kmwebnet/OpenSK
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
997 Commits 4 Branches 2 Tags
1adde220c4922f92852f415141f92464acb6fcb9
Commit Graph

270 Commits

Author SHA1 Message Date
kaczmarczyck 1adde220c4 Upgrade commands (#381) 
* upgrade commands

* precise metadata length

* const METADATA_LEN for test
 2021-09-17 14:22:21 +02:00
kaczmarczyck 596b47886c Upgrade signing key generation (#379) 
* adds the upgrade signing key generation and the partition offset

* use openssl in build.rs instead
 2021-09-15 21:25:19 +02:00
Julien Cretin 2d5fdd1034 Configure the number of pages in the board 
This permits to have portable apps.
 2021-09-13 18:50:13 +02:00
Jean-Michel Picod c1f2551d0d Bump Tock kernel version (#374) 
* Bump Tock kernel version

* Update boards to new kernel

* Update patches to new kernel

* Update PR template

* Bump libtock-rs

* Use new layout from libtock-rs

* Fix clippy warnings due to updated toolchain

* Fix new toolchain file format

* Bump elf2tab to v0.7.0

* Fix worklow and setup.sh script to use the TOML rust-toolchain file

* New libtock-rs style of declaring the stack.

* Fix padding in layout file.

The layout from libtock-rs generates invalid flash padding.
The value is 32-bit and therefore setting padding to 0xff yields
0xff000000 instead of 0xffffffff that we want.

* adds tock patch for app break hard fault

* sets in deploy, removed patch 04-mpu-fix

* fixed the if deploy

* fixes indentation

* updates board names in install.md

* fix docs and deploy style

Co-authored-by: Fabian Kaczmarczyck <kaczmarczyck@google.com>
Co-authored-by: kaczmarczyck <43844792+kaczmarczyck@users.noreply.github.com>
 2021-09-10 08:32:34 +02:00
Julien Cretin c6af7c0a2d Make sure the end offset doesn't overflow 
We used to only check that the length was not too big but didn't check that the
starting offset wasn't too big. We want the end offset to not overflow.
 2021-08-30 11:52:02 +02:00
Julien Cretin b5b9d3f6e0 Fix ctap2 fuzz targets to use prod cbor parsing 
This fixes a left-over from #329.
 2021-08-11 16:00:30 +02:00
kaczmarczyck b7a3e06cf4 ECDSA signatures and public keys in CTAP (#358) 
* ECDSA signatures and public keys in CTAP

* adds one constant usage

* documents pub functions in ECDSA

* typo: involved

* extends wrong length test
 2021-08-04 13:39:49 +02:00
David Drysdale 0287a09573 cbor: allow user to control nesting (#329) 
* cbor: allow user to control nesting

 - Make the default read/write entrypoints allow infinite nesting.
 - Add {read,write}_nested() entrypoints that allow the crate user to
   control the depth of nesting that's allowed.
 - Along the way, convert the write[_nested] variants to return a
   `Result<(), EncoderError>` rather than a bool.  This exposes
   more failure information (and forces the caller to take notice
   of those tailures), and allows use of the ? operator.

* fixup: transmute error

Co-authored-by: kaczmarczyck <43844792+kaczmarczyck@users.noreply.github.com>
 2021-06-18 19:39:54 +02:00
David Drysdale 7719078d46 cbor: rename crate to sk-cbor 
In anticipation of publishing to crates.io, which already has a `cbor`
crate.
 2021-06-16 17:16:05 +02:00
kaczmarczyck c03605aa0c opt level and no Debug by unwrap (#311) 2021-04-21 11:45:01 +02:00
kaczmarczyck 9a1c060234 Remove KeyType from CBOR (#306) 
* removes KeyType from CBOR

* type_label usage in writer
 2021-04-14 10:19:10 +02:00
kaczmarczyck 78b7767682 CBOR maps use Vec instead of BTreeMap (#303) 
* CBOR uses Vec for map internally

* remove BTreeMap from get_info

* rename cbor_map_btree and clean up cbor_array_vec

* destructure now takes Vec, not BTreeMap

* adds dedup in CBOR writer

* fail to write CBOR maps with duplicates

* CBOR interface refinements

* macro documentation for CBOR map and array
 2021-04-13 14:46:28 +02:00
kaczmarczyck 054e303d11 move MAX_MSG_SIZE to customization and use it in HID (#302) 2021-04-09 07:40:11 +02:00
kaczmarczyck 6216a3214d final changes to CTAP2.1 algorithm (#299) 2021-04-07 09:07:46 +02:00
kaczmarczyck e7797a5683 Separate file crypto wrappers, starting with AES-CBC (#298) 
* refactor key wrapping with tests

* remove backwards compatiblity tests

* adds AES-CBC tests for IV and RNG
 2021-03-31 16:41:20 +02:00
kaczmarczyck c596f785ff Output parameters for CTAP2.1 (#297) 
* finalizes output parameters for CTAP2.1

* explanation for internal UV
 2021-03-23 12:07:15 +01:00
kaczmarczyck 63232cfe60 adds PIN token state with timeouts (#296) 2021-03-22 14:03:51 +01:00
kaczmarczyck aec1e0a409 adds PIN protocol V2 to all commands (#295) 2021-03-18 17:29:32 +01:00
kaczmarczyck e5313057f9 PIN protocol V2 in ClientPin (#293) 
* PIN protocol V2 in ClientPin

* the test ClientPin has a random second private key
 2021-03-15 13:36:28 +01:00
kaczmarczyck eb0a0770dd adds the PIN protocol trait (#292) 
* adds the PIN protocol trait

* improved documentation

* SharedSecret not mutable
 2021-03-10 13:20:29 +01:00
kaczmarczyck 351e6c12c6 renames PIN protocol related variables to prepare PIN protocol v2 (#291) 2021-03-04 10:37:19 +01:00
kaczmarczyck f11a838cc7 Improved documentation for customization (#287) 
* move constants to new file, and update documentation

* documentation improvements, deploy checks tests

* fix pylint

* improved code style

* swap build and check
 2021-02-19 14:20:23 +01:00
Fabian Kaczmarczyck 6a31e06a55 move some logic into storage.rs 2021-02-08 21:54:22 +01:00
Fabian Kaczmarczyck 4678a7417d Merge branch 'develop' into always-uv 2021-02-08 21:44:22 +01:00
Fabian Kaczmarczyck 160c83d242 changes always uv constant to a clearer version 2021-02-08 17:53:30 +01:00
Fabian Kaczmarczyck 88a3c0fc80 assert correct const usage in code 2021-02-08 16:30:14 +01:00
Fabian Kaczmarczyck e941073a31 new test for attestation configuration 2021-02-08 13:10:18 +01:00
kaczmarczyck 70ba53ca46 Merge branch 'develop' into enterprise-attestation 2021-02-08 12:48:35 +01:00
Fabian Kaczmarczyck 54e9da7a5b conditional allow instead of cfg not 2021-02-08 07:49:58 +01:00
Fabian Kaczmarczyck f90d43a6a1 implements alwaysUv and makeCredUvNotRqd 2021-02-05 18:57:39 +01:00
Fabian Kaczmarczyck 604f084815 rename require_ to ensure 2021-02-05 14:52:38 +01:00
kaczmarczyck f2fe411d77 Merge branch 'develop' into enterprise-attestation 2021-02-05 12:03:31 +01:00
Fabian Kaczmarczyck 502006e29e fix string conversion style 2021-02-05 11:57:47 +01:00
kaczmarczyck a54b217116 Merge branch 'develop' into resolve-permission 2021-02-05 11:24:48 +01:00
Fabian Kaczmarczyck 49cccfd270 correct const arrays of strings 2021-02-05 11:23:12 +01:00
Fabian Kaczmarczyck 44b7c3cdc1 dummy implementation for enterprise attestation 2021-02-04 21:26:00 +01:00
Fabian Kaczmarczyck e3148319c5 allow RP ID permissions for some subcommands 2021-02-04 16:06:25 +01:00
Fabian Kaczmarczyck db7ed10f5f changes the handling of 0 credentials 2021-02-02 18:04:29 +01:00
Fabian Kaczmarczyck 371e8b6f35 remove conditional trait implementation 2021-02-02 05:46:03 +01:00
Fabian Kaczmarczyck 5741595e57 new extension entry for largeBlobKey 2021-01-27 16:47:27 +01:00
Fabian Kaczmarczyck 2dbe1c5f07 adds enterprise for make, byte keys 2021-01-27 11:16:48 +01:00
Fabian Kaczmarczyck 769a2ae1c5 reduce testing to not account for shard size 2021-01-25 18:43:51 +01:00
Fabian Kaczmarczyck 2af85ad9d0 style fix 2021-01-25 18:29:38 +01:00
kaczmarczyck 49de1f7ebc Merge branch 'develop' into large-blobs 2021-01-25 18:20:01 +01:00
Fabian Kaczmarczyck 4f3c773b15 formats code, clippy 2021-01-25 18:17:14 +01:00
Fabian Kaczmarczyck 563f35184a use new store fragments 2021-01-25 17:50:01 +01:00
Julien Cretin 0e537733f1 Improve count_credentials by not deserializing them 2021-01-25 17:04:01 +01:00
Fabian Kaczmarczyck 19c089e955 improvements to large blob storage 2021-01-22 18:54:45 +01:00
Fabian Kaczmarczyck 7d04c5c6d0 fixes const usage in test_get_info 2021-01-22 14:23:32 +01:00
Fabian Kaczmarczyck cf8b54b39c large blob commit is one transaction 2021-01-22 14:16:34 +01:00