* removes read_partition and partition_length from upgrade API
* renames partition to bundle, also data type change from slice to Vec
* removes hash from Env API
* fixes comment
* new metadata format is used
* Update bootloader/src/main.rs
Co-authored-by: ztoked <zhalvorsen@google.com>
* splits the metadata signed and unsigned parts evenly
* fixes pylint
Co-authored-by: ztoked <zhalvorsen@google.com>
* Support credBlob for non-resident credentials
- Add a upper limit of max_cred_blob_length
- Add test cases for cred_blob in non-resident flows
- Modify the test helper functions in ctap/mod.rs a bit
* Fix some styles in credential_id.rs
Co-authored-by: kaczmarczyck <43844792+kaczmarczyck@users.noreply.github.com>
* Support configure via the Vendor interface
* Adjust tests now that GetInfo is supported on vendor_hid
* Add test for vendor_hid not supporting FIDO command
* Interleave sending and receiving of packets to reduce latency in receiving of packets
* Add patch to CtapUsbSyscallDriver
* Minor tweaks from review
* Log when overwritting an existing reply
* Only log when 'debug_ctap' is enabled
* Make ctap mod public, as per review
* Rename send_or_recv to send_and_maybe_recv
* fix typo
* Don't process packets on other transport while doing keepalive
* Don't process packets on other transport while doing keepalive
* More accurately determine if reply has finished
* Move comment closer to appropriate location
* Add tests for canceling keepalive packets
* Added a TODO for kaczmarczyck re ctap module being public
* remove the unnecessary sleep()s
* undo messed up commit
* address pylint warnings
* Fix merge mess up, and patch fido2 Usage Page
* Fix up completely borked merge
* Remove patch to FIDO usage, after #523.
* remove obsolete aspects to diff
Co-authored-by: kaczmarczyck <43844792+kaczmarczyck@users.noreply.github.com>
* Fix user presence by not overwriting error with OK()
* revert debugging change to TOUCH_TIMEOUT_MS
* fix up incomplete merge
* rename variable to more understandable name
* Add tests to test user_presence
* Move out check credProtectPolicy logic
Move the credProtectPolicy check outside credential ID decryption &
discoverable credential finding. Modify the unit tests, and add unit
tests for credProtectPolicy checking in non resident flows that were
originally missing.
* Add CBOR credential ID type
Update the format of the credential ID we generated to extend the
encrypted portion from only private_key + rp_id_hash to a flexible CBOR
map. This way we can persist more data into the key handle in the future
without need of a new version.
We add credProtectPolicy to the persisted data in this commit too, so we
can correctly check the credProtectPolicy for non-discoverable
credentials in follow-up commits.
* Fixed some style problems.
* Fix cargo clippy warning
* Check credProtectPolicy for non-discoverable credentials.
* Remove support of old v1, v2 key handles
- And changed some style problems
* Style changes
* Add missing `alloc` use
* Common duration type for ctap library independent of TockOS
* Implement Env-specific ctap-hid channels for I/O
Common I/O Status, Error and Result types
* Move common user presence checking code to ctap library
* Move CtapHidChannel and UserPresence traits, with their accompanying
types to separate API mods. Remove Default implementations of methods
in these traits, to keep all implementation details inside of concrete
Env types.
Rename methods in UserPresence trait, for better readability.
Remove duplicate code for finding appropriate HID channel for given
transport.
Rework check_user_presence() function so that there's no more need for
quick_check() method in UserPresence trait. To short-circuit user
presence check, Env implementation may use wait_with_timeout() method.
* Fix button press wait with zero timeout for TockEnv
* Fix formatting
* Remove type for duration, use embedded_time::duration::Milliseconds
directly, for better readability.
Treat any unconfirmed result of user presence check as an error, which
maps more naturally to CTAP spec status codes.
Remove unneeded underscores in trait definition.
Store usb endpoint directly, in TockEnv channels, to avoid unneeded
conversions.
* No need for separate error type for send_keepalive_up_needed()
* Document UserPresence trait and types.
Remove unused parameters in UserPresence trait's methods.
Add conversion function from UserPresence errors to Ctap2 status codes.
Do not check button status when tock user presence wait is called with
zero timeout.
* Make test environment always report success sending data
* Rename CtapHidChannel to HidConnection, rename *_hid_channel ->
*_hid_connection, for clarity. Use "Channel" to refer to the logical
connection from authenticator to one client, and use "Connection" to
refer to physical connection of authenticator to platform, on which
clients run.
Remove channel parameter from user presence API, it's not needed.
* Remove duplicate comments.
Co-authored-by: kaczmarczyck <43844792+kaczmarczyck@users.noreply.github.com>
* adds PrivateKey to handle different algorithms
* fixes input check problem of decrypt_credential_source
* addresses comments
* version number not encrypted
* version number test
* adds a credential size test
* removes the algorithm from credential encoding
* Add set_enterprise_attestation in TestEnv
* Add test_helpers for Test Unification
* Used it in structured fuzzer and enterprise attestation unittests
* Restructure test_helpers
* Rename setup_enterprise_attestation to enable_
* Move enterprise mode related customizations to new file
* Fix cargo clippy error
* Add is_enterpris_rp_id API to avoid cloning
* Only expose enterprise_rp_id_list API in std
* Introduce Customization trait
* Introduce Customization trait including the customization accessors
that control various behaviors.
* Expose Customization through a getter API in Env, and make the code
that directly access the constants currently switch to accessing the
customizations via Env.
* TockEnv's customization getter implementation directly returns the
reference of the global DEFAULT_CUSTOMIZATION constant, so the
constant values are still inlined and dead code won't be compiled.
* We'll add the customizations from global constants to the struct
one-by-one, only MAX_MSG_SIZE in this commit.
* Small fixes
* Fix deploy script
* put is_valid under std gate
* Add crate arbitrary as ctap's optional dependency, when feature "fuzz"
is activated.
* Derive Arbitrary for all the necessary types in order to generate the
concrete types from random bytes.
* Add a fuzz target that transforms the input to valid format for
MakeCredential.
