Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unfinished: support ed25519 #74

Draft
wants to merge 17 commits into
base: master
Choose a base branch
from
Draft

Unfinished: support ed25519 #74

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
17 commits
Select commit Hold shift + click to select a range
d1eb583
compare only credId when comparing rk creds to allowList
conorpp Mar 23, 2021
189d877
Add salty to .gitmodules.
enrikb Oct 17, 2020
6c9f72b
Add Rust to travis and to the toolchain container.
enrikb Oct 17, 2020
d4ca7fc
POC: add ed25519 support based on libsodium (PC) or salty (solo).
enrikb Oct 17, 2020
1d8d72c
Bump salty to 809cdf009fa52d97adb292a8547d13c9015d6a06.
enrikb Oct 27, 2020
7afb0ea
ed25519: revert message buffer optimization.
enrikb Oct 27, 2020
3de24f4
salty: cast pointer arguments to avoid warnings.
enrikb Oct 27, 2020
5fa542c
fix make all target
Ollrogge Oct 29, 2020
afd6454
Added Path variable to Dockerfile
jdohm Jan 3, 2021
e946180
REMOVE disable 128kB build for now
szszszsz Jul 21, 2021
1346baa
REMOVE hardcode dev HWREV, and allow to flash any firmware
szszszsz Sep 15, 2021
53e3c4c
Add development-related documentation
szszszsz Nov 29, 2021
bdd7f69
Helper: show last built firmware while flashing
szszszsz Nov 29, 2021
57f0eaf
Add salty as a dependency to the main target
szszszsz Nov 29, 2021
61d252d
Docs: correct typos
szszszsz Nov 29, 2021
ee18add
remove unused sections from salty pooling at the end of firmware
conorpp Jan 30, 2021
a8da471
linker discards
conorpp Feb 3, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
ed25519: revert message buffer optimization. 
(cherry picked from commit 3ee801b)
  • Loading branch information
@enrikb @szszszsz
enrikb authored and szszszsz committed Jul 21, 2021
commit 7afb0eafdde29170dcd06b88795f35a49f68452a
18 changes: 17 additions & 1 deletion fido2/crypto.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -409,8 +409,24 @@ void crypto_ed25519_load_key(uint8_t * data, int len)
#endif
}

void crypto_ed25519_sign(uint8_t * data, int len, uint8_t * sig)
void crypto_ed25519_sign(uint8_t * data1, int len1, uint8_t * data2, int len2, uint8_t * sig)
{
// ed25519 signature APIs need the message at once (by design!) and in one
// contiguous buffer (could be changed).

// 512 is an arbitrary sanity limit, could be less
if (len1 < 0 || len2 < 0 || len1 > 512 || len2 > 512)
{
memset(sig, 0, 64); // ed25519 signature len is 64 bytes
return;
}
// XXX: dynamically sized allocation on the stack
const int len = len1 + len2; // 0 <= len <= 1024
uint8_t data[len1 + len2];

memcpy(data, data1, len1);
memcpy(data + len1, data2, len2);

#if defined(STM32L432xx)

// TODO: check that correct load_key() had been called?
Expand Down
2 changes: 1 addition & 1 deletion fido2/crypto.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ void crypto_ecc256_sign(uint8_t * data, int len, uint8_t * sig);
void crypto_ecdsa_sign(uint8_t * data, int len, uint8_t * sig, int MBEDTLS_ECP_ID);

void crypto_ed25519_derive_public_key(uint8_t * data, int len, uint8_t * x);
void crypto_ed25519_sign(uint8_t * data1, int len1, uint8_t * sig);
void crypto_ed25519_sign(uint8_t * data1, int len1, uint8_t * data2, int len2, uint8_t * sig);
void crypto_ed25519_load_key(uint8_t * data, int len);

void generate_private_key(uint8_t * data, int len, uint8_t * data2, int len2, uint8_t * privkey);
Expand Down
6 changes: 2 additions & 4 deletions fido2/ctap.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -841,9 +841,7 @@ int ctap_calculate_signature(uint8_t * data, int datalen, uint8_t * clientDataHa
// calculate attestation sig
if (alg == COSE_ALG_EDDSA)
{
// ED25519 signing needs message in one chunk
memmove(data + datalen, clientDataHash, CLIENT_DATA_HASH_SIZE);
crypto_ed25519_sign(data, datalen + CLIENT_DATA_HASH_SIZE, sigder); // not DER, just plain binary!
crypto_ed25519_sign(data, datalen, clientDataHash, CLIENT_DATA_HASH_SIZE, sigder); // not DER, just plain binary!
return 64;
}
else
Expand Down Expand Up @@ -951,7 +949,7 @@ uint8_t ctap_make_credential(CborEncoder * encoder, uint8_t * request, int lengt
CTAP_makeCredential MC;
int ret;
unsigned int i;
uint8_t auth_data_buf[310 + CLIENT_DATA_HASH_SIZE];
uint8_t auth_data_buf[310];
CTAP_credentialDescriptor * excl_cred = (CTAP_credentialDescriptor *) auth_data_buf;
uint8_t * sigbuf = auth_data_buf + 32;
uint8_t * sigder = auth_data_buf + 32 + 64;
Expand Down
4 changes: 2 additions & 2 deletions fido2/ctap.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -369,10 +369,10 @@ typedef struct


struct _getAssertionState {
// Room for both authData struct and extensions + clientDataHash for efficient ED25519 signature generation
// Room for both authData struct and extensions
struct {
CTAP_authDataHeader authData;
uint8_t extensions[80 + CLIENT_DATA_HASH_SIZE];
uint8_t extensions[80];
} __attribute__((packed)) buf;
CTAP_extensions extensions;
uint8_t clientDataHash[CLIENT_DATA_HASH_SIZE];
Expand Down