* Duplicate the credential management command as a vendor command
This permits to work with libfido2 and thus ssh-add. Fix#526.
* fix deploy_partition script
* Support configure via the Vendor interface
* Adjust tests now that GetInfo is supported on vendor_hid
* Add test for vendor_hid not supporting FIDO command
* Interleave sending and receiving of packets to reduce latency in receiving of packets
* Add patch to CtapUsbSyscallDriver
* Minor tweaks from review
* Log when overwritting an existing reply
* Only log when 'debug_ctap' is enabled
* Make ctap mod public, as per review
* Rename send_or_recv to send_and_maybe_recv
* fix typo
* Don't process packets on other transport while doing keepalive
* Don't process packets on other transport while doing keepalive
* More accurately determine if reply has finished
* Move comment closer to appropriate location
* Add tests for canceling keepalive packets
* Added a TODO for kaczmarczyck re ctap module being public
* remove the unnecessary sleep()s
* undo messed up commit
* address pylint warnings
* Fix merge mess up, and patch fido2 Usage Page
* Fix up completely borked merge
* Remove patch to FIDO usage, after #523.
* remove obsolete aspects to diff
Co-authored-by: kaczmarczyck <43844792+kaczmarczyck@users.noreply.github.com>
* Fix user presence by not overwriting error with OK()
* revert debugging change to TOUCH_TIMEOUT_MS
* fix up incomplete merge
* rename variable to more understandable name
* Add tests to test user_presence
* Round-robin order for receiving packets
* Update next packet after sending packet
* fix up some formatted raised during review
* remove the whitespace noise from last commit
* Move out check credProtectPolicy logic
Move the credProtectPolicy check outside credential ID decryption &
discoverable credential finding. Modify the unit tests, and add unit
tests for credProtectPolicy checking in non resident flows that were
originally missing.
* Add test script to verify Vendor HID interface
* fix formatting
* fix formatting
* fix formatting
* fix formatting
* duplicate tests to test both interfaces first and second
* simplifiy using unique byte val
* more tests
* fix up tings from review
* reset rx packets after reading.
* fix formatting.
* Add CBOR credential ID type
Update the format of the credential ID we generated to extend the
encrypted portion from only private_key + rp_id_hash to a flexible CBOR
map. This way we can persist more data into the key handle in the future
without need of a new version.
We add credProtectPolicy to the persisted data in this commit too, so we
can correctly check the credProtectPolicy for non-discoverable
credentials in follow-up commits.
* Fixed some style problems.
* Fix cargo clippy warning
* Check credProtectPolicy for non-discoverable credentials.
* Remove support of old v1, v2 key handles
- And changed some style problems
* Style changes
* Add missing `alloc` use
* Common duration type for ctap library independent of TockOS
* Implement Env-specific ctap-hid channels for I/O
Common I/O Status, Error and Result types
* Move common user presence checking code to ctap library
* Move CtapHidChannel and UserPresence traits, with their accompanying
types to separate API mods. Remove Default implementations of methods
in these traits, to keep all implementation details inside of concrete
Env types.
Rename methods in UserPresence trait, for better readability.
Remove duplicate code for finding appropriate HID channel for given
transport.
Rework check_user_presence() function so that there's no more need for
quick_check() method in UserPresence trait. To short-circuit user
presence check, Env implementation may use wait_with_timeout() method.
* Fix button press wait with zero timeout for TockEnv
* Fix formatting
* Remove type for duration, use embedded_time::duration::Milliseconds
directly, for better readability.
Treat any unconfirmed result of user presence check as an error, which
maps more naturally to CTAP spec status codes.
Remove unneeded underscores in trait definition.
Store usb endpoint directly, in TockEnv channels, to avoid unneeded
conversions.
* No need for separate error type for send_keepalive_up_needed()
* Document UserPresence trait and types.
Remove unused parameters in UserPresence trait's methods.
Add conversion function from UserPresence errors to Ctap2 status codes.
Do not check button status when tock user presence wait is called with
zero timeout.
* Make test environment always report success sending data
* Rename CtapHidChannel to HidConnection, rename *_hid_channel ->
*_hid_connection, for clarity. Use "Channel" to refer to the logical
connection from authenticator to one client, and use "Connection" to
refer to physical connection of authenticator to platform, on which
clients run.
Remove channel parameter from user presence API, it's not needed.
* Remove duplicate comments.
Co-authored-by: kaczmarczyck <43844792+kaczmarczyck@users.noreply.github.com>
* Connect Vendor HID endpoint to Ctap app
* tweaks from review
* formatting nit
* revert tock submodule revision
* fix formatting of deploy.py for yapf error
* Changes based on review
* Track state for each USB endpoint separately
* Rename patch file to ensure correct patching order
* Adjust patch from changes #494 and #500
* rustfmt
* rustfmt
* Deprecate patch 11 in favor of this full working code
