Conor Patrick
1d59bbfdd4
support different aaguid's in cert for different solo models
2019-12-01 18:09:08 -05:00
Conor Patrick
54c66d80b6
overwrite x509 fields for tap or somu
2019-12-01 18:09:08 -05:00
Conor Patrick
6cb15a6482
small fixes
2019-11-22 19:02:52 -05:00
Conor Patrick
85ddc40036
add weak definitions for nonvolatila functions
2019-11-22 19:02:52 -05:00
Conor Patrick
1d63154699
move sense of "backup" from ctap to device layer
2019-11-22 19:02:52 -05:00
Conor Patrick
ee55bf3ba0
document device.h
2019-11-22 19:02:52 -05:00
Conor Patrick
3b4b6dd4fe
remove solo functions from device.h
2019-11-22 19:02:52 -05:00
Conor Patrick
dcd256faf4
add initial weak definitions
2019-11-22 19:02:52 -05:00
Conor Patrick
85365c635d
refactor to use libsolo
2019-11-22 19:02:52 -05:00
Conor Patrick
a388607dab
build fido2 locally as lib
2019-11-22 19:02:52 -05:00
Conor Patrick
d266e7927c
reorganize crypto and device.c to be more based on fido2/
2019-11-22 19:02:52 -05:00
Conor Patrick
8b146c4a16
fix issue with bootloader not replying data
2019-10-28 10:51:35 -04:00
Conor Patrick
c0df8b680d
fix build
2019-10-27 10:25:00 -04:00
Conor Patrick
9ac2aa90c3
store all info in same page, dont use authenticator state
2019-10-27 10:25:00 -04:00
Conor Patrick
d33749fc16
add locked variable to GETVERSION hid command
2019-10-27 10:25:00 -04:00
Conor Patrick
7212982385
remove hacker macros
2019-10-27 10:25:00 -04:00
Conor Patrick
666cd6a0ba
migrate certs
2019-10-27 10:25:00 -04:00
Conor Patrick
b4f59ec355
pull certificate from flash page
2019-10-27 10:25:00 -04:00
Conor Patrick
2a02d0de33
small errors
2019-10-08 16:10:29 -04:00
Conor Patrick
00b09e0d40
add u2f length arg
2019-10-08 16:10:29 -04:00
Conor Patrick
26db2b3f6b
check FIDO2 credential IDs in U2F
2019-10-08 16:10:29 -04:00
Conor Patrick
08658eb11e
Merge branch 'master' into bootloader-downgrade-protection
2019-10-08 13:44:20 -04:00
Conor Patrick
49d79fa5da
reduce lines/size
2019-10-08 13:42:37 -04:00
Conor Patrick
69a7191860
fix warnings
2019-10-08 13:42:37 -04:00
Conor Patrick
a58658e35d
fix pointer
2019-10-08 13:42:37 -04:00
Conor Patrick
bb2929b28f
change ctap_atomic_count to increase by user-specified amount
2019-10-08 13:42:37 -04:00
Conor Patrick
8e0eda8ed4
refactor custom commands and add LOADKEY
2019-10-08 13:42:37 -04:00
Conor Patrick
0ebe0ff502
add ctap function to overwrite key bytes
2019-10-08 13:42:37 -04:00
Conor Patrick
8c256298ae
default up to enabled
2019-09-17 00:13:57 +08:00
Conor Patrick
01b928c0ec
allow in bootloader as well
2019-09-17 00:13:57 +08:00
Conor Patrick
018a4d394c
add get_version command to hid
2019-09-17 00:13:57 +08:00
Conor Patrick
7a75fba6d3
delete old code
2019-09-17 00:13:57 +08:00
Conor Patrick
c61f15a090
allow get_assertion with disabled UP
2019-09-17 00:13:57 +08:00
Conor Patrick
f072561899
properly check the rpId in request
2019-09-17 00:13:57 +08:00
Conor Patrick
a9bbdee35b
Merge branch 'master' into remove-pin-storage
2019-09-02 21:45:21 +08:00
Conor Patrick
321bbe3691
Merge pull request #293 from solokeys/ccid
...
Ccid
2019-09-02 21:42:38 +08:00
Conor Patrick
9041e5903c
return SW_WRONG_LENGTH for incorrect lc
2019-08-30 16:37:17 +08:00
Szczepan Zalega
cb13fb65de
Store version in the bootloader. Debug code.
2019-08-24 10:17:43 +02:00
Szczepan Zalega
188a34d1da
Add missing Makefile entry. Rename pubkey file.
2019-08-24 10:17:05 +02:00
Szczepan Zalega
9248c6462c
Add missing is_newer and pubkey
2019-08-24 10:17:02 +02:00
Szczepan Zalega
118e129152
Set firmware version in the flash
2019-08-24 10:16:59 +02:00
Szczepan Zalega
d618081dd0
Add version code
2019-08-24 10:16:53 +02:00
Conor Patrick
69c34f9ca9
Merge branch 'master' into ccid
2019-08-24 15:54:51 +08:00
Conor Patrick
ccd9a04146
add ccid log tag
2019-08-24 15:08:14 +08:00
Conor Patrick
41ceb78f6c
add user presence to flags
2019-08-23 14:48:21 +08:00
Conor Patrick
3b53537077
refactor fido2 user presence handling & increase timeout to 29s
2019-08-23 13:19:28 +08:00
merlokk
c972a13034
fix reboot
2019-08-22 20:55:25 +08:00
merlokk
c79b7abfb6
add reset placeholder
2019-08-22 20:55:25 +08:00
merlokk
0d621d13f9
fix decoding apdu
2019-08-22 20:55:12 +08:00
merlokk
b743d5fac5
sketch
2019-08-21 12:13:16 +08:00
Conor Patrick
a72f0ede05
take a lazy approach to key agreement generation to not hold up boot time for nfc
2019-08-21 12:06:06 +08:00
Conor Patrick
adcbd3aeb8
speed up public key derivation slightly for nfc
2019-08-21 12:06:06 +08:00
Conor Patrick
b706cc30b0
for now, always gen key agreement
2019-08-21 12:06:06 +08:00
Szczepan Zalega
a5877f518f
Additional assertions and reordering
2019-08-20 12:42:46 +02:00
Szczepan Zalega
5a0cc0d02c
Version used STATE data structures
2019-08-20 11:57:32 +02:00
Szczepan Zalega
b452e3dfe4
Correct doc
2019-08-20 11:47:14 +02:00
Szczepan Zalega
8e3753e711
Add initial STATE migration code (2)
2019-08-20 11:34:51 +02:00
Szczepan Zalega
816ca21f08
Correct writing salted hash
...
pinHashEnc is 16 bytes, which is too small to store sha256 result.
2019-08-20 11:34:48 +02:00
Szczepan Zalega
6c60a37e8a
Add initial STATE migration code
2019-08-20 11:34:45 +02:00
Szczepan Zalega
bac576f3a0
Make the state structure backward-compatible. Add version.
2019-08-20 11:34:39 +02:00
Szczepan Zalega
6e637299e5
Add missing declaration, and comment out wallet message
2019-08-20 11:34:35 +02:00
Szczepan Zalega
43b3e93854
Modify state struct
2019-08-20 11:34:32 +02:00
Szczepan Zalega
5a448d636c
Add comments
2019-08-20 11:34:29 +02:00
Szczepan Zalega
7be0553377
Replace FIDO2 PIN storage with its hash
2019-08-20 11:34:26 +02:00
Conor Patrick
690d7c716a
move CTAPHID_STATUS_PROCESSING to after UP
2019-07-29 12:39:59 -04:00
Conor Patrick
78e3b291c2
make sure device status is set in all user presence tests
2019-07-28 22:10:56 -04:00
Conor Patrick
b47854c335
use error code PIN_AUTH_INVALID
2019-07-28 21:41:11 -04:00
Conor Patrick
f17faca689
use correct size for auth_data for signature
2019-07-26 23:53:20 -04:00
Conor Patrick
df2cff2350
patch hmac final to use correct key
2019-07-26 23:49:55 -04:00
merlokk
24a006068d
fix extended apdu decode
2019-07-05 12:25:46 +03:00
merlokk
315b6564ab
u2f works with extended apdu and now user presence not needs if request come from nfc and power from usb
2019-07-04 23:12:31 +03:00
merlokk
f2ebaf6abe
invalid cla and r-block works
2019-07-04 19:14:26 +03:00
merlokk
4845d2c172
fix 14443 apdu decode and select
2019-07-04 17:52:00 +03:00
merlokk
26bc8a2889
apdu decoding works
2019-07-04 17:27:03 +03:00
merlokk
a51c9192b1
add apdu_decode
2019-07-04 16:27:33 +03:00
Conor Patrick
bddd60c080
use persisted key info
2019-05-27 13:54:29 -04:00
Conor Patrick
31328fe7e7
dont fail when public key type is too large
2019-05-18 14:34:54 -04:00
Conor Patrick
e1474e8e8e
fix potential memory leaks
2019-05-13 15:32:04 -04:00
Conor Patrick
0f50ae7d63
change u2f to return early if button not immediately pressed
2019-05-10 15:56:52 -04:00
Conor Patrick
e105afd647
fix build
2019-05-09 17:51:41 -04:00
Conor Patrick
9fb02d4da3
add UP wait HID messages to U2F for windows
2019-05-09 17:46:01 -04:00
Conor Patrick
e402d36bf1
fix user presence skipping for nfc
2019-05-09 17:26:28 -04:00
Conor Patrick
84740f3d6a
changes to make firmware interop on all hw models
2019-05-09 16:01:07 -04:00
Conor Patrick
60e3d01e0d
refactor
2019-05-09 02:44:04 -04:00
Conor Patrick
6ae1cd3865
remove not-useful logs
2019-04-24 18:36:36 -04:00
Conor Patrick
ec98af115f
restore button in ctap_make_auth_data
2019-04-24 16:54:26 -04:00
Conor Patrick
437f691d12
Update solo.c
2019-04-24 16:41:22 -04:00
Conor Patrick
813eb97d2f
reuse memory for allow_list of creds
2019-04-24 11:45:30 -04:00
Conor Patrick
b0baace2e7
move custom credid to different location
2019-04-24 00:15:32 -04:00
Conor Patrick
1fab0b8f1f
add wallet api in as compile option
2019-04-23 21:57:50 -04:00
Conor Patrick
ce96fffddd
add info to authData for ext reqs
2019-04-23 21:57:27 -04:00
Conor Patrick
8fc0da7934
move args to device_init
2019-04-23 21:12:40 -04:00
Conor Patrick
494e856198
Merge pull request #131 from rgerganov/hidg
...
Add support for hidg devices on Linux
2019-04-23 20:22:33 -04:00
Conor Patrick
eab8b81c95
include nfc in user presence test
2019-04-23 14:05:18 -04:00
Adam Langley
73f538dd0e
Fix COSE type of key-agreement keys.
...
The key-agreement keys in the PIN protocol use COSE type -25. I'm not
sure if that's written down anywhere, but it's what everything else does
and it's an ECDH type rather than an ECDSA type.
2019-04-20 16:45:04 -07:00
Adam Langley
a5f794c0ff
Handle empty pinAuth fields.
...
CTAP2 specifies that an empty pinAuth field is special: it indicates
that the device should block for touch, i.e. it's just a way of letting
a user select from multiple authenticators[1].
This change handles empty pinAuth fields in GetAssertion and
MakeCredential commands.
[1] https://fidoalliance.org/specs/fido-v2.0-ps-20190130/fido-client-to-authenticator-protocol-v2.0-ps-20190130.html#using-pinToken-in-authenticatorMakeCredential
2019-04-20 16:26:32 -07:00
Radoslav Gerganov
955d4f76ef
Add support for hidg devices on Linux
...
There is a HID gadget driver on Linux which provides emulation of USB
HID devices. This could be very useful for testing the Solo firmware
without actual hardware, using only a Linux box.
This patch adds a command line argument which specifies whether the
existing UDP backing should be used or the new one which reads and
writes to /dev/hidg0.
Testing done:
1. Created HID device with configfs
2. Started "./main -b hidg" as root
3. Successfully executed Webauthn registration and authentication on
the same Linux machine
Closes : #122
2019-04-16 10:54:46 +03:00
Conor Patrick
9bb706987f
solo ext bugfix
2019-04-13 22:42:05 -04:00
Conor Patrick
44fa3bbb8e
Add checks to use U2F key if necessary
2019-04-13 22:37:31 -04:00
Conor Patrick
7068be9cd5
reorder options
2019-04-10 13:13:38 -04:00