solo1

Wykres commitów

Autor	SHA1	Wiadomość	Data
Enrik Berkhan	fe24b9edd1	POC: add ed25519 support based on libsodium (PC) or salty (solo). For now: - libsodium(-dev) is expected to be preinstalled on build system for PC build	2020-10-17 14:40:41 +02:00
Conor Patrick	299e91b91b	dont return index >= ctap_rk_size() Fixes issue found by @My1: https://github.com/solokeys/solo/issues/407	2020-03-28 15:45:16 -04:00
Conor Patrick	cbf40f4ec7	hmac-secret should be different when UV=1	2020-03-28 12:28:05 -04:00
Conor Patrick	5f8a9a44fc	refactor credmgmt	2020-03-27 10:56:51 -04:00
Conor Patrick	04cffb6509	allow depth-first-search and account for interleaved RK's	2020-03-27 10:56:51 -04:00
Radoslav Gerganov	f002d08071	Add support for the security manager in Google Chrome This patch fixes the following issues to make Google Chrome happy: 1. Adds CTAP_CBOR_CRED_MGMT(0x0A) which is an alias to CTAP_CBOR_CRED_MGMT_PRE(0x41) 2. Returns success instead of NO_CREDENTIALS when there are no RKs 3. Skip the "icon" property if it's empty Tested with Google Chrome Version 80.0.3987.149	2020-03-27 00:22:28 -04:00
Radoslav Gerganov	e53b83257d	Do not return NO_CREDENTIALS if there are no RKs and meta is requested Fixes-issue: #403	2020-03-27 00:22:28 -04:00
Conor Patrick	530e175ad1	cleanup	2020-03-25 14:57:39 -04:00
Conor Patrick	241f58657b	consider credProtect with exclude list, and also check user presence	2020-03-25 14:57:39 -04:00
Conor Patrick	3b42289cce	add rpId to RK's, fix counting of unique RP's	2020-03-25 14:57:39 -04:00
Conor Patrick	b3712b57fc	refactor to reuse more code	2020-03-25 14:57:39 -04:00
Conor Patrick	37769bb735	to support deleted credentials, need to scan all rk slots since it's no longer continuous	2020-03-25 14:57:39 -04:00
Conor Patrick	98bcf647c4	implement rk delete command for cred mgmt	2020-03-25 14:57:39 -04:00
Conor Patrick	682a443f4e	refactor credMgmt to parse as subCommandParams, and get ready for delete command	2020-03-25 14:57:39 -04:00
Conor Patrick	a28a05673f	definitely need to update rpIdHash	2020-03-25 14:57:39 -04:00
Conor Patrick	3a70ee0ec6	refactor authData and extension handling to work for getNextAssertion	2020-03-25 14:57:39 -04:00
Conor Patrick	872a320abc	Fix credential order: need to start with most recent	2020-03-25 14:57:39 -04:00
Conor Patrick	3cbf7ec451	move credProtect checking to credential filtering step	2020-03-25 14:57:39 -04:00
Conor Patrick	fdc5a68fcd	update info/feature detection details	2020-03-25 14:57:39 -04:00
Conor Patrick	1c1005a0e8	add credprotect parameter to output	2020-03-25 14:57:39 -04:00
Conor Patrick	4831410111	add credProtect extension	2020-03-25 14:57:39 -04:00
Radoslav Gerganov	7112633779	Fix user presence test when pinAuth is empty The check_retr macro is evaluating its argument twice, so when we do: check_retr( ctap2_user_presence_test(...) ) the user presence function is called twice and the user has to press the button twice. This is regression introduced with commit `3b53537`.	2020-03-21 12:48:05 -04:00
Radoslav Gerganov	79b43a90fd	Implement commands for management of resident keys Implement command 0x41 which is used by OpenSSH for reading RKs. It has the following subcommands: * CMD_CRED_METADATA - get number of saved/remaining RKs * CMD_RP_BEGIN/CMD_RP_NEXT - iterate over the saved RPs * CMD_RK_BEGIN/CMD_RK_NEXT - iterate over the RKs for a given RP Fixes issue #374 and issue #314	2020-03-21 11:59:22 -04:00
Conor Patrick	1d59bbfdd4	support different aaguid's in cert for different solo models	2019-12-01 18:09:08 -05:00
Conor Patrick	54c66d80b6	overwrite x509 fields for tap or somu	2019-12-01 18:09:08 -05:00
Conor Patrick	1d63154699	move sense of "backup" from ctap to device layer	2019-11-22 19:02:52 -05:00
Conor Patrick	d266e7927c	reorganize crypto and device.c to be more based on fido2/	2019-11-22 19:02:52 -05:00
Conor Patrick	b4f59ec355	pull certificate from flash page	2019-10-27 10:25:00 -04:00
Conor Patrick	00b09e0d40	add u2f length arg	2019-10-08 16:10:29 -04:00
Conor Patrick	08658eb11e	Merge branch 'master' into bootloader-downgrade-protection	2019-10-08 13:44:20 -04:00
Conor Patrick	0ebe0ff502	add ctap function to overwrite key bytes	2019-10-08 13:42:37 -04:00
Conor Patrick	8c256298ae	default up to enabled	2019-09-17 00:13:57 +08:00
Conor Patrick	c61f15a090	allow get_assertion with disabled UP	2019-09-17 00:13:57 +08:00
Conor Patrick	f072561899	properly check the rpId in request	2019-09-17 00:13:57 +08:00
Conor Patrick	a9bbdee35b	Merge branch 'master' into remove-pin-storage	2019-09-02 21:45:21 +08:00
Szczepan Zalega	cb13fb65de	Store version in the bootloader. Debug code.	2019-08-24 10:17:43 +02:00
Conor Patrick	41ceb78f6c	add user presence to flags	2019-08-23 14:48:21 +08:00
Conor Patrick	3b53537077	refactor fido2 user presence handling & increase timeout to 29s	2019-08-23 13:19:28 +08:00
merlokk	0d621d13f9	fix decoding apdu	2019-08-22 20:55:12 +08:00
Conor Patrick	a72f0ede05	take a lazy approach to key agreement generation to not hold up boot time for nfc	2019-08-21 12:06:06 +08:00
Conor Patrick	adcbd3aeb8	speed up public key derivation slightly for nfc	2019-08-21 12:06:06 +08:00
Conor Patrick	b706cc30b0	for now, always gen key agreement	2019-08-21 12:06:06 +08:00
Szczepan Zalega	b452e3dfe4	Correct doc	2019-08-20 11:47:14 +02:00
Szczepan Zalega	8e3753e711	Add initial STATE migration code (2)	2019-08-20 11:34:51 +02:00
Szczepan Zalega	816ca21f08	Correct writing salted hash pinHashEnc is 16 bytes, which is too small to store sha256 result.	2019-08-20 11:34:48 +02:00
Szczepan Zalega	5a448d636c	Add comments	2019-08-20 11:34:29 +02:00
Szczepan Zalega	7be0553377	Replace FIDO2 PIN storage with its hash	2019-08-20 11:34:26 +02:00
Conor Patrick	690d7c716a	move CTAPHID_STATUS_PROCESSING to after UP	2019-07-29 12:39:59 -04:00
Conor Patrick	78e3b291c2	make sure device status is set in all user presence tests	2019-07-28 22:10:56 -04:00
Conor Patrick	b47854c335	use error code PIN_AUTH_INVALID	2019-07-28 21:41:11 -04:00

1 2 3

122 Commity (fe24b9edd12692ff67c67855fefadb3259d9ad56)