We shouldn't compare private keys in prod for side-channel resilience. Ideally
we shouldn't clone too. We currently do for storage. Fixing this would probably
require to serialize the private key in the credential struct.
ed25519-dalek does not implement Clone and Eq for secret keys, and
relevant PR in its repository wait for merge from long time ago, leading
to potential problems with maintainability
* adds PrivateKey to handle different algorithms
* fixes input check problem of decrypt_credential_source
* addresses comments
* version number not encrypted
* version number test
* adds a credential size test
* removes the algorithm from credential encoding
* Add set_enterprise_attestation in TestEnv
* Add test_helpers for Test Unification
* Used it in structured fuzzer and enterprise attestation unittests
* Restructure test_helpers
* Rename setup_enterprise_attestation to enable_
* Add USB interface for Vendor HID.
This new interface is enumerated by the host, but the device transmits
all packets on the existing interface, so the device won't function
correct in this mode until this this fixed.
The changes are in tock, and so appear as a patch here. These are:
* supporting multiple HIDs in the USB configuration
* adding the HID descriptors for the new inteface
* supporting the vendor_hid feature in relevant Cargo.toml files.
NOTE: only boards/nordic/nrf52840dk_opensk has been updated.
As the changes are in tockos, deploy script needed to pass vendor_hid
feature to tockos build stage.
Demo of output:
lsusb -v -d 1915:521f | grep "NumInterfaces"
bNumInterfaces 2
* fix some whitespace from review
* Add vendor_hid feature in all boards in this repo, not via a patch in tock.
The boards directories are copied to tockos as part of
setup-submodules.sh
* Remove nesting from HID config in create_descriptor_buffers()
* update comments about HID descriptor use.
* Move enterprise mode related customizations to new file
* Fix cargo clippy error
* Add is_enterpris_rp_id API to avoid cloning
* Only expose enterprise_rp_id_list API in std
* Move three dependent customizations into new file
* default_min_pin_length(_rp_ids) and max_rp_ids_length
* Did some backing store tricks to make the list configurable in
TestCustomization.
* Add testing for TestCustomization
* Change assert comparison to assert_eq
* Separate tests
* Move 3 pure constants to new file
* Return Vec<String> for rp_ids()
* Make rng in TestEnv deterministic and seedable
* Move seed method to TestRng256
* Change some constant name in comments to snake case
* Move seed rng of env to the start
* Fix unused warning
* Make rng in TestEnv deterministic and seedable
* Move seed method to TestRng256
* Move seed rng of env to the start
* Fix unused warning
* Seed rng in all fuzz targets
* Fix error introduced when merging
Co-authored-by: Julien Cretin <cretin@google.com>
* Introduce Customization trait
* Introduce Customization trait including the customization accessors
that control various behaviors.
* Expose Customization through a getter API in Env, and make the code
that directly access the constants currently switch to accessing the
customizations via Env.
* TockEnv's customization getter implementation directly returns the
reference of the global DEFAULT_CUSTOMIZATION constant, so the
constant values are still inlined and dead code won't be compiled.
* We'll add the customizations from global constants to the struct
one-by-one, only MAX_MSG_SIZE in this commit.
* Small fixes
* Fix deploy script
* put is_valid under std gate
