kmwebnet/OpenSK
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,094 Commits 4 Branches 2 Tags
aca1f3517057d1fa96808f06603a70e5854db605
Commit Graph

1094 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
kaczmarczyck
02c9abc0a3 Merge pull request #223 from kaczmarczyck/get-next-assertion 
GetNextAssertion
 2020-11-26 19:48:52 +01:00
Fabian Kaczmarczyck
1571f58cd3 wrapping_add in storage and more moving 2020-11-26 19:21:41 +01:00
kaczmarczyck
1d7365c4cb Merge branch 'master' into get-next-assertion 2020-11-26 18:51:06 +01:00
Jean-Michel Picod
64027774a5 Merge pull request #222 from jmichelp/transparency 
Ensure CTAP1 uses the storage to access attestation material
 2020-11-26 17:32:43 +01:00
Jean-Michel Picod
3d1d827984 Address PR comments 2020-11-26 16:29:14 +01:00
Fabian Kaczmarczyck
3aef7e8b19 reuse update_command_permission 2020-11-26 15:56:59 +01:00
Fabian Kaczmarczyck
ed59ebac0d command timeout for GetNextAssertion 2020-11-26 14:56:52 +01:00
Fabian Kaczmarczyck
ffe19e152b moves UP check in GetAssertion before NO_CREDENTIALS 2020-11-26 14:41:22 +01:00
Fabian Kaczmarczyck
5ff3816782 sets the correct user and number of credentials 2020-11-26 14:41:22 +01:00
Fabian Kaczmarczyck
af4eef8085 adds credential ordering 2020-11-26 14:41:21 +01:00
Fabian Kaczmarczyck
3ae59ce1ec GetNextAssertion command minimal implementation 
This still lacks order of credentials and timeouts.
 2020-11-26 14:41:21 +01:00
Jean-Michel Picod
d491492554 Format 2020-11-25 17:48:47 +01:00
Jean-Michel Picod
f2b3ca4029 Make private key sensitive and ensure attestation is OTP 2020-11-25 17:44:52 +01:00
Jean-Michel Picod
f47e1e2a86 Ensure store behaves as expected in prod 2020-11-25 17:44:19 +01:00
Jean-Michel Picod
41f7cc7b14 CTAP1/U2F accesses attestation material through the store. 2020-11-25 17:31:05 +01:00
Jean-Michel Picod
026b4a66ac Fix CTAP2 batch attestation 2020-11-25 17:26:08 +01:00
Jean-Michel Picod
3dbfae972f Always insert attestation material in the store 2020-11-25 17:17:57 +01:00
Jean-Michel Picod
6a2a482b03 Merge pull request #200 from kaczmarczyck/empty-auth-up 
Adds a UP check for device identification
 2020-11-24 18:48:38 +01:00
Fabian Kaczmarczyck
65f4f2de25 moves shared precheck into helper function 2020-11-24 18:11:18 +01:00
kaczmarczyck
bdc2504048 Merge branch 'master' into empty-auth-up 2020-11-24 17:42:05 +01:00
Julien Cretin
b0dc019b4e Merge pull request #220 from ia0/fix_driver_crash 
Do not crash in the driver for store errors
 2020-11-24 16:55:42 +01:00
Julien Cretin
2add1c2cd2 Merge branch 'master' into fix_driver_crash 2020-11-24 16:46:21 +01:00
kaczmarczyck
4d4ce1022b Merge pull request #221 from kaczmarczyck/hmac-secret-reproducing 
makes HMAC secret output reproducible
 2020-11-24 16:31:31 +01:00
Fabian Kaczmarczyck
0b2ea7d98b makes HMAC secret output reproducible 2020-11-24 16:20:31 +01:00
Julien Cretin
29ee45de6c Do not crash in the driver for store errors 
We prefer to return those errors to the fuzzer which can then decide whether
they are expected or not (e.g. when starting from a dirty storage, the store is
expected to have errors).
 2020-11-24 11:31:54 +01:00
Jean-Michel Picod
2da14783d3 Merge pull request #219 from jmichelp/certification 
Adding metadata file used for certification.
 2020-11-24 10:35:48 +01:00
Jean-Michel Picod
90f2d4a249 Fix indentation 2020-11-23 20:33:01 +01:00
Jean-Michel Picod
174c292f2f Adding metadata file used for certification. 2020-11-23 19:16:48 +01:00
kaczmarczyck
3867497c4b Merge pull request #218 from kaczmarczyck/server-side-hmac-secret 
Allow HMAC secret with rk=false
 2020-11-23 17:31:52 +01:00
Fabian Kaczmarczyck
a099ddbabd introduce max credential size for readability 2020-11-23 14:34:38 +01:00
kaczmarczyck
14f59e3619 Merge branch 'master' into server-side-hmac-secret 2020-11-23 13:03:59 +01:00
kaczmarczyck
0cce91f280 Merge pull request #217 from kaczmarczyck/make-up-option 
fail on UP=true in make
 2020-11-23 13:03:43 +01:00
Fabian Kaczmarczyck
9bb1aad45d wraps HMAC secret into credentials 2020-11-23 12:59:25 +01:00
Fabian Kaczmarczyck
5bf73cb8fd fail on UP=true in make 2020-11-23 12:09:48 +01:00
Julien Cretin
d23acb4f64 Make sure production store only builds with usize=u32 2020-11-20 15:55:56 +01:00
Jean-Michel Picod
a412da8c73 Merge pull request #212 from kaczmarczyck/hid-init-sync 
Change response in HID_INIT for sync
 2020-11-20 15:37:25 +01:00
kaczmarczyck
9124de4ec6 Merge branch 'master' into hid-init-sync 2020-11-20 14:42:02 +01:00
Jean-Michel Picod
8c60d4b97d Merge pull request #215 from jmichelp/fix_workflow 
Fix broken crypto_test workflow.
 2020-11-20 13:38:19 +01:00
Jean-Michel Picod
4645ed322d Merge branch 'master' into fix_workflow 2020-11-20 13:23:43 +01:00
kaczmarczyck
fd68698e27 Merge pull request #211 from kaczmarczyck/exclude-list-decrypt 
Tries to unwrap credentials in the exclude list
 2020-11-20 12:38:44 +01:00
Jean-Michel Picod
22ff0b236f Merge branch 'master' into fix_workflow 2020-11-20 12:29:36 +01:00
kaczmarczyck
44257e57a7 Merge branch 'master' into exclude-list-decrypt 2020-11-20 12:28:29 +01:00
kaczmarczyck
aadd9d7ddf Merge pull request #213 from kaczmarczyck/cont-packets 
Change priority of errors for HID
 2020-11-20 12:28:15 +01:00
Jean-Michel Picod
dab0077b87 Fix broken crypto_test workflow. 
The use of `::set-env` command in workflows is not being depreacted.
Moving to the new way of setting environment variables.
 2020-11-20 11:58:39 +01:00
Fabian Kaczmarczyck
9a29795ca6 changes priority of error codes 2020-11-20 06:14:19 +01:00
Fabian Kaczmarczyck
e1b419c104 changes sync response and tests it 2020-11-20 05:49:11 +01:00
Fabian Kaczmarczyck
315016f552 unwraps credentials in the exclude list 2020-11-20 03:31:16 +01:00
Julien Cretin
e842da0de7 Add store fuzzing 2020-11-19 11:27:50 +01:00
Julien Cretin
78e801c32a Merge pull request #209 from ia0/v2_fuzz 
Add stats for fuzzing
 2020-11-19 11:22:32 +01:00
Julien Cretin
bbb73c77a8 Use width_lim instead of bucket_lim 2020-11-17 10:16:39 +01:00