mirrors/pico-hsm

mirror of https://github.com/polhenarejos/pico-hsm.git synced 2026-01-17 09:28:05 +00:00

Author	SHA1	Message	Date
Pol Henarejos	e36c80761e	Fix login session persistence. It is handled when the card reader disconnects, instead of when applet is selected (only the first time). Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-06 01:50:34 +01:00
Pol Henarejos	bf2624cd88	AES keys are DKEK encrypted in flash. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-06 01:40:30 +01:00
Pol Henarejos	8c1977783e	Fix AES initialization context. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-06 01:30:39 +01:00
Pol Henarejos	7306a9765e	Fix AES key generation for other 128 and 192 bits. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-06 01:29:39 +01:00
Pol Henarejos	5e377cccaf	Added AES encryption/decryption. However, I could not find any interface (neither opensc nor sc-hsm-embedded). Needs further testing. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-06 01:28:29 +01:00
Pol Henarejos	37957dd8fd	Adding asymmetric decryption. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-06 00:09:01 +01:00
Pol Henarejos	ba3fa745a1	Moving load private key methods. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-05 00:31:55 +01:00
Pol Henarejos	982ca07096	Keys are decrypted when are used for signature. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-05 00:09:36 +01:00
Pol Henarejos	6cd575ea51	Added key unwrap support. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-04 23:30:56 +01:00
Pol Henarejos	a29b01cdd8	Adding key wrap support. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-04 23:23:15 +01:00
Pol Henarejos	64cf9097e3	Fix saving imported DKEK. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-04 23:10:58 +01:00
Pol Henarejos	f022c3235d	Fix when initialize with 0 dkek shares. DKEK is automatically generated and saved. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-04 23:10:15 +01:00
Pol Henarejos	010c8018ea	DKEK is reencrypted with the new pin if changed. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-04 23:08:15 +01:00
Pol Henarejos	78bad89415	Private and secret keys are now stored encrypted with DKEK. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-04 23:00:59 +01:00
Pol Henarejos	dcabd78ddb	Cleaning debug. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-04 23:00:24 +01:00
Pol Henarejos	59833d08eb	Adding support for generating more than 32 bytes at a time. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-04 10:46:10 +01:00
Pol Henarejos	41f0b53dd5	Fix listing private keys and X509 certificates. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-03 17:56:22 +01:00
Pol Henarejos	ab6a081fdf	Better debugging. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-03 00:00:29 +01:00
Pol Henarejos	70e153e11d	Fix RSA RAW signature. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-03 00:00:14 +01:00
Pol Henarejos	2f4fb3507b	Fix ECDSA signature computation. Now it works. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-01 23:37:53 +01:00
Pol Henarejos	9202c4db66	Added ECDSA signature. Added RSA cleanups. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-01 01:15:55 +01:00
Pol Henarejos	486c4eb449	Added RSA signature (not tested). Still missing ECDSA signature. Trying to figure out what is ECDSA RAW. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-03-01 00:55:01 +01:00
Pol Henarejos	ff06414247	Adding signature computation (unfinished) Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-28 09:43:09 +01:00
Pol Henarejos	553bd793b9	RP 2040 does not have PIN support (i.e., pin pad support). Thus, we disable it to enable openssl pkcs11 engine interaction. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-27 20:58:04 +01:00
Pol Henarejos	8d6acb8162	Updating ATR. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-27 20:57:24 +01:00
Pol Henarejos	44b3792166	Fix with reading dynamic files. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-27 20:56:45 +01:00
Pol Henarejos	1918a5769c	Adding symmetric key generation (AES CBC) Fix file search and discovery. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-25 17:04:31 +01:00
Pol Henarejos	36cd26acd3	More candy debug. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-25 17:03:28 +01:00
Pol Henarejos	6777221e48	Allow for null data write to allocate physical space. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-25 17:03:05 +01:00
Pol Henarejos	857aaf2679	Fix ACL when creating new file. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-24 22:38:15 +01:00
Pol Henarejos	a94c74e508	Added PIN change. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-24 22:07:52 +01:00
Pol Henarejos	4cdb2f93e5	Fix reset pin. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-24 20:37:50 +01:00
Pol Henarejos	8657758cf2	Adding acl and pin checks. If pin is blocked, is always blocked despite correct login. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-24 20:00:37 +01:00
Pol Henarejos	fce1a30f56	Fix deleting key. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-24 19:04:06 +01:00
Pol Henarejos	a4ef5e6d17	Adding delete file command. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-24 16:22:05 +01:00
Pol Henarejos	249de0c5d2	Calling variable token info data generation. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-23 22:17:58 +01:00
Pol Henarejos	a90aac5533	Making files to accept data callbacks (useful for asn1 data). Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-23 22:17:31 +01:00
Pol Henarejos	b874575dab	Moving to static dynamic files. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-23 17:35:53 +01:00
Pol Henarejos	b9bbddd24e	Using separate eps. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-23 17:35:29 +01:00
Pol Henarejos	d6368a221f	Return some SW even if no app is selected. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-23 17:35:02 +01:00
Pol Henarejos	c29f8d6cc5	Migrating to static memory to avoid malloc for new files. Let's see how it works. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-23 12:00:34 +01:00
Pol Henarejos	41b1467ab7	Fix with empty extended length header. Fix buffer overflow when extended length. APDU shall be reset at every APDU beginning. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-23 12:00:04 +01:00
Pol Henarejos	16bd415fb9	Adding sanity checks. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-22 18:26:02 +01:00
Pol Henarejos	173d64dd0e	Finalizing EC key generation and storage. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-22 15:36:32 +01:00
Pol Henarejos	67698eca94	Fixed bug with size of cvc. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-22 14:27:13 +01:00
Pol Henarejos	f97555a8da	Adding ECC storing keygen. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-22 13:22:09 +01:00
Pol Henarejos	a28f217c57	Inner signature of CVC encodes the full certificate body. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-22 00:55:36 +01:00
Pol Henarejos	e1126b5951	In order to announce the public key, the response must be cvc request authenticated. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-22 00:37:02 +01:00
Pol Henarejos	1688ea540e	Fix: FPI containing wrong file length. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-21 16:24:47 +01:00
Pol Henarejos	2a770ee7c9	DKEKS are also initialized. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-02-21 16:24:32 +01:00

1 2 3

135 commits