* Add CBOR credential ID type
Update the format of the credential ID we generated to extend the
encrypted portion from only private_key + rp_id_hash to a flexible CBOR
map. This way we can persist more data into the key handle in the future
without need of a new version.
We add credProtectPolicy to the persisted data in this commit too, so we
can correctly check the credProtectPolicy for non-discoverable
credentials in follow-up commits.
* Fixed some style problems.
* Fix cargo clippy warning
* Check credProtectPolicy for non-discoverable credentials.
* Remove support of old v1, v2 key handles
- And changed some style problems
* Style changes
* Add missing `alloc` use
* Common duration type for ctap library independent of TockOS
* Implement Env-specific ctap-hid channels for I/O
Common I/O Status, Error and Result types
* Move common user presence checking code to ctap library
* Move CtapHidChannel and UserPresence traits, with their accompanying
types to separate API mods. Remove Default implementations of methods
in these traits, to keep all implementation details inside of concrete
Env types.
Rename methods in UserPresence trait, for better readability.
Remove duplicate code for finding appropriate HID channel for given
transport.
Rework check_user_presence() function so that there's no more need for
quick_check() method in UserPresence trait. To short-circuit user
presence check, Env implementation may use wait_with_timeout() method.
* Fix button press wait with zero timeout for TockEnv
* Fix formatting
* Remove type for duration, use embedded_time::duration::Milliseconds
directly, for better readability.
Treat any unconfirmed result of user presence check as an error, which
maps more naturally to CTAP spec status codes.
Remove unneeded underscores in trait definition.
Store usb endpoint directly, in TockEnv channels, to avoid unneeded
conversions.
* No need for separate error type for send_keepalive_up_needed()
* Document UserPresence trait and types.
Remove unused parameters in UserPresence trait's methods.
Add conversion function from UserPresence errors to Ctap2 status codes.
Do not check button status when tock user presence wait is called with
zero timeout.
* Make test environment always report success sending data
* Rename CtapHidChannel to HidConnection, rename *_hid_channel ->
*_hid_connection, for clarity. Use "Channel" to refer to the logical
connection from authenticator to one client, and use "Connection" to
refer to physical connection of authenticator to platform, on which
clients run.
Remove channel parameter from user presence API, it's not needed.
* Remove duplicate comments.
Co-authored-by: kaczmarczyck <43844792+kaczmarczyck@users.noreply.github.com>
We shouldn't compare private keys in prod for side-channel resilience. Ideally
we shouldn't clone too. We currently do for storage. Fixing this would probably
require to serialize the private key in the credential struct.
ed25519-dalek does not implement Clone and Eq for secret keys, and
relevant PR in its repository wait for merge from long time ago, leading
to potential problems with maintainability
* adds PrivateKey to handle different algorithms
* fixes input check problem of decrypt_credential_source
* addresses comments
* version number not encrypted
* version number test
* adds a credential size test
* removes the algorithm from credential encoding
* Add set_enterprise_attestation in TestEnv
* Add test_helpers for Test Unification
* Used it in structured fuzzer and enterprise attestation unittests
* Restructure test_helpers
* Rename setup_enterprise_attestation to enable_
* Move enterprise mode related customizations to new file
* Fix cargo clippy error
* Add is_enterpris_rp_id API to avoid cloning
* Only expose enterprise_rp_id_list API in std
* Move three dependent customizations into new file
* default_min_pin_length(_rp_ids) and max_rp_ids_length
* Did some backing store tricks to make the list configurable in
TestCustomization.
* Add testing for TestCustomization
* Change assert comparison to assert_eq
* Separate tests
* Move 3 pure constants to new file
* Return Vec<String> for rp_ids()
* Make rng in TestEnv deterministic and seedable
* Move seed method to TestRng256
* Change some constant name in comments to snake case
* Move seed rng of env to the start
* Fix unused warning
* Make rng in TestEnv deterministic and seedable
* Move seed method to TestRng256
* Move seed rng of env to the start
* Fix unused warning
* Seed rng in all fuzz targets
* Fix error introduced when merging
Co-authored-by: Julien Cretin <cretin@google.com>
