Merge #239

239: examples-features: Add a featured CTAP example r=jrvanwhy a=alistair23

This PR adds a fully featured CTAP example.

In order to do this we use a few external crates:
 * ctap2-authenticator: This handles CBOR decoding (using serde_cbor) and  parses the CTAP data
 * p256, subtle and generic-array: Are used for Elliptic Curve crypto

A few remaining issues:
 * ~~Platforms without atomics don't work. ~~There are patches sent to the upstream projects, we just need them to update and then the crates we use to update.~~ Just waiting on the next release (0.4.11+) of https://github.com/rust-lang/log/releases~~
 * ~~One change for ctap2-authenticator is required, I'll send a patch soon.~~
 * The nonce is static. This is not cryptographically sound. This needs to be updated to use Tocks TRNG HIL
 * Some functionality is still unimplemented
 * ~~`self.hmac.init_driver().unwrap` doesn't work in a callback without implementing debug. I get this error otherwise: method not found in `core::result::Result<libtock::hmac::HmacDriver<'_>, libtock::result::TockError>`. Any ideas?~~
 * Security audit, eventually

This PR adds functionality to:
 * Handle information requests from the host
 * Generate keys when requested from the host
 * Sign and attest data sent from the host
This was all tested with the Yubico Python FIDO library. It will also tested and can be used to register and login to websites using FIDO2.

Co-authored-by: Alistair Francis <alistair.francis@wdc.com>
tree: 50c426708eef0fd271bf4730af37299ebe584ef4
  1. .cargo/
  2. .github/
  3. .vscode/
  4. boards/
  5. codegen/
  6. core/
  7. doc/
  8. examples/
  9. examples-features/
  10. src/
  11. test_runner/
  12. tools/
  13. .gitignore
  14. .gitmodules
  15. .travis.yml
  16. bors.toml
  17. build.rs
  18. Cargo.toml
  19. CHANGELOG.md
  20. CONTRIBUTING.md
  21. layout_generic.ld
  22. LICENSE-APACHE
  23. LICENSE-MIT
  24. Makefile
  25. README.md
  26. rust-toolchain
  27. rustfmt.toml
README.md

Build Status

libtock-rs

Rust userland library for Tock (WIP)

Generally this library was tested with tock Release 1.5. Since then changes have been made that might not work with the Tock release 1.5, but instead target Tock master. For example this library might support newer boards (Apollo3), changed boards (HiFive1 revB) or new drivers (HMAC).

The library works in principle on most boards, but there is currently the showstopper bug #28 that prevents the generation of relocatable code. This means that all applications must be installed at the flash address they are compiled with, which usually means that they must be compiled especially for your board and that there can only be one application written in rust at a time and it must be installed as the first application on the board, unless you want to play games with linker scripts. There are some boards/layout_*.ld files provided that allow to run the examples on common boards. Due to MPU region alignment issues they may not work for applications that use a lot of RAM, in that case you may have to change the SRAM start address to fit your application.

Getting Started

This project is nascent and still under heavy development, but first steps:

  1. Ensure you have rustup installed.

  2. Clone the repository:

    git clone --recursive https://github.com/tock/libtock-rs
    cd libtock-rs
    
  3. Install the dependencies:

    make setup
    
  4. Use make to build examples

    make nrf52 # Builds all examples for the nrf52 platform
    
    make opentitan # Builds all examples for the OpenTitan platform
    
    make opentitan FEATURES=alloc # Builds all examples for the OpenTitan platform, with alloc feature enabled
    
    make flash-hail EXAMPLE=blink # Flash the example 'blink' program to the hail platform
    

    For an unknown platform, you may have to create your own memory layout definition. Place the layout definition file at boards/layout_<platform>.ld and do not forget to enhance the tockloader_flags dispatching section in tools/flash.sh. You are welcome to create a PR, s.t. the number of supported platforms grows.

Using libtock-rs

The easiest way to start using libtock-rs is adding an example to the examples folder. The boiler plate code you would write is

#![no_std]

use libtock::result::TockResult;

#[libtock::main]
async fn main() -> TockResult<()> {
  // Your code
}

If you want to use heap based allocation you will have to add

extern crate alloc;

to the preamble and store your example in the examples-alloc folder.

To build the examples for your board you can use

make <platform> [FEATURES=alloc]

An example can be flashed to your board after the build process by running:

make flash-<platform> EXAMPLE=<example>

This script does the following steps for you:

  • cross-compile your program
  • create a TAB (tock application bundle)
  • if you have a J-Link compatible board connected: flash this TAB to your board (using tockloader)

License

libtock-rs is licensed under either of

at your option.

Submodules have their own licenses.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

The contribution guidelines can be found here: contribution guidelines