mirrors/pico-hsm
1
0
Fork 0
mirror of https://github.com/polhenarejos/pico-hsm.git synced 2026-01-17 09:28:05 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
930 commits 2 branches 31 tags 2.8 MiB
Commit graph

410 commits

Author SHA1 Message Date
Pol Henarejos
9a7be98e6e
Settings proper phy options 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-06-21 22:08:36 +02:00
Pol Henarejos
c4a08aff0f
Upgrade to Mbedtls 3.6 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-06-21 21:29:32 +02:00
Pol Henarejos
223fc117dd
Enable patch only for RPI 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-06-21 21:15:29 +02:00
Pol Henarejos
d1fb4d0c65
Merge branch 'master' into development 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-06-21 21:14:43 +02:00
Pol Henarejos
47acef71c8
Only when not emulation. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-06-21 21:11:18 +02:00
al heisner
99c777c780 Fix for multiples of 64 bytes on cmd_list_keys 2024-06-21 11:35:05 -05:00
Pol Henarejos
79f76a176d
Fix time.h header. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-06-19 23:36:41 +02:00
Pol Henarejos
f20fdc9bda
Add missing header. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-06-19 22:42:19 +02:00
Pol Henarejos
b4671c2ecb
Merge branch 'esp32' into development 2024-06-19 22:03:47 +02:00
Pol Henarejos
54cdbfc22c
Add PHY OPTS. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-06-19 22:01:15 +02:00
fastchain
87ffd21543
Update cmd_extras.c 
This security fix ensures that the extra settings, cannot be silently disabled, if button control enabled. So the button control setting cannot be silently (without button push) disabled, even if the user's PC is fully compromised.
 2024-06-13 16:09:54 +09:00
Pol Henarejos
7cb0bbf982
Merge branch 'development' into esp32 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-06-03 13:06:39 +02:00
Pol Henarejos
218660e694
Only allow change PHY without PIN. PIN is required for other extra options. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-04-22 23:47:08 +02:00
Pol Henarejos
8e8192362c
Use macros for referring system fids. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-04-17 19:43:10 +02:00
Pol Henarejos
25c93c279f
Fix potential crash on loading dkek. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-04-17 19:42:47 +02:00
Pol Henarejos
001d076fdf
Better check for XKEK content. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-04-17 19:42:23 +02:00
Pol Henarejos
35d5d5e94e
Use search_file() method. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-04-17 19:19:45 +02:00
Pol Henarejos
b034303193
Use new methods search_file() and file_put_data(). 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-04-17 16:36:34 +02:00
Pol Henarejos
fdc41e5856
Add support for PHY command to store and change VIDPID and LED no. dynamically on reboot. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-04-17 11:50:44 +02:00
Pol Henarejos
5d0dc210da
Use external unique ID. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-04-17 11:48:23 +02:00
Pol Henarejos
a674410826
Remove carriage return \r for better debug. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-04-17 11:46:34 +02:00
Pol Henarejos
aeeb540a2f
Add support for PHY command to store and change VIDPID and LED no. dynamically on reboot. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-04-16 23:22:49 +02:00
Pol Henarejos
842919a26b
Use external unique ID. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-04-15 23:45:30 +02:00
Pol Henarejos
d8c7fb0856
Remove carriage return \r for better debug. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-04-10 18:16:38 +02:00
Pol Henarejos
d6456b4dde
First attempt to add support to ESP32. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-04-08 19:41:39 +02:00
Pol Henarejos
c3b66773e8
Use new asn1 structs. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-03-13 18:11:28 +01:00
Pol Henarejos
9fad920c3b
Fix Windows emulation build. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-09 11:43:46 +01:00
Pol Henarejos
2034e436d1
Fix CVC outer signature length. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-08 10:59:34 +01:00
Pol Henarejos
2b92d89ab7
Fix size_t casting. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-02 19:56:38 +01:00
Pol Henarejos
a1d7733b95
Fix key exchange. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-02 02:44:59 +01:00
Pol Henarejos
4f4e6e09a2
Fix size var load. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-02 02:31:38 +01:00
Pol Henarejos
481cd5fd69
Some fixes for emulation. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-01 20:58:40 +01:00
Pol Henarejos
d9a8826a32 Stupid bug integer overflow. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-01 02:01:22 +01:00
Pol Henarejos
d82affa880 Added support for building emulation in Windows. 
It has not been tested but it should not break any linux build.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2024-01-01 01:55:49 +01:00
Pol Henarejos
74afa07512
Do not make a PRKD on key unwrap since it is already done when storing. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-13 15:33:52 +01:00
Pol Henarejos
e96e1d0097
When a key is generated and stored, it creates its PRKD. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-13 15:33:27 +01:00
Pol Henarejos
58692b2711
Fix PRKD cert on key unwrap. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-13 14:14:10 +01:00
Pol Henarejos
98e9b72b42
Upgrade version to 3.6. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-06 17:26:43 +01:00
Pol Henarejos
88ff27f354
Fix mbedTLS 3.5 build. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-06 17:01:27 +01:00
Pol Henarejos
ed2925cfb6
Use new Pico Keys SDK. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-11-06 14:25:42 +01:00
Pol Henarejos
6b1eeb4004
Fix DKEK import when no logged. 
DKEK shall accept import even if it is not logged in. However, to store the DKEK, the PIN is used for MKEK, which is not available if it is nog logged in. I added a queueing system to store a pending DKEK after login.

Therefore, to import a DKEK, the user must import it AND call VERIFY command if it is not already logged in.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-10-12 17:42:31 +02:00
Pol Henarejos
5d21e39aa6
Fix deleting key domain. 
It only checks if contains keys and no other files.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-10-12 17:40:20 +02:00
Pol Henarejos
eddb1baf7b
Use new applet selection format. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-10-11 21:03:17 +02:00
Pol Henarejos
11bb00e186
Default key domain is 0. 
It allows to wrap keys not associated to any key domain.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-10-11 21:03:09 +02:00
Pol Henarejos
e27c8d4ff6
Added flag for compile for CI or production. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-10-09 21:55:31 +02:00
Pol Henarejos
08e7d74a81
Fix sending binary when ne=0 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-09-24 10:30:09 +02:00
Pol Henarejos
173ca7678d
Accept arbitrary SO-PIN length on reset retry. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-09-05 19:56:11 +02:00
Pol Henarejos
1d3232df36
Fix loading and saving Montgomery keys. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-08-24 16:01:39 +02:00
Pol Henarejos
7376817724
Fix G export. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-08-24 16:00:59 +02:00
Pol Henarejos
a6072b4ce8
Curve25519 and Curve448 are encoded using ECDH template. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-08-23 16:38:51 +02:00