mirror
/
solo1
kopia lustrzana https://github.com/solokeys/solo1
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność
1 265 Commity
52 Gałęzie
34 Tagi
4,6 MiB
Wykres commitów

288 Commity (master)

Autor SHA1 Wiadomość Data
Conor Patrick a72f0ede05 take a lazy approach to key agreement generation to not hold up boot time for nfc 2019-08-21 12:06:06 +08:00
Conor Patrick adcbd3aeb8 speed up public key derivation slightly for nfc 2019-08-21 12:06:06 +08:00
Conor Patrick b706cc30b0 for now, always gen key agreement 2019-08-21 12:06:06 +08:00
Szczepan Zalega a5877f518f
Additional assertions and reordering 2019-08-20 12:42:46 +02:00
Szczepan Zalega 5a0cc0d02c
Version used STATE data structures 2019-08-20 11:57:32 +02:00
Szczepan Zalega b452e3dfe4
Correct doc 2019-08-20 11:47:14 +02:00
Szczepan Zalega 8e3753e711
Add initial STATE migration code (2) 2019-08-20 11:34:51 +02:00
Szczepan Zalega 816ca21f08
Correct writing salted hash 
pinHashEnc is 16 bytes, which is too small to store sha256 result.
 2019-08-20 11:34:48 +02:00
Szczepan Zalega 6c60a37e8a
Add initial STATE migration code 2019-08-20 11:34:45 +02:00
Szczepan Zalega bac576f3a0
Make the state structure backward-compatible. Add version. 2019-08-20 11:34:39 +02:00
Szczepan Zalega 6e637299e5
Add missing declaration, and comment out wallet message 2019-08-20 11:34:35 +02:00
Szczepan Zalega 43b3e93854
Modify state struct 2019-08-20 11:34:32 +02:00
Szczepan Zalega 5a448d636c
Add comments 2019-08-20 11:34:29 +02:00
Szczepan Zalega 7be0553377
Replace FIDO2 PIN storage with its hash 2019-08-20 11:34:26 +02:00
Conor Patrick 690d7c716a move CTAPHID_STATUS_PROCESSING to after UP 2019-07-29 12:39:59 -04:00
Conor Patrick 78e3b291c2 make sure device status is set in all user presence tests 2019-07-28 22:10:56 -04:00
Conor Patrick b47854c335 use error code PIN_AUTH_INVALID 2019-07-28 21:41:11 -04:00
Conor Patrick f17faca689 use correct size for auth_data for signature 2019-07-26 23:53:20 -04:00
Conor Patrick df2cff2350 patch hmac final to use correct key 2019-07-26 23:49:55 -04:00
merlokk 24a006068d fix extended apdu decode 2019-07-05 12:25:46 +03:00
merlokk 315b6564ab u2f works with extended apdu and now user presence not needs if request come from nfc and power from usb 2019-07-04 23:12:31 +03:00
merlokk f2ebaf6abe invalid cla and r-block works 2019-07-04 19:14:26 +03:00
merlokk 4845d2c172 fix 14443 apdu decode and select 2019-07-04 17:52:00 +03:00
merlokk 26bc8a2889 apdu decoding works 2019-07-04 17:27:03 +03:00
merlokk a51c9192b1 add apdu_decode 2019-07-04 16:27:33 +03:00
Conor Patrick bddd60c080 use persisted key info 2019-05-27 13:54:29 -04:00
Conor Patrick 31328fe7e7 dont fail when public key type is too large 2019-05-18 14:34:54 -04:00
Conor Patrick e1474e8e8e fix potential memory leaks 2019-05-13 15:32:04 -04:00
Conor Patrick 0f50ae7d63 change u2f to return early if button not immediately pressed 2019-05-10 15:56:52 -04:00
Conor Patrick e105afd647 fix build 2019-05-09 17:51:41 -04:00
Conor Patrick 9fb02d4da3 add UP wait HID messages to U2F for windows 2019-05-09 17:46:01 -04:00
Conor Patrick e402d36bf1 fix user presence skipping for nfc 2019-05-09 17:26:28 -04:00
Conor Patrick 84740f3d6a changes to make firmware interop on all hw models 2019-05-09 16:01:07 -04:00
Conor Patrick 60e3d01e0d refactor 2019-05-09 02:44:04 -04:00
Conor Patrick 6ae1cd3865 remove not-useful logs 2019-04-24 18:36:36 -04:00
Conor Patrick ec98af115f restore button in ctap_make_auth_data 2019-04-24 16:54:26 -04:00
Conor Patrick 437f691d12 Update solo.c 2019-04-24 16:41:22 -04:00
Conor Patrick 813eb97d2f reuse memory for allow_list of creds 2019-04-24 11:45:30 -04:00
Conor Patrick b0baace2e7 move custom credid to different location 2019-04-24 00:15:32 -04:00
Conor Patrick 1fab0b8f1f add wallet api in as compile option 2019-04-23 21:57:50 -04:00
Conor Patrick ce96fffddd add info to authData for ext reqs 2019-04-23 21:57:27 -04:00
Conor Patrick 8fc0da7934 move args to device_init 2019-04-23 21:12:40 -04:00
Conor Patrick 494e856198
Merge pull request #131 from rgerganov/hidg 
Add support for hidg devices on Linux
 2019-04-23 20:22:33 -04:00
Conor Patrick eab8b81c95 include nfc in user presence test 2019-04-23 14:05:18 -04:00
Adam Langley 73f538dd0e Fix COSE type of key-agreement keys. 
The key-agreement keys in the PIN protocol use COSE type -25. I'm not
sure if that's written down anywhere, but it's what everything else does
and it's an ECDH type rather than an ECDSA type.
 2019-04-20 16:45:04 -07:00
Adam Langley a5f794c0ff Handle empty pinAuth fields. 
CTAP2 specifies that an empty pinAuth field is special: it indicates
that the device should block for touch, i.e. it's just a way of letting
a user select from multiple authenticators[1].

This change handles empty pinAuth fields in GetAssertion and
MakeCredential commands.

[1] https://fidoalliance.org/specs/fido-v2.0-ps-20190130/fido-client-to-authenticator-protocol-v2.0-ps-20190130.html#using-pinToken-in-authenticatorMakeCredential
 2019-04-20 16:26:32 -07:00
Radoslav Gerganov 955d4f76ef Add support for hidg devices on Linux 
There is a HID gadget driver on Linux which provides emulation of USB
HID devices. This could be very useful for testing the Solo firmware
without actual hardware, using only a Linux box.

This patch adds a command line argument which specifies whether the
existing UDP backing should be used or the new one which reads and
writes to /dev/hidg0.

Testing done:
 1. Created HID device with configfs
 2. Started "./main -b hidg" as root
 3. Successfully executed Webauthn registration and authentication on
 the same Linux machine

Closes: #122
 2019-04-16 10:54:46 +03:00
Conor Patrick 9bb706987f solo ext bugfix 2019-04-13 22:42:05 -04:00
Conor Patrick 44fa3bbb8e Add checks to use U2F key if necessary 2019-04-13 22:37:31 -04:00
Conor Patrick 7068be9cd5 reorder options 2019-04-10 13:13:38 -04:00
Conor Patrick 5fc8d214fd remove add_user param 2019-04-10 12:47:23 -04:00
Conor Patrick 5f49f4680e re-order items in get_assertion response 2019-04-10 12:22:35 -04:00
Conor Patrick 4cc72bcd97 rearrange cbor encoding order in make_credential and get_info 2019-04-10 12:11:31 -04:00
Conor Patrick 89769ecc18 fix u2f counter for real 2019-03-31 23:29:00 -04:00
Conor Patrick 893d4131b2 change how pin is enforced for GA 2019-03-26 19:00:12 -04:00
Conor Patrick a1a75e4ab5 check errors 2019-03-21 12:47:15 -04:00
Conor Patrick d68011ef04 remove warnings 2019-03-21 00:01:37 -04:00
Conor Patrick 02e83073e0 add hmac-secret to reg response 2019-03-20 23:58:42 -04:00
Conor Patrick 3a48756f96 remove extra layer of map 2019-03-20 23:40:58 -04:00
Conor Patrick 946e932b1e refactor to use less ram 2019-03-20 23:28:45 -04:00
Conor Patrick 142d4002e5 remove warning, reduce memory 2019-03-20 23:14:17 -04:00
Conor Patrick 2d233f164e small bug fixes 2019-03-20 21:03:03 -04:00
Conor Patrick b62e9906c7 make new function 2019-03-20 20:13:16 -04:00
Conor Patrick 074225d87a hmac-secret fully functional 2019-03-20 20:03:12 -04:00
Conor Patrick bb9b2ea9d4 validate saltAuth 2019-03-20 18:10:52 -04:00
Conor Patrick e8d5bc5829 refactor ctap_make_auth_data arguments 2019-03-20 17:43:50 -04:00
Conor Patrick ce3ad0e56f bugfix 2019-03-20 16:51:58 -04:00
Conor Patrick 00d86379e5 parse full hmac-secret 2019-03-20 16:21:21 -04:00
Conor Patrick 821880a8d6 parse extension info in MC 2019-03-20 15:45:10 -04:00
Conor Patrick 5cb81c753d Add version/extensions to PC build 2019-03-06 14:05:44 -05:00
Conor Patrick 195dc2a8ae use 0x7f as upper counter byte 2019-03-04 02:36:47 -05:00
Conor Patrick 1507758ad1 bring pc crypto impl up to date 2019-03-02 23:10:43 -05:00
Conor Patrick afc85e0d2e update log message 2019-03-02 22:40:27 -05:00
Conor Patrick dc946f5b35 centralize reset key agreement 2019-03-02 19:38:27 -05:00
Conor Patrick e31e703afd minor improvements 2019-03-01 23:42:22 -05:00
Conor Patrick a265da09fb Update u2f.c 2019-03-01 22:00:17 -05:00
Conor Patrick 32f2436380
Merge pull request #120 from nickray/sha512 
SHA512 (via Cifra)
 2019-03-01 21:44:13 -05:00
Conor Patrick 7255c4f8db
Merge pull request #121 from solokeys/nfc 
Nfc
 2019-03-01 21:43:12 -05:00
Conor Patrick 4e215db42a start from 0 2019-02-28 23:13:12 -05:00
Nicolas Stalder 0865f2a660 do not probe bootloader 2019-02-27 03:18:12 +01:00
Nicolas Stalder 5e70c11b54 Hide onboard crypto tests behind a reserved ctaphid command 2019-02-27 02:58:56 +01:00
Conor Patrick 46ada5a8b9 WRONG_DATA apdu error code fix 2019-02-26 20:34:07 -05:00
Conor Patrick 14974e0ebe fix compile issues 2019-02-26 15:30:57 -05:00
Conor Patrick e8d0ad5e7c autodetect passive nfc operation or usb operation 2019-02-26 15:04:23 -05:00
Conor Patrick 347d0942b1 refactor fromNFC 2019-02-26 14:07:27 -05:00
Conor Patrick ff0d42c8d5 refactor clock rates, fix warnings 2019-02-26 13:56:06 -05:00
Nicolas Stalder a6673b0917 Use our cifra fork, rename command, keep room for sha256 2019-02-26 19:52:59 +01:00
Nicolas Stalder 0c296bba30 First go at using cifra for SHA512 2019-02-26 19:52:59 +01:00
Conor Patrick 57930aaa13 fix compilation errors 2019-02-26 13:27:25 -05:00
Conor Patrick 1a6895ca25 merge 2019-02-26 13:10:16 -05:00
Conor Patrick 54b7f42056 passive operation works as is (refactor needed) 2019-02-26 01:19:35 -05:00
Conor Patrick 46d7be865d fix upper byte U2F for backwards compatibility 2019-02-17 15:33:24 -05:00
Conor Patrick 3fed8cebdf reduce RNG to 71 2019-02-14 18:01:23 -05:00
Conor Patrick 99f09790f1 deterministic 2019-02-14 16:03:19 -05:00
Conor Patrick 6745c9a0cb bugfix/skip-auth for fido2 extension 2019-02-14 15:53:02 -05:00
Conor Patrick 0651316da5 catch U2F check by extension 2019-02-14 15:16:13 -05:00
Conor Patrick f48becc6dc bridge extension to fido2 interface 2019-02-14 15:15:58 -05:00
Conor Patrick 85c58e9d5b TAG_EXT typo 2019-02-14 15:15:24 -05:00
Nicolas Stalder 8386ae56d2 Cleanup makefile, minor typos 2019-02-13 03:25:12 +01:00
Conor Patrick d38d3a8342
Merge pull request #108 from yparitcher/f2ext_fixes 
fix typo
 2019-02-12 20:55:15 -05:00
Conor Patrick c482d6cc74 typo 2019-02-12 20:52:03 -05:00
yparitcher 2cb96cb793
fix typo 2019-02-12 20:47:28 -05:00
Conor Patrick 831976f3a2 replace macros with DEBUG_LEVEL aware timestamp function 2019-02-12 20:28:48 -05:00
yparitcher 1dd835d698
add -Wextra: further code cleanup 
please fix Wno-unused-parameter -Wno-missing-field-initializers in the future
 2019-02-12 18:22:03 -05:00
yparitcher 400b37a96a
clean up build: GCC warnings 2019-02-12 18:19:38 -05:00
Conor Patrick 894f6f7ee1
Merge branch 'master' into license-change 2019-02-12 17:47:28 -05:00
Conor Patrick ed676151f1 update license to apache2 + mit 2019-02-12 17:18:17 -05:00
Conor Patrick 6c23532f08 use 3-byte version 2019-02-12 16:37:32 -05:00
Conor Patrick ba4f9ed7ae bug fix 2019-02-12 15:00:01 -05:00
Conor Patrick eb2d377ffb add extension to solo to get version and RNG 2019-02-12 14:00:05 -05:00
Conor Patrick 2893cd7ce3 move inits to device_init 2019-02-11 22:00:18 -05:00
Conor Patrick e230a9464e enable ctap from usb 2019-02-07 20:09:13 -05:00
Conor Patrick 342af18b1f initialize ctap 2019-02-07 20:09:00 -05:00
Oleg Moiseenko 32400c8d09
Merge branch 'nfc' into nfc2 2019-02-07 14:49:47 +02:00
merlokk bc1bb3509f move APDU dumps to separate log channel 2019-02-06 19:21:06 +02:00
merlokk 375db69e3a fido2 works 2019-02-06 19:06:49 +02:00
Szczepan Zalega 449faea7d3
Fix buffer overread in ctap_encode_der_sig() 
Take into account leading zeroes in the size to copy, for both R and S
ingredients of the signature.
Issue was occuring only in cases, when there was a leading zero for the
S part.

Refactor ctap_encode_der_sig():
- add in_ and out_ prefixes to the function arguments
- mark pointers const
- clear out buffer

Tested via simulated device on:
- Fedora 29
- gcc (GCC) 8.2.1 20181215 (Red Hat 8.2.1-6)
- libasan 8.2.1 / 6.fc29
(same machine, as in the related issue description)
by running ctap_test() Python test in a loop for 20 minutes (dev's
counter 400k+). Earlier issue was occuring in first minutes.

Tested on Nucleo32 board, by running the ctap_test() 20 times.

Fixes https://github.com/solokeys/solo/issues/94

Signed-off-by: Szczepan Zalega <szczepan@nitrokey.com>
 2019-02-02 18:33:10 +01:00
Conor Patrick 1b5e230d45 merge u2f endian fix 2019-02-02 00:32:36 -05:00
Conor Patrick ee98340a03 temporarily remove prints at start 2019-02-02 00:24:42 -05:00
merlokk f6e2bfa683 yubikey answers U2F_SW_WRONG_PAYLOAD instead of U2F_SW_WRONG_DATA 2019-02-01 20:06:19 +02:00
merlokk 5c8acdd666 fix u2f user presence check, added `dont-enforce-user-presence-and-sign`, fix counter 2019-02-01 20:00:13 +02:00
merlokk cce25b2a1c u2f auth works 2019-01-28 00:04:17 +02:00
merlokk 4c941997b4 check as3956 on startup 2019-01-27 23:35:20 +02:00
merlokk 2049020b92 refactoring 2019-01-27 11:44:33 +02:00
merlokk 3eddfbf8a9 u2f register works 2019-01-26 23:44:51 +02:00
Conor Patrick 302ce75ce6 responds to RATS correctly 2019-01-12 20:20:47 -05:00
Conor Patrick 62cd7cc728 enable energy harvesting and tunneling in eeprom 2019-01-12 16:20:11 -05:00
Conor Patrick 9ff52fcdb4 Update u2f.c 2019-01-08 21:37:15 -05:00
Conor Patrick 121070822f Update main.c 2019-01-07 21:20:07 -05:00
Conor Patrick 78c40976c3 log interrupts and recv'd data 2019-01-07 21:19:45 -05:00
Conor Patrick c330346c31 add nfc log tag 2019-01-07 18:29:38 -05:00
Conor Patrick 3d9dd08208 non-c99 compatibility 2019-01-05 19:42:28 -05:00
Emanuele Cesena bbc61d5743 New README and license 2018-12-16 16:19:40 -08:00
Conor Patrick 5dd3355bd8 add wink command 2018-12-08 20:37:30 -05:00
Conor Patrick 15a1fb1e5b fix pc build 2018-12-06 23:48:46 -05:00
Conor Patrick 1a07b4a73a add rng command 2018-12-05 19:35:22 -05:00
Conor Patrick 5a636d1ebe boot directly st bootlaoder 2018-12-04 19:14:11 -05:00
Conor Patrick 97b715881b boot directly to solo bootloader for solo hacker 2018-12-04 01:30:53 -05:00
Conor Patrick b0cc9cf582 program using just hid protocol, quicker 2018-12-04 00:15:58 -05:00
Conor Patrick 5a96e82f4d python script for progamming via solo bootloader 2018-12-03 23:01:51 -05:00
Conor Patrick 9b4b18e1a4 more configurable led 2018-12-03 20:30:35 -05:00
Conor Patrick e107a9aa86 refactor 2018-12-03 20:06:44 -05:00
Conor Patrick aece05b2e8 remove dead code 2018-12-03 00:14:26 -05:00
Conor Patrick eb39e0f2c4 reboot and pass tests 2018-12-03 00:01:41 -05:00
Conor Patrick bfa2d2830d signed update working 2018-12-02 23:31:34 -05:00
Conor Patrick 9ff5dc6373 bug fixes, now it boots application 2018-12-02 20:30:28 -05:00
Conor Patrick ac7950f4c4 remove printf references, add bootloader script, merge hex files 2018-12-01 17:10:49 -05:00
Conor Patrick 93d4112bc3 bootloader compiles 2018-12-01 14:42:49 -05:00
Conor Patrick ff682d6b5e remove debug statements 2018-11-23 11:50:51 -05:00
Conor Patrick feceeb0a22 passing certification and interop with rk 2018-11-18 11:15:00 -08:00