pico-hsm

webadmin/pico-hsm

Fork 0

mirror of https://github.com/polhenarejos/pico-hsm synced 2026-04-14 03:12:55 +02:00

Commit Graph

Select branches

Hide Pull Requests

development

master

#10

#102

#108

#124

#124

#127

#128

#128

#130

#130

#131

#2

#40

#43

#52

nightly-development

nightly-master

v1.0

v1.10

v1.12

v1.2

v1.4

v1.6

v1.8

v2.0

v2.2

v2.4

v2.6

v3.0

v3.2

v3.4

v3.6

v3.6-eddsa1

v4.0

v4.0-eddsa1

v4.2

v4.2-eddsa1

v5.0

v5.0-eddsa1

v5.2

v5.4

v5.4-eddsa1

v5.6

v6.0

v6.0-eddsa1

v6.2

v6.4

v6.6

eda8b53949 Memory cleanup on ECDH. Pol Henarejos 2022-10-31 12:54:44 +01:00
cfc0cc8f6e Some optimizations. Pol Henarejos 2022-10-31 00:38:30 +01:00
ab61b2a2d5 Fix returning public key of koblitz curve secp_k1. Pol Henarejos 2022-10-31 00:38:21 +01:00
f79a6ed30a Do not override Ne. Pol Henarejos 2022-10-30 23:42:12 +01:00
4313722b06 Fix memory free on keygen ecc. Pol Henarejos 2022-10-30 23:15:22 +01:00
eec4612a6f Fix when secure message cannot be correctly processed. Pol Henarejos 2022-10-30 21:11:06 +01:00
b2ac893efc Fix general authentication with AES. Pol Henarejos 2022-10-30 21:09:41 +01:00
14e8d9cd04 Fixing typo in command. Reiner Rottmann 2022-10-30 08:52:28 +01:00
1a6cfd17cb Small fix in ModuleNotFoundError handling. Reiner Rottmann 2022-10-30 08:51:57 +01:00
3835507e00 Fix displaying error message if pycvc is missing. Pol Henarejos 2022-10-29 11:35:54 +02:00
4536589e2c Added error message if package is missing. Pol Henarejos 2022-10-10 11:02:07 +02:00
1e39558fbc Typo v3.0 Pol Henarejos 2022-10-10 00:39:32 +02:00
a089cc279b Adding support for changing SO-PIN. Pol Henarejos 2022-10-10 00:37:56 +02:00
84f646dbad Fix storing SO-PIN session when checking PIN with SO-PIN. Pol Henarejos 2022-10-10 00:37:33 +02:00
b9ec473aaa Fix critical bug saving SO-PIN securely. Pol Henarejos 2022-10-10 00:27:46 +02:00
b7eb0dff02 Upgrade to Version 3.0. Pol Henarejos 2022-10-09 22:27:11 +02:00
06f550cc04 Update usage.md Pol Henarejos 2022-10-09 22:26:45 +02:00
1752b1aec7 Update usage.md Pol Henarejos 2022-10-09 22:25:35 +02:00
67ea640a14 Fix endianness of patcher (again) Pol Henarejos 2022-10-09 22:20:41 +02:00
f593060007 Moving delete_file() outside. Pol Henarejos 2022-10-09 22:07:21 +02:00
8504eed35c Adding fixes and moving to Mbedtls 3.2.1 Pol Henarejos 2022-10-09 22:07:10 +02:00
8b29b137a8 Small fixes. Pol Henarejos 2022-10-09 22:04:30 +02:00
08d3ca6d27 Update README.md Pol Henarejos 2022-10-09 19:57:52 +02:00
e6767f4c0a Moving pointer. Pol Henarejos 2022-09-25 23:25:16 +02:00
9e5d65706e Merge pull request #2 from rrottmann/master Pol Henarejos 2022-09-25 18:42:37 +02:00
61d7b6da38 Added Dockerfile for building pico-hsm and updated README.md with instructions. Reiner Rottmann 2022-09-23 20:36:05 +02:00
6affe64ec5 Adding missing file to pico-hsm-sdk. Pol Henarejos 2022-08-31 14:19:32 +02:00
ab75718927 Using pico_hsm_sdk library instead. Pol Henarejos 2022-08-31 14:10:04 +02:00
9e1747e539 Upgrading pico-hsm-sdk version to v3.0 Pol Henarejos 2022-08-31 14:09:02 +02:00
a7396dc698 Fix the endianness of vid/pid patcher. Pol Henarejos 2022-08-31 14:08:29 +02:00
67699bd24c Before initializing, we select the applet. Pol Henarejos 2022-08-30 17:55:56 +02:00
62c72c48a5 Moving to new pico-hsm-sdk. Pol Henarejos 2022-08-30 17:55:42 +02:00
3944c8437a Moving to pico-hsm-sdk Pol Henarejos 2022-08-30 17:54:38 +02:00
b7d603342e Upgrading pico-ccid Pol Henarejos 2022-08-29 11:32:39 +02:00
6e5db3c292 Upgrading pico-ccid to version 2.2 Pol Henarejos 2022-08-29 11:31:47 +02:00
4fb26559f4 Adding --so-pin flag for initialize command. Pol Henarejos 2022-08-25 13:47:42 +02:00
c366c1d1a3 Added datetime and options menu to manipulate the RTC and options (press-to-confirm button and optional counter for each key). Pol Henarejos 2022-08-25 13:38:09 +02:00
e8cc6a169e Try to recover MKEK twice: with previous PIN/SO-PIN or after setting the new PIN/SO-PIN just in case some is the same as previous. Pol Henarejos 2022-08-25 01:51:06 +02:00
7d7b6b88ba Trying to recover MKEK to preserver device private key. If not, all are generated again. Pol Henarejos 2022-08-24 17:48:50 +02:00
138af5c113 Adding --pin parameter for initialization. Pol Henarejos 2022-08-24 17:47:28 +02:00
b3bcad9ce6 Making MKEK persistent. Pol Henarejos 2022-08-24 17:46:49 +02:00
cd6f898f8e Fix storing certs in DER format. Pol Henarejos 2022-08-24 13:57:37 +02:00
9ef088971b Integrate all commands to a single script Pol Henarejos 2022-08-24 13:53:11 +02:00
e399b1c0b1 Renaming the tools and moving to tools/ folder. Pol Henarejos 2022-08-24 12:52:47 +02:00
59bacaf5b4 Update scs3.md Pol Henarejos 2022-08-24 14:11:14 +02:00
d872a156c1 Update scs3.md Pol Henarejos 2022-08-24 14:04:14 +02:00
c5e4583762 Add a tool for attestation of a private key. Pol Henarejos 2022-08-23 14:54:38 +02:00
38b9c06138 Reformat oids. Pol Henarejos 2022-08-23 14:52:44 +02:00
df18a1e917 Added header. Pol Henarejos 2022-08-23 00:49:51 +02:00
2bc40771ca Fix generating CVC REQ. Pol Henarejos 2022-08-23 00:49:41 +02:00
5696c7a5da Update public_key_authentication.md Pol Henarejos 2022-08-22 14:24:53 +02:00
c5f980fc98 Fix curve for ECDH key. Pol Henarejos 2022-08-22 01:13:08 +02:00
aebb68724a Removing trailing spaces. Pol Henarejos 2022-08-19 01:44:27 +02:00
1f2ccd8c1c Not used. Pol Henarejos 2022-08-19 01:40:13 +02:00
874058d86a Pull last changes in pico-ccid. Pol Henarejos 2022-08-19 00:03:09 +02:00
8fccb80295 New burn-certs is called after compilation, not before. Not needed anymore. Pol Henarejos 2022-08-18 23:58:38 +02:00
c9c60575c7 Removed 3DES as it is unsecure. Pol Henarejos 2022-08-18 23:55:21 +02:00
7e6ed20b26 Not downloading nested submodules for tinyusb Pol Henarejos 2022-08-18 23:53:49 +02:00
52c7be4e16 Also clone nested submodules Pol Henarejos 2022-08-18 23:38:50 +02:00
36d250fc2b Github does not clone submodules. So, let's do it Pol Henarejos 2022-08-18 23:33:52 +02:00
84ba0e03de Fix missing TinyUSB submodule Pol Henarejos 2022-08-18 23:31:17 +02:00
7d27c4b546 Fix autobuild Pol Henarejos 2022-08-18 23:28:29 +02:00
80b2bab0f8 Granting root to apt Pol Henarejos 2022-08-18 23:23:58 +02:00
79372ced2f Just install the SDK in the workflow Pol Henarejos 2022-08-18 23:21:42 +02:00
6fc91962bd Update codeql.yml Pol Henarejos 2022-08-18 23:13:02 +02:00
fb76c23694 Let's try our autobuild Pol Henarejos 2022-08-18 23:00:09 +02:00
fc6c852e09 When used this tool, the device is always reset to default state. Pol Henarejos 2022-08-18 20:09:23 +02:00
82f61ff1d4 When initialized, the device key (EF_KEY_DEV) is only generated if not found. Pol Henarejos 2022-08-18 20:08:54 +02:00
64052f4f70 Marked EF_DEV files as persistent to remain permanent. Pol Henarejos 2022-08-18 20:08:11 +02:00
36c8150f25 Enhanced the procedure for burning the device certificate. Pol Henarejos 2022-08-18 18:17:21 +02:00
cb492728ec Device key now uses SECP256R1 curve. Pol Henarejos 2022-08-18 18:15:45 +02:00
fec02ca733 Removing cvcerts.h dependency. Pol Henarejos 2022-08-18 13:29:24 +02:00
4e01a78286 Fix OID names. Pol Henarejos 2022-08-18 11:58:05 +02:00
538b39386b List keys returns the DEV key if exists. Pol Henarejos 2022-08-18 11:57:49 +02:00
977aced343 Fix OID names. Pol Henarejos 2022-08-18 11:57:38 +02:00
83b5753bb5 Fix saving DEV key. Pol Henarejos 2022-08-18 11:57:23 +02:00
a57c3b691f Fix passing DEBUG_APDU flag. Pol Henarejos 2022-08-18 11:55:16 +02:00
648a374ebb Create codeql.yml Pol Henarejos 2022-08-17 18:27:55 +02:00
c3568e1211 Create the terminal private key with id = 0. Pol Henarejos 2022-08-14 01:20:54 +02:00
6a16d4d55c Fix returning store_keys(); Pol Henarejos 2022-08-14 01:17:06 +02:00
ab2e71cc40 By default, all CVC are self-generated (chr=car). Pol Henarejos 2022-08-14 01:16:53 +02:00
f79fe9f7d0 Fix when no DKEK is present. Pol Henarejos 2022-08-14 01:16:33 +02:00
6956587106 Add newline at the end of file. Pol Henarejos 2022-08-13 23:31:09 +02:00
349df56b09 Missing header. Pol Henarejos 2022-08-13 15:00:05 +02:00
e6f082d512 Splitting cmd_xxx() functions in separate files. Pol Henarejos 2022-08-13 14:59:27 +02:00
87feed1222 Renaming KEK files. Pol Henarejos 2022-08-13 13:47:43 +02:00
55c8a66613 Fix wrap/unwrap keys with specific allowed algorithms. Pol Henarejos 2022-08-13 02:58:36 +02:00
2e88422c86 Fix deleting KEK when a key is present in the key domain. Pol Henarejos 2022-08-13 00:50:22 +02:00
da841b82d4 Fix deleting KEK. Pol Henarejos 2022-08-13 00:48:05 +02:00
9256a72c3e Added XKEK derivation to save the KEK from XKEK key domain. Pol Henarejos 2022-08-13 00:43:55 +02:00
69120cc961 Added cvc_get_ext() to find CVC extensions. Pol Henarejos 2022-08-13 00:43:35 +02:00
06aaf58f0b Added extension optional parameter to be included in the CVC body. Pol Henarejos 2022-08-13 00:07:24 +02:00
12e5a586d2 Adding support for XKEK CVC extension. Pol Henarejos 2022-08-12 22:18:21 +02:00
0e76ed7077 Adding OID for CVC extensions. Pol Henarejos 2022-08-12 21:12:56 +02:00
be911a7aa7 Clearing hash, just in case. Pol Henarejos 2022-08-12 19:55:07 +02:00
0556a528f3 Fix DKEK key domain creation. Pol Henarejos 2022-08-12 19:51:59 +02:00
de789cef66 Fix Key Domain deletion. Pol Henarejos 2022-08-12 19:46:08 +02:00
7208d01547 Adding XKEK Key Domain creation. Pol Henarejos 2022-08-12 19:36:10 +02:00
46cb0a455d Fix DKEK are only created when requested and not by default. Pol Henarejos 2022-08-12 14:01:19 +02:00
300e19b612 Moving to mbedtls_platform_zeroize() for better zeroization. Pol Henarejos 2022-08-12 01:52:37 +02:00

... 6 7 8 9 10 ...