Commit Graph

  • e342447aaf Fix cred leak in MC and GA main Emanuele Cesena 2026-06-07 19:26:52 -07:00
  • d9b7906d5d ctap2.3: implement ML-DSA-44 (COSE alg -50, behind mldsa44 feature) 0x0ece/mldsa Emanuele Cesena 2026-05-15 12:16:12 +02:00
  • 4bd3629b66 ctap2.3: long-touch reset (§6.11.5, §7.7) long-touch Emanuele Cesena 2026-05-23 14:04:39 -04:00
  • 4477192edb Update trussed tests Robin Krahl 2026-06-03 09:29:15 +02:00
  • 9fa9c6d1d9 Reduce number of generated tests Robin Krahl 2026-06-02 23:10:46 +02:00
  • bb39a18058 Release v0.4.0-rc.3 v0.4.0-rc.3 stack Robin Krahl 2026-06-01 17:21:08 +02:00
  • 0084256898 ctap2: refactor make_credential / get_assertion to take &mut Response Emanuele Cesena 2026-05-15 12:15:34 +02:00
  • 4c38096af6 Release v0.4.0-rc.2 v0.4.0-rc.2 credential-id-format Robin Krahl 2026-05-30 23:24:50 +02:00
  • f82effbf79 Make firmware version configurable depending on credential ID version Robin Krahl 2026-05-30 23:23:13 +02:00
  • 595629c9a5 Add CredentialIdVersion::V2 using AES-256-GCM Robin Krahl 2026-05-30 23:12:07 +02:00
  • b7becd0020 Make credential ID version configurable Robin Krahl 2026-05-30 23:03:24 +02:00
  • 804588adbc Introduce CredentialIdVersion enum Robin Krahl 2026-05-30 22:49:04 +02:00
  • 92f3642345 Add tests for signature counter Robin Krahl 2026-05-31 16:40:36 +02:00
  • 95461d90ee Increment signature counter by a random number Robin Krahl 2026-05-31 15:11:24 +02:00
  • a3ee89d091 Handle signature counter overflows Robin Krahl 2026-05-31 15:03:59 +02:00
  • 731668e87a Set initial signature counter to 1 Robin Krahl 2026-05-31 14:58:45 +02:00
  • 3187df78a8 Use explicit reset value for persistent state Robin Krahl 2026-05-31 14:55:47 +02:00
  • bafca338a2 make_credential: Increment signature counter only once Robin Krahl 2026-05-31 14:46:46 +02:00
  • 30c37bf412 Rename timestamp to signature_counter Robin Krahl 2026-05-31 14:40:56 +02:00
  • e87b61f03d Release v0.4.0-rc.1 v0.4.0-rc.1 Robin Krahl 2026-05-29 11:10:55 +02:00
  • de69cd1ffc ctap2: accept up=true on MakeCredential; LargeBlobs Set accepts both PIN protocols Emanuele Cesena 2026-05-26 17:21:05 -07:00
  • 61326c4d61 ctap2.3: Reset clears all §6.7 feature flags Emanuele Cesena 2026-05-23 14:04:39 -04:00
  • d64976c5da ctap2.3: getinfo advertises FIDO_2_3 Emanuele Cesena 2026-05-09 07:28:48 +02:00
  • e91fb4779f ctap2.3: advertise smart-card transport when CCID is enabled Emanuele Cesena 2026-05-09 07:24:14 +02:00
  • bcec723f1b ctap2.2: implement hmac-secret-mc extension at MakeCredential time Emanuele Cesena 2026-05-09 07:21:29 +02:00
  • a7e869b8c5 ctap2.1: test user field in RK allowlist GetAssertion response Emanuele Cesena 2026-05-11 19:36:23 +02:00
  • e3c79dfd85 ctap2.1: §6.5.5 PIN management — code-point validation + reject same-PIN under forcePINChange + align setPin/getPinToken error codes Emanuele Cesena 2026-05-23 15:23:36 -04:00
  • 96a96316f0 ctap2.1: alwaysUv + toggleAlwaysUv (CTAP 2.1 §6.4, §6.11.2, §7.2) — full implementation Emanuele Cesena 2026-05-23 13:21:55 -04:00
  • 3daba7d8a3 ctap2.1: setMinPINLength (§6.11.4) + minPinLength extension at MakeCredential (§10.1.2.1) Emanuele Cesena 2026-05-23 13:52:23 -04:00
  • 170017305d ctap2.1: implement setMinPINLength + minPinLength extension + forcePINChange Emanuele Cesena 2026-05-09 07:15:30 +02:00
  • dd6b9ae437 ctap2.1: add authenticatorConfig (0x0D) command and authnrCfg option Emanuele Cesena 2026-05-08 23:35:42 +02:00
  • f058bb353c get_assertion: Load full credential if allowList is passed Robin Krahl 2026-05-22 15:00:19 +02:00
  • 94c439d726 Add tests for credBlob extension Robin Krahl 2026-05-22 14:37:28 +02:00
  • fe3744990a ctap2.1: implement credBlob extension (RK only, max 32 bytes) Emanuele Cesena 2026-05-08 23:32:05 +02:00
  • d97e566631 Allow clippy::collapsible_match Robin Krahl 2026-05-22 13:14:09 +02:00
  • 01a4be28c4 ctap: getinfo advertises algorithms, firmwareVersion, remainingDiscoverableCredentials Emanuele Cesena 2026-05-08 18:01:07 +02:00
  • 250eb14d7f Update to ctap-types v0.6.0-rc.1 Robin Krahl 2026-05-21 20:48:57 +02:00
  • 9a4c76b09c Release v0.3.0 v0.3.0 Robin Krahl 2026-03-25 18:46:36 +01:00
  • 4e118bba70 Update to heapless 0.9 and trussed-core 0.2 Sosthène Guédon 2025-09-08 17:22:12 +02:00
  • d53f29a1be Release v0.2.0 v0.2.0 Robin Krahl 2025-09-02 09:38:53 +02:00
  • 1c2ac73c9a ci: Add workflow for publishing to crates.io Robin Krahl 2025-09-02 09:32:09 +02:00
  • 0aea58624f Cleanup Cargo.toml Robin Krahl 2025-08-25 09:08:53 +02:00
  • 728a9c2b97 Use Git dependencies instead of patches Robin Krahl 2025-08-25 09:03:40 +02:00
  • 4b45601c5e Merge remote-tracking branch 'nitrokey/main' Robin Krahl 2025-08-22 17:29:04 +02:00
  • 01a2653c37 Update trussed to use new virtual store Robin Krahl 2025-05-15 11:31:15 +02:00
  • cb30a2cc64 Remove usbip example Robin Krahl 2025-05-15 09:33:09 +02:00
  • 5ebb4a4830 clientPin: Support getRetries without PIN protocol Robin Krahl 2025-05-12 15:18:45 +02:00
  • 4554cb866e make_credential: Support non-discoverable credentials without PIN Robin Krahl 2025-05-07 22:15:59 +02:00
  • 223bc11eec Always reject uv = true in make_credential and get_assertion Robin Krahl 2025-05-07 21:57:44 +02:00
  • 7ff0518b68 hmac-secret: Forbid up=false Robin Krahl 2025-05-07 16:04:44 +02:00
  • 91a57756c0 tests: Use hmac-secret extension in TestGetAssertion Robin Krahl 2025-05-07 15:54:54 +02:00
  • ba17bc506c Replace core::iter::repeat(_).take(_) with core::iter::repeat_n(_, _) Robin Krahl 2025-05-06 21:48:40 +02:00
  • 8b8a773831 Reduce duplicated key generation and signing logic Robin Krahl 2024-04-24 23:33:45 +02:00
  • e21d8687fc Remove references to totp signing algorithm Robin Krahl 2024-04-24 22:58:52 +02:00
  • 443eca1787 Make credential: change the path of rks to rp_id_hash.credential_id_hash from rp_id_hash/credential_id_hash Sosthène Guédon 2024-02-02 16:19:31 +01:00
  • 6f260ea49a tests: Set opt-level to 2 Robin Krahl 2025-02-19 12:03:35 +01:00
  • fed17e9b35 tests: Remove exhaustive dependency Robin Krahl 2025-02-19 10:50:54 +01:00
  • 2c8efe16c2 tests: Inspect filesystem after test runs Robin Krahl 2025-02-18 10:46:12 +01:00
  • dfcaf94096 tests: Add getNextAssertion tests Robin Krahl 2025-02-18 10:46:12 +01:00
  • f3679b8dd5 tests: Add changePin tests Robin Krahl 2025-02-18 10:46:11 +01:00
  • fd6fc9b8a8 tests: Extend setPin tests Robin Krahl 2025-02-18 10:46:11 +01:00
  • 726ce464be tests: Add getPinRetries tests Robin Krahl 2025-02-18 10:46:11 +01:00
  • add1cebd26 tests: Extend getPinToken tests Robin Krahl 2025-02-18 10:46:11 +01:00
  • 9e4cd65e54 tests: Extend getAssertion tests Robin Krahl 2025-02-18 10:46:11 +01:00
  • 10b0334fed tests: Extend makeCredential tests Robin Krahl 2025-02-18 10:46:11 +01:00
  • 83477813bf tests: Add helper trait and use exhaustive Robin Krahl 2025-02-18 10:46:09 +01:00
  • bb80cba2c2 Fix compiler warnings Robin Krahl 2025-01-26 22:13:42 +01:00
  • d0885e1ccb Extend credential management tests Robin Krahl 2024-11-01 12:26:27 +01:00
  • c9512c7bdf Use released dependencies Robin Krahl 2025-01-08 21:56:25 +01:00
  • d61a9ac7d3 Update dependencies for trussed-core and ctaphid-app Robin Krahl 2024-12-19 22:16:03 +01:00
  • 0ac88d4cc5 Fix clippy lints Robin Krahl 2024-12-17 10:46:14 +01:00
  • 3095b8cff0 Replace EncryptedSerializedCredential with EncryptedData Robin Krahl 2024-12-12 15:56:11 +01:00
  • 63a1479387 Remove LocalPublicKeyCredential*Entity structs Robin Krahl 2024-12-02 17:57:31 +01:00
  • 5c3aa0b8af Keep old credential ID for existing credentials Robin Krahl 2024-12-02 14:17:58 +01:00
  • 86403fa9f2 Add test case for credential ID stability Robin Krahl 2024-12-02 12:01:06 +01:00
  • c145a451ef Remove cbor_serialize_message helper Robin Krahl 2024-10-24 19:35:24 +02:00
  • 5b6ae97b5f Update littlefs2 to v0.5.0 Robin Krahl 2024-10-14 16:02:52 +02:00
  • 28e0b05998 Relax cbor-smol dependency Robin Krahl 2024-10-21 21:58:43 +02:00
  • 94cb2fb0e6 Check credential limit in get_creds_metadata Robin Krahl 2024-10-24 14:54:47 +02:00
  • e9dfefd715 tests: Add credential management tests Robin Krahl 2024-10-08 15:58:25 +02:00
  • 629a75f189 Use apdu-app instead of apdu-dispatch Robin Krahl 2024-10-17 23:13:59 +02:00
  • b34fa475c0 get_assertion: Skip attStmt unless requested Robin Krahl 2024-10-02 12:07:24 +02:00
  • 25f99bea19 Update cbor-smol to 0.4.1 Robin Krahl 2024-10-08 16:00:09 +02:00
  • 125d38e1ea Fix clippy lints Robin Krahl 2024-10-02 16:17:34 +02:00
  • 0fdecc93df Merge pull request #59 from Nitrokey/serde-name-one-char sosthene-nitrokey 2024-08-01 17:08:14 +02:00
  • 58a8ca1166 Merge pull request #95 from Nitrokey/fix-delog sosthene-nitrokey 2024-08-01 16:02:13 +02:00
  • 5ee16d115f Fix delog and use ctap-types 0.3.0 Sosthène Guédon 2024-08-01 15:54:01 +02:00
  • 2113600cca Merge pull request #92 from Nitrokey/dynamic-limit sosthene-nitrokey 2024-08-01 14:56:45 +02:00
  • 0f51cb707e Fix CI Sosthène Guédon 2024-08-01 11:26:11 +02:00
  • e763a713ac Apply suggestion Sosthène Guédon 2024-08-01 11:10:49 +02:00
  • 741348fd50 Don't use estimate if block size is not available Sosthène Guédon 2024-08-01 10:49:31 +02:00
  • 4f95f963c2 Fix compilation Sosthène Guédon 2024-07-31 15:20:24 +02:00
  • 4f8e8a4bf6 Remove unnecessary conversions Sosthène Guédon 2024-07-26 11:34:24 +02:00
  • b43596f737 Fix credential count and add back hard limit Sosthène Guédon 2024-07-26 11:01:46 +02:00
  • 2d7855a17b Add dynamic estimation of remaining credential space Sosthène Guédon 2024-07-25 11:57:07 +02:00
  • 44f0299c49 Update changelog Sosthène Guédon 2024-02-19 14:57:30 +01:00
  • 1dc85d232f Serialize credential with fields names using only 1 bytes Sosthène Guédon 2024-02-12 15:39:31 +01:00
  • fd143b10a3 Merge pull request #52 from Nitrokey/pin-hash-space-opt sosthene-nitrokey 2024-07-26 16:02:21 +02:00
  • 15b1c119a1 Fix fuzzing Sosthène Guédon 2024-07-26 14:38:10 +02:00
  • 1bd615561f Apply suggestions Sosthène Guédon 2024-07-26 12:19:22 +02:00