kmwebnet/OpenSK
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix ctap1 clippy warning (#517)

Browse Source 
And improve clippy workflows.
This commit is contained in:
hcyang
2022-07-22 13:23:29 +08:00
committed by GitHub
parent 168de290de
commit 9bb1a2f7ac
8 changed files with 68 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.github/workflows/cargo_clippy.yml vendored
View File

@@ -26,5 +26,9 @@ jobs:
with: with:
token: ${{ secrets.GITHUB_TOKEN }} token: ${{ secrets.GITHUB_TOKEN }}
args: --all-targets --features std args: --all-targets --features std
- name: Deny Clippy warnings - name: Deny Clippy warnings (std)
run: cargo clippy --all-targets --features std -- -A clippy::new_without_default -D warnings run: cargo clippy --all-targets --features std -- -A clippy::new_without_default -D warnings
- name: Deny Clippy warnings (all)
run: cargo clippy --all-targets --features std,with_ctap1,ed25519,vendor_hid -- -A clippy::new_without_default -D warnings
- name: Deny Clippy warnings (all, nfc)
run: cargo clippy --all-targets --features std,with_ctap1,with_nfc,ed25519,vendor_hid -- -A clippy::new_without_default -D warnings

4
run_desktop_tests.sh
View File

@@ -38,8 +38,8 @@ cd ..
echo "Running Clippy lints..." echo "Running Clippy lints..."
cargo clippy --all-targets --features std -- -A clippy::new_without_default -D warnings cargo clippy --all-targets --features std -- -A clippy::new_without_default -D warnings
cargo clippy --all-targets --features std,with_nfc -- -A clippy::new_without_default -D warnings cargo clippy --all-targets --features std,with_ctap1,ed25519,vendor_hid -- -A clippy::new_without_default -D warnings
cargo clippy --all-targets --features std,vendor_hid -- -A clippy::new_without_default -D warnings cargo clippy --all-targets --features std,with_ctap1,with_nfc,ed25519,vendor_hid -- -A clippy::new_without_default -D warnings
echo "Building sha256sum tool..." echo "Building sha256sum tool..."
cargo build --manifest-path third_party/tock/tools/sha256sum/Cargo.toml cargo build --manifest-path third_party/tock/tools/sha256sum/Cargo.toml

2
src/ctap/command.rs
View File

@@ -1103,7 +1103,7 @@ mod test {
data: vec![0xFF; 0x100], data: vec![0xFF; 0x100],
hash: vec![0x44; 32], hash: vec![0x44; 32],
signature: Some(CoseSignature { signature: Some(CoseSignature {
algorithm: SignatureAlgorithm::ES256, algorithm: SignatureAlgorithm::Es256,
bytes: [0x55; 64], bytes: [0x55; 64],
}), }),
}) })

20
src/ctap/credential_id.rs
View File

@@ -288,19 +288,19 @@ mod test {
#[test] #[test]
fn test_encrypt_decrypt_ecdsa_credential() { fn test_encrypt_decrypt_ecdsa_credential() {
test_encrypt_decrypt_credential(SignatureAlgorithm::ES256); test_encrypt_decrypt_credential(SignatureAlgorithm::Es256);
} }
#[test] #[test]
#[cfg(feature = "ed25519")] #[cfg(feature = "ed25519")]
fn test_encrypt_decrypt_ed25519_credential() { fn test_encrypt_decrypt_ed25519_credential() {
test_encrypt_decrypt_credential(SignatureAlgorithm::EDDSA); test_encrypt_decrypt_credential(SignatureAlgorithm::Eddsa);
} }
#[test] #[test]
fn test_encrypt_decrypt_bad_version() { fn test_encrypt_decrypt_bad_version() {
let mut env = TestEnv::new(); let mut env = TestEnv::new();
let private_key = PrivateKey::new(&mut env, SignatureAlgorithm::ES256); let private_key = PrivateKey::new(&mut env, SignatureAlgorithm::Es256);
let rp_id_hash = [0x55; 32]; let rp_id_hash = [0x55; 32];
let mut encrypted_id = let mut encrypted_id =
@@ -337,13 +337,13 @@ mod test {
#[test] #[test]
fn test_ecdsa_encrypt_decrypt_bad_hmac() { fn test_ecdsa_encrypt_decrypt_bad_hmac() {
test_encrypt_decrypt_bad_hmac(SignatureAlgorithm::ES256); test_encrypt_decrypt_bad_hmac(SignatureAlgorithm::Es256);
} }
#[test] #[test]
#[cfg(feature = "ed25519")] #[cfg(feature = "ed25519")]
fn test_ed25519_encrypt_decrypt_bad_hmac() { fn test_ed25519_encrypt_decrypt_bad_hmac() {
test_encrypt_decrypt_bad_hmac(SignatureAlgorithm::EDDSA); test_encrypt_decrypt_bad_hmac(SignatureAlgorithm::Eddsa);
} }
fn test_decrypt_credential_missing_blocks(signature_algorithm: SignatureAlgorithm) { fn test_decrypt_credential_missing_blocks(signature_algorithm: SignatureAlgorithm) {
@@ -369,13 +369,13 @@ mod test {
#[test] #[test]
fn test_ecdsa_decrypt_credential_missing_blocks() { fn test_ecdsa_decrypt_credential_missing_blocks() {
test_decrypt_credential_missing_blocks(SignatureAlgorithm::ES256); test_decrypt_credential_missing_blocks(SignatureAlgorithm::Es256);
} }
#[test] #[test]
#[cfg(feature = "ed25519")] #[cfg(feature = "ed25519")]
fn test_ed25519_decrypt_credential_missing_blocks() { fn test_ed25519_decrypt_credential_missing_blocks() {
test_decrypt_credential_missing_blocks(SignatureAlgorithm::EDDSA); test_decrypt_credential_missing_blocks(SignatureAlgorithm::Eddsa);
} }
/// This is a copy of the function that genereated deprecated key handles. /// This is a copy of the function that genereated deprecated key handles.
@@ -420,7 +420,7 @@ mod test {
#[test] #[test]
fn test_encrypt_credential_size() { fn test_encrypt_credential_size() {
let mut env = TestEnv::new(); let mut env = TestEnv::new();
let private_key = PrivateKey::new(&mut env, SignatureAlgorithm::ES256); let private_key = PrivateKey::new(&mut env, SignatureAlgorithm::Es256);
let rp_id_hash = [0x55; 32]; let rp_id_hash = [0x55; 32];
let encrypted_id = let encrypted_id =
@@ -431,7 +431,7 @@ mod test {
#[test] #[test]
fn test_check_cred_protect_fail() { fn test_check_cred_protect_fail() {
let mut env = TestEnv::new(); let mut env = TestEnv::new();
let private_key = PrivateKey::new(&mut env, SignatureAlgorithm::ES256); let private_key = PrivateKey::new(&mut env, SignatureAlgorithm::Es256);
let rp_id_hash = [0x55; 32]; let rp_id_hash = [0x55; 32];
let encrypted_id = encrypt_to_credential_id( let encrypted_id = encrypt_to_credential_id(
@@ -451,7 +451,7 @@ mod test {
#[test] #[test]
fn test_check_cred_protect_success() { fn test_check_cred_protect_success() {
let mut env = TestEnv::new(); let mut env = TestEnv::new();
let private_key = PrivateKey::new(&mut env, SignatureAlgorithm::ES256); let private_key = PrivateKey::new(&mut env, SignatureAlgorithm::Es256);
let rp_id_hash = [0x55; 32]; let rp_id_hash = [0x55; 32];
let encrypted_id = encrypt_to_credential_id( let encrypted_id = encrypt_to_credential_id(

30
src/ctap/crypto_wrapper.rs
View File

@@ -92,11 +92,11 @@ impl PrivateKey {
/// Panics if the algorithm is [`SignatureAlgorithm::Unknown`]. /// Panics if the algorithm is [`SignatureAlgorithm::Unknown`].
pub fn new(env: &mut impl Env, alg: SignatureAlgorithm) -> Self { pub fn new(env: &mut impl Env, alg: SignatureAlgorithm) -> Self {
match alg { match alg {
SignatureAlgorithm::ES256 => { SignatureAlgorithm::Es256 => {
PrivateKey::Ecdsa(env.key_store().generate_ecdsa_seed().unwrap()) PrivateKey::Ecdsa(env.key_store().generate_ecdsa_seed().unwrap())
} }
#[cfg(feature = "ed25519")] #[cfg(feature = "ed25519")]
SignatureAlgorithm::EDDSA => { SignatureAlgorithm::Eddsa => {
let bytes = env.rng().gen_uniform_u8x32(); let bytes = env.rng().gen_uniform_u8x32();
Self::new_ed25519_from_bytes(&bytes).unwrap() Self::new_ed25519_from_bytes(&bytes).unwrap()
} }
@@ -106,7 +106,7 @@ impl PrivateKey {
/// Creates a new ecdsa private key. /// Creates a new ecdsa private key.
pub fn new_ecdsa(env: &mut impl Env) -> PrivateKey { pub fn new_ecdsa(env: &mut impl Env) -> PrivateKey {
Self::new(env, SignatureAlgorithm::ES256) Self::new(env, SignatureAlgorithm::Es256)
} }
/// Helper function that creates a private key of type ECDSA. /// Helper function that creates a private key of type ECDSA.
@@ -166,9 +166,9 @@ impl PrivateKey {
/// The associated COSE signature algorithm identifier. /// The associated COSE signature algorithm identifier.
pub fn signature_algorithm(&self) -> SignatureAlgorithm { pub fn signature_algorithm(&self) -> SignatureAlgorithm {
match self { match self {
PrivateKey::Ecdsa(_) => SignatureAlgorithm::ES256, PrivateKey::Ecdsa(_) => SignatureAlgorithm::Es256,
#[cfg(feature = "ed25519")] #[cfg(feature = "ed25519")]
PrivateKey::Ed25519(_) => SignatureAlgorithm::EDDSA, PrivateKey::Ed25519(_) => SignatureAlgorithm::Eddsa,
} }
} }
@@ -209,10 +209,10 @@ impl TryFrom<cbor::Value> for PrivateKey {
} }
let key_bytes = extract_byte_string(array.pop().unwrap())?; let key_bytes = extract_byte_string(array.pop().unwrap())?;
match SignatureAlgorithm::try_from(array.pop().unwrap())? { match SignatureAlgorithm::try_from(array.pop().unwrap())? {
SignatureAlgorithm::ES256 => PrivateKey::new_ecdsa_from_bytes(&key_bytes) SignatureAlgorithm::Es256 => PrivateKey::new_ecdsa_from_bytes(&key_bytes)
.ok_or(Ctap2StatusCode::CTAP2_ERR_INVALID_CBOR), .ok_or(Ctap2StatusCode::CTAP2_ERR_INVALID_CBOR),
#[cfg(feature = "ed25519")] #[cfg(feature = "ed25519")]
SignatureAlgorithm::EDDSA => PrivateKey::new_ed25519_from_bytes(&key_bytes) SignatureAlgorithm::Eddsa => PrivateKey::new_ed25519_from_bytes(&key_bytes)
.ok_or(Ctap2StatusCode::CTAP2_ERR_INVALID_CBOR), .ok_or(Ctap2StatusCode::CTAP2_ERR_INVALID_CBOR),
_ => Err(Ctap2StatusCode::CTAP2_ERR_INVALID_CBOR), _ => Err(Ctap2StatusCode::CTAP2_ERR_INVALID_CBOR),
} }
@@ -292,7 +292,7 @@ mod test {
#[test] #[test]
fn test_new_ecdsa_from_bytes() { fn test_new_ecdsa_from_bytes() {
let mut env = TestEnv::new(); let mut env = TestEnv::new();
let private_key = PrivateKey::new(&mut env, SignatureAlgorithm::ES256); let private_key = PrivateKey::new(&mut env, SignatureAlgorithm::Es256);
let key_bytes = private_key.to_bytes(); let key_bytes = private_key.to_bytes();
assert_eq!( assert_eq!(
PrivateKey::new_ecdsa_from_bytes(&key_bytes), PrivateKey::new_ecdsa_from_bytes(&key_bytes),
@@ -304,7 +304,7 @@ mod test {
#[cfg(feature = "ed25519")] #[cfg(feature = "ed25519")]
fn test_new_ed25519_from_bytes() { fn test_new_ed25519_from_bytes() {
let mut env = TestEnv::new(); let mut env = TestEnv::new();
let private_key = PrivateKey::new(&mut env, SignatureAlgorithm::EDDSA); let private_key = PrivateKey::new(&mut env, SignatureAlgorithm::Eddsa);
let key_bytes = private_key.to_bytes(); let key_bytes = private_key.to_bytes();
assert_eq!( assert_eq!(
PrivateKey::new_ed25519_from_bytes(&key_bytes), PrivateKey::new_ed25519_from_bytes(&key_bytes),
@@ -362,13 +362,13 @@ mod test {
#[test] #[test]
fn test_ecdsa_private_key_signature_algorithm() { fn test_ecdsa_private_key_signature_algorithm() {
test_private_key_signature_algorithm(SignatureAlgorithm::ES256); test_private_key_signature_algorithm(SignatureAlgorithm::Es256);
} }
#[test] #[test]
#[cfg(feature = "ed25519")] #[cfg(feature = "ed25519")]
fn test_ed25519_private_key_signature_algorithm() { fn test_ed25519_private_key_signature_algorithm() {
test_private_key_signature_algorithm(SignatureAlgorithm::EDDSA); test_private_key_signature_algorithm(SignatureAlgorithm::Eddsa);
} }
fn test_private_key_from_to_cbor(signature_algorithm: SignatureAlgorithm) { fn test_private_key_from_to_cbor(signature_algorithm: SignatureAlgorithm) {
@@ -380,13 +380,13 @@ mod test {
#[test] #[test]
fn test_ecdsa_private_key_from_to_cbor() { fn test_ecdsa_private_key_from_to_cbor() {
test_private_key_from_to_cbor(SignatureAlgorithm::ES256); test_private_key_from_to_cbor(SignatureAlgorithm::Es256);
} }
#[test] #[test]
#[cfg(feature = "ed25519")] #[cfg(feature = "ed25519")]
fn test_ed25519_private_key_from_to_cbor() { fn test_ed25519_private_key_from_to_cbor() {
test_private_key_from_to_cbor(SignatureAlgorithm::EDDSA); test_private_key_from_to_cbor(SignatureAlgorithm::Eddsa);
} }
fn test_private_key_from_bad_cbor(signature_algorithm: SignatureAlgorithm) { fn test_private_key_from_bad_cbor(signature_algorithm: SignatureAlgorithm) {
@@ -404,13 +404,13 @@ mod test {
#[test] #[test]
fn test_ecdsa_private_key_from_bad_cbor() { fn test_ecdsa_private_key_from_bad_cbor() {
test_private_key_from_bad_cbor(SignatureAlgorithm::ES256); test_private_key_from_bad_cbor(SignatureAlgorithm::Es256);
} }
#[test] #[test]
#[cfg(feature = "ed25519")] #[cfg(feature = "ed25519")]
fn test_ed25519_private_key_from_bad_cbor() { fn test_ed25519_private_key_from_bad_cbor() {
test_private_key_from_bad_cbor(SignatureAlgorithm::EDDSA); test_private_key_from_bad_cbor(SignatureAlgorithm::Eddsa);
} }
#[test] #[test]

30
src/ctap/ctap1.rs
View File

@@ -21,7 +21,7 @@ use crate::api::attestation_store::{self, Attestation, AttestationStore};
use crate::env::Env; use crate::env::Env;
use alloc::vec::Vec; use alloc::vec::Vec;
use arrayref::array_ref; use arrayref::array_ref;
use core::convert::{Into, TryFrom}; use core::convert::TryFrom;
// For now, they're the same thing with apdu.rs containing the authoritative definition // For now, they're the same thing with apdu.rs containing the authoritative definition
pub type Ctap1StatusCode = ApduStatusCode; pub type Ctap1StatusCode = ApduStatusCode;
@@ -49,9 +49,9 @@ impl TryFrom<u8> for Ctap1Flags {
} }
} }
impl Into<u8> for Ctap1Flags { impl From<Ctap1Flags> for u8 {
fn into(self) -> u8 { fn from(flags: Ctap1Flags) -> u8 {
self as u8 flags as u8
} }
} }
@@ -79,9 +79,7 @@ impl TryFrom<&[u8]> for U2fCommand {
fn try_from(message: &[u8]) -> Result<Self, Ctap1StatusCode> { fn try_from(message: &[u8]) -> Result<Self, Ctap1StatusCode> {
let apdu: Apdu = match Apdu::try_from(message) { let apdu: Apdu = match Apdu::try_from(message) {
Ok(apdu) => apdu, Ok(apdu) => apdu,
Err(apdu_status_code) => { Err(apdu_status_code) => return Err(apdu_status_code),
return Err(Ctap1StatusCode::try_from(apdu_status_code).unwrap())
}
}; };
let lc = apdu.lc as usize; let lc = apdu.lc as usize;
@@ -373,7 +371,7 @@ mod test {
fn create_authenticate_message( fn create_authenticate_message(
application: &[u8; 32], application: &[u8; 32],
flags: Ctap1Flags, flags: Ctap1Flags,
key_handle: &Vec<u8>, key_handle: &[u8],
) -> Vec<u8> { ) -> Vec<u8> {
let mut message = vec![ let mut message = vec![
Ctap1Command::CTAP1_CLA, Ctap1Command::CTAP1_CLA,
@@ -496,7 +494,7 @@ mod test {
let mut env = TestEnv::new(); let mut env = TestEnv::new();
env.user_presence() env.user_presence()
.set(|| panic!("Unexpected user presence check in CTAP1")); .set(|| panic!("Unexpected user presence check in CTAP1"));
let sk = PrivateKey::new(&mut env, SignatureAlgorithm::ES256); let sk = PrivateKey::new(&mut env, SignatureAlgorithm::Es256);
let mut ctap_state = CtapState::new(&mut env, CtapInstant::new(0)); let mut ctap_state = CtapState::new(&mut env, CtapInstant::new(0));
let rp_id = "example.com"; let rp_id = "example.com";
@@ -514,7 +512,7 @@ mod test {
let mut env = TestEnv::new(); let mut env = TestEnv::new();
env.user_presence() env.user_presence()
.set(|| panic!("Unexpected user presence check in CTAP1")); .set(|| panic!("Unexpected user presence check in CTAP1"));
let sk = PrivateKey::new(&mut env, SignatureAlgorithm::ES256); let sk = PrivateKey::new(&mut env, SignatureAlgorithm::Es256);
let mut ctap_state = CtapState::new(&mut env, CtapInstant::new(0)); let mut ctap_state = CtapState::new(&mut env, CtapInstant::new(0));
let rp_id = "example.com"; let rp_id = "example.com";
@@ -533,7 +531,7 @@ mod test {
let mut env = TestEnv::new(); let mut env = TestEnv::new();
env.user_presence() env.user_presence()
.set(|| panic!("Unexpected user presence check in CTAP1")); .set(|| panic!("Unexpected user presence check in CTAP1"));
let sk = PrivateKey::new(&mut env, SignatureAlgorithm::ES256); let sk = PrivateKey::new(&mut env, SignatureAlgorithm::Es256);
let mut ctap_state = CtapState::new(&mut env, CtapInstant::new(0)); let mut ctap_state = CtapState::new(&mut env, CtapInstant::new(0));
let rp_id = "example.com"; let rp_id = "example.com";
@@ -571,7 +569,7 @@ mod test {
let mut env = TestEnv::new(); let mut env = TestEnv::new();
env.user_presence() env.user_presence()
.set(|| panic!("Unexpected user presence check in CTAP1")); .set(|| panic!("Unexpected user presence check in CTAP1"));
let sk = PrivateKey::new(&mut env, SignatureAlgorithm::ES256); let sk = PrivateKey::new(&mut env, SignatureAlgorithm::Es256);
let mut ctap_state = CtapState::new(&mut env, CtapInstant::new(0)); let mut ctap_state = CtapState::new(&mut env, CtapInstant::new(0));
let rp_id = "example.com"; let rp_id = "example.com";
@@ -591,7 +589,7 @@ mod test {
let mut env = TestEnv::new(); let mut env = TestEnv::new();
env.user_presence() env.user_presence()
.set(|| panic!("Unexpected user presence check in CTAP1")); .set(|| panic!("Unexpected user presence check in CTAP1"));
let sk = PrivateKey::new(&mut env, SignatureAlgorithm::ES256); let sk = PrivateKey::new(&mut env, SignatureAlgorithm::Es256);
let mut ctap_state = CtapState::new(&mut env, CtapInstant::new(0)); let mut ctap_state = CtapState::new(&mut env, CtapInstant::new(0));
let rp_id = "example.com"; let rp_id = "example.com";
@@ -611,7 +609,7 @@ mod test {
let mut env = TestEnv::new(); let mut env = TestEnv::new();
env.user_presence() env.user_presence()
.set(|| panic!("Unexpected user presence check in CTAP1")); .set(|| panic!("Unexpected user presence check in CTAP1"));
let sk = PrivateKey::new(&mut env, SignatureAlgorithm::ES256); let sk = PrivateKey::new(&mut env, SignatureAlgorithm::Es256);
let mut ctap_state = CtapState::new(&mut env, CtapInstant::new(0)); let mut ctap_state = CtapState::new(&mut env, CtapInstant::new(0));
let rp_id = "example.com"; let rp_id = "example.com";
@@ -639,7 +637,7 @@ mod test {
let mut env = TestEnv::new(); let mut env = TestEnv::new();
env.user_presence() env.user_presence()
.set(|| panic!("Unexpected user presence check in CTAP1")); .set(|| panic!("Unexpected user presence check in CTAP1"));
let sk = PrivateKey::new(&mut env, SignatureAlgorithm::ES256); let sk = PrivateKey::new(&mut env, SignatureAlgorithm::Es256);
let mut ctap_state = CtapState::new(&mut env, CtapInstant::new(0)); let mut ctap_state = CtapState::new(&mut env, CtapInstant::new(0));
let rp_id = "example.com"; let rp_id = "example.com";
@@ -667,7 +665,7 @@ mod test {
let mut env = TestEnv::new(); let mut env = TestEnv::new();
env.user_presence() env.user_presence()
.set(|| panic!("Unexpected user presence check in CTAP1")); .set(|| panic!("Unexpected user presence check in CTAP1"));
let sk = PrivateKey::new(&mut env, SignatureAlgorithm::ES256); let sk = PrivateKey::new(&mut env, SignatureAlgorithm::Es256);
let mut ctap_state = CtapState::new(&mut env, CtapInstant::new(0)); let mut ctap_state = CtapState::new(&mut env, CtapInstant::new(0));
let rp_id = "example.com"; let rp_id = "example.com";

28
src/ctap/data_formats.rs
View File

@@ -507,9 +507,9 @@ impl From<PackedAttestationStatement> for cbor::Value {
#[derive(Clone, Copy, Debug, PartialEq, Eq)] #[derive(Clone, Copy, Debug, PartialEq, Eq)]
#[cfg_attr(feature = "fuzz", derive(Arbitrary))] #[cfg_attr(feature = "fuzz", derive(Arbitrary))]
pub enum SignatureAlgorithm { pub enum SignatureAlgorithm {
ES256 = ES256_ALGORITHM as isize, Es256 = ES256_ALGORITHM as isize,
#[cfg(feature = "ed25519")] #[cfg(feature = "ed25519")]
EDDSA = EDDSA_ALGORITHM as isize, Eddsa = EDDSA_ALGORITHM as isize,
// This is the default for all numbers not covered above. // This is the default for all numbers not covered above.
// Unknown types should be ignored, instead of returning errors. // Unknown types should be ignored, instead of returning errors.
Unknown = 0, Unknown = 0,
@@ -524,9 +524,9 @@ impl From<SignatureAlgorithm> for cbor::Value {
impl From<i64> for SignatureAlgorithm { impl From<i64> for SignatureAlgorithm {
fn from(int: i64) -> Self { fn from(int: i64) -> Self {
match int { match int {
ES256_ALGORITHM => SignatureAlgorithm::ES256, ES256_ALGORITHM => SignatureAlgorithm::Es256,
#[cfg(feature = "ed25519")] #[cfg(feature = "ed25519")]
EDDSA_ALGORITHM => SignatureAlgorithm::EDDSA, EDDSA_ALGORITHM => SignatureAlgorithm::Eddsa,
_ => SignatureAlgorithm::Unknown, _ => SignatureAlgorithm::Unknown,
} }
} }
@@ -950,10 +950,10 @@ impl TryFrom<CoseSignature> for ecdsa::Signature {
fn try_from(cose_signature: CoseSignature) -> Result<Self, Ctap2StatusCode> { fn try_from(cose_signature: CoseSignature) -> Result<Self, Ctap2StatusCode> {
match cose_signature.algorithm { match cose_signature.algorithm {
SignatureAlgorithm::ES256 => ecdsa::Signature::from_bytes(&cose_signature.bytes) SignatureAlgorithm::Es256 => ecdsa::Signature::from_bytes(&cose_signature.bytes)
.ok_or(Ctap2StatusCode::CTAP1_ERR_INVALID_PARAMETER), .ok_or(Ctap2StatusCode::CTAP1_ERR_INVALID_PARAMETER),
#[cfg(feature = "ed25519")] #[cfg(feature = "ed25519")]
SignatureAlgorithm::EDDSA => Err(Ctap2StatusCode::CTAP2_ERR_UNSUPPORTED_ALGORITHM), SignatureAlgorithm::Eddsa => Err(Ctap2StatusCode::CTAP2_ERR_UNSUPPORTED_ALGORITHM),
SignatureAlgorithm::Unknown => Err(Ctap2StatusCode::CTAP2_ERR_UNSUPPORTED_ALGORITHM), SignatureAlgorithm::Unknown => Err(Ctap2StatusCode::CTAP2_ERR_UNSUPPORTED_ALGORITHM),
} }
} }
@@ -1611,15 +1611,15 @@ mod test {
#[test] #[test]
fn test_from_into_signature_algorithm_int() { fn test_from_into_signature_algorithm_int() {
let alg_int = SignatureAlgorithm::ES256 as i64; let alg_int = SignatureAlgorithm::Es256 as i64;
let signature_algorithm = SignatureAlgorithm::from(alg_int); let signature_algorithm = SignatureAlgorithm::from(alg_int);
assert_eq!(signature_algorithm, SignatureAlgorithm::ES256); assert_eq!(signature_algorithm, SignatureAlgorithm::Es256);
#[cfg(feature = "ed25519")] #[cfg(feature = "ed25519")]
{ {
let alg_int = SignatureAlgorithm::EDDSA as i64; let alg_int = SignatureAlgorithm::Eddsa as i64;
let signature_algorithm = SignatureAlgorithm::from(alg_int); let signature_algorithm = SignatureAlgorithm::from(alg_int);
assert_eq!(signature_algorithm, SignatureAlgorithm::EDDSA); assert_eq!(signature_algorithm, SignatureAlgorithm::Eddsa);
} }
let unknown_alg_int = -1; let unknown_alg_int = -1;
@@ -1631,7 +1631,7 @@ mod test {
fn test_from_into_signature_algorithm() { fn test_from_into_signature_algorithm() {
let cbor_signature_algorithm: cbor::Value = cbor_int!(ES256_ALGORITHM); let cbor_signature_algorithm: cbor::Value = cbor_int!(ES256_ALGORITHM);
let signature_algorithm = SignatureAlgorithm::try_from(cbor_signature_algorithm.clone()); let signature_algorithm = SignatureAlgorithm::try_from(cbor_signature_algorithm.clone());
let expected_signature_algorithm = SignatureAlgorithm::ES256; let expected_signature_algorithm = SignatureAlgorithm::Es256;
assert_eq!(signature_algorithm, Ok(expected_signature_algorithm)); assert_eq!(signature_algorithm, Ok(expected_signature_algorithm));
let created_cbor: cbor::Value = signature_algorithm.unwrap().into(); let created_cbor: cbor::Value = signature_algorithm.unwrap().into();
assert_eq!(created_cbor, cbor_signature_algorithm); assert_eq!(created_cbor, cbor_signature_algorithm);
@@ -1641,7 +1641,7 @@ mod test {
let cbor_signature_algorithm: cbor::Value = cbor_int!(EDDSA_ALGORITHM); let cbor_signature_algorithm: cbor::Value = cbor_int!(EDDSA_ALGORITHM);
let signature_algorithm = let signature_algorithm =
SignatureAlgorithm::try_from(cbor_signature_algorithm.clone()); SignatureAlgorithm::try_from(cbor_signature_algorithm.clone());
let expected_signature_algorithm = SignatureAlgorithm::EDDSA; let expected_signature_algorithm = SignatureAlgorithm::Eddsa;
assert_eq!(signature_algorithm, Ok(expected_signature_algorithm)); assert_eq!(signature_algorithm, Ok(expected_signature_algorithm));
let created_cbor: cbor::Value = signature_algorithm.unwrap().into(); let created_cbor: cbor::Value = signature_algorithm.unwrap().into();
assert_eq!(created_cbor, cbor_signature_algorithm); assert_eq!(created_cbor, cbor_signature_algorithm);
@@ -1731,13 +1731,13 @@ mod test {
#[test] #[test]
fn test_from_into_ecdsa_public_key_credential_parameter() { fn test_from_into_ecdsa_public_key_credential_parameter() {
test_from_into_public_key_credential_parameter(ES256_ALGORITHM, SignatureAlgorithm::ES256); test_from_into_public_key_credential_parameter(ES256_ALGORITHM, SignatureAlgorithm::Es256);
} }
#[test] #[test]
#[cfg(feature = "ed25519")] #[cfg(feature = "ed25519")]
fn test_from_into_ed25519_public_key_credential_parameter() { fn test_from_into_ed25519_public_key_credential_parameter() {
test_from_into_public_key_credential_parameter(EDDSA_ALGORITHM, SignatureAlgorithm::EDDSA); test_from_into_public_key_credential_parameter(EDDSA_ALGORITHM, SignatureAlgorithm::Eddsa);
} }
#[test] #[test]

14
src/ctap/mod.rs
View File

@@ -119,13 +119,13 @@ pub const FIDO2_1_VERSION_STRING: &str = "FIDO_2_1_PRE";
// This algorithm is requested in MakeCredential and advertized in GetInfo. // This algorithm is requested in MakeCredential and advertized in GetInfo.
pub const ES256_CRED_PARAM: PublicKeyCredentialParameter = PublicKeyCredentialParameter { pub const ES256_CRED_PARAM: PublicKeyCredentialParameter = PublicKeyCredentialParameter {
cred_type: PublicKeyCredentialType::PublicKey, cred_type: PublicKeyCredentialType::PublicKey,
alg: SignatureAlgorithm::ES256, alg: SignatureAlgorithm::Es256,
}; };
#[cfg(feature = "ed25519")] #[cfg(feature = "ed25519")]
pub const EDDSA_CRED_PARAM: PublicKeyCredentialParameter = PublicKeyCredentialParameter { pub const EDDSA_CRED_PARAM: PublicKeyCredentialParameter = PublicKeyCredentialParameter {
cred_type: PublicKeyCredentialType::PublicKey, cred_type: PublicKeyCredentialType::PublicKey,
alg: SignatureAlgorithm::EDDSA, alg: SignatureAlgorithm::Eddsa,
}; };
const SUPPORTED_CRED_PARAMS: &[PublicKeyCredentialParameter] = &[ const SUPPORTED_CRED_PARAMS: &[PublicKeyCredentialParameter] = &[
@@ -948,7 +948,7 @@ impl CtapState {
None => (private_key.sign_and_encode(env, &signature_data)?, None), None => (private_key.sign_and_encode(env, &signature_data)?, None),
}; };
let attestation_statement = PackedAttestationStatement { let attestation_statement = PackedAttestationStatement {
alg: SignatureAlgorithm::ES256 as i64, alg: SignatureAlgorithm::Es256 as i64,
sig: signature, sig: signature,
x5c, x5c,
ecdaa_key_id: None, ecdaa_key_id: None,
@@ -1546,7 +1546,7 @@ mod test {
expected_extension_cbor expected_extension_cbor
); );
assert!(ep_att.is_none()); assert!(ep_att.is_none());
assert_eq!(att_stmt.alg, SignatureAlgorithm::ES256 as i64); assert_eq!(att_stmt.alg, SignatureAlgorithm::Es256 as i64);
assert_eq!(large_blob_key, None); assert_eq!(large_blob_key, None);
} }
_ => panic!("Invalid response type"), _ => panic!("Invalid response type"),
@@ -3250,7 +3250,7 @@ mod test {
let mut signature_bytes = [0; ecdsa::Signature::BYTES_LENGTH]; let mut signature_bytes = [0; ecdsa::Signature::BYTES_LENGTH];
signature.to_bytes(&mut signature_bytes); signature.to_bytes(&mut signature_bytes);
let cose_signature = CoseSignature { let cose_signature = CoseSignature {
algorithm: SignatureAlgorithm::ES256, algorithm: SignatureAlgorithm::Es256,
bytes: signature_bytes, bytes: signature_bytes,
}; };
@@ -3286,7 +3286,7 @@ mod test {
); );
signature_bytes[0] ^= 0x01; signature_bytes[0] ^= 0x01;
let cose_signature = CoseSignature { let cose_signature = CoseSignature {
algorithm: SignatureAlgorithm::ES256, algorithm: SignatureAlgorithm::Es256,
bytes: signature_bytes, bytes: signature_bytes,
}; };
assert_eq!( assert_eq!(
@@ -3323,7 +3323,7 @@ mod test {
let mut signature_bytes = [0; ecdsa::Signature::BYTES_LENGTH]; let mut signature_bytes = [0; ecdsa::Signature::BYTES_LENGTH];
signature.to_bytes(&mut signature_bytes); signature.to_bytes(&mut signature_bytes);
let cose_signature = CoseSignature { let cose_signature = CoseSignature {
algorithm: SignatureAlgorithm::ES256, algorithm: SignatureAlgorithm::Es256,
bytes: signature_bytes, bytes: signature_bytes,
}; };