60bef960dc
Add extension fields to MakeCredentialsResult and GetAssertionResult
2023-09-11 09:39:09 -07:00
c6af0730d8
Add ctap2::server::AuthenticatorExtensionsClientInputs and Outputs
2023-09-11 09:39:09 -07:00
d5477d6c21
Use bitflag-contains instead of equality
2023-09-07 11:28:51 -07:00
6957fa6fe4
Send AddSuccess instead of UpdateSuccess, in case we enrolled a fingerprint with a name provided.
2023-09-07 11:28:51 -07:00
2a53e3e561
Only use cached PUAT if the permissions fit.
2023-09-07 11:28:51 -07:00
1330c04ebe
Automatically clear cached PUAT and try getting a new one, in case it is invalid.
2023-09-07 11:28:51 -07:00
dbdc97f786
Fix typo
2023-09-07 11:28:51 -07:00
2596bbda8c
Support deserialization of PublicKeyCredentialDescriptor from JSON and from CBOR.
2023-09-07 11:28:51 -07:00
651ae814ee
Return the correct CredentialExcluded error when handling CTAP1 devices
2023-08-24 15:30:50 -07:00
c556ed481f
backout auto_select feature
2023-08-24 09:17:06 -07:00
6cf178b114
Replace `!auto_select` with `silent_creds.is_empty()`
2023-08-24 09:17:06 -07:00
55a6bca36d
Improve CTAP2 support of AppID extension
2023-08-24 09:17:06 -07:00
12ae64d141
Skip device selection when useful credentials are discovered silently
2023-08-24 09:17:06 -07:00
2c5f4537c9
Separate StateMachine::init_and_select into init_device and maybe_select_device
2023-08-24 09:17:06 -07:00
3a9279a01f
Ignore errors in preflight
2023-08-24 09:11:09 -07:00
7da65ec245
Additional attestation statement formats
2023-08-23 10:54:48 -07:00
0a00a250ae
Remove webdriver feature now that it has been moved to Firefox
2023-08-23 10:54:34 -07:00
4e416bdb56
Add AuthenticatorData::to_vec
2023-08-23 10:54:15 -07:00
4efb357f9e
Rework integer<->enum conversions in crypto/mod.rs
2023-08-23 10:54:05 -07:00
08f327183a
Fix serialization of COSE RSA keys
2023-08-23 10:54:05 -07:00
28036f3706
Fix COSEKeyTypeId serialization for non-EC keys
2023-08-23 10:54:05 -07:00
d160f94e53
Remove icon field from WebAuthn PublicKeyCredentialEntitys
2023-08-21 13:10:03 -07:00
9ae06145f1
Make CheckKeyHandle members public for virtual authenticators
2023-08-21 13:09:53 -07:00
0777b0c9d4
Make COSEEC2Key::der_spki public for WebAuthn getPublicKey methods
2023-08-16 12:01:47 -07:00
406aca420d
Call callback from a central place when determining puap.
2023-08-16 12:01:36 -07:00
d0d8d7d0cb
Add anonymize method to AttestationObject
2023-08-15 13:26:00 -07:00
2ed7fcc7cf
Use AttestationObject in MakeCredentialsResult
2023-08-15 13:26:00 -07:00
bda39d6a10
Separate serialization routines for AttestationObject and MakeCredentialsResult
2023-08-15 13:26:00 -07:00
d755f8bcf4
Implement InteractiveRequest::Quit to be able to cleanly stop managing
2023-08-15 13:03:09 -07:00
a1f047efd1
Don't error out if a bioEnrollment response field is missing that is not reported for bioEnrollmentPreview
2023-08-15 13:03:09 -07:00
6d03262e7c
Handle pinuv-crypto errors and do not show UpdateUser as an option for 2.1_PRE-devices
2023-08-15 13:03:09 -07:00
6f7a57e69f
Send PUAT back and forth to avoid multiple PIN-requests for the user when doing management-operations
2023-08-15 13:03:09 -07:00
99e5930009
Implement (and fix) all possible operations for CredManagement and BioEnrollment to interactive-example
2023-08-15 13:03:09 -07:00
7e6c9bf403
Try to fix clippy warnings
2023-08-15 13:03:09 -07:00
8b22954b47
Remove getter/setter of pin from Commands and replace it by top-level variable
2023-08-15 13:03:09 -07:00
27a36cc0db
Make timeout optional for BioEnrollment
2023-08-15 13:03:09 -07:00
e56bbe73d5
AuthConfig: Move check for skipping UV into the appropriate function
2023-08-15 13:03:09 -07:00
b4e5ec26e5
Remove 'regenerate_puap()' from CredentialManagement
2023-08-15 13:03:09 -07:00
046b3e18b8
Accept unknown values for LastEnrollmentSampleStatus et al.
2023-08-15 13:03:09 -07:00
47d82fdc64
Fix wrong copy&paste comments and do not copy large_blob_keys
2023-08-15 13:03:09 -07:00
c5c90dee1f
Implement FingerprintSensorInfo
2023-08-15 13:03:09 -07:00
94e1f9c649
Avoid using ByteBuf in CredentialManagement
2023-08-15 13:03:09 -07:00
d4de362bb1
Remove 'regenerate_puap()' from BioEnrollment
2023-08-15 13:03:09 -07:00
df33cc3ee7
Remove serde_repr and don't expose ByteBuf to users in BioEnrollment
2023-08-15 13:03:09 -07:00
cb1b6a2a22
Remove VendorPrototype
2023-08-15 13:03:09 -07:00
79bd444b51
Remove Request<T>-trait
2023-08-15 13:03:09 -07:00
5235c019dd
Implement AuthenticatorConfig, CredentialManagement and BioEnrollment
2023-08-15 13:03:09 -07:00
3f98470f1d
Upgrade base64 to 0.21
2023-08-09 08:36:34 -07:00
fdf2492ecb
Remove UnsupportedOption::HmacSecret
2023-08-01 13:59:06 -07:00
1f986e79ff
Ignore HMAC Secret extension if not supported
2023-08-01 13:59:06 -07:00
33f75ed00a
CTAP 2.0 does not always require UV in MakeCredentials
2023-08-01 10:25:58 -07:00
0bdc9c12fd
Export StateMachine for custom implementations of Manager
2023-06-20 14:19:14 -07:00
2f48fdd262
Make pin token commands user-cancellable
2023-06-20 14:19:14 -07:00
408cfbe74d
Add client pin serialization tests
2023-06-20 14:19:14 -07:00
94db1bed4f
Use Bytes::new(&[u8]) in serialization instead of storing ByteBufs
2023-06-20 14:19:14 -07:00
9a9f483b1e
Allow manual construction of attestation objects
2023-06-16 13:00:10 -07:00
b55d51bd38
Fix dead code warnings
2023-06-14 13:51:40 -07:00
1db6dd29b0
Allow COSEAlgorithm::ECDH_ES_HKDF256 in COSEKey::generate
2023-06-14 13:51:40 -07:00
e37aa7fc64
Allow trailing data in der_expect_tag_with_short_len
2023-06-14 13:51:40 -07:00
c1af962fd2
Add support for ECDSA over P256 using NSS
2023-06-14 13:51:40 -07:00
8947b15140
Type visibility changes for virtual authenticators
2023-06-14 12:13:28 -07:00
22e2234408
Remove Nonce type
2023-06-14 12:13:28 -07:00
02efc6c3d4
Remove EncryptedPinToken type
2023-06-14 12:13:28 -07:00
0ef3b24501
Unify Output type of ClientPINSubCommands
2023-06-12 14:40:04 -07:00
e80fd1efe2
Add VirtualFidoDevice and send_to_virtual_device
2023-06-12 14:40:04 -07:00
fa02ffe1bd
Factor FidoDeviceIO trait out of FidoDevice
...
This allows us to provide transport-specific default implementations of
`send_msg_cancellable`. The previous approach exposed some HID-specific
abstractions through the abstract FidoDevice trait.
2023-06-12 14:40:04 -07:00
10d27db357
Add FidoDevice::get_protocol and downgrade_to_ctap1
2023-06-08 09:18:16 -07:00
897f15a40b
Fix #274 : Select a reasonable default pin protocol when pinUvAuthProtocols is absent from GetInfo response
2023-06-07 16:02:58 -07:00
c19a3ea625
Move get/set_device_info to HIDDevice and remove U2FDeviceInfo status updates
2023-06-02 10:39:09 -07:00
b444f325d9
Allow long CTAPHID_INIT responses
2023-06-01 14:51:31 -07:00
9f1b3acdbb
Merge branch 'msirringhaus-drop_nom' into ctap2-2021
2023-06-01 12:26:47 -07:00
5d0ae37b24
Decouple the abstract FidoDevice trait from HIDDevice and U2FDevice
2023-06-01 12:10:40 -07:00
09acd61b40
Remove nom
2023-06-01 09:40:29 +02:00
3df0a9990d
Move protocol logic out of StateMachine
2023-05-31 08:55:47 -07:00
e0ff05139f
Add LoongArch64 support
2023-05-30 21:35:25 -07:00
c2ee0f7b71
Export AuthenticatorService::add_transport
2023-05-26 12:42:51 -07:00
2da9e9912e
Don't assume CTAP2 support based on CBOR capability
...
The CBOR capability flag isn't a reliable indicator of CTAP2 support, as
some CTAP1-only authenticators mistakenly set reserved capability flags.
With this patch, we assume we're talking to a CTAP1 authenticator until
we succeed in an authenticatorGetInfo query.
2023-05-15 12:01:11 -07:00
1aaf0540ff
Add StatusUpdate::PresenceRequired
2023-05-15 11:59:31 -07:00
e5e9fdc86d
Avoid dropping reserved / unknown authenticator data flags
2023-05-12 09:33:02 -07:00
ca60b4d95b
Merge remote-tracking branch 'upstream/ctap2-2021' into preflight
2023-05-10 14:41:09 +02:00
42a9907ee5
Adressing feedback
2023-05-10 14:24:32 +02:00
99b4720606
Expose AuthenticatorError::CredentialExcluded in public API
2023-05-08 11:09:33 -07:00
c5d69d976a
Send SelectDeviceNotice status in response to DeviceCommand::Blink
2023-05-01 15:27:38 -07:00
2f96e0be64
Remove HIDDevice::clone_device_as_write_only
2023-05-01 15:27:38 -07:00
cb44fd3918
Add interactive token management functionality
2023-05-01 09:24:51 -07:00
09e234193d
Add additional filtering step, if the device specifies a max. key-id lenght
2023-04-27 09:04:36 +02:00
90bf561bb3
Fix clippy warnings
2023-04-27 09:02:49 +02:00
98a5d46ea4
Add GetAssertion pre-flight test for CTAP2
2023-04-27 09:02:49 +02:00
ff92c5cafc
Fix GetAssertion-tests
2023-04-27 09:02:49 +02:00
bb8cac3100
Deduplicate CTAP1 pre-flight code
2023-04-27 09:02:46 +02:00
6f8a129063
Implement pre-flight for CTAP2
2023-04-27 09:01:19 +02:00
ebcfdd2b60
Move pre-flight of CTAP1 to its own file
2023-04-27 08:53:04 +02:00
4845e4869d
Remove status update serialization
2023-04-26 10:13:22 -07:00
07037b767c
Set uv=true when required in a skip_uv edge case
2023-04-26 10:13:09 -07:00
e9fcbb0847
Rename UnsupportedOption::AllowList as UnsupportedOption::EmptyAllowList
2023-04-26 10:13:09 -07:00
719781fb50
Remove PinUvAuthCommand::get_uv_option
2023-04-26 10:13:09 -07:00
a8a21d2aca
Limit the use of set_uv_option
2023-04-26 10:13:09 -07:00
7688ba87e9
Improve handling of MakeCredentialOptions and GetAssertionOptions
2023-04-26 10:13:09 -07:00
eb6772d245
Pass uv requirement through to get_pin_auth_param
2023-04-26 10:13:09 -07:00
4cfd0668e7
Make Required/Preferred/Discouraged arguments explicit
2023-04-26 10:13:09 -07:00
John M. Schanck
Martin Sirringhaus
Mike Hommey
Martin Sirringhaus
Zhao Jiazhong