kmwebnet/OpenSK
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,255 Commits 4 Branches 2 Tags
f25cdd6acc42b3b99a81b520113b5f87cb675c8c
Commit Graph

172 Commits

Author SHA1 Message Date
kaczmarczyck
f25cdd6acc Tock V2 port - rebased and updated (#620) 
* Changes from #580

* fixes USB cancel panic

* style fixes

* Update src/env/tock/storage.rs

Co-authored-by: Zach Halvorsen <zhalvorsen@google.com>

---------

Co-authored-by: Zach Halvorsen <zhalvorsen@google.com>
 2023-05-05 09:55:16 +02:00
kaczmarczyck
bcd382e5e9 Moves CTAP secrets to the key store (#617) 
The PIN hash can be encrypted and decrypted, and CredRandom is part of
the master secrets.
 2023-04-21 16:32:58 +02:00
kaczmarczyck
a88a1b2a22 Adds a hardware failure state for user presence (#616) 
Introduced in https://github.com/google/OpenSK/pull/580

The conversion to libtock's ErrorCode has to happen outside of the
library.
 2023-04-21 08:03:46 +02:00
kaczmarczyck
5f7eb3177b Cryptographic Secret type (#615) 
* Adds a type for cryptographic secrets

* default implementations and zeroize documentation

* removes whitespace
 2023-04-19 18:02:48 +02:00
kaczmarczyck
3091b5a29d Moves vendor commands into TockEnv (#614) 
This move changes the Env trait: It removes all functionality that is
used only in vendor commands (`FirmwareProtection`, `UpgradeStorage`)
and adds a function to call when parsing CBOR commands.

The abstraction necessary to test these commands is instead realized
through compile flags. The mock upgrade storage is active when compiled
for std for example.
 2023-04-17 00:17:37 +02:00
kaczmarczyck
a1d6ed0223 Makes our CredRandom derivation FIPS compliant (#613) 
* Makes our CredRandom derivation FIPS compliant

This change breaks existing usage of CredRandom.

* fixes rust_crypto and HKDF test style
 2023-04-11 14:48:42 +02:00
kaczmarczyck
be42b47caf Replaces Rng256 with new Rng API (#612) 
* Replaces the Rng256 with RngCore from rand_core

The old trait was designed with our software crypto in mind. We should
use a more standard API going forward.

- Removes libraries/rng256/
- Ports libraries/crypto/ to rand_core
- Moves the used RNG trait to api/

* Use StdRng directy in TestEnv
 2023-04-11 10:23:38 +02:00
kaczmarczyck
4cc1b4fddf Adds AES256 to the Crypto trait (#611) 2023-04-06 10:27:33 +02:00
kaczmarczyck
d0cdbec5ce Adds HKDF to the Crypto trait (#610) 2023-04-04 17:48:56 +02:00
kaczmarczyck
22192a37d2 SHA and HMAC for the Crypto trait (#609) 
* Implements SHA256 into the Crypto trait

* Fixes documentation

* Descriptive documentation
 2023-04-04 17:12:05 +02:00
kaczmarczyck
c168141b60 Adds a trait for crypto, porting EC first (#606) 
* Adds a trait for crypto, porting EC first

* Moves crypto implementation next to its trait

* Renames constants and types
 2023-04-04 13:54:41 +02:00
kaczmarczyck
80b82ffd42 LTO fix and toml cleanup (#608) 
* Removes redundant entries from Cargo.toml

This also fixes a compilation problem we have in debug mode with LTO
enabled.

* fix output-path triple dash
 2023-04-04 13:40:42 +02:00
kaczmarczyck
6d5ea16f2d CTAP HID Lock (#605) 
* Implements the CTAP HID Lock command

This is a direct translation of our internal implementation.

* adds more HID Lock tests
 2023-03-17 17:22:36 +01:00
kaczmarczyck
752db8cc90 Fixes new clippy lints on the latest nightly (#603) 
* Fixes new clippy lints on the latest nightly

We didn't see these before because of our old Rust toolchain.

* fixes nit
 2023-03-09 12:08:34 +01:00
kaczmarczyck
ca65902a8f CTAP library move (#602) 
* Moves all CTAP logic into its own library

* workflows fix test

* more coveralls workflow tests
 2023-03-07 15:56:46 +01:00
kaczmarczyck
3135c13e6b Moves the TockEnv implementation of RNG to env/ (#599) 
This change removes the tock dependencies from non-Tock envs.
 2023-03-06 11:21:48 +01:00
Julien Cretin
f6e9e00b87 Add linear view into a storage (#571) 2022-12-07 13:00:41 +01:00
kaczmarczyck
6610a29a67 Fixed proc-macro2 version (#550) 
* fixes proc-macro2 in dependencies

* adds missing locked versions, and a verbose print for cargo check

* commits Cargo.lock files

* removes unnecessary Cargo.lock entries

* adds missing Cargo.lock
 2022-09-27 10:12:45 +02:00
kaczmarczyck
f2fac83124 Fix once_cell dependency (#548) 
* fixed version of once_cell

* fixes comments

* removes unnecessary fuzz dependency
 2022-09-21 19:32:09 +02:00
kaczmarczyck
1b360662ee Public Key plain byte encoding (#540) 
* public key is encoded in bytes

* ECDSA pubkey in uncompressed format
 2022-08-31 15:51:40 +02:00
Julien Cretin
a44d961e7e Fix bumpalo issue 2022-08-23 10:43:44 +02:00
Julien Cretin
e52adf04c7 Add support for concatenated values 2022-08-19 12:47:29 +02:00
Egor Duda
cc1fb2543e Accommodate Store requirements for max_word_writes and max_page_erases 2022-06-07 17:04:18 +03:00
Egor Duda
0158cc846d Use 0xff for consistency 2022-06-07 15:58:08 +03:00
Egor Duda
2708074949 Improve variable names and comments readability 2022-06-06 15:08:42 +03:00
Egor Duda
660b6b76b2 Make FileOptions available to library's users 2022-06-06 15:06:29 +03:00
Egor Duda
4e47968233 Separate options type for FileStorage, remove hardcoded constants 2022-06-05 22:40:59 +03:00
Egor Duda
c0299c3225 No need for specific feature, use std instead 2022-06-05 22:40:32 +03:00
Egor Duda
f2cb2f72e7 Use StorageError::CustomError for implementations-specific (I/O) errors 2022-06-05 22:39:13 +03:00
Egor Duda
1cf7373bfe With new Storage API there's no need to double-buffer file data 
read_slice(...) can return Cow::Owned buffer to the caller
 2022-06-05 15:16:49 +03:00
Egor Duda
db26f6125b Implement file-backed persistent storage 
This allows running ctap2 authenticator application on non-embedded host OS
to implement virtual FIDO2 authenticator for QEMU
 2022-06-05 15:08:52 +03:00
Julien Cretin
0f368f0b48 Add justification for Cow usage 2022-06-03 17:03:06 +02:00
Julien Cretin
f57126634b Allow read_slice to return a Vec 2022-06-03 11:16:43 +02:00
Julien Cretin
5685e95b79 Remove useless dependency after rng256 was split out 2022-05-19 15:20:39 +02:00
kaczmarczyck
8979af6ca4 adds Eq to PartialEq (#477) 2022-05-05 15:50:28 +02:00
kaczmarczyck
4782d7e186 Separate RNG library (#470) 
* seperates the RNG library

* fixes crypto tests

* adds rng256 workflow

* fixes formatting
 2022-04-28 11:36:43 +02:00
Howard Yang
17ecd46b04 Generate valid structure for MakeCredential params 
* Add crate arbitrary as ctap's optional dependency, when feature "fuzz"
  is activated.

* Derive Arbitrary for all the necessary types in order to generate the
  concrete types from random bytes.

* Add a fuzz target that transforms the input to valid format for
  MakeCredential.
 2022-03-22 19:06:20 +08:00
kaczmarczyck
7e7d5e38a1 enforces Module imports granularity (#445) 2022-03-14 20:44:48 +01:00
Julien Cretin
dc00b94ee8 Remove steal_storage 2022-03-07 19:43:58 +01:00
Julien Cretin
8a2e99960f Reduce maximum fuzz input size 
The fuzzer timed out (60s) on a 17k input. On my machine it runs for 12s and 7s
after truncation to 10k.
 2022-02-28 12:39:08 +01:00
Julien Cretin
d47ca7fa54 Add documentation 2022-01-26 11:05:02 +01:00
Julien Cretin
b59df7001f Remove the software-specific Decrypt16BytesBlock and Encrypt16BytesBlock traits 
They assume blocks are encrypted/decrypted one at a time. To avoid one syscall
per block, it is preferable to encrypt/decrypt the data at once.

Change-Id: I795c8f5b7901a1b55fa3b06fa45fe57ab19d06ea
 2022-01-26 11:05:02 +01:00
kaczmarczyck
98c9191679 HMAC: only 32 byte keys (#424) 
* only support HMAC with 32 byte keys

* includes HMAC in the trait to be generic

* re-added HAMC test
 2022-01-18 13:14:11 +01:00
Julien Cretin
ce08f82d68 Restrict Sha256 to be used sequentially 
Also remove useless HashBlockSize64Bytes bound.
 2022-01-17 15:36:51 +01:00
kaczmarczyck
522e6079e3 Forward desktop test fixes (#419) 
* fixes clippy warnings for compilers until 2021-11-25

* fixes run_desktop_tests

* removes page_size
 2021-11-30 11:07:17 +01:00
Julien Cretin
d085d54878 Update test 2021-10-04 12:24:15 +02:00
Julien Cretin
af3bee64a5 Introduce window size to fix hidden entries 2021-10-04 12:24:15 +02:00
Julien Cretin
9dc5286633 Revert "Continue compacting until content fits window during compaction" 
This reverts commit 67fa8bee0b.
 2021-10-04 12:24:15 +02:00
Julien Cretin
daa16d948f Add test 2021-10-04 12:24:15 +02:00
Julien Cretin
67fa8bee0b Continue compacting until content fits window during compaction 
Also increase the virtual window size.
 2021-09-27 13:59:29 +02:00