mirrors/pico-hsm

mirror of https://github.com/polhenarejos/pico-hsm.git synced 2026-02-07 19:18:23 +00:00

Author	SHA1	Message	Date
Pol Henarejos	2b92d89ab7	Fix size_t casting. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2024-01-02 19:56:38 +01:00
Pol Henarejos	a1d7733b95	Fix key exchange. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2024-01-02 02:44:59 +01:00
Pol Henarejos	4f4e6e09a2	Fix size var load. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2024-01-02 02:31:38 +01:00
Pol Henarejos	481cd5fd69	Some fixes for emulation. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2024-01-01 20:58:40 +01:00
Pol Henarejos	d9a8826a32	Stupid bug integer overflow. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2024-01-01 02:01:22 +01:00
Pol Henarejos	d82affa880	Added support for building emulation in Windows. It has not been tested but it should not break any linux build. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2024-01-01 01:55:49 +01:00
Pol Henarejos	74afa07512	Do not make a PRKD on key unwrap since it is already done when storing. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-11-13 15:33:52 +01:00
Pol Henarejos	e96e1d0097	When a key is generated and stored, it creates its PRKD. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-11-13 15:33:27 +01:00
Pol Henarejos	58692b2711	Fix PRKD cert on key unwrap. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-11-13 14:14:10 +01:00
Pol Henarejos	98e9b72b42	Upgrade version to 3.6. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-11-06 17:26:43 +01:00
Pol Henarejos	88ff27f354	Fix mbedTLS 3.5 build. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-11-06 17:01:27 +01:00
Pol Henarejos	ed2925cfb6	Use new Pico Keys SDK. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-11-06 14:25:42 +01:00
Pol Henarejos	6b1eeb4004	Fix DKEK import when no logged. DKEK shall accept import even if it is not logged in. However, to store the DKEK, the PIN is used for MKEK, which is not available if it is nog logged in. I added a queueing system to store a pending DKEK after login. Therefore, to import a DKEK, the user must import it AND call VERIFY command if it is not already logged in. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-10-12 17:42:31 +02:00
Pol Henarejos	5d21e39aa6	Fix deleting key domain. It only checks if contains keys and no other files. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-10-12 17:40:20 +02:00
Pol Henarejos	eddb1baf7b	Use new applet selection format. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-10-11 21:03:17 +02:00
Pol Henarejos	11bb00e186	Default key domain is 0. It allows to wrap keys not associated to any key domain. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-10-11 21:03:09 +02:00
Pol Henarejos	e27c8d4ff6	Added flag for compile for CI or production. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-10-09 21:55:31 +02:00
Pol Henarejos	08e7d74a81	Fix sending binary when ne=0 Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-09-24 10:30:09 +02:00
Pol Henarejos	173ca7678d	Accept arbitrary SO-PIN length on reset retry. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-09-05 19:56:11 +02:00
Pol Henarejos	1d3232df36	Fix loading and saving Montgomery keys. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-08-24 16:01:39 +02:00
Pol Henarejos	7376817724	Fix G export. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-08-24 16:00:59 +02:00
Pol Henarejos	a6072b4ce8	Curve25519 and Curve448 are encoded using ECDH template. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-08-23 16:38:51 +02:00
Pol Henarejos	f631e4a5f3	Code style. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-07-17 12:56:16 +02:00
Pol Henarejos	f880ee6c93	Added support for HD symmetric ciphering. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-07-17 12:55:14 +02:00
Pol Henarejos	fe315e7326	Fix AES derivation (HKDF). Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-05-27 19:00:04 +02:00
Pol Henarejos	ee3ee21e40	Added support for signatures based on HD BIP/SLIP. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-05-26 18:07:06 +02:00
Pol Henarejos	29544a3f17	Added support for SLIP-0021 node derivation. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-05-26 17:15:14 +02:00
Pol Henarejos	5135404083	Fix node derivation. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-05-25 15:17:39 +02:00
Pol Henarejos	55520ce184	Added support for master key generation for symmetric derivation. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-05-25 14:07:48 +02:00
Pol Henarejos	525b05b7ef	Small refactoring to avoid unnecessary casts from uint32 to byte strings. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-05-25 12:18:28 +02:00
Pol Henarejos	0eea0fb096	Fix deriving nodes with retries (invalid first key). Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-05-24 12:47:27 +02:00
Pol Henarejos	82c03ee6c4	Fix memory free on error. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-05-24 12:40:51 +02:00
Pol Henarejos	20dfbcaaed	Fix xpub for masters. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-05-24 11:25:36 +02:00
Pol Henarejos	46d85c029e	Added first commit with BIP and SLIP support for cryptowallets. Needs more work. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-05-23 20:40:16 +02:00
Pol Henarejos	6d3809a792	Allow signatures with device key. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-04-06 14:09:18 +02:00
Pol Henarejos	f22f58f983	Fix returning EOF when reading an element outside the size. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-04-06 14:08:43 +02:00
Pol Henarejos	405bf92e18	Added support for TokenInfo and StaticTokenInfo files. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-04-04 09:53:26 +02:00
Pol Henarejos	371ae93fcd	Added support for AES CCM. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-03-23 19:20:33 +01:00
Pol Henarejos	f5e875a6b7	Added support for AES CTR. Note: the OID used by CTR does not exist. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-03-23 18:47:32 +01:00
Pol Henarejos	4d647ba3c8	Add sanity check if wrong oid is provided. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-03-22 23:28:55 +01:00
Pol Henarejos	008db87fa7	Fix AES XTS call. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-03-22 23:28:22 +01:00
Pol Henarejos	17560034ec	Fix AES extended encoding call. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-03-22 23:23:12 +01:00
Pol Henarejos	8b0d85fbd4	Fix PRKD generation for AES. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-03-22 22:57:15 +01:00
Pol Henarejos	3dcb2e9d70	A PRKD is generated on every key import, regardless it might be replaced later. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-03-22 22:56:55 +01:00
Pol Henarejos	0f12ff1c48	Added support for PRKD for AES. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-03-22 22:07:34 +01:00
Pol Henarejos	2a5fe1cc6d	Added initialization with self-signed certificate. It will allow the initialization with OpenSC tool (sc-hsm-tool --initialize). However, it will not allow the use of card with SCS3, as it needs a PKI with trust chain. In this case, pico-hsm-tool.py shall be used for initialization. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-03-22 01:04:24 +01:00
Pol Henarejos	5e0f62265d	Fix key size of terminal cert. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-03-20 21:41:38 +01:00
Pol Henarejos	0990805fb6	More code style. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-03-20 20:08:29 +01:00
Pol Henarejos	efba39adc5	Add SW_WRONG_DATA return on bad tag for Chachapoly. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-03-20 17:58:01 +01:00
Pol Henarejos	13755cb4d5	Fix buffer overflow when importing AES 512 key. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-03-20 17:06:06 +01:00

1 2 3 4 5 ...

389 commits