Add support for the largeBlobKeys extension and the largeBlobs command #41
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This patch updates the ctap-types dependency to pull in support for the largeBlobKey extension and the largeBlobs command.
This patch adds support for the largeBlobKey extension to the get_info command. It also adds a config entry to be able to enable or disable the extension.
This patch adds support for the largeBlobKey extension to make_credential. This means that we have to generate a 32-bit key and store it together with the credential if requested by the platform.
This patch adds support for the largeBlobKey extension to get_assertion. This means that we have to return the key stored together with the credential if it is present and requested by the platform.
robin-nitrokey
added a commit
to Nitrokey/nitrokey-3-firmware
that referenced
this pull request
Nov 21, 2023
This patch updates fido-authenticator to add support for the largeBlobKey extension and the largeBlobs command. See the fido-authenticator PR for more information: Nitrokey/fido-authenticator#41
|
For testing, use these PRs:
You can use the following tools for testing:
Note that there is an open issue with Chrome reporting an error for writes even if the write is successful. |
Comment on lines
+101
to
+111
| trait Storage<C>: Sized { | ||
| fn read(client: &mut C, location: Location, offset: usize, length: usize) -> Result<Chunk>; | ||
|
|
||
| fn start_write(client: &mut C, offset: usize, expected_length: usize) -> Result<Self>; | ||
|
|
||
| fn extend_buffer(&mut self, client: &mut C, data: &[u8]) -> Result<usize>; | ||
|
|
||
| fn validate_checksum(&mut self, client: &mut C) -> bool; | ||
|
|
||
| fn commit(&mut self, client: &mut C, location: Location) -> Result<()>; | ||
| } |
There was a problem hiding this comment.
Do we really need a dedicated trait for that?
Can't it be just a group of free-standing functions where the implementation is selected based on the feature-flag?
No need to block merging on that since the storage will be revisited soon.
There was a problem hiding this comment.
The idea was to have two implementations, one using the Trussed core API and one using the streaming extension. The trait should make sure that both are exchangeable.
|
Indeed Chrome no longer shows an error if we send an empty response instead of a response with an empty map when writing the large-blob array: trussed-dev/ctap-types#24 |
|
This branch adds support for the streaming API: https://github.com/Nitrokey/fido-authenticator/tree/large-blobs-chunked Requirements: |
|
I’ve updated Nitrokey/nitrokey-3-firmware#385 with a maximum size of 4096 bytes for the large-blob array. It mostly works fine in the usbip simulation, but sometimes after writing a large file, there seems to be an issue with the filesystem and subsequent larger writes fail. |
sosthene-nitrokey
approved these changes
Nov 27, 2023
This patch implements the largeBlobs command for reading and writing the large-blob array. Currently, the maximum size of the total array with metadata is 1024 bytes because it has to fit in a Trussed message. The storage location can be configured by the runner.
This patch updates the credential management implementation to include the largeBlobKey if present.
If a resident credential is passed in the allowlist, we don’t deserialize the full credential. This means that we previously did not have access to the largeBlobKey in that case. Therefore, this patch adds the largeBlobKey to the StrippedCredential so that we can always access it. The downside is that this inceases the size of the credential ID. So a better alternative would be to load the full credential from the filesystem instead.
robin-nitrokey
force-pushed
the
large-blobs
branch
from
681d730 to
019a5d1
Compare
robin-nitrokey
added a commit
to Nitrokey/nitrokey-3-firmware
that referenced
this pull request
Nov 29, 2023
This patch updates fido-authenticator to add support for the largeBlobKey extension and the largeBlobs command in the test configuration over USB. See the fido-authenticator PR for more information: Nitrokey/fido-authenticator#41
robin-nitrokey
added a commit
to Nitrokey/nitrokey-3-firmware
that referenced
this pull request
Nov 29, 2023
This patch updates fido-authenticator to add support for the largeBlobKey extension and the largeBlobs command in the test configuration over USB. See the fido-authenticator PR for more information: Nitrokey/fido-authenticator#41
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This patch implements the largeBlobKeys extension and the largeBlobs command. I tried to split it up into atomic commits to make it easier to review.
Limitations:
chunkedfeature that replaces theSimpleStorageinsrc/ctap2/large_blobs.rswith aChunkedStoragethat uses the streaming extension. The implementation uses theStoragetrait to try to ensure that the implementations can be easily switched.ctap-typeshas aREALISTIC_MAX_MESSAGE_SIZEconstant (1200) and assumes that this is the maximum message size. But in fact, the max message size can be configured by the runner and is set tousbd_ctaphid::constants::MESSAGE_SIZE(3072). This does not matter at the moment because our large-blob array has at most 1024 bytes, so even the buffer based on theREALISTIC_MAX_MESSAGE_SIZEis large enough. Once we implement chunked storage, we need to add a feature flag to ctap-types to use the message size from usbd-ctaphid instead.Open issues:
Fixes: #38