OpenCellular

scottk/OpenCellular

Fork 0

mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2026-01-07 16:11:43 +00:00

Commit Graph

Author	SHA1	Message	Date
Vincent Palatin	e9a007d0e1	g: use deterministic k for individual attestation certificate ECDSA Implement the RFC 6979 to get a deterministic integer k when doing the ECDSA signing of the x.509 certificates used by U2F and particularly individual attestation mechanism, rather than using the random generator as per the original ECDSA algorithm. So the generated certs have bit-for-bit identical signatures when the content is identical. Signed-off-by: Vincent Palatin <vpalatin@chromium.org> BRANCH=cr50 BUG=b:35545754 TEST=pass U2FTest and manually dump several individual attestation certs, run the "rfc6779" console command when enabled. Change-Id: I7b73eee6d5a863aae9a7eec49db884151bad5ab4 Reviewed-on: https://chromium-review.googlesource.com/558073 Commit-Ready: Vadim Bendebury <vbendeb@chromium.org> Tested-by: Vadim Bendebury <vbendeb@chromium.org> Reviewed-by: Marius Schilder <mschilder@chromium.org> Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>	2017-08-03 19:23:22 -07:00
Vincent Palatin	3fdda8b6f1	Add U2F implementation Add the common code to support FIDO U2F (Universal second factor authentication) protocol implementation: the APDU parsing and standard commands execution, plus a few non-standard flags and hooks. The u2f.h header is the unmodified copy from the U2F v1.1 Specifications archive. Mostly copied over from the cr52 code-base. Signed-off-by: Vincent Palatin <vpalatin@chromium.org> BRANCH=cr50 BUG=b:35545754 TEST=with follow-up CLs, run U2FTest on Eve. CQ-DEPEND=CL:*390230 Change-Id: I636d4a77ea69d69b5ab18a958e58ee6fcb2476bc Reviewed-on: https://chromium-review.googlesource.com/518136 Commit-Ready: Vincent Palatin <vpalatin@chromium.org> Tested-by: Vincent Palatin <vpalatin@chromium.org> Reviewed-by: Randall Spangler <rspangler@chromium.org>	2017-06-29 10:37:40 -07:00

Author

SHA1

Message

Date

Vincent Palatin

e9a007d0e1

g: use deterministic k for individual attestation certificate ECDSA

Implement the RFC 6979 to get a deterministic integer k when doing the
ECDSA signing of the x.509 certificates used by U2F and particularly
individual attestation mechanism, rather than using the random generator
as per the original ECDSA algorithm.
So the generated certs have bit-for-bit identical signatures when the
content is identical.

Signed-off-by: Vincent Palatin <vpalatin@chromium.org>

BRANCH=cr50
BUG=b:35545754
TEST=pass U2FTest and manually dump several individual attestation certs,
run the "rfc6779" console command when enabled.

Change-Id: I7b73eee6d5a863aae9a7eec49db884151bad5ab4
Reviewed-on: https://chromium-review.googlesource.com/558073
Commit-Ready: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Marius Schilder <mschilder@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>

2017-08-03 19:23:22 -07:00

Vincent Palatin

3fdda8b6f1

Add U2F implementation

Add the common code to support FIDO U2F (Universal second factor
authentication) protocol implementation: the APDU parsing and standard
commands execution, plus a few non-standard flags and hooks.

The u2f.h header is the unmodified copy from the U2F v1.1
Specifications archive.

Mostly copied over from the cr52 code-base.

Signed-off-by: Vincent Palatin <vpalatin@chromium.org>

BRANCH=cr50
BUG=b:35545754
TEST=with follow-up CLs, run U2FTest on Eve.
CQ-DEPEND=CL:*390230

Change-Id: I636d4a77ea69d69b5ab18a958e58ee6fcb2476bc
Reviewed-on: https://chromium-review.googlesource.com/518136
Commit-Ready: Vincent Palatin <vpalatin@chromium.org>
Tested-by: Vincent Palatin <vpalatin@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>

2017-06-29 10:37:40 -07:00

2 Commits