shimun/solo
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity
1,119 Commits 44 Branches 28 Tags
Commit Graph

96 Commits

Author SHA1 Message Date
Conor Patrick
5fbf53559a reorganize crypto and device.c to be more based on fido2/ 2019-11-18 14:55:14 -05:00
Conor Patrick
b4f59ec355 pull certificate from flash page 2019-10-27 10:25:00 -04:00
Conor Patrick
00b09e0d40 add u2f length arg 2019-10-08 16:10:29 -04:00
Conor Patrick
08658eb11e
Merge branch 'master' into bootloader-downgrade-protection 2019-10-08 13:44:20 -04:00
Conor Patrick
0ebe0ff502 add ctap function to overwrite key bytes 2019-10-08 13:42:37 -04:00
Conor Patrick
8c256298ae default up to enabled 2019-09-17 00:13:57 +08:00
Conor Patrick
c61f15a090 allow get_assertion with disabled UP 2019-09-17 00:13:57 +08:00
Conor Patrick
f072561899 properly check the rpId in request 2019-09-17 00:13:57 +08:00
Conor Patrick
a9bbdee35b
Merge branch 'master' into remove-pin-storage 2019-09-02 21:45:21 +08:00
Szczepan Zalega
cb13fb65de
Store version in the bootloader. Debug code. 2019-08-24 10:17:43 +02:00
Conor Patrick
41ceb78f6c add user presence to flags 2019-08-23 14:48:21 +08:00
Conor Patrick
3b53537077 refactor fido2 user presence handling & increase timeout to 29s 2019-08-23 13:19:28 +08:00
merlokk
0d621d13f9 fix decoding apdu 2019-08-22 20:55:12 +08:00
Conor Patrick
a72f0ede05 take a lazy approach to key agreement generation to not hold up boot time for nfc 2019-08-21 12:06:06 +08:00
Conor Patrick
adcbd3aeb8 speed up public key derivation slightly for nfc 2019-08-21 12:06:06 +08:00
Conor Patrick
b706cc30b0 for now, always gen key agreement 2019-08-21 12:06:06 +08:00
Szczepan Zalega
b452e3dfe4
Correct doc 2019-08-20 11:47:14 +02:00
Szczepan Zalega
8e3753e711
Add initial STATE migration code (2) 2019-08-20 11:34:51 +02:00
Szczepan Zalega
816ca21f08
Correct writing salted hash 
pinHashEnc is 16 bytes, which is too small to store sha256 result.
 2019-08-20 11:34:48 +02:00
Szczepan Zalega
5a448d636c
Add comments 2019-08-20 11:34:29 +02:00
Szczepan Zalega
7be0553377
Replace FIDO2 PIN storage with its hash 2019-08-20 11:34:26 +02:00
Conor Patrick
690d7c716a move CTAPHID_STATUS_PROCESSING to after UP 2019-07-29 12:39:59 -04:00
Conor Patrick
78e3b291c2 make sure device status is set in all user presence tests 2019-07-28 22:10:56 -04:00
Conor Patrick
b47854c335 use error code PIN_AUTH_INVALID 2019-07-28 21:41:11 -04:00
Conor Patrick
f17faca689 use correct size for auth_data for signature 2019-07-26 23:53:20 -04:00
Conor Patrick
bddd60c080 use persisted key info 2019-05-27 13:54:29 -04:00
Conor Patrick
e1474e8e8e fix potential memory leaks 2019-05-13 15:32:04 -04:00
Conor Patrick
0f50ae7d63 change u2f to return early if button not immediately pressed 2019-05-10 15:56:52 -04:00
Conor Patrick
e105afd647 fix build 2019-05-09 17:51:41 -04:00
Conor Patrick
e402d36bf1 fix user presence skipping for nfc 2019-05-09 17:26:28 -04:00
Conor Patrick
6ae1cd3865 remove not-useful logs 2019-04-24 18:36:36 -04:00
Conor Patrick
ec98af115f restore button in ctap_make_auth_data 2019-04-24 16:54:26 -04:00
Conor Patrick
813eb97d2f reuse memory for allow_list of creds 2019-04-24 11:45:30 -04:00
Conor Patrick
b0baace2e7 move custom credid to different location 2019-04-24 00:15:32 -04:00
Conor Patrick
ce96fffddd add info to authData for ext reqs 2019-04-23 21:57:27 -04:00
Conor Patrick
eab8b81c95 include nfc in user presence test 2019-04-23 14:05:18 -04:00
Adam Langley
73f538dd0e Fix COSE type of key-agreement keys. 
The key-agreement keys in the PIN protocol use COSE type -25. I'm not
sure if that's written down anywhere, but it's what everything else does
and it's an ECDH type rather than an ECDSA type.
 2019-04-20 16:45:04 -07:00
Adam Langley
a5f794c0ff Handle empty pinAuth fields. 
CTAP2 specifies that an empty pinAuth field is special: it indicates
that the device should block for touch, i.e. it's just a way of letting
a user select from multiple authenticators[1].

This change handles empty pinAuth fields in GetAssertion and
MakeCredential commands.

[1] https://fidoalliance.org/specs/fido-v2.0-ps-20190130/fido-client-to-authenticator-protocol-v2.0-ps-20190130.html#using-pinToken-in-authenticatorMakeCredential
 2019-04-20 16:26:32 -07:00
Conor Patrick
9bb706987f solo ext bugfix 2019-04-13 22:42:05 -04:00
Conor Patrick
44fa3bbb8e Add checks to use U2F key if necessary 2019-04-13 22:37:31 -04:00
Conor Patrick
7068be9cd5 reorder options 2019-04-10 13:13:38 -04:00
Conor Patrick
5fc8d214fd remove add_user param 2019-04-10 12:47:23 -04:00
Conor Patrick
5f49f4680e re-order items in get_assertion response 2019-04-10 12:22:35 -04:00
Conor Patrick
4cc72bcd97 rearrange cbor encoding order in make_credential and get_info 2019-04-10 12:11:31 -04:00
Conor Patrick
893d4131b2 change how pin is enforced for GA 2019-03-26 19:00:12 -04:00
Conor Patrick
a1a75e4ab5 check errors 2019-03-21 12:47:15 -04:00
Conor Patrick
02e83073e0 add hmac-secret to reg response 2019-03-20 23:58:42 -04:00
Conor Patrick
3a48756f96 remove extra layer of map 2019-03-20 23:40:58 -04:00
Conor Patrick
946e932b1e refactor to use less ram 2019-03-20 23:28:45 -04:00
Conor Patrick
142d4002e5 remove warning, reduce memory 2019-03-20 23:14:17 -04:00