webadmin/pico-keys-sdk
1
0
Fork 0
mirror of https://github.com/polhenarejos/pico-keys-sdk synced 2026-04-12 20:36:45 +02:00
Code Issues Packages Projects Releases Wiki Activity
577 Commits 1 Branch 11 Tags
7e6e3c8f3c7d4f7e9aa5f7f94de4a3560fbf59cb
Commit Graph

577 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Pol Henarejos
7e6e3c8f3c Fix build. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-12-29 20:36:09 +01:00
Pol Henarejos
6305ea11ab Blink led three times to acknowledge proper commissioning. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-12-29 20:15:45 +01:00
Pol Henarejos
4df616082e Fix led for pimoroni boards. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-12-27 22:03:35 +01:00
Pol Henarejos
3bf035d68a Zeroize pkey 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-12-27 22:02:58 +01:00
Pol Henarejos
7dc7be0909 Add device public key recovery and upload attestation certification. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-12-15 14:34:04 +01:00
Pol Henarejos
015fb61759 Add sign with keydev to rescue. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-12-15 01:17:26 +01:00
Pol Henarejos
1f4d638119 Build minimal picokey app. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-12-14 18:45:02 +01:00
Pol Henarejos
05fe0596ef Revert "Move EDDSA to another branch." 
This reverts commit 09ec0767b6.
 2025-12-11 15:42:30 +01:00
Pol Henarejos
d86371bb2c Revert "Move Secure Boot to another branch." 
This reverts commit 8cb2484aa3.
 2025-12-11 15:42:21 +01:00
Pol Henarejos
8cb2484aa3 Move Secure Boot to another branch. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-12-09 21:37:36 +01:00
Pol Henarejos
7583ecff18 Fix applet cmp 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-12-09 19:15:22 +01:00
Pol Henarejos
09ec0767b6 Move EDDSA to another branch. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-12-09 15:36:29 +01:00
Pol Henarejos
d0dea3d0c5 Fix MSOS/BOS descriptor. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-12-03 16:34:05 +01:00
Pol Henarejos
53d3a7ac91 Fix OTP button press in ESP32. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-12-02 14:38:07 +01:00
Pol Henarejos
2438356d83 Set anti-rollback version only when the binary is signed. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-12-02 09:39:17 +01:00
Pol Henarejos
79b69bfd7e Add WHOLE_ARCHIVE property. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-12-02 09:29:34 +01:00
Pol Henarejos
d189c2978c Add anti-rollback argument. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-12-01 23:41:29 +01:00
Pol Henarejos
c1cc33fd9d Upodate mbedtls only when necessary. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-12-01 17:02:47 +01:00
Pol Henarejos
2d72a157d5 Fix on AID selection. It should support shorter AID if matches. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-12-01 01:44:29 +01:00
Pol Henarejos
711a4df490 Upgrade to v8.0 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
v8.0 		2025-11-30 18:30:24 +01:00
Pol Henarejos
66f31c15b6 Upgrade to mbedtls v3.6.5 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-11-30 18:28:13 +01:00
Pol Henarejos
fa119d0c6e Fix build for ESP32. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-11-28 00:12:26 +01:00
Pol Henarejos
b67e9ac143 Fix key generation for RP2040. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-11-28 00:12:18 +01:00
Pol Henarejos
5d3d10b62b Fix declaration. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-11-28 00:12:06 +01:00
Pol Henarejos
27938f0d9b Add reboot bootsel command. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-11-28 00:11:54 +01:00
Pol Henarejos
20117d1609 Add read secure boot status. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-11-18 01:06:44 +01:00
Pol Henarejos
8f4f5373cf Do not use secboot in Phy. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-11-18 01:06:31 +01:00
Pol Henarejos
d4971bba19 Fix get secure boot status. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-11-18 01:06:20 +01:00
Pol Henarejos
2001006a16 Fix otp build. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-11-17 12:23:16 +01:00
Pol Henarejos
7c5f729b69 Add is_secure_boot_enable and is_secure_lock_enabled to PHY. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-11-17 12:20:44 +01:00
Pol Henarejos
07bbadf34c Add support for reading memory status. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-11-17 11:52:25 +01:00
Pol Henarejos
ed848d005f Fix curious bug when FIDO+OpenPGP+CCID connection is used in some circumstances. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-11-15 21:12:47 +01:00
Pol Henarejos
e6c0227996 Fix VIDPID PHY Read. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-11-15 21:11:57 +01:00
Pol Henarejos
84f7952817 Add support for PHY read. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-11-15 20:13:42 +01:00
Pol Henarejos
116aca7697 Fix #if/else logic. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-11-15 20:13:42 +01:00
Pol Henarejos
d410a4cfc2 Add support for RP2354. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-11-15 19:56:46 +01:00
Pol Henarejos
9b6d6f6736 Fix build 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-10-28 09:36:41 +01:00
Pol Henarejos
8f907b25ba Relicense project under the GNU Affero General Public License v3 (AGPLv3) 
and add the Enterprise / Commercial licensing option.

Main changes:
- Replace GPLv3 headers with AGPLv3 headers in source files.
- Update LICENSE file to the full AGPLv3 text.
- Add ENTERPRISE.md describing the dual-licensing model:
  * Community Edition: AGPLv3 (strong copyleft, including network use).
  * Enterprise / Commercial Edition: proprietary license for production /
    multi-user / OEM use without the obligation to disclose derivative code.
- Update README with a new "License and Commercial Use" section pointing to
  ENTERPRISE.md and clarifying how companies can obtain a commercial license.

Why this change:
- AGPLv3 ensures that modified versions offered as a service or deployed
  in production environments must provide corresponding source code.
- The Enterprise / Commercial edition provides organizations with an
  alternative proprietary license that allows internal, large-scale, or OEM
  use (bulk provisioning, policy enforcement, inventory / revocation,
  custom attestation, signed builds) without AGPL disclosure obligations.

This commit formally marks the first release that is dual-licensed:
AGPLv3 for the Community Edition and a proprietary commercial license
for Enterprise customers.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-10-26 20:06:16 +01:00
Pol Henarejos
233e6594c6 Add casts to fix warnings. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-10-12 18:52:07 +02:00
Pol Henarejos
eca6807f8e Fix win build. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-10-12 18:51:46 +02:00
Pol Henarejos
14d5a75571 Add some win compatibility. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-10-12 18:51:29 +02:00
Pol Henarejos
e56624948b Expose gettimeofday. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-10-12 18:47:43 +02:00
Pol Henarejos
200d59f91b ADd strlcpy when necessary. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-10-12 18:47:34 +02:00
Pol Henarejos
c165ae4838 Add set of secure functions to derive keys based on OTP, if available, and pico_serial as a fallback. PIN is also an input vector, which defines a separated domain. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-10-08 00:30:41 +02:00
Pol Henarejos
0ddfdf8134 Add sanity check. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-10-07 21:11:28 +02:00
Pol Henarejos
031d76737b Add pico_serial_hash as a source of unique (almost) 32 bytes string. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-10-07 21:11:06 +02:00
Pol Henarejos
df94d10f8f Fix print macro. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-10-07 21:10:19 +02:00
Pol Henarejos
b3b2b67034 Add const to OTP functions. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-10-06 14:21:41 +02:00
Pol Henarejos
3eff2442c6 Fix is_empty_otp_buffer when a register is invalid. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-10-06 14:21:41 +02:00
Pol Henarejos
a7e1cf028b To prevent the PVC attack, MKEK and DEV keys are migrated to another OTP page. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2025-10-06 14:21:41 +02:00