This patch moves the key generation and signing logic into the
SigningAlgorithm enum, removing some duplicated code from the ctap2 and
ctap2::credential_management modules.
The goal is to make credential storage more efficient, by making use of littlefs's
ability to inline file contents into the directory metadata when the file is small.
Previously, EncryptedSerializedCredential was a wrapper for
trussed::api::reply::Encrypt. As we whave removed the serde trait
implementations for the Trussed request and reply structs, this patch
replaces the EncryptedSerializedCredential struct with the new
trussed_core::types::EncryptedData helper type.
See also: https://github.com/trussed-dev/trussed/issues/183
To simplify the Rp and User types introduced in the last commit and to
reduce code duplication, this patch removes the
LocalPublicKeyCredential*Entity types. Instead the Rp and User types
always store a PublicKeyCredential*Entity together with the
serialization format.
In #59, we changed the format for serialized credentials to use shorter
field names for the RP and user entities. This has an unintended side
effect: For non-discoverable credentials that were generated with older
crate versions, the stripped data embedded into the credential ID
includes the RP and user. If we change their serialization format, we
also change these credential IDs.
We already supported deserializing both formats using a serde alias.
This patch introduces helper enums that deserialize both formats using a
custom Deserialize implementation and keep track of the used format.
This format is then also used for serialization (using serde’s untagged
mechanism that is not available for deserialization in no-std contexts).
https://github.com/Nitrokey/fido-authenticator/pull/59
Fixes: https://github.com/Nitrokey/fido-authenticator/issues/111
This patch adds a test case that ensures that the calculated credential
ID for a credential that was created using the old (unstripped) format
is the same as the one generated originally. Otherwise, the platform or
the RP could reject assertions because of a changed credential ID.
The cbor_serialize_message helper mixed re-exports of cbor-smol from
trussed and ctap-types. This can be problematic if both select
different versions. It could be fixed by keeping both in sync, but to
avoid this problem entirely, we can also just use cbor_serialize_bytes
from Trussed directly.
We have two limits for the credential count: a fixed limit determined
by the configuration and an estimated limit based on the remaining
filesystem size. When creating a new credential, we check both. But
previously we only returned the estimated limit from get_creds_metadata.
This patch adds the fixed limit to get_creds_metadata.
For makeCredential, a missing attestation format preference list
means that we should use the default format (packed). For getAssertion,
it means that we should skip the attestation statement entirely.
Previously, we implemented the makeCredential algorithm for both cases.
This caused an incompatibility with firefox because it fails on
unexpected fields in the response (in this case, the attestation
statement). This patch fixes this issue and applies the correct default
for getAssertion requests.
Fixes: https://github.com/Nitrokey/fido-authenticator/issues/98
