OpenCellular

scottk/OpenCellular

Fork 0

mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2026-01-16 10:01:27 +00:00

Commit Graph

Author	SHA1	Message	Date
Vincent Palatin	209f47b692	u2f: accept short APDU The ISO7816-4 standard for APDU format says the APDU header minimum size is 4 bytes (CLA, INS, P1, P2). The Lc field is absent if the command has no data. Update the size check to accept short APDU (the actual APDU len was already computed properly for this case). Signed-off-by: Vincent Palatin <vpalatin@chromium.org> BRANCH=cr50 BUG=b:72788497 TEST=adhoc Change-Id: Ic60fa51bd4746b04016c488a38fe3ae7585e9942 Reviewed-on: https://chromium-review.googlesource.com/1005345 Commit-Ready: Vincent Palatin <vpalatin@chromium.org> Tested-by: Vincent Palatin <vpalatin@chromium.org> Reviewed-by: Randall Spangler <rspangler@chromium.org> Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>	2018-04-11 04:39:07 -07:00
Vincent Palatin	e9a007d0e1	g: use deterministic k for individual attestation certificate ECDSA Implement the RFC 6979 to get a deterministic integer k when doing the ECDSA signing of the x.509 certificates used by U2F and particularly individual attestation mechanism, rather than using the random generator as per the original ECDSA algorithm. So the generated certs have bit-for-bit identical signatures when the content is identical. Signed-off-by: Vincent Palatin <vpalatin@chromium.org> BRANCH=cr50 BUG=b:35545754 TEST=pass U2FTest and manually dump several individual attestation certs, run the "rfc6779" console command when enabled. Change-Id: I7b73eee6d5a863aae9a7eec49db884151bad5ab4 Reviewed-on: https://chromium-review.googlesource.com/558073 Commit-Ready: Vadim Bendebury <vbendeb@chromium.org> Tested-by: Vadim Bendebury <vbendeb@chromium.org> Reviewed-by: Marius Schilder <mschilder@chromium.org> Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>	2017-08-03 19:23:22 -07:00
Vincent Palatin	3fdda8b6f1	Add U2F implementation Add the common code to support FIDO U2F (Universal second factor authentication) protocol implementation: the APDU parsing and standard commands execution, plus a few non-standard flags and hooks. The u2f.h header is the unmodified copy from the U2F v1.1 Specifications archive. Mostly copied over from the cr52 code-base. Signed-off-by: Vincent Palatin <vpalatin@chromium.org> BRANCH=cr50 BUG=b:35545754 TEST=with follow-up CLs, run U2FTest on Eve. CQ-DEPEND=CL:*390230 Change-Id: I636d4a77ea69d69b5ab18a958e58ee6fcb2476bc Reviewed-on: https://chromium-review.googlesource.com/518136 Commit-Ready: Vincent Palatin <vpalatin@chromium.org> Tested-by: Vincent Palatin <vpalatin@chromium.org> Reviewed-by: Randall Spangler <rspangler@chromium.org>	2017-06-29 10:37:40 -07:00

Author

SHA1

Message

Date

Vincent Palatin

209f47b692

u2f: accept short APDU

The ISO7816-4 standard for APDU format says the APDU header minimum size
is 4 bytes (CLA, INS, P1, P2). The Lc field is absent if the command has
no data.
Update the size check to accept short APDU (the actual APDU
len was already computed properly for this case).

Signed-off-by: Vincent Palatin <vpalatin@chromium.org>

BRANCH=cr50
BUG=b:72788497
TEST=adhoc

Change-Id: Ic60fa51bd4746b04016c488a38fe3ae7585e9942
Reviewed-on: https://chromium-review.googlesource.com/1005345
Commit-Ready: Vincent Palatin <vpalatin@chromium.org>
Tested-by: Vincent Palatin <vpalatin@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>

2018-04-11 04:39:07 -07:00

Vincent Palatin

e9a007d0e1

g: use deterministic k for individual attestation certificate ECDSA

Implement the RFC 6979 to get a deterministic integer k when doing the
ECDSA signing of the x.509 certificates used by U2F and particularly
individual attestation mechanism, rather than using the random generator
as per the original ECDSA algorithm.
So the generated certs have bit-for-bit identical signatures when the
content is identical.

Signed-off-by: Vincent Palatin <vpalatin@chromium.org>

BRANCH=cr50
BUG=b:35545754
TEST=pass U2FTest and manually dump several individual attestation certs,
run the "rfc6779" console command when enabled.

Change-Id: I7b73eee6d5a863aae9a7eec49db884151bad5ab4
Reviewed-on: https://chromium-review.googlesource.com/558073
Commit-Ready: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-by: Marius Schilder <mschilder@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>

2017-08-03 19:23:22 -07:00

Vincent Palatin

3fdda8b6f1

Add U2F implementation

Add the common code to support FIDO U2F (Universal second factor
authentication) protocol implementation: the APDU parsing and standard
commands execution, plus a few non-standard flags and hooks.

The u2f.h header is the unmodified copy from the U2F v1.1
Specifications archive.

Mostly copied over from the cr52 code-base.

Signed-off-by: Vincent Palatin <vpalatin@chromium.org>

BRANCH=cr50
BUG=b:35545754
TEST=with follow-up CLs, run U2FTest on Eve.
CQ-DEPEND=CL:*390230

Change-Id: I636d4a77ea69d69b5ab18a958e58ee6fcb2476bc
Reviewed-on: https://chromium-review.googlesource.com/518136
Commit-Ready: Vincent Palatin <vpalatin@chromium.org>
Tested-by: Vincent Palatin <vpalatin@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>

2017-06-29 10:37:40 -07:00

3 Commits