shimun/solo
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity
1,190 Commits 44 Branches 28 Tags
Commit Graph

111 Commits

Author SHA1 Message Date
Conor Patrick
37769bb735 to support deleted credentials, need to scan all rk slots since it's no longer continuous 2020-03-25 14:57:39 -04:00
Conor Patrick
98bcf647c4 implement rk delete command for cred mgmt 2020-03-25 14:57:39 -04:00
Conor Patrick
682a443f4e refactor credMgmt to parse as subCommandParams, and get ready for delete command 2020-03-25 14:57:39 -04:00
Conor Patrick
a28a05673f definitely need to update rpIdHash 2020-03-25 14:57:39 -04:00
Conor Patrick
3a70ee0ec6 refactor authData and extension handling to work for getNextAssertion 2020-03-25 14:57:39 -04:00
Conor Patrick
872a320abc Fix credential order: need to start with most recent 2020-03-25 14:57:39 -04:00
Conor Patrick
3cbf7ec451 move credProtect checking to credential filtering step 2020-03-25 14:57:39 -04:00
Conor Patrick
fdc5a68fcd update info/feature detection details 2020-03-25 14:57:39 -04:00
Conor Patrick
1c1005a0e8 add credprotect parameter to output 2020-03-25 14:57:39 -04:00
Conor Patrick
4831410111 add credProtect extension 2020-03-25 14:57:39 -04:00
Radoslav Gerganov
7112633779 Fix user presence test when pinAuth is empty 
The check_retr macro is evaluating its argument twice, so when we do:

    check_retr( ctap2_user_presence_test(...) )

the user presence function is called twice and the user has to press the
button twice. This is regression introduced with commit 3b53537.
 2020-03-21 12:48:05 -04:00
Radoslav Gerganov
79b43a90fd Implement commands for management of resident keys 
Implement command 0x41 which is used by OpenSSH for reading RKs. It has
the following subcommands:
 * CMD_CRED_METADATA - get number of saved/remaining RKs
 * CMD_RP_BEGIN/CMD_RP_NEXT - iterate over the saved RPs
 * CMD_RK_BEGIN/CMD_RK_NEXT - iterate over the RKs for a given RP

Fixes issue #374 and issue #314
 2020-03-21 11:59:22 -04:00
Conor Patrick
1d59bbfdd4 support different aaguid's in cert for different solo models 2019-12-01 18:09:08 -05:00
Conor Patrick
54c66d80b6 overwrite x509 fields for tap or somu 2019-12-01 18:09:08 -05:00
Conor Patrick
1d63154699 move sense of "backup" from ctap to device layer 2019-11-22 19:02:52 -05:00
Conor Patrick
d266e7927c reorganize crypto and device.c to be more based on fido2/ 2019-11-22 19:02:52 -05:00
Conor Patrick
b4f59ec355 pull certificate from flash page 2019-10-27 10:25:00 -04:00
Conor Patrick
00b09e0d40 add u2f length arg 2019-10-08 16:10:29 -04:00
Conor Patrick
08658eb11e
Merge branch 'master' into bootloader-downgrade-protection 2019-10-08 13:44:20 -04:00
Conor Patrick
0ebe0ff502 add ctap function to overwrite key bytes 2019-10-08 13:42:37 -04:00
Conor Patrick
8c256298ae default up to enabled 2019-09-17 00:13:57 +08:00
Conor Patrick
c61f15a090 allow get_assertion with disabled UP 2019-09-17 00:13:57 +08:00
Conor Patrick
f072561899 properly check the rpId in request 2019-09-17 00:13:57 +08:00
Conor Patrick
a9bbdee35b
Merge branch 'master' into remove-pin-storage 2019-09-02 21:45:21 +08:00
Szczepan Zalega
cb13fb65de
Store version in the bootloader. Debug code. 2019-08-24 10:17:43 +02:00
Conor Patrick
41ceb78f6c add user presence to flags 2019-08-23 14:48:21 +08:00
Conor Patrick
3b53537077 refactor fido2 user presence handling & increase timeout to 29s 2019-08-23 13:19:28 +08:00
merlokk
0d621d13f9 fix decoding apdu 2019-08-22 20:55:12 +08:00
Conor Patrick
a72f0ede05 take a lazy approach to key agreement generation to not hold up boot time for nfc 2019-08-21 12:06:06 +08:00
Conor Patrick
adcbd3aeb8 speed up public key derivation slightly for nfc 2019-08-21 12:06:06 +08:00
Conor Patrick
b706cc30b0 for now, always gen key agreement 2019-08-21 12:06:06 +08:00
Szczepan Zalega
b452e3dfe4
Correct doc 2019-08-20 11:47:14 +02:00
Szczepan Zalega
8e3753e711
Add initial STATE migration code (2) 2019-08-20 11:34:51 +02:00
Szczepan Zalega
816ca21f08
Correct writing salted hash 
pinHashEnc is 16 bytes, which is too small to store sha256 result.
 2019-08-20 11:34:48 +02:00
Szczepan Zalega
5a448d636c
Add comments 2019-08-20 11:34:29 +02:00
Szczepan Zalega
7be0553377
Replace FIDO2 PIN storage with its hash 2019-08-20 11:34:26 +02:00
Conor Patrick
690d7c716a move CTAPHID_STATUS_PROCESSING to after UP 2019-07-29 12:39:59 -04:00
Conor Patrick
78e3b291c2 make sure device status is set in all user presence tests 2019-07-28 22:10:56 -04:00
Conor Patrick
b47854c335 use error code PIN_AUTH_INVALID 2019-07-28 21:41:11 -04:00
Conor Patrick
f17faca689 use correct size for auth_data for signature 2019-07-26 23:53:20 -04:00
Conor Patrick
bddd60c080 use persisted key info 2019-05-27 13:54:29 -04:00
Conor Patrick
e1474e8e8e fix potential memory leaks 2019-05-13 15:32:04 -04:00
Conor Patrick
0f50ae7d63 change u2f to return early if button not immediately pressed 2019-05-10 15:56:52 -04:00
Conor Patrick
e105afd647 fix build 2019-05-09 17:51:41 -04:00
Conor Patrick
e402d36bf1 fix user presence skipping for nfc 2019-05-09 17:26:28 -04:00
Conor Patrick
6ae1cd3865 remove not-useful logs 2019-04-24 18:36:36 -04:00
Conor Patrick
ec98af115f restore button in ctap_make_auth_data 2019-04-24 16:54:26 -04:00
Conor Patrick
813eb97d2f reuse memory for allow_list of creds 2019-04-24 11:45:30 -04:00
Conor Patrick
b0baace2e7 move custom credid to different location 2019-04-24 00:15:32 -04:00
Conor Patrick
ce96fffddd add info to authData for ext reqs 2019-04-23 21:57:27 -04:00