kmwebnet/OpenSK
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,166 Commits 4 Branches 2 Tags
9a7760f362cea9e3a6bd89c8de9f04c53a500c20
Commit Graph

83 Commits

Author SHA1 Message Date
Julien Cretin
9a7760f362 Actually use ECDSA seed mechanism 2022-06-30 11:35:42 +02:00
hcyang
85fe9cd29d Add sturctured get assertion and client pin fuzzers (#482) 2022-05-27 10:34:38 +08:00
egor-duda
9a9d68ec41 Merge branch 'develop' into ed25519 2022-05-19 22:58:02 +03:00
Julien Cretin
07424c3123 Only derive PartialEq and Eq for PrivateKey for tests 
We shouldn't compare private keys in prod for side-channel resilience. Ideally
we shouldn't clone too. We currently do for storage. Fixing this would probably
require to serialize the private key in the credential struct.
 2022-05-17 22:59:18 +02:00
Egor Duda
25d538cde6 fix formatting 2022-05-17 23:03:22 +03:00
Egor Duda
42bfd7860d whitespace cleanup 2022-05-17 19:53:45 +03:00
Egor Duda
06230d15e1 Fix compile warning 2022-05-17 17:15:47 +03:00
Egor Duda
55056b721c Use ed25519-compact crate instead of ed25519-dalek 
ed25519-dalek does not implement Clone and Eq for secret keys, and
relevant PR in its repository wait for merge from long time ago, leading
to potential problems with maintainability
 2022-05-16 21:48:43 +03:00
Egor Duda
f24445b325 with_ed25519 -> ed25519 ("with_*" naming is discouraged) 2022-05-13 20:43:09 +03:00
Egor Duda
983bc5c5b2 Add support for ed25519 keys (#335) 2022-05-12 22:56:33 +03:00
kaczmarczyck
f95ae1f5ab Make private keys extensible (#476) 
* adds PrivateKey to handle different algorithms

* fixes input check problem of decrypt_credential_source

* addresses comments

* version number not encrypted

* version number test

* adds a credential size test

* removes the algorithm from credential encoding
 2022-05-10 14:31:29 +02:00
hcyang
3a39c4dff1 Add test_helpers (#474) 
* Add set_enterprise_attestation in TestEnv

* Add test_helpers for Test Unification

* Used it in structured fuzzer and enterprise attestation unittests

* Restructure test_helpers

* Rename setup_enterprise_attestation to enable_
 2022-05-10 18:50:18 +08:00
kaczmarczyck
8979af6ca4 adds Eq to PartialEq (#477) 2022-05-05 15:50:28 +02:00
kaczmarczyck
4782d7e186 Separate RNG library (#470) 
* seperates the RNG library

* fixes crypto tests

* adds rng256 workflow

* fixes formatting
 2022-04-28 11:36:43 +02:00
kaczmarczyck
360efa4eaf replaces ThreadRng with env RNG (#469) 2022-04-27 15:49:45 +02:00
hcyang
2b6424360c Move enterprise mode related customizations to new file (#463) 
* Move enterprise mode related customizations to new file

* Fix cargo clippy error

* Add is_enterpris_rp_id API to avoid cloning

* Only expose enterprise_rp_id_list API in std
 2022-04-25 09:45:59 +08:00
Howard Yang
17ecd46b04 Generate valid structure for MakeCredential params 
* Add crate arbitrary as ctap's optional dependency, when feature "fuzz"
  is activated.

* Derive Arbitrary for all the necessary types in order to generate the
  concrete types from random bytes.

* Add a fuzz target that transforms the input to valid format for
  MakeCredential.
 2022-03-22 19:06:20 +08:00
kaczmarczyck
522e6079e3 Forward desktop test fixes (#419) 
* fixes clippy warnings for compilers until 2021-11-25

* fixes run_desktop_tests

* removes page_size
 2021-11-30 11:07:17 +01:00
kaczmarczyck
596b47886c Upgrade signing key generation (#379) 
* adds the upgrade signing key generation and the partition offset

* use openssl in build.rs instead
 2021-09-15 21:25:19 +02:00
kaczmarczyck
b7a3e06cf4 ECDSA signatures and public keys in CTAP (#358) 
* ECDSA signatures and public keys in CTAP

* adds one constant usage

* documents pub functions in ECDSA

* typo: involved

* extends wrong length test
 2021-08-04 13:39:49 +02:00
David Drysdale
7719078d46 cbor: rename crate to sk-cbor 
In anticipation of publishing to crates.io, which already has a `cbor`
crate.
 2021-06-16 17:16:05 +02:00
kaczmarczyck
9a1c060234 Remove KeyType from CBOR (#306) 
* removes KeyType from CBOR

* type_label usage in writer
 2021-04-14 10:19:10 +02:00
kaczmarczyck
78b7767682 CBOR maps use Vec instead of BTreeMap (#303) 
* CBOR uses Vec for map internally

* remove BTreeMap from get_info

* rename cbor_map_btree and clean up cbor_array_vec

* destructure now takes Vec, not BTreeMap

* adds dedup in CBOR writer

* fail to write CBOR maps with duplicates

* CBOR interface refinements

* macro documentation for CBOR map and array
 2021-04-13 14:46:28 +02:00
kaczmarczyck
6216a3214d final changes to CTAP2.1 algorithm (#299) 2021-04-07 09:07:46 +02:00
kaczmarczyck
63232cfe60 adds PIN token state with timeouts (#296) 2021-03-22 14:03:51 +01:00
kaczmarczyck
aec1e0a409 adds PIN protocol V2 to all commands (#295) 2021-03-18 17:29:32 +01:00
kaczmarczyck
e5313057f9 PIN protocol V2 in ClientPin (#293) 
* PIN protocol V2 in ClientPin

* the test ClientPin has a random second private key
 2021-03-15 13:36:28 +01:00
kaczmarczyck
f11a838cc7 Improved documentation for customization (#287) 
* move constants to new file, and update documentation

* documentation improvements, deploy checks tests

* fix pylint

* improved code style

* swap build and check
 2021-02-19 14:20:23 +01:00
Fabian Kaczmarczyck
49cccfd270 correct const arrays of strings 2021-02-05 11:23:12 +01:00
Fabian Kaczmarczyck
44b7c3cdc1 dummy implementation for enterprise attestation 2021-02-04 21:26:00 +01:00
Fabian Kaczmarczyck
371e8b6f35 remove conditional trait implementation 2021-02-02 05:46:03 +01:00
Fabian Kaczmarczyck
5741595e57 new extension entry for largeBlobKey 2021-01-27 16:47:27 +01:00
Fabian Kaczmarczyck
14189a398a implements the credBlob extensions 2021-01-20 19:13:05 +01:00
Fabian Kaczmarczyck
1f37ae50c5 Merge develop into command-cred-mgmt 2021-01-14 16:14:10 +01:00
kaczmarczyck
e545acda16 Merge branch 'develop' into authenticator-config 2021-01-14 15:14:07 +01:00
Fabian Kaczmarczyck
c6726660ac adds the command logic for credential management 2021-01-13 15:02:46 +01:00
Fabian Kaczmarczyck
3e42531011 full URL 2021-01-13 14:26:59 +01:00
Fabian Kaczmarczyck
a26de3b720 moves constants to CoseKey 2021-01-13 14:00:34 +01:00
Fabian Kaczmarczyck
da27848c27 updates license header to 2021 in ctap 2021-01-12 19:13:43 +01:00
Fabian Kaczmarczyck
2776bd9b8e new CoseKey data format 2021-01-12 15:11:20 +01:00
Fabian Kaczmarczyck
6f9f833c0b moves COSE related conversion from crypto to data_formats 2021-01-08 15:42:35 +01:00
Fabian Kaczmarczyck
f4eb6c938e adds the config command 2021-01-08 13:53:27 +01:00
Fabian Kaczmarczyck
c873d3b614 removes all occurences of CTAP 2.1 flags 2021-01-08 12:40:37 +01:00
Fabian Kaczmarczyck
90def7dfd3 implicitly generate HMAC-secret 2020-12-08 18:12:48 +01:00
Fabian Kaczmarczyck
2a4677c0b1 adds user data to persistent storage 2020-11-27 16:53:12 +01:00
Fabian Kaczmarczyck
af4eef8085 adds credential ordering 2020-11-26 14:41:21 +01:00
Fabian Kaczmarczyck
3ae59ce1ec GetNextAssertion command minimal implementation 
This still lacks order of credentials and timeouts.
 2020-11-26 14:41:21 +01:00
Fabian Kaczmarczyck
5bf73cb8fd fail on UP=true in make 2020-11-23 12:09:48 +01:00
Guillaume Endignoux
68b0bdc29b Fix more Clippy warnings. 2020-09-29 11:05:24 +02:00
Guillaume Endignoux
85a34ad085 Migrate import statements and macros to Rust 2018. 2020-09-24 11:28:24 +02:00