shimun/solo
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity
1,219 Commits 44 Branches 28 Tags
Commit Graph

276 Commits

Author SHA1 Message Date
shimun
65dc8de490
allow pin removal 2020-10-30 16:13:22 +01:00
Conor Patrick
299e91b91b dont return index >= ctap_rk_size() 
Fixes issue found by @My1: https://github.com/solokeys/solo/issues/407
 2020-03-28 15:45:16 -04:00
Conor Patrick
cbf40f4ec7 hmac-secret should be different when UV=1 2020-03-28 12:28:05 -04:00
Conor Patrick
5f8a9a44fc refactor credmgmt 2020-03-27 10:56:51 -04:00
Conor Patrick
8aa1f4ad01 change parsing TAG_CM to TAG_PARSE 2020-03-27 10:56:51 -04:00
Conor Patrick
04cffb6509 allow depth-first-search and account for interleaved RK's 2020-03-27 10:56:51 -04:00
Radoslav Gerganov
f002d08071 Add support for the security manager in Google Chrome 
This patch fixes the following issues to make Google Chrome happy:
1. Adds CTAP_CBOR_CRED_MGMT(0x0A) which is an alias to CTAP_CBOR_CRED_MGMT_PRE(0x41)
2. Returns success instead of NO_CREDENTIALS when there are no RKs
3. Skip the "icon" property if it's empty

Tested with Google Chrome Version 80.0.3987.149
 2020-03-27 00:22:28 -04:00
Radoslav Gerganov
e53b83257d Do not return NO_CREDENTIALS if there are no RKs and meta is requested 
Fixes-issue: #403
 2020-03-27 00:22:28 -04:00
Conor Patrick
530e175ad1 cleanup 2020-03-25 14:57:39 -04:00
Conor Patrick
6cd3873b37 add reboot command for better testing 2020-03-25 14:57:39 -04:00
Conor Patrick
241f58657b consider credProtect with exclude list, and also check user presence 2020-03-25 14:57:39 -04:00
Conor Patrick
3b42289cce add rpId to RK's, fix counting of unique RP's 2020-03-25 14:57:39 -04:00
Conor Patrick
b3712b57fc refactor to reuse more code 2020-03-25 14:57:39 -04:00
Conor Patrick
37769bb735 to support deleted credentials, need to scan all rk slots since it's no longer continuous 2020-03-25 14:57:39 -04:00
Conor Patrick
d677f8c346 add rk delete implementations 2020-03-25 14:57:39 -04:00
Conor Patrick
98bcf647c4 implement rk delete command for cred mgmt 2020-03-25 14:57:39 -04:00
Conor Patrick
682a443f4e refactor credMgmt to parse as subCommandParams, and get ready for delete command 2020-03-25 14:57:39 -04:00
Conor Patrick
a28a05673f definitely need to update rpIdHash 2020-03-25 14:57:39 -04:00
Conor Patrick
3a70ee0ec6 refactor authData and extension handling to work for getNextAssertion 2020-03-25 14:57:39 -04:00
Conor Patrick
872a320abc Fix credential order: need to start with most recent 2020-03-25 14:57:39 -04:00
Conor Patrick
3cbf7ec451 move credProtect checking to credential filtering step 2020-03-25 14:57:39 -04:00
Conor Patrick
97eb6bba8a bug fix 2020-03-25 14:57:39 -04:00
Conor Patrick
fdc5a68fcd update info/feature detection details 2020-03-25 14:57:39 -04:00
Conor Patrick
1c1005a0e8 add credprotect parameter to output 2020-03-25 14:57:39 -04:00
Conor Patrick
4831410111 add credProtect extension 2020-03-25 14:57:39 -04:00
Radoslav Gerganov
05bc8bee55 Check return values when parsing CTAP commands 2020-03-21 12:49:05 -04:00
Radoslav Gerganov
7112633779 Fix user presence test when pinAuth is empty 
The check_retr macro is evaluating its argument twice, so when we do:

    check_retr( ctap2_user_presence_test(...) )

the user presence function is called twice and the user has to press the
button twice. This is regression introduced with commit 3b53537.
 2020-03-21 12:48:05 -04:00
Radoslav Gerganov
79b43a90fd Implement commands for management of resident keys 
Implement command 0x41 which is used by OpenSSH for reading RKs. It has
the following subcommands:
 * CMD_CRED_METADATA - get number of saved/remaining RKs
 * CMD_RP_BEGIN/CMD_RP_NEXT - iterate over the saved RPs
 * CMD_RK_BEGIN/CMD_RK_NEXT - iterate over the RKs for a given RP

Fixes issue #374 and issue #314
 2020-03-21 11:59:22 -04:00
Conor Patrick
f2d6698066 Update version.c 2020-03-16 14:59:01 -04:00
Conor Patrick
5738bcc7a3 more strict checks in cbor parsing 2020-02-27 15:40:27 -05:00
Conor Patrick
1b862d3b0c fix error return 2020-02-18 11:18:08 -05:00
Conor Patrick
349cbc39f2 fix offset 2020-02-18 11:18:08 -05:00
Conor Patrick
da31f984dd add version check 2020-02-18 11:18:08 -05:00
Conor Patrick
9d3e8c06fc subsequent button presses do not need to wait long 2020-02-18 11:18:08 -05:00
Conor Patrick
aeafd09007 only use .flag section for hw builds 2020-02-17 13:41:05 -05:00
Conor Patrick
e713daba26 add temporary command to force flash locking 2020-02-13 17:17:23 -05:00
Conor Patrick
46f2920e63 bugfix hid cancel 2019-12-01 18:09:08 -05:00
Conor Patrick
8a44d14fef adjust default impl 2019-12-01 18:09:08 -05:00
Conor Patrick
1d59bbfdd4 support different aaguid's in cert for different solo models 2019-12-01 18:09:08 -05:00
Conor Patrick
54c66d80b6 overwrite x509 fields for tap or somu 2019-12-01 18:09:08 -05:00
Conor Patrick
6cb15a6482 small fixes 2019-11-22 19:02:52 -05:00
Conor Patrick
85ddc40036 add weak definitions for nonvolatila functions 2019-11-22 19:02:52 -05:00
Conor Patrick
1d63154699 move sense of "backup" from ctap to device layer 2019-11-22 19:02:52 -05:00
Conor Patrick
ee55bf3ba0 document device.h 2019-11-22 19:02:52 -05:00
Conor Patrick
3b4b6dd4fe remove solo functions from device.h 2019-11-22 19:02:52 -05:00
Conor Patrick
dcd256faf4 add initial weak definitions 2019-11-22 19:02:52 -05:00
Conor Patrick
85365c635d refactor to use libsolo 2019-11-22 19:02:52 -05:00
Conor Patrick
a388607dab build fido2 locally as lib 2019-11-22 19:02:52 -05:00
Conor Patrick
d266e7927c reorganize crypto and device.c to be more based on fido2/ 2019-11-22 19:02:52 -05:00
Conor Patrick
8b146c4a16 fix issue with bootloader not replying data 2019-10-28 10:51:35 -04:00