* maximum working bumpalo version
* explicit comment to explain version locking
* removes incorrect comment
* moves serde version lock to dev dependencies
* removes serde dependencies
* reverts serde removal in crypto library
ed25519-dalek does not implement Clone and Eq for secret keys, and
relevant PR in its repository wait for merge from long time ago, leading
to potential problems with maintainability
* Move three dependent customizations into new file
* default_min_pin_length(_rp_ids) and max_rp_ids_length
* Did some backing store tricks to make the list configurable in
TestCustomization.
* Add testing for TestCustomization
* Change assert comparison to assert_eq
* Separate tests
* Move 3 pure constants to new file
* Return Vec<String> for rp_ids()
* Make rng in TestEnv deterministic and seedable
* Move seed method to TestRng256
* Change some constant name in comments to snake case
* Move seed rng of env to the start
* Fix unused warning
* Make rng in TestEnv deterministic and seedable
* Move seed method to TestRng256
* Move seed rng of env to the start
* Fix unused warning
* Seed rng in all fuzz targets
* Fix error introduced when merging
Co-authored-by: Julien Cretin <cretin@google.com>
* Add crate arbitrary as ctap's optional dependency, when feature "fuzz"
is activated.
* Derive Arbitrary for all the necessary types in order to generate the
concrete types from random bytes.
* Add a fuzz target that transforms the input to valid format for
MakeCredential.
We don't need to build a production key without persistent storage. Tests and
fuzzing continue to use the std feature to use the RAM implementation (that does
sanity checks).
This permits to run without persistent storage. The benefit is that the board
doesn't implement a the syscall API in Tock. The disadvantage is that rebooting
the key will reset the storage.
OpenSSL seems to serialize bigints as signed value, which means the ECC
key may end up being 33 bytes instead of the 32 bytes we're expecting,
causing build to fail.
The shell script extraction is now replaced by a build.rs script that
uses OpenSSL to extract the content and do sanity checks.
Forcing generating cryptographic materials now always generate a key and
a certificate (useful to compile/flash multiple keys without them being
considered as clones). The self-signed CA is left untouched.
