22 Commits

Author SHA1 Message Date
Robin Krahl bb39a18058 Release v0.4.0-rc.3 2026-06-01 17:38:10 +02:00
Emanuele Cesena 0084256898 ctap2: refactor make_credential / get_assertion to take &mut Response 2026-06-01 17:38:06 +02:00
Robin Krahl f82effbf79 Make firmware version configurable depending on credential ID version 2026-06-01 13:26:07 +02:00
Robin Krahl 595629c9a5 Add CredentialIdVersion::V2 using AES-256-GCM 2026-06-01 13:26:02 +02:00
Robin Krahl b7becd0020 Make credential ID version configurable
This patch adds the credential_id_version field to Config, making it
possible to select the credential ID version for new credentials. To
avoid invalidating existing credentials, this value is only used on the
first boot or after a factory reset.
2026-06-01 13:18:44 +02:00
Emanuele Cesena d64976c5da ctap2.3: getinfo advertises FIDO_2_3 2026-05-28 22:56:08 +02:00
Emanuele Cesena e91fb4779f ctap2.3: advertise smart-card transport when CCID is enabled 2026-05-28 22:07:03 +02:00
Emanuele Cesena dd6b9ae437 ctap2.1: add authenticatorConfig (0x0D) command and authnrCfg option 2026-05-28 19:02:17 +02:00
Emanuele Cesena 01a4be28c4 ctap: getinfo advertises algorithms, firmwareVersion, remainingDiscoverableCredentials 2026-05-22 13:08:44 +02:00
Robin Krahl 250eb14d7f Update to ctap-types v0.6.0-rc.1 2026-05-22 13:08:38 +02:00
Sosthène Guédon 4e118bba70 Update to heapless 0.9 and trussed-core 0.2 2026-03-25 18:34:39 +01:00
Robin Krahl 5ebb4a4830 clientPin: Support getRetries without PIN protocol
This fixes compatibility with CTAP 2.1.

Fixes: https://github.com/Nitrokey/fido-authenticator/issues/118
2025-05-12 17:42:26 +02:00
Robin Krahl c9512c7bdf Use released dependencies 2025-01-13 10:42:44 +01:00
Robin Krahl d61a9ac7d3 Update dependencies for trussed-core and ctaphid-app 2025-01-08 11:28:43 +01:00
Robin Krahl 3095b8cff0 Replace EncryptedSerializedCredential with EncryptedData
Previously, EncryptedSerializedCredential was a wrapper for
trussed::api::reply::Encrypt.  As we whave removed the serde trait
implementations for the Trussed request and reply structs, this patch
replaces the EncryptedSerializedCredential struct with the new
trussed_core::types::EncryptedData helper type.

See also: https://github.com/trussed-dev/trussed/issues/183
2024-12-17 10:37:44 +01:00
Robin Krahl 5b6ae97b5f Update littlefs2 to v0.5.0 2024-10-25 11:33:31 +02:00
Sosthène Guédon 5ee16d115f Fix delog and use ctap-types 0.3.0 2024-08-01 15:57:33 +02:00
Sosthène Guédon 4f95f963c2 Fix compilation 2024-07-31 15:20:24 +02:00
Sosthène Guédon 2d7855a17b Add dynamic estimation of remaining credential space 2024-07-31 15:09:52 +02:00
Sosthène Guédon 15b1c119a1 Fix fuzzing 2024-07-26 14:38:10 +02:00
Robin Krahl f10cb70941 Support attestation format preference in make_credential 2024-06-27 12:50:58 +02:00
Robin Krahl df9f2def54 Add ctap fuzz target
This fuzz target sends a sequence of arbitrary CTAP1 or CTAP2 requests
to the authenticator.
2024-06-27 11:51:49 +02:00