Customise firmware #84
Comments
|
In general, the entity which protects cryptographic keys also needs to compute the algorithm. Because smart cards don't support your algorithms yet, the only option is to add support to the firmware which runs on the MCU. I strongly recommend to do this on the Rust-based platform Trussed of our upcoming Nitrokey 3. Your contributions are very much welcome. Because this ticket belongs to a different project, I'm closing it. |
|
Here is a trial wrapping already. |
|
@jans23 that is excellent thank you! I'll have a look at it. I'm not really familiar with Rust, but I've only heard good things so far and coming from C/C++ it seems like it is not too much of a leap. Trussed looks really interesting. :) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi there!
We are interesting in using your Nitrokey HSM for some software projects, but we have the requirements of enabling the HSM with crypto that is yet to be standardised - in particular Pairing based ECC BN from https://github.com/miracl/core
We are happy with doing the work ourselves, and from what I can see here it sounds like we could modify the firmware to add this type of functionality, but I am not 100% sure about it. Is this possible in theory to add this type of functionality and have private keys protected in a device like the Nitrokey HSM and have the HSM do signing?
The text was updated successfully, but these errors were encountered: