Pol Henarejos
|
174241c0a0
|
Fix generating random IV on credential creation.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-28 11:52:48 +02:00 |
|
Pol Henarejos
|
fa17d5c906
|
Fix increasing sign counter.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-27 22:36:19 +02:00 |
|
Pol Henarejos
|
7a4be766bc
|
Comparing appId with bogus apps.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-27 22:10:31 +02:00 |
|
Pol Henarejos
|
1835afe54a
|
Fix making new credential when up is absent.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-27 22:10:11 +02:00 |
|
Pol Henarejos
|
ad07052e6a
|
PIN protocol 2 fixes.
Tested with Webauthn.io
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-27 22:09:46 +02:00 |
|
Pol Henarejos
|
da577b8e8d
|
Debug all CBOR.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-27 22:09:25 +02:00 |
|
Pol Henarejos
|
0ec563c8de
|
Adding authenticatorSelection 0x0B support.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-27 12:24:22 +02:00 |
|
Pol Henarejos
|
d4b7bfd6cc
|
Fix generating cert dev.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-27 12:24:02 +02:00 |
|
Pol Henarejos
|
995870d77e
|
Moving some defines.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-27 12:23:43 +02:00 |
|
Pol Henarejos
|
109cd4e4ea
|
Upgrading to Version 2.0
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-25 18:15:59 +02:00 |
|
Pol Henarejos
|
4fd9e80e92
|
Adding credProtect on getinfo.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-25 18:13:03 +02:00 |
|
Pol Henarejos
|
01a3c0c60e
|
Adding firmware field on getinfo.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-25 18:12:19 +02:00 |
|
Pol Henarejos
|
48f358cb19
|
Adding default options on make cred.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-25 18:09:46 +02:00 |
|
Pol Henarejos
|
074dd80afe
|
Adding support of credProtect on excludeList when make cred.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-23 18:49:12 +02:00 |
|
Pol Henarejos
|
9cbb53716b
|
Fix return errors.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-23 18:29:23 +02:00 |
|
Pol Henarejos
|
7a6b8a6af4
|
Added size check.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-23 18:20:39 +02:00 |
|
Pol Henarejos
|
eb318bc381
|
Return error on bad CLA.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-23 18:13:01 +02:00 |
|
Pol Henarejos
|
0e4532a22c
|
Adding check UP if not provided.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-23 18:07:16 +02:00 |
|
Pol Henarejos
|
bfc82d5de4
|
Reset must be confirmed always.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-23 18:07:05 +02:00 |
|
Pol Henarejos
|
d558941311
|
Credentials now include a flag to mark whether they are resident or not.
It is used by get assertion to attach userId, regardless allowList is present.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-23 17:30:18 +02:00 |
|
Pol Henarejos
|
9fa2c5d39c
|
Display more debug info on error.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-23 17:29:22 +02:00 |
|
Pol Henarejos
|
cd66e65b9c
|
Adding ENABLE_POWER_RESET to enable power cycle for reset command. Enabled by default.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-23 16:46:16 +02:00 |
|
Pol Henarejos
|
a165d286af
|
Fix returning errors on hmac-secret.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-23 15:17:46 +02:00 |
|
Pol Henarejos
|
9bf40e69af
|
Fix parsing hmac_secret on assertion.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-23 12:03:18 +02:00 |
|
Pol Henarejos
|
71564e0c79
|
Fix concurrency when loading FIDO.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-23 11:41:28 +02:00 |
|
Pol Henarejos
|
be68d5516f
|
Making assertion for U2F.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-23 11:41:07 +02:00 |
|
Pol Henarejos
|
2c4c618e3b
|
Loading credential if it belongs to U2F.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-23 11:40:39 +02:00 |
|
Pol Henarejos
|
dd4b52faf3
|
Fix authenticating MSG from CTAP2 and U2F.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-23 11:03:13 +02:00 |
|
Pol Henarejos
|
e94f6843e5
|
Adding cmake option ENABLE_UP_BUTTON to enable/disable user presence confirmation via button. Enabled by default.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-23 09:21:32 +02:00 |
|
Pol Henarejos
|
cbfe66e89b
|
Not necessary scan on every call.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-22 23:56:48 +02:00 |
|
Pol Henarejos
|
883c5fef35
|
Removing debugs.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-22 23:54:11 +02:00 |
|
Pol Henarejos
|
40110ad602
|
Fix generating dev cert.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-22 22:52:23 +02:00 |
|
Pol Henarejos
|
61b10b7971
|
Fix get sign counter.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-22 22:52:10 +02:00 |
|
Pol Henarejos
|
2d496fd8fc
|
Random functions shall be called for each core, otherwise it will hung.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-22 20:18:05 +02:00 |
|
Pol Henarejos
|
cc373e3e7e
|
Adding send_keepalive().
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-22 19:25:52 +02:00 |
|
Pol Henarejos
|
4360ab0375
|
Device key must not be persistent across resets.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-22 19:25:44 +02:00 |
|
Pol Henarejos
|
73c846e985
|
Credentials are reset on reset, as the device key also changes.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-22 19:25:26 +02:00 |
|
Pol Henarejos
|
d95bc1aba6
|
Reset shall call for user presence and can only be called within the 10 seconds from boot.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-22 19:25:04 +02:00 |
|
Pol Henarejos
|
2d5fffedb9
|
Fix resetting pin mismatches.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-22 19:24:28 +02:00 |
|
Pol Henarejos
|
f045ec8d03
|
card_init_core1() shall be called from every thread launched on core1.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-22 19:24:07 +02:00 |
|
Pol Henarejos
|
e0d8ce7637
|
Fix encoding credential.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-22 10:24:38 +02:00 |
|
Pol Henarejos
|
86e3c960a4
|
Fix when no pin is provided.
6.1.3.7.1 is too ambiguous on uv == false. We also accept that is not provided.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-22 10:00:06 +02:00 |
|
Pol Henarejos
|
864965c1fe
|
Fix verying when no paut is in use.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-22 09:59:17 +02:00 |
|
Pol Henarejos
|
3b25eb295c
|
Fix get assertion.
Credentials must be sorted in descending order.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-22 09:30:13 +02:00 |
|
Pol Henarejos
|
226fcc5405
|
Fixing next get assertion.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-21 23:44:47 +02:00 |
|
Pol Henarejos
|
5625e0dacd
|
Adding preliminary support for get next assertion.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-21 20:02:19 +02:00 |
|
Pol Henarejos
|
cf206bf158
|
Credentials CANNOT be regenerated, as they depend on random IV.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-21 19:53:36 +02:00 |
|
Pol Henarejos
|
a44227db52
|
Fix encoding extensions.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-21 19:53:11 +02:00 |
|
Pol Henarejos
|
4ab898378a
|
More fixes
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-21 16:30:49 +02:00 |
|
Pol Henarejos
|
99fc76a385
|
Finalizing get assertion.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-21 14:29:28 +02:00 |
|
Pol Henarejos
|
f71624f489
|
More steps.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-21 00:00:51 +02:00 |
|
Pol Henarejos
|
08c3c3344c
|
Moving up and uv flags to paut.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-21 00:00:25 +02:00 |
|
Pol Henarejos
|
804970e77a
|
Using extensions and fixing up and uv flags.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-21 00:00:10 +02:00 |
|
Pol Henarejos
|
c938d47bf7
|
Adding extensions struct.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-20 23:59:52 +02:00 |
|
Pol Henarejos
|
22a2ea109e
|
Adding unfinished get_assertion.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-20 20:04:54 +02:00 |
|
Pol Henarejos
|
3a3ec97c90
|
Fix saving creds.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-20 19:56:20 +02:00 |
|
Pol Henarejos
|
8a379d9702
|
Adding Credential manager.
Also adding resident credentials.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-20 19:50:33 +02:00 |
|
Pol Henarejos
|
72ebb2b596
|
Adding Credential management.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-20 17:31:09 +02:00 |
|
Pol Henarejos
|
3dc7af05c1
|
More fixes.
|
2022-09-20 15:07:48 +02:00 |
|
Pol Henarejos
|
a3c60f762d
|
Reorganizing core0/core1 split.
Now CBOR and APDU (i.e., intensive processing) areas are executed on core1, while core0 is dedicated for hardware tasks (usb, button, led, etc.).
|
2022-09-20 14:39:59 +02:00 |
|
Pol Henarejos
|
8feac76a73
|
If user has introduced PIN, it is verified.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-20 11:50:45 +02:00 |
|
Pol Henarejos
|
f439b85de7
|
clientPIN passes the first test.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-20 11:38:59 +02:00 |
|
Pol Henarejos
|
ee8f3a0965
|
Adding support for clientPIN.
It does not pass the tests yet.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-19 17:20:52 +02:00 |
|
Pol Henarejos
|
199091e2b9
|
Adding file debug.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-19 17:20:10 +02:00 |
|
Pol Henarejos
|
24f48e33bb
|
Reset nows flushes the memory storage.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-19 17:20:00 +02:00 |
|
Pol Henarejos
|
479aae2ef9
|
Adding support for CTAP_2_0 and minPINlength.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-19 17:19:45 +02:00 |
|
Pol Henarejos
|
fd7da11931
|
More fixes. Finally it passes all tests.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-16 17:13:26 +02:00 |
|
Pol Henarejos
|
a80247ffa2
|
Check required parameters in excludeList.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-16 16:27:56 +02:00 |
|
Pol Henarejos
|
c9c10eca36
|
Fix excludeList parsing.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-16 16:23:27 +02:00 |
|
Pol Henarejos
|
11642fe0a3
|
Fixes with missing parameters.
Up should not be present.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-16 15:59:20 +02:00 |
|
Pol Henarejos
|
a9cb5ee87c
|
More fixes.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-16 12:06:54 +02:00 |
|
Pol Henarejos
|
2c6b14822e
|
Fixed many bugs. It works.
This is the first commit that passes *some* tests.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-16 11:19:54 +02:00 |
|
Pol Henarejos
|
aa15ad471b
|
Fix order of items.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-16 11:19:08 +02:00 |
|
Pol Henarejos
|
20038b1586
|
Lots of efforts for make_Credential.
It DOES NOT pass tests yet.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-16 00:50:19 +02:00 |
|
Pol Henarejos
|
5da2af2c34
|
Accepting curves for key_derivation as a parameter.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-16 00:49:59 +02:00 |
|
Pol Henarejos
|
9b49d39ccc
|
Scan files at the beginning.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-16 00:49:25 +02:00 |
|
Pol Henarejos
|
84a91fcbda
|
Adding known apps.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-16 00:48:58 +02:00 |
|
Pol Henarejos
|
3873303309
|
Refactor CTAP2 file structure.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-15 14:16:12 +02:00 |
|
Pol Henarejos
|
1fc8b599ec
|
Fix returned version.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-12 00:47:46 +02:00 |
|
Pol Henarejos
|
4c8242f4c8
|
Moving CBOR to HID.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-08 20:37:33 +02:00 |
|
Pol Henarejos
|
e9ab270dc3
|
Using new CTAP header.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-08 17:50:16 +02:00 |
|
Pol Henarejos
|
73f88b6882
|
Moving from U2F to CTAP1.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-08 17:35:56 +02:00 |
|
Pol Henarejos
|
7ae80ab688
|
Upgrade to v1.2
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-08 16:54:52 +02:00 |
|
Pol Henarejos
|
573cb15e69
|
Replace some constants with defines.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-08 14:00:05 +02:00 |
|
Pol Henarejos
|
a1db7ec1ea
|
Add length check.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-08 13:51:15 +02:00 |
|
Pol Henarejos
|
6025030d58
|
Moving from HSM SDK to here.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-08 13:50:47 +02:00 |
|
Pol Henarejos
|
b178b139fb
|
Added user presence flag and global counter on authentication.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-07 20:03:34 +02:00 |
|
Pol Henarejos
|
8a139e70b7
|
Fix verifying key handle.
Now it works in Firefox!
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-06 21:47:13 +02:00 |
|
Pol Henarejos
|
dda5c25e85
|
Fix computing HMAC of key path.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-06 21:35:23 +02:00 |
|
Pol Henarejos
|
046706058d
|
Added support for user enforcement and key check (P1 0x07, 0x03 and 0x08).
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-06 16:54:12 +02:00 |
|
Pol Henarejos
|
694ab2cf87
|
Fix authentication key_path.
Also adding key parameter for key derivation as optional.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-06 16:53:39 +02:00 |
|
Pol Henarejos
|
6e56874d3e
|
Adding test user presence on authentication.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-06 16:30:01 +02:00 |
|
Pol Henarejos
|
19dce60d76
|
It requires user to press the button for confirming registration.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-06 16:24:38 +02:00 |
|
Pol Henarejos
|
9bf20175be
|
Adding routine for pressing button to test required user presence.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-06 16:24:21 +02:00 |
|
Pol Henarejos
|
f7a6ee1a37
|
Adding msg version.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-05 17:30:17 +02:00 |
|
Pol Henarejos
|
7ca445a4ca
|
Adding version file.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-05 17:05:33 +02:00 |
|
Pol Henarejos
|
cf68a6b61f
|
Adding msg authenticate.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-05 16:48:18 +02:00 |
|
Pol Henarejos
|
888a1c92c5
|
Fix returning APDU.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-05 16:48:01 +02:00 |
|
Pol Henarejos
|
23a9d2de76
|
Add file last entry.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-05 14:40:31 +02:00 |
|
Pol Henarejos
|
0024b0728b
|
Create DEV CERT if not found.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-05 14:40:12 +02:00 |
|
Pol Henarejos
|
7816f2b588
|
Added msg_register procedure.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-05 11:31:22 +02:00 |
|
Pol Henarejos
|
99f0cb021a
|
At this moment, no MKEK is necessary.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-05 11:30:58 +02:00 |
|
Pol Henarejos
|
ed0a798f63
|
Instead of generating a new keypair, all keys are derived from the master key.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-05 11:30:49 +02:00 |
|
Pol Henarejos
|
65b14960ce
|
Adding MKEK generation on first scan.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-02 18:36:14 +02:00 |
|
Pol Henarejos
|
854c0d6225
|
Adding REGISTER support. NOT WORKING.
It is preliminary. It does not work.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
|
2022-09-02 18:17:48 +02:00 |
|
Pol Henarejos
|
52fa1a6ff5
|
First commit of fido app.
|
2022-09-02 18:02:46 +02:00 |
|