pico-hsm

Author	SHA1	Message	Date
Pol Henarejos	8b0d85fbd4	Fix PRKD generation for AES. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-03-22 22:57:15 +01:00
Pol Henarejos	0f12ff1c48	Added support for PRKD for AES. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-03-22 22:07:34 +01:00
Pol Henarejos	2a5fe1cc6d	Added initialization with self-signed certificate. It will allow the initialization with OpenSC tool (sc-hsm-tool --initialize). However, it will not allow the use of card with SCS3, as it needs a PKI with trust chain. In this case, pico-hsm-tool.py shall be used for initialization. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-03-22 01:04:24 +01:00
Pol Henarejos	1c7bc18161	Added support for AES 512 bit key size. AES XTS uses two keys. Therefore, XTS with 2 AES 256 implies 64 bytes key length. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-03-19 20:22:40 +01:00
Pol Henarejos	cd6e280f4f	Switching to new style. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-02-15 00:10:35 +01:00
Pol Henarejos	daaa5bf402	Harmonize coding style. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-02-14 23:13:46 +01:00
Pol Henarejos	9d47e62041	Fix signature for secp521r1. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-01-17 00:05:46 +01:00
Pol Henarejos	17941397e9	Fix exporting large ECC key. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-01-16 18:54:20 +01:00
Pol Henarejos	8fe2677a56	Fix cofactor return with cvc. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-11-11 17:08:36 +01:00
Pol Henarejos	d09a7cf9c8	If self-signature fails, puts all-0. When generating a keypair and returns a self-signed CVREQ, the signature might fail for Curve25519 and Curve448. Instead of returning null, it puts zeros in order to return what is expected to return. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-11-11 17:04:17 +01:00
Pol Henarejos	ab61b2a2d5	Fix returning public key of koblitz curve secp_k1. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-10-31 00:38:21 +01:00
Pol Henarejos	62c72c48a5	Moving to new pico-hsm-sdk.	2022-08-30 17:55:42 +02:00
Pol Henarejos	2bc40771ca	Fix generating CVC REQ. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-08-23 00:50:06 +02:00
Pol Henarejos	aebb68724a	Removing trailing spaces. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-08-19 01:44:27 +02:00
Pol Henarejos	fec02ca733	Removing cvcerts.h dependency. A python script gets the public key of the device (EF_EE_DEV) and requests to our PKI for a CVC. Once got, it is updated to EF_TERMCA (0x2f02). termca_pk is now on EF_KEY_DEV and termca is on EF_TERMCA (concat with DICA). Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-08-18 18:17:48 +02:00
Pol Henarejos	4e01a78286	Fix OID names. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-08-18 18:17:48 +02:00
Pol Henarejos	ab2e71cc40	By default, all CVC are self-generated (chr=car). Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-08-14 01:16:53 +02:00
Pol Henarejos	69120cc961	Added cvc_get_ext() to find CVC extensions. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-08-13 00:43:35 +02:00
Pol Henarejos	06aaf58f0b	Added extension optional parameter to be included in the CVC body. This field should be a concatenation of tag 73, which should include an OID and a context. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-08-13 00:07:24 +02:00
Pol Henarejos	6bd2e65459	Add function for building PrKD asn1 Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-06-15 15:38:11 +02:00
Pol Henarejos	eb94ed7806	Separated routines for verifying and parsing CV certificates. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-06-10 20:04:48 +02:00
Pol Henarejos	3542062ecd	Added function to write the ASN1 certificate description. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-06-10 16:29:28 +02:00
Pol Henarejos	824c327a2c	Added function to obtain EC params from root CA cert. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-06-10 16:28:55 +02:00
Pol Henarejos	a4d4f9a944	Fix outer CAR value. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-06-09 21:25:17 +02:00
Pol Henarejos	83a583a33f	Fix CVC verification. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-06-09 19:02:22 +02:00
Pol Henarejos	143c2d279b	Added cvc_verify to verify a cvcert with other CA cvcert. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-06-09 14:16:17 +02:00
Pol Henarejos	d96d7a533e	Added procedure for verifying CVC (unfinished). Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-06-08 20:01:23 +02:00
Pol Henarejos	6d8161de73	Added functions to retrieve CAR and CHR from certs. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-06-08 17:34:17 +02:00
Pol Henarejos	2febbe2795	Fix missing comma.	2022-06-01 12:57:42 +02:00
Pol Henarejos	299516f576	Fix set point A. mbedtls does not set point A for some curves.	2022-06-01 11:51:33 +02:00
Pol Henarejos	6edeab6f85	Signatures in CVC are in plain format. Plain format concatenates r\|\|s.	2022-06-01 10:30:20 +02:00
Pol Henarejos	7b79d7ffde	Moving CVC procedures to a separate file.	2022-06-01 09:46:23 +02:00

32 Commits