Skip to content

How do I start?

Start today to protect your personal keys, your communications, your digital life.

Decide between the Pico HSM, Pico Fido and Pico OpenPGP:

  • Pico HSM: for users who want to manage multiple private and secret keys, sign and decrypt operations, deploy a PKI, smooth integration with OpenSC or OpenSSL.
  • Pico Fido: for users who look for secure logins in applications, smooth integration with OS, register and authenticate credentials.
  • Pico OpenPGP: for users who aim at integrating OpenPGP for secure email, gnupg and PGP cryptographic operations.
1

Acquire a Raspberry Pico device. You have multiple vendors, starting at $4. You can choose the internal flash size (up to 16 MB).

Take a look to Raspberry Foundation.

2

Download the firmware for your board. If you board is the canonical sold by the Raspberry Foundation, go for the pico or pico_w compilation, depending on the model (W stands for wireless model).

Pico HSM

Version 3.6

Pico Fido

Version 5.8

Pico OpenPGP

Version 1.10

3

But the Pico device into recovery mode:

  1. Unplug the device
  2. While pressing the BOOTSEL button, plug the device to the USB port
  3. A mounted flash unit will appear in the File Explorer / Finder named RPI-RP2
  4. Copy the .uf2 file download previously and copy to the mounted unit
  5. The device will unmount the flash unit and will be remounted as a Pico key. The led light will blink periodically

Your device is ready to work!

What to do now?

Take a look on the following interesting posts:
  • Led Light Codes

    Led Light Codes

    Pico HSM uses the led to indicate the current status. Four states are available: Press to confirm The Led is almost on all the time. It goes off for 100 milliseconds every second. In this state, you have to press BOOTSEL button to confirm operation (i.e., confirm a signature generation). The operation will timeout in…

  • Generate and Sign a Certificate

    Generate and Sign a Certificate

    Pico HSM allows you generating lots of keypairs (public and private). It supports different types of cryptographic keys and thanks to PKCS11 interface, it can be used with any app implementing PKCS11 interface to sign a certificate request. Once the certificate is generated and signed, it can be easily examined with usual tools:

  • Keypair Generation and Key Management

    Keypair Generation and Key Management

    Pico HSM allows you generating multiple keypair (public and private). It supports different types of cryptographic keys and thanks to PKCS11 interface, it can be used with any app implementing PKCS11 interface. The ID parameter is an internal hexadecimal number for easy identification. The label is a string that also identifies the key. Despite it…

About me

This is another project, as many I started.

Copyright