pico-hsm

Author	SHA1	Message	Date
Pol Henarejos	00e8596a0e	Adding asn1_find_tag() for searching for a tag in a asn1 string.	2022-05-30 23:31:17 +02:00
Pol Henarejos	39ab429c88	Adding key domain to key generation, wrap, unwrap, export and import. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-05-30 16:13:51 +02:00
Pol Henarejos	4fa8d4ba64	Fix warnings Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-05-27 20:58:45 +02:00
Pol Henarejos	1ac4402f99	res_APDU SHALL NOT BE moved, only memcpied or memmoved. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-05-27 00:58:35 +02:00
Pol Henarejos	8554262aaf	Migrating away from tinyUSB. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-05-27 00:36:33 +02:00
Pol Henarejos	d2766b2225	Using printf instead of TU	2022-05-26 14:16:32 +02:00
Pol Henarejos	f124ee52ce	Do not add FMD in FCI. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-05-24 23:31:46 +02:00
Pol Henarejos	2167d28514	Add meta files. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-05-24 22:57:59 +02:00
Pol Henarejos	80792dc555	Private/secret keys can be selected. It returns FCP when a private/secret key is selected but it is not allowed to read them. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-05-24 13:06:00 +02:00
Pol Henarejos	080337f847	Added key domain setup It accepts different dkek shares for each key domain. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-05-24 11:08:29 +02:00
Pol Henarejos	5e20c830fd	Return key domain not found only when they are prepared. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-05-24 10:48:22 +02:00
Pol Henarejos	b754fdb449	Refactoring initialize command to support no dkek, random dkek, dkek shares and key domains. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-05-24 10:44:00 +02:00
Pol Henarejos	a926239613	Returning not initialized key domains. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-05-24 09:24:54 +02:00
Pol Henarejos	c80b723112	Using dynamic dkek number and current shares, for each key domain. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-05-24 09:18:35 +02:00
Pol Henarejos	a062b92dad	Replacing low level data access to high level routines. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-05-24 00:30:42 +02:00
Pol Henarejos	89d40b7c94	Extending DKEK and key storage to key domains. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-05-24 00:29:19 +02:00
Pol Henarejos	7b5cb48dcc	Added key domains for device initialization and dkek import. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-05-23 20:06:06 +02:00
Pol Henarejos	7de0121db5	Introducing MANAGE KEY DOMAIN (INS 52) Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-05-23 14:26:36 +02:00
Pol Henarejos	cb338af8fb	Return SW 6600 when button timeouts. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-05-05 22:30:07 +02:00
Pol Henarejos	fffe2fb451	Now press-to-confirm button has a timeout of 15 secs. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-05-05 20:56:28 +02:00
Pol Henarejos	5f0b15b5e9	Fix returning wrong pin retries. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-22 19:21:41 +02:00
Pol Henarejos	86298f3421	Upgrading to version 2.0.	2022-04-19 19:24:10 +02:00
Pol Henarejos	302f287967	Moving EAC and crypto to core. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-19 19:16:29 +02:00
Pol Henarejos	522860f736	Splitting the core onto another repo, which can be reused by other smart applications. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-19 18:39:52 +02:00
Pol Henarejos	e2f424d4ab	No more in the repo Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-14 01:06:50 +02:00
Pol Henarejos	69e869852e	Rewritten keypair_gen response (more friendly). Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-13 19:03:33 +02:00
Pol Henarejos	618966b742	Sanity check for keypair gen. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-13 18:49:13 +02:00
Pol Henarejos	b68920ff45	Added walker function for TLV parsing. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-13 16:55:34 +02:00
Pol Henarejos	9dfe0ee7b3	Clear session pin on unload and new session. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-13 14:25:44 +02:00
Pol Henarejos	da6c578973	Fix tag_len computation for all TLV. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-13 14:14:06 +02:00
Pol Henarejos	49d9ec7cf9	Session pin is randomized. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-13 14:12:14 +02:00
Pol Henarejos	af07f1d549	Added INS for session pin generation (needs randomization). Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-11 19:47:43 +02:00
Pol Henarejos	db5f5fd435	When working with SM, wrap() manipulates res_APDU. Thus, we cannot change the pointer of res_APDU anymore. Everything must be memcpy-ed. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-11 15:11:42 +02:00
Pol Henarejos	7232625bab	Merge branch 'master' into eac	2022-04-11 15:09:33 +02:00
Pol Henarejos	1557a4a039	Fix when generating keypair, which could produce wrong flash save in particular cases of concurrency. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-11 15:09:20 +02:00
Pol Henarejos	b61575bbc3	Adding some mutex to improve concurrency. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-11 15:08:10 +02:00
Pol Henarejos	3781777138	Adding some kind of permanent flash memory that does not wipe out when initializing. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-11 11:37:41 +02:00
Pol Henarejos	2f1f8e0c90	Fix parsing TLV in signatures. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-11 01:44:18 +02:00
Pol Henarejos	c4c2bf86ba	Fix response APDU in secure channel. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-11 01:38:15 +02:00
Pol Henarejos	f26668b81d	Fixed IV computation. IV is computed encrypting macCounter with a initial IV=0x0000. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-11 01:16:20 +02:00
Pol Henarejos	964af6a064	Adding wrap() to encrypt and sign response APDU. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-10 20:58:54 +02:00
Pol Henarejos	c3a93a46ba	Adding unwrap(), to decrypt and verify secure APDU. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-10 20:23:36 +02:00
Pol Henarejos	57d593561a	Moving all SM stuff to EAC. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-10 19:00:52 +02:00
Pol Henarejos	c098d80524	Adding private key of termca. It is the worst thing I can do, but first I need to develop the secure channel, which uses the private key of device. Later, I will figure out how to generate the private key and certificate during initialization, but it will be difficult, as it needs to be signed by the CA. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-10 01:55:57 +02:00
Pol Henarejos	6c892af9f1	Adding authentication command. Not finished. Needs lot of work. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-09 23:44:45 +02:00
Pol Henarejos	b545a1618b	Added Manage Security Environment command. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-09 20:50:00 +02:00
Pol Henarejos	dec3d54ddd	Adding more SW codes. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-09 20:29:13 +02:00
Pol Henarejos	ce4d0bf102	INS 54h is also occupied too... let's try with 64h. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-08 00:38:03 +02:00
Pol Henarejos	4e6bada892	Fix first AID load. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-08 00:29:15 +02:00
Pol Henarejos	98ad2e3d55	Fix returning card data when selected AID. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-04-07 23:32:56 +02:00

... 4 5 6 7 8

389 Commits