dearsky/pico-hsm
1
0
Fork 0
Code Issues 17 Pull Requests 4 Actions Packages Projects Releases 26 Wiki Activity
440 Commits 2 Branches 32 Tags
efc1b4a4ae17c7b1cdace231beef9502cfd283f5
Commit Graph

192 Commits

Author SHA1 Message Date
Pol Henarejos
2535d0e537 Adding generic aes encryption/decryption. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-28 17:37:53 +02:00
Pol Henarejos
6fe7d7991b Len of CMAC is always 16. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-28 17:37:24 +02:00
Pol Henarejos
d061958f90 Moving hash to other file. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-28 16:02:28 +02:00
Pol Henarejos
69a406832d Adding hsm initializing options 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-28 01:37:36 +02:00
Pol Henarejos
cd4ceb0a61 Fix returning current dkeks when the device is initialized without dkeks. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-28 01:37:19 +02:00
Pol Henarejos
450ec5dec1 Also list PRKD files. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-27 20:47:11 +02:00
Pol Henarejos
c7abd1a067 Adding DKEK report 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-27 20:27:10 +02:00
Pol Henarejos
c6d87756ab Adding SOPIN verification. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-27 19:00:21 +02:00
Pol Henarejos
0916489388 Initialization now returns free memory if no parameters are given. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-27 18:53:41 +02:00
Pol Henarejos
b1e83c92e9 Adding cvcerts and dica 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-27 18:15:16 +02:00
Pol Henarejos
d01e06aa11 2F02 returns terminal's cvcert and DICA. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-27 18:15:06 +02:00
Pol Henarejos
464107b13f Adding tag 85 for FCP when selecting applet 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-27 12:26:36 +02:00
Pol Henarejos
e4ed917c1c Updating to v1.6 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-27 12:26:35 +02:00
Pol Henarejos
ade3e6d2fb Added sanity check for some boards without led. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-27 12:26:35 +02:00
Pol Henarejos
74127a038f Changing label name. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-25 12:09:32 +01:00
Pol Henarejos
a01bd39f21 Adding license headers. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-25 12:08:48 +01:00
Pol Henarejos
c2a474df98 Fix an overflow in EC key derivation. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-24 20:42:43 +01:00
Pol Henarejos
483dc5e953 - Fixed a random bug when generating EC keys. 
- Removed cvc_req. Now it is encapsulated from the previous existing cvc.
- All tests passed (sc-hsm-pkcs11-test invasive)

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-24 00:34:29 +01:00
Pol Henarejos
f490f073b0 When updating an EF, if it does not exist, we create it. 
Added support for CA and CD certificates update.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-21 16:04:40 +01:00
Pol Henarejos
2eab8eba09 Added asymmetric key derivation. Only for EC. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-21 15:37:34 +01:00
Pol Henarejos
783c901567 Replaced EC load private key with read_key, which performs sanity checks. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-21 14:25:00 +01:00
Pol Henarejos
90d1fa0f9b If modulusSize is used, the test will fail as it is an unexpected field. It does not seems necessary. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-21 11:37:05 +01:00
Pol Henarejos
96b791b3b9 - Fixed bug where PublicKD was saved in EE_CERTIFICATE_PREFIX. We save there the CSR instead in CVC format. 
- We put the CHR and CAR into the CSR if provided during the keypair generation.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-21 11:31:24 +01:00
Pol Henarejos
78d71a6d9c Upgrading to version 1.4. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-21 00:55:50 +01:00
Pol Henarejos
0a2740fbab Added AES derive support based on HKDF. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-21 00:54:59 +01:00
Pol Henarejos
ae1e2ac111 Fix storing public key description when generating a new keypair. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-19 19:11:09 +01:00
Pol Henarejos
d87073f4cc Auth status should not be removed when apple is reselected. Auth status is removed when the reader disconnects the card (unloads it). 
With this fix, it is possible to login first and send immediate low level APDU command that requires authentification (such as login+CMAC).

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-17 23:37:02 +01:00
Pol Henarejos
36a8f78313 Added support for AES-CMAC. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-17 23:35:07 +01:00
Pol Henarejos
ab1490a50b Added ECDH key derivation. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-17 00:28:16 +01:00
Pol Henarejos
23f53a6095 Added some free on bad return. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-16 23:40:09 +01:00
Pol Henarejos
920cf3a1c5 Upgrading to v1.2 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-16 23:31:17 +01:00
Pol Henarejos
8988d1cf15 Fix support for ECDSA and ECDSA-SHAx signatures. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-16 18:20:17 +01:00
Pol Henarejos
591b02804e Fix for HASH PSS and HASH PKCS. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-16 12:02:49 +01:00
Pol Henarejos
37c3028b1c Adding code for AES derive 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-16 12:02:09 +01:00
Pol Henarejos
73bc2ede6b Fixed a bug with RSA-PKCS-PSS. Surprisingly, PKCS_V21 signature takes in place (input buffer = output buffer) and, for a strange reason, it does not work for res_APDU. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-16 00:27:07 +01:00
Pol Henarejos
1c6fb98350 Logout user when applet selected. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-10 00:48:47 +01:00
Pol Henarejos
f1c0b12f5c Increasing random buffer and checks. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-10 00:13:13 +01:00
Pol Henarejos
213b675b9f Fix returned error code for wrong pin. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-10 00:09:35 +01:00
Pol Henarejos
b701f639ac Increasing CCID buffer. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-10 00:08:22 +01:00
Pol Henarejos
4a0144ed2a Adding version header to show in lsusb command (bcdDevice) and major version in pkcs15-tool -D. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-08 18:43:30 +01:00
Pol Henarejos
9be78aade6 Changing project name. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-08 00:37:27 +01:00
Pol Henarejos
7988083d6b Reorganization of file structure. 
At this moment I disabled openpgp/gnuk due to missing deep tests.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-03-07 23:37:10 +01:00