Skip to content

Commit

Permalink
Use apdu-app instead of apdu-dispatch
Browse files Browse the repository at this point in the history
  • Loading branch information
robin-nitrokey committed Oct 21, 2024
1 parent 1b9c486 commit 93f54e9
Show file tree
Hide file tree
Showing 3 changed files with 47 additions and 45 deletions.
34 changes: 20 additions & 14 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

7 changes: 3 additions & 4 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -19,9 +19,10 @@ serde = { version = "1.0", default-features = false }
serde-indexed = "0.1.0"
serde_bytes = { version = "0.11.10", default-features = false, features=["alloc"] }
generic-array = "0.14.3"
ctap-types = "0.3"
ctap-types = "0.3.1"
ctaphid-dispatch = "0.1"
apdu-dispatch = "0.1"
apdu-app = "0.1"
iso7816 = "0.1"

trussed = "0.1.0"
pretty_env_logger = { version = "0.4.0", optional = true }
Expand Down Expand Up @@ -104,8 +105,6 @@ fido-authenticator = { git = "https://github.com/Nitrokey/fido-authenticator.git
cbor-smol = { git = "https://github.com/Nitrokey/cbor-smol.git", tag = "v0.4.0-nitrokey.4"}

# unreleased upstream changes
apdu-dispatch = { git = "https://github.com/trussed-dev/apdu-dispatch.git", rev = "915fc237103fcecc29d0f0b73391f19abf6576de" }
iso7816 = { git = "https://github.com/Nitrokey/iso7816.git", tag = "v0.1.1-nitrokey.1" }
littlefs2 = { git = "https://github.com/sosthene-nitrokey/littlefs2.git", rev = "2b45a7559ff44260c6dd693e4cb61f54ae5efc53" }
trussed = { git = "https://github.com/trussed-dev/trussed.git", rev = "b548d379dcbd67d29453d94847b7bc33ae92e673" }
usbd-ctaphid = { git = "https://github.com/Nitrokey/usbd-ctaphid", tag = "v0.1.0-nitrokey.1" }
Expand Down
51 changes: 24 additions & 27 deletions src/lib/ctap_app.rs
Original file line number Diff line number Diff line change
@@ -1,35 +1,30 @@
use crate::commands::WebcryptTrussedClient;
use apdu_dispatch::app as apdu;
use apdu_dispatch::app::Interface;
use apdu_dispatch::app::Status;
use apdu_dispatch::command::SIZE as APDU_SIZE;
use apdu_dispatch::iso7816::{Aid, App};
use ctap_types::ctap1::{authenticate, Request as Request1, Response as Response1};
use ctap_types::ctap2::{get_assertion, Request, Response};
use ctap_types::webauthn::PublicKeyCredentialDescriptor;
use ctap_types::{ctap1, ctap2};
use ctaphid_dispatch::app;
use ctaphid_dispatch::app as ctaphid;
use heapless_bytes::Bytes;
use iso7816::{command::CommandView, Aid, App, Interface, Status};

use crate::helpers::hash;
use crate::transport::Webcrypt;
use crate::types::RequestSource::RS_FIDO2;
use crate::types::{CtapSignatureSize, RequestDetails, RequestSource};

#[inline(never)]
fn try_handle_ctap1<C>(
fn try_handle_ctap1<C, const R: usize>(
w: &mut Webcrypt<C>,
data: &[u8],
response: &mut apdu_dispatch::response::Data,
response: &mut apdu_app::Data<R>,
) -> Result<(), Status>
where
C: WebcryptTrussedClient,
{
let ctap_response = {
let command =
apdu_dispatch::Command::try_from(data).map_err(|_| Status::IncorrectDataParameter)?;
let ctap_request = ctap1::Request::try_from(&command)?;
let command = CommandView::try_from(data).map_err(|_| Status::IncorrectDataParameter)?;
let ctap_request = ctap1::Request::try_from(command)?;

match ctap_request {
// Request1::Register(reg) => {
Expand Down Expand Up @@ -81,8 +76,11 @@ where
}

#[inline(never)]
fn handle_ctap1<C>(w: &mut Webcrypt<C>, data: &[u8], response: &mut apdu_dispatch::response::Data)
where
fn handle_ctap1<C, const R: usize>(
w: &mut Webcrypt<C>,
data: &[u8],
response: &mut apdu_app::Data<R>,
) where
C: WebcryptTrussedClient,
{
info!("WC handle CTAP1");
Expand All @@ -101,10 +99,10 @@ where
}

#[inline(never)]
fn try_handle_ctap2<C>(
fn try_handle_ctap2<C, const R: usize>(
w: &mut Webcrypt<C>,
data: &[u8],
response: &mut apdu_dispatch::response::Data,
response: &mut apdu_app::Data<R>,
) -> Result<(), u8>
where
C: WebcryptTrussedClient,
Expand Down Expand Up @@ -218,10 +216,10 @@ where
}

#[inline(never)]
fn handle_ctap2<C>(
fn handle_ctap2<C, const R: usize>(
authenticator: &mut Webcrypt<C>,
data: &[u8],
response: &mut apdu_dispatch::response::Data,
response: &mut apdu_app::Data<R>,
) where
C: WebcryptTrussedClient,
{
Expand Down Expand Up @@ -268,8 +266,6 @@ where
}
}

const SIZE: usize = APDU_SIZE;

impl<C> App for Webcrypt<C>
where
C: WebcryptTrussedClient,
Expand All @@ -280,16 +276,16 @@ where
}
}

impl<C> apdu::App<{ SIZE }, { SIZE }> for Webcrypt<C>
impl<C, const R: usize> apdu_app::App<R> for Webcrypt<C>
where
C: WebcryptTrussedClient,
{
fn select(
&mut self,
_interface: Interface,
_apdu: &apdu::Command<{ SIZE }>,
reply: &mut apdu::Data<{ apdu_dispatch::response::SIZE }>,
) -> apdu::Result {
_apdu: CommandView<'_>,
reply: &mut apdu_app::Data<R>,
) -> apdu_app::Result {
reply.extend_from_slice(b"U2F_V2").unwrap();
Ok(())
}
Expand All @@ -299,9 +295,9 @@ where
fn call(
&mut self,
interface: Interface,
apdu: &apdu::Command<{ SIZE }>,
response: &mut apdu::Data<{ apdu_dispatch::response::SIZE }>,
) -> apdu::Result {
apdu: CommandView<'_>,
response: &mut apdu_app::Data<R>,
) -> apdu_app::Result {
if interface != Interface::Contactless {
return Err(Status::ConditionsOfUseNotSatisfied);
}
Expand All @@ -316,7 +312,8 @@ where
// 0x10
Ok(ctaphid::Command::Cbor) => handle_ctap2(self, apdu.data(), response),
Ok(ctaphid::Command::Msg) => handle_ctap1(self, apdu.data(), response),
Ok(ctaphid::Command::Deselect) => self.deselect(),
// Ok(ctaphid::Command::Deselect) => self.deselect(),
Ok(ctaphid::Command::Deselect) => apdu_app::App::<R>::deselect(self),
_ => {
info!("Unsupported ins for fido app {:02x}", instruction);
return Err(Status::InstructionNotSupportedOrInvalid);
Expand All @@ -328,7 +325,7 @@ where
}

#[cfg(feature = "apdu-peek")]
fn peek(&self, apdu: Option<&apdu_dispatch::app::Command<SIZE>>) -> bool {
fn peek(&self, apdu: Option<CommandView<'_>>) -> bool {
match apdu {
None => false,
Some(apdu) => {
Expand Down

0 comments on commit 93f54e9

Please sign in to comment.