pico-hsm

Author	SHA1	Message	Date
Pol Henarejos	e36c80761e	Fix login session persistence. It is handled when the card reader disconnects, instead of when applet is selected (only the first time). Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-06 01:50:34 +01:00
Pol Henarejos	bf2624cd88	AES keys are DKEK encrypted in flash. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-06 01:40:30 +01:00
Pol Henarejos	8c1977783e	Fix AES initialization context. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-06 01:30:39 +01:00
Pol Henarejos	7306a9765e	Fix AES key generation for other 128 and 192 bits. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-06 01:29:39 +01:00
Pol Henarejos	5e377cccaf	Added AES encryption/decryption. However, I could not find any interface (neither opensc nor sc-hsm-embedded). Needs further testing. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-06 01:28:29 +01:00
Pol Henarejos	37957dd8fd	Adding asymmetric decryption. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-06 00:09:01 +01:00
Pol Henarejos	ba3fa745a1	Moving load private key methods. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-05 00:31:55 +01:00
Pol Henarejos	982ca07096	Keys are decrypted when are used for signature. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-05 00:09:36 +01:00
Pol Henarejos	6cd575ea51	Added key unwrap support. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-04 23:30:56 +01:00
Pol Henarejos	a29b01cdd8	Adding key wrap support. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-04 23:23:15 +01:00
Pol Henarejos	64cf9097e3	Fix saving imported DKEK. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-04 23:10:58 +01:00
Pol Henarejos	f022c3235d	Fix when initialize with 0 dkek shares. DKEK is automatically generated and saved. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-04 23:10:15 +01:00
Pol Henarejos	010c8018ea	DKEK is reencrypted with the new pin if changed. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-04 23:08:15 +01:00
Pol Henarejos	78bad89415	Private and secret keys are now stored encrypted with DKEK. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-04 23:00:59 +01:00
Pol Henarejos	dcabd78ddb	Cleaning debug. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-04 23:00:24 +01:00
Pol Henarejos	59833d08eb	Adding support for generating more than 32 bytes at a time. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-04 10:46:10 +01:00
Pol Henarejos	41f0b53dd5	Fix listing private keys and X509 certificates. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-03 17:56:22 +01:00
Pol Henarejos	ab6a081fdf	Better debugging. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-03 00:00:29 +01:00
Pol Henarejos	70e153e11d	Fix RSA RAW signature. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-03 00:00:14 +01:00
Pol Henarejos	2f4fb3507b	Fix ECDSA signature computation. Now it works. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-01 23:37:53 +01:00
Pol Henarejos	9202c4db66	Added ECDSA signature. Added RSA cleanups. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-01 01:15:55 +01:00
Pol Henarejos	486c4eb449	Added RSA signature (not tested). Still missing ECDSA signature. Trying to figure out what is ECDSA RAW. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-01 00:55:01 +01:00
Pol Henarejos	ff06414247	Adding signature computation (unfinished) Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-28 09:43:09 +01:00
Pol Henarejos	553bd793b9	RP 2040 does not have PIN support (i.e., pin pad support). Thus, we disable it to enable openssl pkcs11 engine interaction. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-27 20:58:04 +01:00
Pol Henarejos	8d6acb8162	Updating ATR. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-27 20:57:24 +01:00
Pol Henarejos	44b3792166	Fix with reading dynamic files. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-27 20:56:45 +01:00
Pol Henarejos	1918a5769c	Adding symmetric key generation (AES CBC) Fix file search and discovery. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-25 17:04:31 +01:00
Pol Henarejos	36cd26acd3	More candy debug. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-25 17:03:28 +01:00
Pol Henarejos	6777221e48	Allow for null data write to allocate physical space. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-25 17:03:05 +01:00
Pol Henarejos	857aaf2679	Fix ACL when creating new file. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-24 22:38:15 +01:00
Pol Henarejos	a94c74e508	Added PIN change. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-24 22:07:52 +01:00
Pol Henarejos	4cdb2f93e5	Fix reset pin. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-24 20:37:50 +01:00
Pol Henarejos	8657758cf2	Adding acl and pin checks. If pin is blocked, is always blocked despite correct login. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-24 20:00:37 +01:00
Pol Henarejos	fce1a30f56	Fix deleting key. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-24 19:04:06 +01:00
Pol Henarejos	a4ef5e6d17	Adding delete file command. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-24 16:22:05 +01:00
Pol Henarejos	249de0c5d2	Calling variable token info data generation. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-23 22:17:58 +01:00
Pol Henarejos	a90aac5533	Making files to accept data callbacks (useful for asn1 data). Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-23 22:17:31 +01:00
Pol Henarejos	b874575dab	Moving to static dynamic files. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-23 17:35:53 +01:00
Pol Henarejos	b9bbddd24e	Using separate eps. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-23 17:35:29 +01:00
Pol Henarejos	d6368a221f	Return some SW even if no app is selected. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-23 17:35:02 +01:00
Pol Henarejos	c29f8d6cc5	Migrating to static memory to avoid malloc for new files. Let's see how it works. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-23 12:00:34 +01:00
Pol Henarejos	41b1467ab7	Fix with empty extended length header. Fix buffer overflow when extended length. APDU shall be reset at every APDU beginning. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-23 12:00:04 +01:00
Pol Henarejos	16bd415fb9	Adding sanity checks. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-22 18:26:02 +01:00
Pol Henarejos	173d64dd0e	Finalizing EC key generation and storage. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-22 15:36:32 +01:00
Pol Henarejos	67698eca94	Fixed bug with size of cvc. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-22 14:27:13 +01:00
Pol Henarejos	f97555a8da	Adding ECC storing keygen. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-22 13:22:09 +01:00
Pol Henarejos	a28f217c57	Inner signature of CVC encodes the full certificate body. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-22 00:55:36 +01:00
Pol Henarejos	e1126b5951	In order to announce the public key, the response must be cvc request authenticated. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-22 00:37:02 +01:00
Pol Henarejos	1688ea540e	Fix: FPI containing wrong file length. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-21 16:24:47 +01:00
Pol Henarejos	2a770ee7c9	DKEKS are also initialized. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-21 16:24:32 +01:00

1 2 3

135 Commits