adds cargo checks and tests to workflows and locally

.github/workflows/cargo_check.yml

@@ -40,6 +40,12 @@ jobs:
           command: check
           args: --target thumbv7em-none-eabi --release --features with_ctap1
 
+      - name: Check OpenSK with_ctap2_1
+        uses: actions-rs/cargo@v1
+        with:
+          command: check
+          args: --target thumbv7em-none-eabi --release --features with_ctap2_1
+
       - name: Check OpenSK debug_ctap
         uses: actions-rs/cargo@v1
         with:
@@ -76,11 +82,17 @@ jobs:
           command: check
           args: --target thumbv7em-none-eabi --release --features debug_ctap,with_ctap1
 
-      - name: Check OpenSK debug_ctap,with_ctap1,panic_console,debug_allocations,verbose
+      - name: Check OpenSK debug_ctap,with_ctap2_1
         uses: actions-rs/cargo@v1
         with:
           command: check
-          args: --target thumbv7em-none-eabi --release --features debug_ctap,with_ctap1,panic_console,debug_allocations,verbose
+          args: --target thumbv7em-none-eabi --release --features debug_ctap,with_ctap2_1
+
+      - name: Check OpenSK debug_ctap,with_ctap1,with_ctap2_1,panic_console,debug_allocations,verbose
+        uses: actions-rs/cargo@v1
+        with:
+          command: check
+          args: --target thumbv7em-none-eabi --release --features debug_ctap,with_ctap1,with_ctap2_1,panic_console,debug_allocations,verbose
 
       - name: Check examples
         uses: actions-rs/cargo@v1

.github/workflows/opensk_test.yml

@@ -49,3 +49,27 @@ jobs:
           command: test
           args: --features std,with_ctap1
 
+      - name: Unit testing of CTAP2 (release mode + CTAP2.1)
+        uses: actions-rs/cargo@v1
+        with:
+          command: test
+          args: --release --features std,with_ctap2_1
+
+      - name: Unit testing of CTAP2 (debug mode + CTAP2.1)
+        uses: actions-rs/cargo@v1
+        with:
+          command: test
+          args: --features std,with_ctap2_1
+
+      - name: Unit testing of CTAP2 (release mode + CTAP1 + CTAP2.1)
+        uses: actions-rs/cargo@v1
+        with:
+          command: test
+          args: --release --features std,with_ctap1,with_ctap2_1
+
+      - name: Unit testing of CTAP2 (debug mode + CTAP1 + CTAP2.1)
+        uses: actions-rs/cargo@v1
+        with:
+          command: test
+          args: --features std,with_ctap1,with_ctap2_1
+

README.md

@@ -32,7 +32,7 @@ be FIDO Certified.
 We started adding features of the upcoming next version of the
 [CTAP2.1 specifications](https://fidoalliance.org/specs/fido2/fido-client-to-authenticator-protocol-v2.1-rd-20191217.html).
 The development is currently between 2.0 and 2.1, with updates hidden behind a feature flag.
-Please add the flag `shell --ctap2-1` to the deploy command to include them.
+Please add the flag `--ctap2.1` to the deploy command to include them.
 
 ### Cryptography
 

deploy.py

@@ -755,7 +755,7 @@ if __name__ == "__main__":
             "support for U2F/CTAP1 protocol."),
   )
   main_parser.add_argument(
-      "--ctap2-1",
+      "--ctap2.1",
       action=RemoveConstAction,
       const="with_ctap2_1",
       dest="features",

run_desktop_tests.sh

@@ -93,4 +93,10 @@ then
 
   echo "Running unit tests on the desktop (debug mode + CTAP2.1)..."
   cargo test --features std,with_ctap2_1
+
+  echo "Running unit tests on the desktop (release mode + CTAP1 + CTAP2.1)..."
+  cargo test --release --features std,with_ctap1,with_ctap2_1
+
+  echo "Running unit tests on the desktop (debug mode + CTAP1 + CTAP2.1)..."
+  cargo test --features std,with_ctap1,with_ctap2_1
 fi

src/ctap/data_formats.rs

@@ -111,7 +111,7 @@ impl From<PublicKeyCredentialType> for cbor::Value {
         match cred_type {
             PublicKeyCredentialType::PublicKey => "public-key",
             // We should never create this credential type.
-            PublicKeyCredentialType::Unknown => unreachable!(),
+            PublicKeyCredentialType::Unknown => "unknown",
         }
         .into()
     }

src/ctap/mod.rs

@@ -762,7 +762,6 @@ where
             self.persistent_store.pin_hash().is_some(),
         );
         Ok(ResponseData::AuthenticatorGetInfo(
-            #[cfg(feature = "with_ctap2_1")]
             AuthenticatorGetInfoResponse {
                 versions: vec![
                     #[cfg(feature = "with_ctap1")]
@@ -776,29 +775,19 @@ where
                 pin_protocols: Some(vec![
                     CtapState::<R, CheckUserPresence>::PIN_PROTOCOL_VERSION,
                 ]),
+                #[cfg(feature = "with_ctap2_1")]
                 max_credential_count_in_list: MAX_CREDENTIAL_COUNT_IN_LIST.map(|c| c as u64),
                 // You can use ENCRYPTED_CREDENTIAL_ID_SIZE here, but if your
                 // browser passes that value, it might be used to fingerprint.
+                #[cfg(feature = "with_ctap2_1")]
                 max_credential_id_length: None,
+                #[cfg(feature = "with_ctap2_1")]
                 transports: Some(vec![AuthenticatorTransport::Usb]),
+                #[cfg(feature = "with_ctap2_1")]
                 algorithms: Some(vec![ES256_CRED_PARAM]),
+                #[cfg(feature = "with_ctap2_1")]
                 firmware_version: None,
             },
-            #[cfg(not(feature = "with_ctap2_1"))]
-            AuthenticatorGetInfoResponse {
-                versions: vec![
-                    #[cfg(feature = "with_ctap1")]
-                    String::from(U2F_VERSION_STRING),
-                    String::from(FIDO2_VERSION_STRING),
-                ],
-                extensions: Some(vec![String::from("hmac-secret")]),
-                aaguid: *AAGUID,
-                options: Some(options_map),
-                max_msg_size: Some(1024),
-                pin_protocols: Some(vec![
-                    CtapState::<R, CheckUserPresence>::PIN_PROTOCOL_VERSION,
-                ]),
-            },
         ))
     }