dearsky/pico-hsm
1
0
Fork 0
Code Issues 17 Pull Requests 4 Actions Packages Projects Releases 26 Wiki Activity
851 Commits 2 Branches 32 Tags
ed2925cfb6c81c47a124f4467cd09945e7e99908
Commit Graph

15 Commits

Author SHA1 Message Date
Pol Henarejos
ed2925cfb6 Use new Pico Keys SDK. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-06 14:25:42 +01:00
Pol Henarejos
6b1eeb4004 Fix DKEK import when no logged. 
DKEK shall accept import even if it is not logged in. However, to store the DKEK, the PIN is used for MKEK, which is not available if it is nog logged in. I added a queueing system to store a pending DKEK after login.

Therefore, to import a DKEK, the user must import it AND call VERIFY command if it is not already logged in.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-10-12 17:42:31 +02:00
Pol Henarejos
0990805fb6 More code style. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-20 20:08:29 +01:00
Pol Henarejos
1c7bc18161 Added support for AES 512 bit key size. 
AES XTS uses two keys. Therefore, XTS with 2 AES 256 implies 64 bytes key length.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-19 20:22:40 +01:00
Pol Henarejos
2a3b9b7474 Fix wrapping points. 
Now it uses mbedtls_ecp_point_write_binary() for better control.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-13 18:01:20 +01:00
Pol Henarejos
963456051e If public point is not found, it is computed automatically. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-07 23:45:10 +01:00
Pol Henarejos
cd6e280f4f Switching to new style. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-02-15 00:10:35 +01:00
Pol Henarejos
daaa5bf402 Harmonize coding style. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-02-14 23:13:46 +01:00
Pol Henarejos
af16be64a2 Adding checks on ec import. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-02-13 23:30:27 +01:00
Pol Henarejos
68071825c2 Fix EC public key computation when importing. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-02-13 23:24:04 +01:00
Pol Henarejos
c01940b62b Fix accessing way to data. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-01-12 20:05:59 +01:00
Pol Henarejos
00279da8d5 Adding Secure Lock to lock the device with a random 256 bit key. 
This is an extra layer of security to avoid brute force attacks if PIN is too weak.
At every hard reset (on device plug), the device must be unlocked prior any other command. Once unlocked, the device can be used as usual.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-10-31 15:09:54 +01:00
Pol Henarejos
b9ec473aaa Fix critical bug saving SO-PIN securely. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-10-10 00:27:46 +02:00
Pol Henarejos
aebb68724a Removing trailing spaces. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-08-19 01:44:27 +02:00
Pol Henarejos
87feed1222 Renaming KEK files. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-08-13 13:47:43 +02:00