kmwebnet/OpenSK
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
380 Commits 4 Branches 2 Tags
8f358b7d8159409aeeffd6c04443e81e7348e2ea
Commit Graph

51 Commits

Author SHA1 Message Date
Guillaume Endignoux
3c5e0c9cf1 Update src/ to the new libtock. 2020-08-07 15:09:07 +02:00
kaczmarczyck
f5e0696ea1 Merge branch 'master' into authenticator-selection 2020-06-22 12:44:36 +02:00
Guillaume Endignoux
09c9fb3a3e Apply suggestion to remove additional semi-colons. 2020-06-22 11:49:47 +02:00
Guillaume Endignoux
db70c3e66d s/read_cbor_map/destructure_cbor_map/g 2020-06-22 11:49:47 +02:00
Guillaume Endignoux
493efa9b25 Apply syntax suggestion to read_cbor_map! macro. 2020-06-22 11:49:46 +02:00
Guillaume Endignoux
b0321f6b4f Migrate PublicKeyCredentialSource to read_cbor_map. 
I didn't realize that the values were actually constants, as
discriminants of an enum.
 2020-06-22 11:49:46 +02:00
Guillaume Endignoux
2124511913 Simplify syntax of the read_cbor_map! macro, to align it with cbor_map. 2020-06-22 11:49:46 +02:00
Guillaume Endignoux
97fb222455 Add a read_cbor_map macro to avoid the overhead of removing values on-by-one in BTreeMap. 2020-06-22 11:49:46 +02:00
Julien Cretin
46df22fa7c Remove unnecessary lifetime name 2020-06-19 17:40:24 +02:00
Fabian Kaczmarczyck
e12cf542e9 adds a unit test for unknown commands 2020-06-15 23:03:26 +02:00
Fabian Kaczmarczyck
c3f57f0121 implements the AuthenticatorSelection command 2020-06-09 12:07:00 +02:00
Julien Cretin
a0fe66d7ed Merge branch 'master' into aaguid 2020-06-09 11:56:05 +02:00
Julien Cretin
935ccf3668 Revert "Propagate the NBYTES constant from Int256 to SecKey" 
This reverts commit 0073c153d2.
 2020-06-09 11:55:36 +02:00
Fabian Kaczmarczyck
824963b382 fixes nits for refactoring 2020-06-08 18:41:48 +02:00
Fabian Kaczmarczyck
909773da36 changes extensions to proper parsed data structures 2020-06-08 16:36:57 +02:00
Fabian Kaczmarczyck
679c1cb291 reads CBOR maps by moving instead of references 2020-06-05 15:42:06 +02:00
Fabian Kaczmarczyck
b4003e36bf adding cbor::Value::from for i64-like enums 2020-06-05 09:48:03 +02:00
Fabian Kaczmarczyck
6a44d3349c fixing merge problems 2020-06-04 14:32:09 +02:00
Julien Cretin
0073c153d2 Propagate the NBYTES constant from Int256 to SecKey 2020-06-04 14:32:04 +02:00
kaczmarczyck
0aa6e57d93 Merge branch 'master' into cred-protect 2020-06-04 14:10:12 +02:00
Julien Cretin
acd9d93107 Merge branch 'master' into aaguid 2020-06-03 11:26:59 +02:00
Julien Cretin
d74a5e8894 Add setter functions and fix tests 2020-06-02 11:35:17 +02:00
Julien Cretin
5f8cb116a5 Only write attestation if compiled with batch attestation 2020-06-02 11:00:26 +02:00
Julien Cretin
98a558a502 Access the persistent keys through the store 
This permits to set them using a vendor command and thus not embed their value
in the application.
 2020-05-30 20:15:59 +02:00
Julien Cretin
752bf47ed5 Merge branch 'master' into no_wfr 2020-05-28 19:33:33 +02:00
Fabian Kaczmarczyck
a95ef72a93 improved testing, addresses comments and a default level fix 2020-05-25 19:56:29 +02:00
Julien Cretin
4e3162c475 Parse credentials by value 2020-05-15 19:43:37 +02:00
Julien Cretin
146e6f083b Don't rely on unification for array element type 2020-05-14 21:32:16 +02:00
Fabian Kaczmarczyck
8d737b3c80 introduces a default level for credProtect 2020-05-13 18:49:35 +02:00
Fabian Kaczmarczyck
43d77fd106 implements the credProtect extension 2020-05-13 16:38:14 +02:00
Julien Cretin
ca6f910c26 Remove unknown fields 2020-05-13 11:09:32 +02:00
Julien Cretin
491721b421 Rename extend_cbor_map_options 2020-05-11 16:07:59 +02:00
Julien Cretin
e6fdcacd32 Remove mention to protobuf 2020-05-11 15:18:27 +02:00
Julien Cretin
f4b791ed91 Encode credentials as a protocol buffer message 
This permits to decode a credential of a different version without failing.
 2020-05-09 20:57:13 +02:00
Julien Cretin
ecf02eb6ce Only store the storage location in the Kernel 2020-05-08 17:00:59 +02:00
Julien Cretin
718514d207 Merge branch 'master' into no_wfr 2020-04-29 15:12:39 +02:00
Julien Cretin
5c2b72ce83 Move storage bound checking to driver 2020-04-29 15:09:50 +02:00
Julien Cretin
892f950cc1 Add missing cfg 2020-04-29 12:59:22 +02:00
Julien Cretin
6247098069 Do not use writeable flash regions for persistent storage 
They don't play well with DFU.
 2020-04-29 12:52:31 +02:00
Fabian Kaczmarczyck
8bbf42623f adds cargo checks and tests to workflows and locally 2020-04-29 09:53:44 +02:00
Fabian Kaczmarczyck
d9c4c729e8 adds a feature flag for CTAP2.1, addresses comments 2020-04-28 16:04:09 +02:00
Fabian Kaczmarczyck
8f20a75b17 add 2.1 features to GetInfo 2020-04-20 18:24:11 +02:00
Fabian Kaczmarczyck
a64d5d41d7 accept the algorithm identifier used by OpenSSH 2020-04-09 15:56:23 +02:00
Julien Cretin
e1fa8549e1 Merge branch 'master' into wipe 2020-03-18 10:59:24 +01:00
Fabian Kaczmarczyck
db6be4efac apply suggestions: Vec to slice, if let to match, comments 2020-03-12 16:38:00 +01:00
Fabian Kaczmarczyck
8d52e8aad7 adding HMAC-secret support 2020-03-12 16:37:48 +01:00
Julien Cretin
61a4fb9784 Wipe sensitive data on entry deletion 
When inserting (or replacing) entries in the store, the data may be marked as
sensitive. When that entry is deleted, the data is wiped by overwritting it with
zeroes. This may cost a few bytes of overhead per entry with sensitive data to
satisfy the constraint that words may only be written twice.
 2020-03-10 14:27:07 +01:00
Julien Cretin
e52a671810 Support storing in RAM instead of flash 
This permits to run without persistent storage. The benefit is that the board
doesn't implement a the syscall API in Tock. The disadvantage is that rebooting
the key will reset the storage.
 2020-03-04 16:24:06 +01:00
Guillaume Endignoux
56acc4b73a Don't dereference slices obtained from include_bytes. 2020-02-06 13:28:28 +01:00
Jean-Michel Picod
fdbfb1be2a Change the way private key and cert are embedded. 
OpenSSL seems to serialize bigints as signed value, which means the ECC
key may end up being 33 bytes instead of the 32 bytes we're expecting,
causing build to fail.
The shell script extraction is now replaced by a build.rs script that
uses OpenSSL to extract the content and do sanity checks.
Forcing generating cryptographic materials now always generate a key and
a certificate (useful to compile/flash multiple keys without them being
considered as clones). The self-signed CA is left untouched.
 2020-02-05 18:48:28 +01:00