https://github.com/nitrokey/trussed-se050-backend
Trussed backend for the SE050
https://github.com/nitrokey/trussed-se050-backend
Last synced: 9 months ago
JSON representation
Trussed backend for the SE050
- Host: GitHub
- URL: https://github.com/nitrokey/trussed-se050-backend
- Owner: Nitrokey
- Created: 2023-08-17T13:46:13.000Z (almost 3 years ago)
- Default Branch: main
- Last Pushed: 2025-09-25T09:12:11.000Z (9 months ago)
- Last Synced: 2025-09-30T12:43:57.271Z (9 months ago)
- Language: Rust
- Homepage:
- Size: 362 KB
- Stars: 3
- Watchers: 3
- Forks: 0
- Open Issues: 8
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
Awesome Lists containing this project
README
Trussed backend leveraging the SE050 secure element
===================================================
This backends reimplements the assymetric cryptography APIs from [Trussed](https://github.com/trussed-dev/trussed) using the SE050 secure element.
It also implements secure PIN handling following the [trussed-auth](https://github.com/trussed-dev/trussed-auth) APIs, as well as RSA operations (which aren't part of the core trussed API).
Differences with the main implementations
-----------------------------------------
- The `UnwrapKey` syscall cannot be used after the key has been deleted.
As such, the key needs to be "cleared" with the `Clear` syscall if one wants to unwrap it again, leaving the metadata required for unwraping.
- Public keys obtained through `DeriveKey` can only be valid for as long as the original private key they are derived from.