Skip to content

Commit 12e4b45

Browse files
msirringhausmsirringhaus
authored
Switch virt device to RAM only and use message passing to allow for state to be kept across device lifetime (#150)
### Commit 1: Since the callback structure of nitrokeys/trusseds firmware makes it hard to have a 'normal' device, that can handle more than one consecutive requests without losing state, and after banging my head against this for quite some time, I opted for a rather blunt, but hopefully effective (enough) solution: Simple message passing. Now the callback-function is started in its own thread and requests+responses are passed back and forth via normal channels. I also removed the filesystem storage and went back to RAM storage only. This way, it should be possible to have multiple devices in parallel without any interference. As long as the device object lives, state is kept and things like "establishing shared secret, getting pinUvAuthToken, then doing the request" work, as the device is not reset between each request. I added a rudimentary test-battery for PRF, demonstrating that this can now be done. I also added a few more dev-dependencies to allow for better usage/debugging of this virtual device. With these, it is possible to show logging from the virtual fido-authenticator in the end2end-tests. ### Commit 2: Renaming `TestChannel` to `MockChannel` (which I think explains better what it is) and moving the file out of `src/tests/`. I realized this would be very confusing, as in there are only tests that use the virtual device and not the `MockChannel`. So now we have two testing transports under `src/transports/`, namely `virt` and `mock`, which hopefully is a bit more self-explanatory. ### Commit 3: Add tests for preflight, to show how testing individual functions could look like with the virtual device ### Commit 4: Also test UvUpdate-calls in PRF tests. I found two bugs while doing that: PresenceRequired was not sent, if certain pinUvAuth-methods were used. PresenceRequired was sometimes sent, even if the platform errors out when calculating HMACs.
1 parent 6bfea1f commit 12e4b45

File tree

13 files changed

+1161
-120
lines changed

13 files changed

+1161
-120
lines changed

libwebauthn/Cargo.lock

Lines changed: 113 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

libwebauthn/Cargo.toml

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -77,12 +77,16 @@ qrcode = "0.14.1"
7777
# on fido-authenticator.
7878
ctaphid-dispatch = { version = "0.3" }
7979
ctaphid = { version = "0.3.1", default-features = false }
80-
fido-authenticator = { git = "https://github.com/Nitrokey/fido-authenticator.git",tag = "v0.1.1-nitrokey.27", features = ["dispatch"] }
80+
fido-authenticator = { git = "https://github.com/Nitrokey/fido-authenticator.git",tag = "v0.1.1-nitrokey.27", features = ["dispatch", "log-all"] }
8181
littlefs2 = { version = "0.6.0" }
8282
trussed = { version = "0.1", features = ["virt"] }
8383
trussed-staging = { version = "0.3.0", features = ["chunked", "hkdf", "virt", "fs-info"] }
8484
interchange = { version = "0.3.0" }
8585
tempfile = { version = "3.21" }
86+
# For turning on logging in fido-authenticator
87+
delog = { version = "0.1", features = ["std-log"]}
88+
# For turning on logging in unittests
89+
test-log = { version = "0.2" }
8690

8791
# The trussed ecosystem is currently a bit messy, so we have to do some patching of the versions
8892
[patch.crates-io]

0 commit comments

Comments
 (0)