* Common duration type for ctap library independent of TockOS
* Implement Env-specific ctap-hid channels for I/O
Common I/O Status, Error and Result types
* Move common user presence checking code to ctap library
* Move CtapHidChannel and UserPresence traits, with their accompanying
types to separate API mods. Remove Default implementations of methods
in these traits, to keep all implementation details inside of concrete
Env types.
Rename methods in UserPresence trait, for better readability.
Remove duplicate code for finding appropriate HID channel for given
transport.
Rework check_user_presence() function so that there's no more need for
quick_check() method in UserPresence trait. To short-circuit user
presence check, Env implementation may use wait_with_timeout() method.
* Fix button press wait with zero timeout for TockEnv
* Fix formatting
* Remove type for duration, use embedded_time::duration::Milliseconds
directly, for better readability.
Treat any unconfirmed result of user presence check as an error, which
maps more naturally to CTAP spec status codes.
Remove unneeded underscores in trait definition.
Store usb endpoint directly, in TockEnv channels, to avoid unneeded
conversions.
* No need for separate error type for send_keepalive_up_needed()
* Document UserPresence trait and types.
Remove unused parameters in UserPresence trait's methods.
Add conversion function from UserPresence errors to Ctap2 status codes.
Do not check button status when tock user presence wait is called with
zero timeout.
* Make test environment always report success sending data
* Rename CtapHidChannel to HidConnection, rename *_hid_channel ->
*_hid_connection, for clarity. Use "Channel" to refer to the logical
connection from authenticator to one client, and use "Connection" to
refer to physical connection of authenticator to platform, on which
clients run.
Remove channel parameter from user presence API, it's not needed.
* Remove duplicate comments.
Co-authored-by: kaczmarczyck <43844792+kaczmarczyck@users.noreply.github.com>
We shouldn't compare private keys in prod for side-channel resilience. Ideally
we shouldn't clone too. We currently do for storage. Fixing this would probably
require to serialize the private key in the credential struct.
ed25519-dalek does not implement Clone and Eq for secret keys, and
relevant PR in its repository wait for merge from long time ago, leading
to potential problems with maintainability
* adds PrivateKey to handle different algorithms
* fixes input check problem of decrypt_credential_source
* addresses comments
* version number not encrypted
* version number test
* adds a credential size test
* removes the algorithm from credential encoding
* Add set_enterprise_attestation in TestEnv
* Add test_helpers for Test Unification
* Used it in structured fuzzer and enterprise attestation unittests
* Restructure test_helpers
* Rename setup_enterprise_attestation to enable_
* Move enterprise mode related customizations to new file
* Fix cargo clippy error
* Add is_enterpris_rp_id API to avoid cloning
* Only expose enterprise_rp_id_list API in std
* Move three dependent customizations into new file
* default_min_pin_length(_rp_ids) and max_rp_ids_length
* Did some backing store tricks to make the list configurable in
TestCustomization.
* Add testing for TestCustomization
* Change assert comparison to assert_eq
* Separate tests
* Move 3 pure constants to new file
* Return Vec<String> for rp_ids()
* Make rng in TestEnv deterministic and seedable
* Move seed method to TestRng256
* Change some constant name in comments to snake case
* Move seed rng of env to the start
* Fix unused warning
* Make rng in TestEnv deterministic and seedable
* Move seed method to TestRng256
* Move seed rng of env to the start
* Fix unused warning
* Seed rng in all fuzz targets
* Fix error introduced when merging
Co-authored-by: Julien Cretin <cretin@google.com>
* Introduce Customization trait
* Introduce Customization trait including the customization accessors
that control various behaviors.
* Expose Customization through a getter API in Env, and make the code
that directly access the constants currently switch to accessing the
customizations via Env.
* TockEnv's customization getter implementation directly returns the
reference of the global DEFAULT_CUSTOMIZATION constant, so the
constant values are still inlined and dead code won't be compiled.
* We'll add the customizations from global constants to the struct
one-by-one, only MAX_MSG_SIZE in this commit.
* Small fixes
* Fix deploy script
* put is_valid under std gate
* Add crate arbitrary as ctap's optional dependency, when feature "fuzz"
is activated.
* Derive Arbitrary for all the necessary types in order to generate the
concrete types from random bytes.
* Add a fuzz target that transforms the input to valid format for
MakeCredential.
