shimun/solo
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity
1,198 Commits 44 Branches 28 Tags
f002d08071a2cb1b0269b3ae9e9bda90bcbf03da
Commit Graph

270 Commits

Author SHA1 Message Date
Radoslav Gerganov f002d08071 Add support for the security manager in Google Chrome 
This patch fixes the following issues to make Google Chrome happy:
1. Adds CTAP_CBOR_CRED_MGMT(0x0A) which is an alias to CTAP_CBOR_CRED_MGMT_PRE(0x41)
2. Returns success instead of NO_CREDENTIALS when there are no RKs
3. Skip the "icon" property if it's empty

Tested with Google Chrome Version 80.0.3987.149
 2020-03-27 00:22:28 -04:00
Radoslav Gerganov e53b83257d Do not return NO_CREDENTIALS if there are no RKs and meta is requested 
Fixes-issue: #403
 2020-03-27 00:22:28 -04:00
Conor Patrick 530e175ad1 cleanup 2020-03-25 14:57:39 -04:00
Conor Patrick 6cd3873b37 add reboot command for better testing 2020-03-25 14:57:39 -04:00
Conor Patrick 241f58657b consider credProtect with exclude list, and also check user presence 2020-03-25 14:57:39 -04:00
Conor Patrick 3b42289cce add rpId to RK's, fix counting of unique RP's 2020-03-25 14:57:39 -04:00
Conor Patrick b3712b57fc refactor to reuse more code 2020-03-25 14:57:39 -04:00
Conor Patrick 37769bb735 to support deleted credentials, need to scan all rk slots since it's no longer continuous 2020-03-25 14:57:39 -04:00
Conor Patrick d677f8c346 add rk delete implementations 2020-03-25 14:57:39 -04:00
Conor Patrick 98bcf647c4 implement rk delete command for cred mgmt 2020-03-25 14:57:39 -04:00
Conor Patrick 682a443f4e refactor credMgmt to parse as subCommandParams, and get ready for delete command 2020-03-25 14:57:39 -04:00
Conor Patrick a28a05673f definitely need to update rpIdHash 2020-03-25 14:57:39 -04:00
Conor Patrick 3a70ee0ec6 refactor authData and extension handling to work for getNextAssertion 2020-03-25 14:57:39 -04:00
Conor Patrick 872a320abc Fix credential order: need to start with most recent 2020-03-25 14:57:39 -04:00
Conor Patrick 3cbf7ec451 move credProtect checking to credential filtering step 2020-03-25 14:57:39 -04:00
Conor Patrick 97eb6bba8a bug fix 2020-03-25 14:57:39 -04:00
Conor Patrick fdc5a68fcd update info/feature detection details 2020-03-25 14:57:39 -04:00
Conor Patrick 1c1005a0e8 add credprotect parameter to output 2020-03-25 14:57:39 -04:00
Conor Patrick 4831410111 add credProtect extension 2020-03-25 14:57:39 -04:00
Radoslav Gerganov 05bc8bee55 Check return values when parsing CTAP commands 2020-03-21 12:49:05 -04:00
Radoslav Gerganov 7112633779 Fix user presence test when pinAuth is empty 
The check_retr macro is evaluating its argument twice, so when we do:

    check_retr( ctap2_user_presence_test(...) )

the user presence function is called twice and the user has to press the
button twice. This is regression introduced with commit 3b53537.
 2020-03-21 12:48:05 -04:00
Radoslav Gerganov 79b43a90fd Implement commands for management of resident keys 
Implement command 0x41 which is used by OpenSSH for reading RKs. It has
the following subcommands:
 * CMD_CRED_METADATA - get number of saved/remaining RKs
 * CMD_RP_BEGIN/CMD_RP_NEXT - iterate over the saved RPs
 * CMD_RK_BEGIN/CMD_RK_NEXT - iterate over the RKs for a given RP

Fixes issue #374 and issue #314
 2020-03-21 11:59:22 -04:00
Conor Patrick f2d6698066 Update version.c 2020-03-16 14:59:01 -04:00
Conor Patrick 5738bcc7a3 more strict checks in cbor parsing 2020-02-27 15:40:27 -05:00
Conor Patrick 1b862d3b0c fix error return 2020-02-18 11:18:08 -05:00
Conor Patrick 349cbc39f2 fix offset 2020-02-18 11:18:08 -05:00
Conor Patrick da31f984dd add version check 2020-02-18 11:18:08 -05:00
Conor Patrick 9d3e8c06fc subsequent button presses do not need to wait long 2020-02-18 11:18:08 -05:00
Conor Patrick aeafd09007 only use .flag section for hw builds 2020-02-17 13:41:05 -05:00
Conor Patrick e713daba26 add temporary command to force flash locking 2020-02-13 17:17:23 -05:00
Conor Patrick 46f2920e63 bugfix hid cancel 2019-12-01 18:09:08 -05:00
Conor Patrick 8a44d14fef adjust default impl 2019-12-01 18:09:08 -05:00
Conor Patrick 1d59bbfdd4 support different aaguid's in cert for different solo models 2019-12-01 18:09:08 -05:00
Conor Patrick 54c66d80b6 overwrite x509 fields for tap or somu 2019-12-01 18:09:08 -05:00
Conor Patrick 6cb15a6482 small fixes 2019-11-22 19:02:52 -05:00
Conor Patrick 85ddc40036 add weak definitions for nonvolatila functions 2019-11-22 19:02:52 -05:00
Conor Patrick 1d63154699 move sense of "backup" from ctap to device layer 2019-11-22 19:02:52 -05:00
Conor Patrick ee55bf3ba0 document device.h 2019-11-22 19:02:52 -05:00
Conor Patrick 3b4b6dd4fe remove solo functions from device.h 2019-11-22 19:02:52 -05:00
Conor Patrick dcd256faf4 add initial weak definitions 2019-11-22 19:02:52 -05:00
Conor Patrick 85365c635d refactor to use libsolo 2019-11-22 19:02:52 -05:00
Conor Patrick a388607dab build fido2 locally as lib 2019-11-22 19:02:52 -05:00
Conor Patrick d266e7927c reorganize crypto and device.c to be more based on fido2/ 2019-11-22 19:02:52 -05:00
Conor Patrick 8b146c4a16 fix issue with bootloader not replying data 2019-10-28 10:51:35 -04:00
Conor Patrick c0df8b680d fix build 2019-10-27 10:25:00 -04:00
Conor Patrick 9ac2aa90c3 store all info in same page, dont use authenticator state 2019-10-27 10:25:00 -04:00
Conor Patrick d33749fc16 add locked variable to GETVERSION hid command 2019-10-27 10:25:00 -04:00
Conor Patrick 7212982385 remove hacker macros 2019-10-27 10:25:00 -04:00
Conor Patrick 666cd6a0ba migrate certs 2019-10-27 10:25:00 -04:00
Conor Patrick b4f59ec355 pull certificate from flash page 2019-10-27 10:25:00 -04:00