commit | c192049691712781c6e21a523e22eab47f768739 | [log] [tgz] |
---|---|---|
author | bors[bot] <26634292+bors[bot]@users.noreply.github.com> | Fri Oct 09 19:07:07 2020 +0000 |
committer | GitHub <noreply@github.com> | Fri Oct 09 19:07:07 2020 +0000 |
tree | 50c426708eef0fd271bf4730af37299ebe584ef4 | |
parent | 77b6e8c350579ec0e6539b6015f811eaad4b40cc [diff] | |
parent | 4ad920de62542091ca560f466cb7902c20f3b56a [diff] |
Merge #239 239: examples-features: Add a featured CTAP example r=jrvanwhy a=alistair23 This PR adds a fully featured CTAP example. In order to do this we use a few external crates: * ctap2-authenticator: This handles CBOR decoding (using serde_cbor) and parses the CTAP data * p256, subtle and generic-array: Are used for Elliptic Curve crypto A few remaining issues: * ~~Platforms without atomics don't work. ~~There are patches sent to the upstream projects, we just need them to update and then the crates we use to update.~~ Just waiting on the next release (0.4.11+) of https://github.com/rust-lang/log/releases~~ * ~~One change for ctap2-authenticator is required, I'll send a patch soon.~~ * The nonce is static. This is not cryptographically sound. This needs to be updated to use Tocks TRNG HIL * Some functionality is still unimplemented * ~~`self.hmac.init_driver().unwrap` doesn't work in a callback without implementing debug. I get this error otherwise: method not found in `core::result::Result<libtock::hmac::HmacDriver<'_>, libtock::result::TockError>`. Any ideas?~~ * Security audit, eventually This PR adds functionality to: * Handle information requests from the host * Generate keys when requested from the host * Sign and attest data sent from the host This was all tested with the Yubico Python FIDO library. It will also tested and can be used to register and login to websites using FIDO2. Co-authored-by: Alistair Francis <alistair.francis@wdc.com>
Rust userland library for Tock (WIP)
Generally this library was tested with tock Release 1.5. Since then changes have been made that might not work with the Tock release 1.5, but instead target Tock master. For example this library might support newer boards (Apollo3), changed boards (HiFive1 revB) or new drivers (HMAC).
The library works in principle on most boards, but there is currently the showstopper bug #28 that prevents the generation of relocatable code. This means that all applications must be installed at the flash address they are compiled with, which usually means that they must be compiled especially for your board and that there can only be one application written in rust at a time and it must be installed as the first application on the board, unless you want to play games with linker scripts. There are some boards/layout_*.ld
files provided that allow to run the examples on common boards. Due to MPU region alignment issues they may not work for applications that use a lot of RAM, in that case you may have to change the SRAM start address to fit your application.
This project is nascent and still under heavy development, but first steps:
Ensure you have rustup installed.
Clone the repository:
git clone --recursive https://github.com/tock/libtock-rs cd libtock-rs
Install the dependencies:
make setup
Use make
to build examples
make nrf52 # Builds all examples for the nrf52 platform
make opentitan # Builds all examples for the OpenTitan platform
make opentitan FEATURES=alloc # Builds all examples for the OpenTitan platform, with alloc feature enabled
make flash-hail EXAMPLE=blink # Flash the example 'blink' program to the hail platform
For an unknown platform, you may have to create your own memory layout definition. Place the layout definition file at boards/layout_<platform>.ld
and do not forget to enhance the tockloader_flags
dispatching section in tools/flash.sh
. You are welcome to create a PR, s.t. the number of supported platforms grows.
The easiest way to start using libtock-rs is adding an example to the examples folder. The boiler plate code you would write is
#![no_std] use libtock::result::TockResult; #[libtock::main] async fn main() -> TockResult<()> { // Your code }
If you want to use heap based allocation you will have to add
extern crate alloc;
to the preamble and store your example in the examples-alloc
folder.
To build the examples for your board you can use
make <platform> [FEATURES=alloc]
An example can be flashed to your board after the build process by running:
make flash-<platform> EXAMPLE=<example>
This script does the following steps for you:
libtock-rs is licensed under either of
at your option.
Submodules have their own licenses.
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.
The contribution guidelines can be found here: contribution guidelines