mirrors/pico-hsm

mirror of https://github.com/polhenarejos/pico-hsm.git synced 2026-02-07 19:18:23 +00:00

Author	SHA1	Message	Date
Pol Henarejos	33a2222cd8	Revert "PIN remaining tries only returned when user is not logged in. If so, it returns always OK." This reverts commit `86e38419ac`.	2022-03-31 14:30:50 +02:00
Pol Henarejos	923e05a36c	Revert "Also for SOPIN." This reverts commit `ad66170379`.	2022-03-31 14:30:50 +02:00
Pol Henarejos	ad66170379	Also for SOPIN. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-31 13:18:56 +02:00
Pol Henarejos	86e38419ac	PIN remaining tries only returned when user is not logged in. If so, it returns always OK. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-31 13:17:16 +02:00
Pol Henarejos	7cf166d615	Upgrading to version 1.8 Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-31 11:18:52 +02:00
Pol Henarejos	413c3e0208	Fix update ef when offset is required. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-31 01:08:39 +02:00
Pol Henarejos	7410498df1	Fix with RSA CRT import mode (keytype 6). In RSA CRT import, the N parameter shall not be imported. Otherwise, mbedtls will fail (it is deduced from N=PQ). Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-31 00:24:50 +02:00
Pol Henarejos	7aee18110e	Fix kmac and kenc computation. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-30 23:59:06 +02:00
Pol Henarejos	7aca7b323a	Fix loading kcv, kenc and kmac. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-30 23:21:23 +02:00
Pol Henarejos	4651a0e224	Adding AES wrapping/unwrapping Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-30 01:33:54 +02:00
Pol Henarejos	d018e3b9b9	Adding RSA and EC wrap/unwrap, compatible with SC HSM wrap format. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-30 00:59:37 +02:00
Pol Henarejos	1c272842a7	Adding dkek_decode_key for unwrapping. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-29 20:18:08 +02:00
Pol Henarejos	0141e0ab4e	Adding ec curve find from prime. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-29 20:17:42 +02:00
Pol Henarejos	e7d8695394	Added length checks. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-29 19:16:15 +02:00
Pol Henarejos	6876edea5a	Some fix in encode key Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-29 19:06:00 +02:00
Pol Henarejos	2e655d6341	Fixes with AES encryption Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-29 18:25:47 +02:00
Pol Henarejos	2f4cca19c4	Moving some dkek crypt stuff to dkek. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-29 13:45:28 +02:00
Pol Henarejos	5eb74d8ca3	Adding encode_key with dkek (for wrapping). Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-29 13:45:07 +02:00
Pol Henarejos	7b0d5a6700	Fix loading aes key in decrypt function Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-29 09:35:06 +02:00
Pol Henarejos	427260663f	Replacing CFB to CBC AES proc Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-29 09:34:44 +02:00
Pol Henarejos	047a443536	Adding dkek procedures to wrap/unwrap. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-28 17:38:15 +02:00
Pol Henarejos	7a9ee8145d	Adding headers to random.h Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-28 17:38:02 +02:00
Pol Henarejos	2535d0e537	Adding generic aes encryption/decryption. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-28 17:37:53 +02:00
Pol Henarejos	6fe7d7991b	Len of CMAC is always 16. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-28 17:37:24 +02:00
Pol Henarejos	d061958f90	Moving hash to other file. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-28 16:02:28 +02:00
Pol Henarejos	69a406832d	Adding hsm initializing options Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-28 01:37:36 +02:00
Pol Henarejos	cd4ceb0a61	Fix returning current dkeks when the device is initialized without dkeks. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-28 01:37:19 +02:00
Pol Henarejos	450ec5dec1	Also list PRKD files. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-27 20:47:11 +02:00
Pol Henarejos	c7abd1a067	Adding DKEK report Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-27 20:27:10 +02:00
Pol Henarejos	c6d87756ab	Adding SOPIN verification. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-27 19:00:21 +02:00
Pol Henarejos	0916489388	Initialization now returns free memory if no parameters are given. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-27 18:53:41 +02:00
Pol Henarejos	b1e83c92e9	Adding cvcerts and dica Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-27 18:15:16 +02:00
Pol Henarejos	d01e06aa11	2F02 returns terminal's cvcert and DICA. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-27 18:15:06 +02:00
Pol Henarejos	464107b13f	Adding tag 85 for FCP when selecting applet Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-27 12:26:36 +02:00
Pol Henarejos	e431b25fc1	Not used Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-27 12:26:36 +02:00
Pol Henarejos	e4ed917c1c	Updating to v1.6 Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-27 12:26:35 +02:00
Pol Henarejos	ade3e6d2fb	Added sanity check for some boards without led. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-27 12:26:35 +02:00
Pol Henarejos	74127a038f	Changing label name. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-25 12:09:32 +01:00
Pol Henarejos	a01bd39f21	Adding license headers. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-25 12:08:48 +01:00
Pol Henarejos	c2a474df98	Fix an overflow in EC key derivation. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-24 20:42:43 +01:00
Pol Henarejos	483dc5e953	- Fixed a random bug when generating EC keys. - Removed cvc_req. Now it is encapsulated from the previous existing cvc. - All tests passed (sc-hsm-pkcs11-test invasive) Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-24 00:34:29 +01:00
Pol Henarejos	f490f073b0	When updating an EF, if it does not exist, we create it. Added support for CA and CD certificates update. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-21 16:04:40 +01:00
Pol Henarejos	2eab8eba09	Added asymmetric key derivation. Only for EC. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-21 15:37:34 +01:00
Pol Henarejos	783c901567	Replaced EC load private key with read_key, which performs sanity checks. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-21 14:25:00 +01:00
Pol Henarejos	90d1fa0f9b	If modulusSize is used, the test will fail as it is an unexpected field. It does not seems necessary. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-21 11:37:05 +01:00
Pol Henarejos	96b791b3b9	- Fixed bug where PublicKD was saved in EE_CERTIFICATE_PREFIX. We save there the CSR instead in CVC format. - We put the CHR and CAR into the CSR if provided during the keypair generation. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-21 11:31:24 +01:00
Pol Henarejos	78d71a6d9c	Upgrading to version 1.4. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-21 00:55:50 +01:00
Pol Henarejos	0a2740fbab	Added AES derive support based on HKDF. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-21 00:54:59 +01:00
Pol Henarejos	3192e928ff	Fixed a bug with deleting intermediate EF on flash. A new field on EF flash structure is added. Thus, the old structure must be erased. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-21 00:16:00 +01:00
Pol Henarejos	ae1e2ac111	Fix storing public key description when generating a new keypair. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-19 19:11:09 +01:00

1 2

66 commits