dearsky/pico-openpgp
1
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases 15 Wiki Activity
333 Commits 1 Branch 19 Tags
2ce4f226227e81be985138e8b77134fde466ad98
Commit Graph

114 Commits

Author SHA1 Message Date
Pol Henarejos
353471c599 Revert "Move EDDSA to another branch." 
This reverts commit b1421e176b.
 2025-12-11 19:36:39 +01:00
Pol Henarejos
b1421e176b Move EDDSA to another branch. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-12-09 16:07:34 +01:00
Pol Henarejos
331f4f1c4e Relicense project under the GNU Affero General Public License v3 (AGPLv3) 
and add the Enterprise / Commercial licensing option.

Main changes:
- Replace GPLv3 headers with AGPLv3 headers in source files.
- Update LICENSE file to the full AGPLv3 text.
- Add ENTERPRISE.md describing the dual-licensing model:
  * Community Edition: AGPLv3 (strong copyleft, including network use).
  * Enterprise / Commercial Edition: proprietary license for production /
    multi-user / OEM use without the obligation to disclose derivative code.
- Update README with a new "License and Commercial Use" section pointing to
  ENTERPRISE.md and clarifying how companies can obtain a commercial license.

Why this change:
- AGPLv3 ensures that modified versions offered as a service or deployed
  in production environments must provide corresponding source code.
- The Enterprise / Commercial edition provides organizations with an
  alternative proprietary license that allows internal, large-scale, or OEM
  use (bulk provisioning, policy enforcement, inventory / revocation,
  custom attestation, signed builds) without AGPL disclosure obligations.

This commit formally marks the first release that is dual-licensed:
AGPLv3 for the Community Edition and a proprietary commercial license
for Enterprise customers.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-10-26 20:24:47 +01:00
Pol Henarejos
bc9681e7b0 Add support for EdDSA with Ed448 curve. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-05-24 14:55:23 +02:00
Pol Henarejos
f34cdac00b Rename cmd_version to cmd_version_openpgp 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-05-24 14:50:17 +02:00
Pol Henarejos
f9c1178f4d Move PRODUCT def to a separate file. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-05-24 14:49:48 +02:00
Pol Henarejos
68ac692de6 Rename scan_files to scan_files_openpgp 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-05-24 14:25:21 +02:00
Pol Henarejos
4480e29ecc Rename wait_button_pressed to wait_button_pressed_fid. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-05-24 14:22:37 +02:00
Pol Henarejos
6de499e435 Add EdDSA support as a conditional build. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-02-21 20:29:42 +01:00
Pol Henarejos
7050e6b19f Upgrade to version 3.2 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-01-15 11:24:15 +01:00
Pol Henarejos
95a4f7201b Move cmd functions to separate files. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-01-08 11:46:49 +01:00
Pol Henarejos
64a2d240d4 Merge branch 'main' into eddsa 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-01-05 20:01:42 +01:00
Pol Henarejos
eaa8851719 Move Pico Keys SDK pointer. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-12-27 02:54:07 +01:00
Pol Henarejos
7f24b9f6b8 Upgrade to version 3.0 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-11-10 21:35:30 +01:00
Pol Henarejos
79c69a6617 OTP key is used to mask the DEK. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-11-10 18:56:46 +01:00
Pol Henarejos
4ba5e04080 Add PICO_PRODUCT. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-11-09 00:37:19 +01:00
Pol Henarejos
2747083672 Upgrade pico keys sdk. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-11-09 00:36:21 +01:00
Pol Henarejos
6e11171416 Merge branch 'main' into eddsa 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-09-30 19:22:18 +02:00
Pol Henarejos
e0779a49e7 Add error if a non-supported key is attempted to be imported. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-09-30 17:04:34 +02:00
Pol Henarejos
57a6458051 Fix unitialized var. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-08-25 20:58:14 +02:00
Pol Henarejos
6780eb3935 Fix select aid to new callback. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-08-25 20:57:56 +02:00
Pol Henarejos
1051690b79 Add support to ESP32. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-08-20 00:23:22 +02:00
Pol Henarejos
1434ef2bd2 Fix for mbedtls 3.6 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-07-15 15:16:36 +02:00
Ming Kuang
886bee5ddc Fix conditional error resetting has_pw1 variable 
According to OpenPGP 3.4.1 specifications subsection 4.4.1:
PW status Bytes
1st byte: 00 = PW1 (no. 81) only valid for one PSO:CDS command
          01 = PW1 valid for several PSO:CDS commands

Therefore has_pw1 should be reset to false when the first byte
of the PW status is 0 instead of 1.
 2024-07-06 22:09:37 +08:00
Pol Henarejos
b61af665b8 Change size of tag_len() for uint16. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-05-23 18:44:57 +02:00
Pol Henarejos
20387c955e Use latest version of Pico Keys SDK. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-05-23 18:40:24 +02:00
Pol Henarejos
0198386734 Merge branch 'piv' 2024-05-23 18:32:26 +02:00
Pol Henarejos
ce6eb6e8e6 Fix overflow when importing data. 
Fixes #12.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-05-23 18:32:15 +02:00
Pol Henarejos
f4c3a75d66 Compute public point on load key. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-03-27 18:45:23 +01:00
Pol Henarejos
f20449fee3 Fix RSA signature. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-03-26 19:38:17 +01:00
Pol Henarejos
e0e1b3758e Added support for dynamic number of maximum retries. 3 by default 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-03-22 20:37:47 +01:00
Pol Henarejos
17d476a9e2 Fix crash on PIN change. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-03-21 22:01:41 +01:00
Pol Henarejos
0b7c8da592 KEK use is optional. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-03-19 17:56:00 +01:00
Pol Henarejos
d96bbb9b4b Use new asn1 structs. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-03-14 23:22:19 +01:00
Pol Henarejos
4cfa2a16bf Added AUTHENTICATE support. 
Note that CARD MGM key is NOT encrypted with DEK, since it has to be accessed even without PIN.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-03-12 22:04:19 +01:00
Pol Henarejos
7f7e94c639 Use new names and selecting aid. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-06 15:23:54 +01:00
Pol Henarejos
91bcd9f9cd Fix EdDSA signature return format. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-09-05 01:04:44 +02:00
Pol Henarejos
865eafb1f3 Fix Curve25519 key import. 
For an unknown reason, curve25519 keys are imported in big endian instead of little endian.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-09-05 00:25:39 +02:00
Pol Henarejos
88f5bbfd58 Added support for Ed25519. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-09-05 00:18:06 +02:00
Pol Henarejos
9ea894b60b Use mbedtls read/write keys wrappers. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-08-28 01:25:28 +02:00
Pol Henarejos
b815dc35c8 Fix initializing DEK for pw3. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-05-17 00:04:57 +02:00
Pol Henarejos
5eb6822bf5 Update code style. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-03-04 14:08:47 +01:00
Pol Henarejos
3c7df3aa42 Fix checking length in ECDH. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-02-04 23:44:55 +01:00
Pol Henarejos
e5871d5791 Fix returning algo attributes for authentication key. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-02-04 21:07:10 +01:00
Pol Henarejos
7ccbb0103f Fix computing length of algorithm attributes. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-02-04 21:06:33 +01:00
Pol Henarejos
8e03ce28a3 Fix returning signature in some cases. 
In some particular cases where signature has a 0 prepended, mpi is written without that which caused variable length signatures. Now it returns the signature whose length is always the same.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-02-04 20:28:33 +01:00
Pol Henarejos
b300ed87f3 Fix returning ecdsa response for keys > 512 bits. 
In that case, TLV shall contain 81 length.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-02-04 20:27:20 +01:00
Pol Henarejos
7b17cc7b49 Public point is now computed when private key is imported. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-02-04 19:44:44 +01:00
Pol Henarejos
abf190f767 Tuned returning public key information for ECDSA. 
Despite it was not a bug, it seems some ASN.1 readers do not recognize 0x81/0x82 tags when len < 128.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-02-04 19:44:00 +01:00
Pol Henarejos
d9ed002af2 Signature counter is only increased on PSO:SIGN and not for authentication. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-02-04 01:31:34 +01:00