dearsky/pico-hsm
1
0
Fork 0
Code Issues 17 Pull Requests 4 Actions Packages Projects Releases 26 Wiki Activity
889 Commits 2 Branches 32 Tags
c3b66773e8f82d3f5667771bb725fe98170df01c
Commit Graph

889 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Pol Henarejos
c3b66773e8 Use new asn1 structs. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-03-13 18:11:28 +01:00
Pol Henarejos
3ca23b932c Fix Windows emulation build. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-09 11:43:59 +01:00
Pol Henarejos
9fad920c3b Fix Windows emulation build. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-09 11:43:46 +01:00
Pol Henarejos
38bef5b43f Fix error message 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-09 11:26:26 +01:00
Pol Henarejos
2034e436d1 Fix CVC outer signature length. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-08 10:59:34 +01:00
Pol Henarejos
215221b30e Let's add pico and local CodeQL modes. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-02 20:51:08 +01:00
Pol Henarejos
de4d95beb8 Fix Pico build. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-02 20:43:24 +01:00
Pol Henarejos
963b6f4f87 Fix CodeQL build. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-02 20:36:54 +01:00
Pol Henarejos
fa9b244c42 Fix LE computation in a wrapped APDU. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-02 19:57:52 +01:00
Pol Henarejos
2b92d89ab7 Fix size_t casting. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-02 19:56:38 +01:00
Pol Henarejos
a1d7733b95 Fix key exchange. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-02 02:44:59 +01:00
Pol Henarejos
39f1041dbb Fix byte overwrite for long chained RAPDU. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-02 02:36:21 +01:00
Pol Henarejos
2e4fc568db Fix new return format for import_kek. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-02 02:36:09 +01:00
Pol Henarejos
4f4e6e09a2 Fix size var load. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-02 02:31:38 +01:00
Pol Henarejos
08c0aaee6f Fix SM wrap for large RAPDU. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-02 01:03:57 +01:00
Pol Henarejos
de98e79c99 Try to fix CodeQL build. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-01 21:09:42 +01:00
Pol Henarejos
481cd5fd69 Some fixes for emulation. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-01 20:58:40 +01:00
Pol Henarejos
d9a8826a32 Stupid bug integer overflow. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-01 02:01:22 +01:00
Pol Henarejos
d82affa880 Added support for building emulation in Windows. 
It has not been tested but it should not break any linux build.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-01 01:55:49 +01:00
Pol Henarejos
ab31a6615c Fix ATR overwrite. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-12-29 19:07:28 +01:00
Pol Henarejos
677cceb130 Update to latest PicoHSM. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-12-29 19:07:20 +01:00
Pol Henarejos
29967c067a Add -DVIDPID=<VALUE> to build a project with a known VID/PID. Supported values: NitroHSM, NitroFIDO2, NitroStart, NitroPro, Nitro3, Yubikey5, YubikeyNeo, YubiHSM, Gnuk, GnuPG 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-12-11 18:14:04 +01:00
Pol Henarejos
2974aa234a Added required for subparsers. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-13 16:59:15 +01:00
Pol Henarejos
d90b296237 Added keygen command to generate AES, X25519 and X448 keys. 
It replaces x25519/x448 commands and cipher keygen subcommand.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-13 16:57:11 +01:00
Pol Henarejos
e98b26fee5 Flush stderr. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-13 15:34:33 +01:00
Pol Henarejos
2086a68c53 Key id not needed on keygen. 
It also returns the fresh new generated key id.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-13 15:34:21 +01:00
Pol Henarejos
74afa07512 Do not make a PRKD on key unwrap since it is already done when storing. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-13 15:33:52 +01:00
Pol Henarejos
e96e1d0097 When a key is generated and stored, it creates its PRKD. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-13 15:33:27 +01:00
Pol Henarejos
4d47f0224e Fix emulation in apple. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-13 14:26:46 +01:00
Pol Henarejos
58692b2711 Fix PRKD cert on key unwrap. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-13 14:14:10 +01:00
Pol Henarejos
a5ab1cabc5 Add support for AES-ECB, AES-CBC with custom IV, AES-OFB, AES-CFB, AES-GCM, AES-CCM, AES-CTR and AES-XTS. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-11 21:19:31 +01:00
Pol Henarejos
1c7cdc8564 Added support for CMAC. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-11 20:28:13 +01:00
Pol Henarejos
d74b3418bc Fix typo 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-11 20:13:38 +01:00
Pol Henarejos
98e9b72b42 Upgrade version to 3.6. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
v3.6 		2023-11-06 17:26:43 +01:00
Pol Henarejos
1b0d23cf24 Add two new boards. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-06 17:26:24 +01:00
Pol Henarejos
3ccff7881f Upgrade to Pico Keys SDK 5. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-06 17:25:04 +01:00
Pol Henarejos
a3bf2e9e14 If no key is found, generate a new one. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-06 17:10:19 +01:00
Pol Henarejos
88ff27f354 Fix mbedTLS 3.5 build. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-06 17:01:27 +01:00
Pol Henarejos
ed2925cfb6 Use new Pico Keys SDK. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-06 14:25:42 +01:00
Pol Henarejos
cc19f8f061 Use new pico-keys-sdk submodule. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-06 14:20:39 +01:00
Pol Henarejos
b6831a4650 Rename pico-hsm-sdk submodule to new name. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-06 14:20:19 +01:00
Pol Henarejos
652a0f0d21 Fix managing spaces. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-10-12 21:04:02 +02:00
Pol Henarejos
9dbf4b3172 Removing pkcs11-tool test for EC. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-10-12 19:03:37 +02:00
Pol Henarejos
76522829ef User must log in after DKEK import. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-10-12 17:42:49 +02:00
Pol Henarejos
6b1eeb4004 Fix DKEK import when no logged. 
DKEK shall accept import even if it is not logged in. However, to store the DKEK, the PIN is used for MKEK, which is not available if it is nog logged in. I added a queueing system to store a pending DKEK after login.

Therefore, to import a DKEK, the user must import it AND call VERIFY command if it is not already logged in.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-10-12 17:42:31 +02:00
Pol Henarejos
2693ab4926 Fix applet selection. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-10-12 17:40:56 +02:00
Pol Henarejos
5d21e39aa6 Fix deleting key domain. 
It only checks if contains keys and no other files.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-10-12 17:40:20 +02:00
Pol Henarejos
1bf0d6337b Added backup and restore tests (pkcs11 wrap/unwrap). 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-10-11 21:12:06 +02:00
Pol Henarejos
1950b03d35 Add more pkcs11-tool tests. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-10-11 21:11:41 +02:00
Pol Henarejos
4be258f4c7 Fix applet loading. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-10-11 21:04:53 +02:00