302 commits

Author	SHA1	Message	Date
Pol Henarejos	35c42bccb4	List PRKD if exist. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-01-30 01:25:25 +01:00
Pol Henarejos	8976dc1f79	Added support for RSA-PKCSv15-SHA224, SHA384 and SHA512. Also added support for RSA-PSS-SHA224, SHA384 and SHA512. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-01-17 00:41:46 +01:00
Pol Henarejos	9d47e62041	Fix signature for secp521r1. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-01-17 00:05:46 +01:00
Pol Henarejos	0daddfd477	Fix ECDSA-SHA384 and ECDSA-SHA512. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-01-17 00:05:31 +01:00
Pol Henarejos	89d617110f	Add asn1_build_prkd_rsa() ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-01-16 18:54:28 +01:00
Pol Henarejos	17941397e9	Fix exporting large ECC key. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-01-16 18:54:20 +01:00
Pol Henarejos	5419ff74ee	Using file_has_data() to check contents. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-01-13 18:07:50 +01:00
Pol Henarejos	723011078c	Using file_has_data() instead of data directly. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-01-12 20:06:31 +01:00
Pol Henarejos	fe7c0333ab	Some emulation fixes. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-01-12 20:06:11 +01:00
Pol Henarejos	c01940b62b	Fix accessing way to data. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-01-12 20:05:59 +01:00
Pol Henarejos	7195a8f3ec	Fix headers in emulation mode. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-01-12 20:05:46 +01:00
Pol Henarejos	7764de4e10	Unused headers. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-01-12 20:05:16 +01:00
Pol Henarejos	e05c526b4d	Fix printf format. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-01-12 20:04:55 +01:00
Pol Henarejos	bc20f98b44	In emulation, return always 1mb of memory. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-01-12 20:04:44 +01:00
Pol Henarejos	742c3f3e3c	RTC command is not available in emulation. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-01-12 20:04:23 +01:00
Pol Henarejos	9793977ffc	Fixed double counter increment. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-01-12 20:04:05 +01:00
Pol Henarejos	9ff3254a4c	Update to latest HSM SDK. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-12-22 22:50:54 +01:00
Pol Henarejos	691aa3308c	Fix when importing a dkek and it fails. ... Now the dkek state is returned to the previous one. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-12-06 20:11:26 +01:00
Pol Henarejos	6a57e67629	Fix importing dkek twice. ... It is not allowed anymore. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-12-06 20:04:18 +01:00
Pol Henarejos	202c8a4b22	Credentials are not necessary when importing DKEK. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-12-06 20:00:32 +01:00
Pol Henarejos	9e9cf9b768	Upgrading version to v3.2. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-12-06 19:00:44 +01:00
Pol Henarejos	4113f6a65d	Fix parsing PBKDF2 params. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-11-15 00:14:39 +01:00
Pol Henarejos	f98d744076	Add apdu.ne check for large buffers. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-11-14 18:04:44 +01:00
Pol Henarejos	aa8b1e6efe	Added support for X963 KDF. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-11-14 15:38:16 +01:00
Pol Henarejos	0cb2e8ec2e	Added PBES2 key derivation with encryption and decryption support. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-11-14 13:07:49 +01:00
Pol Henarejos	0e96753ccb	Added support for PBKDF2. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-11-14 12:01:27 +01:00
Pol Henarejos	2b2df22d75	Added support for configurable HKDF. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-11-14 10:14:54 +01:00
Pol Henarejos	8fe2677a56	Fix cofactor return with cvc. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-11-11 17:08:36 +01:00
Pol Henarejos	d09a7cf9c8	If self-signature fails, puts all-0. ... When generating a keypair and returns a self-signed CVREQ, the signature might fail for Curve25519 and Curve448. Instead of returning null, it puts zeros in order to return what is expected to return. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-11-11 17:04:17 +01:00
Pol Henarejos	6bf72e5a59	Added support for HMAC-SHA1, HMAC-SHA224, HMAC-SHA256, HMAC-SHA384 and HMAC-SHA512. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-11-08 17:26:32 +01:00
Pol Henarejos	a7682d2639	Adding Extended Cipher feature. ... With this new subcommand, Pico HSM will support newer cipher algorithms. ChaCha20-Poly1305 is the first. It will be based on a custom P2 subcommand to support an arbitrary structure with multiple parameters (AAD, IV, etc.) pico-hsm-tool.py shall be used. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-11-07 21:37:11 +01:00
Pol Henarejos	00279da8d5	Adding Secure Lock to lock the device with a random 256 bit key. ... This is an extra layer of security to avoid brute force attacks if PIN is too weak. At every hard reset (on device plug), the device must be unlocked prior any other command. Once unlocked, the device can be used as usual. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-10-31 15:09:54 +01:00
Pol Henarejos	eda8b53949	Memory cleanup on ECDH. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-10-31 12:54:44 +01:00
Pol Henarejos	cfc0cc8f6e	Some optimizations. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-10-31 00:38:30 +01:00
Pol Henarejos	ab61b2a2d5	Fix returning public key of koblitz curve secp_k1. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-10-31 00:38:21 +01:00
Pol Henarejos	f79a6ed30a	Do not override Ne. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-10-30 23:42:12 +01:00
Pol Henarejos	4313722b06	Fix memory free on keygen ecc. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-10-30 23:15:22 +01:00
Pol Henarejos	eec4612a6f	Fix when secure message cannot be correctly processed. ... It is discarded. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-10-30 21:11:06 +01:00
Pol Henarejos	b2ac893efc	Fix general authentication with AES. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-10-30 21:09:41 +01:00
Pol Henarejos	a089cc279b	Adding support for changing SO-PIN. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-10-10 00:37:56 +02:00
Pol Henarejos	84f646dbad	Fix storing SO-PIN session when checking PIN with SO-PIN. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-10-10 00:37:33 +02:00
Pol Henarejos	b9ec473aaa	Fix critical bug saving SO-PIN securely. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-10-10 00:27:46 +02:00
Pol Henarejos	b7eb0dff02	Upgrade to Version 3.0. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-10-09 22:27:11 +02:00
Pol Henarejos	f593060007	Moving delete_file() outside. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-10-09 22:07:21 +02:00
Pol Henarejos	62c72c48a5	Moving to new pico-hsm-sdk.	2022-08-30 17:55:42 +02:00
Pol Henarejos	e8cc6a169e	Try to recover MKEK twice: with previous PIN/SO-PIN or after setting the new PIN/SO-PIN just in case some is the same as previous. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-08-25 01:51:16 +02:00
Pol Henarejos	7d7b6b88ba	Trying to recover MKEK to preserver device private key. If not, all are generated again. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-08-25 01:51:16 +02:00
Pol Henarejos	b3bcad9ce6	Making MKEK persistent. ... It must be persistent as it encrypts device private key and therefore it must survive across reinitializations. However, if no PIN is provided to unlock it, it will be lost, as with device private key. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-08-25 01:51:16 +02:00
Pol Henarejos	38b9c06138	Reformat oids. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-08-23 14:52:44 +02:00
Pol Henarejos	2bc40771ca	Fix generating CVC REQ. ... Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-08-23 00:50:06 +02:00