on reboot. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-04-17 11:50:44 +02:00
Pol Henarejos
5d0dc210da Use external unique ID. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-04-17 11:48:23 +02:00
Pol Henarejos
a674410826 Remove carriage return \r for better debug. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-04-17 11:46:34 +02:00
Pol Henarejos
aeeb540a2f Add support for PHY command to store and change VIDPID and LED no. dynamically on reboot. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-04-16 23:22:49 +02:00
Pol Henarejos
842919a26b Use external unique ID. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-04-15 23:45:30 +02:00
Pol Henarejos
d8c7fb0856 Remove carriage return \r for better debug. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-04-10 18:16:38 +02:00
Pol Henarejos
d6456b4dde First attempt to add support to ESP32. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-04-08 19:41:39 +02:00
Pol Henarejos
c3b66773e8 Use new asn1 structs. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-03-13 18:11:28 +01:00
Pol Henarejos
9fad920c3b Fix Windows emulation build. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-09 11:43:46 +01:00
Pol Henarejos
2034e436d1 Fix CVC outer signature length. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-08 10:59:34 +01:00
Pol Henarejos
2b92d89ab7 Fix size_t casting. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-02 19:56:38 +01:00
Pol Henarejos
a1d7733b95 Fix key exchange. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-02 02:44:59 +01:00
Pol Henarejos
4f4e6e09a2 Fix size var load. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-02 02:31:38 +01:00
Pol Henarejos
481cd5fd69 Some fixes for emulation. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-01 20:58:40 +01:00
Pol Henarejos
d9a8826a32 Stupid bug integer overflow. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-01 02:01:22 +01:00
Pol Henarejos
d82affa880 Added support for building emulation in Windows. 
It has not been tested but it should not break any linux build.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-01 01:55:49 +01:00
Pol Henarejos
74afa07512 Do not make a PRKD on key unwrap since it is already done when storing. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-13 15:33:52 +01:00
Pol Henarejos
e96e1d0097 When a key is generated and stored, it creates its PRKD. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-13 15:33:27 +01:00
Pol Henarejos
58692b2711 Fix PRKD cert on key unwrap. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-13 14:14:10 +01:00
Pol Henarejos
fb5be153ed Fix merge. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-06 23:51:15 +01:00
Pol Henarejos
ba562da00e Merge branch 'development' into development-eddsa 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-06 23:11:08 +01:00
Pol Henarejos
98e9b72b42 Upgrade version to 3.6. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-06 17:26:43 +01:00
Pol Henarejos
88ff27f354 Fix mbedTLS 3.5 build. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-06 17:01:27 +01:00
Pol Henarejos
ed2925cfb6 Use new Pico Keys SDK. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-06 14:25:42 +01:00
Pol Henarejos
6b1eeb4004 Fix DKEK import when no logged. 
DKEK shall accept import even if it is not logged in. However, to store the DKEK, the PIN is used for MKEK, which is not available if it is nog logged in. I added a queueing system to store a pending DKEK after login.

Therefore, to import a DKEK, the user must import it AND call VERIFY command if it is not already logged in.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-10-12 17:42:31 +02:00