[riot-notifications] [RIOT-OS/RIOT] FIDO2 support in RIOT (#16489)

Nils Ollrogge notifications at github.com
Fri May 21 09:54:20 CEST 2021


<!--
The RIOT community cares a lot about code quality.
Therefore, before describing what your contribution is about, we would like
you to make sure that your modifications are compliant with the RIOT
coding conventions, see https://github.com/RIOT-OS/RIOT/wiki/Coding-conventions.
-->

### Contribution description
This PR adds support for the [Fast Identity Online 2 (FIDO2)](https://fidoalliance.org/fido2/) specification in RIOT. FIDO2 is an authentication standard that seeks to solve the password problem by enabling passwordless authentication. FIDO2 consists of the [W3C Web Authentication specification (WebAuthn)](https://www.w3.org/TR/2021/REC-webauthn-2-20210408/) and the [Client to Authenticator Protocol (CTAP)](https://fidoalliance.org/specs/fido-v2.0-ps-20190130/fido-client-to-authenticator-protocol-v2.0-ps-20190130.html). 

This PR adds a basic implementation of the CTAP protocol. CTAP is an application layer protocol for the communication between an authenticator and host. Most of the time an authenticator is either a mobile device or security key like [YubiKey](https://www.yubico.com/authentication-standards/fido2/). 

As of now not many websites support the passwordless login flow added by the second version of the FIDO standard. Therefore future PR's will add the backward compatibility to FIDO1 in order to enable the usage of this implementation as part of 2FA authentication flows.

<!--
Put here the description of your contribution:
- describe which part(s) of RIOT is (are) involved
- if it's a bug fix, describe the bug that it solves and how it is solved
- you can also give more information to reviewers about how to test your changes
-->


### Testing procedure
* `tests/sys_fido2_ctap` 
<!--
Details steps to test your contribution:
- which test/example to compile for which board and is there a 'test' command
- how to know that it was not working/available in master
- the expected success test output
-->


### Issues/PRs references

<!--
Examples: Fixes #1234. See also #5678. Depends on PR #9876.

Please use keywords (e.g., fixes, resolve) with the links to the issues you
resolved, this way they will be automatically closed when your pull request
is merged. See https://help.github.com/articles/closing-issues-using-keywords/.
-->

You can view, comment on, or merge this pull request online at:

  https://github.com/RIOT-OS/RIOT/pull/16489

-- Commit Summary --

  * FIDO2 support in RIOT

-- File Changes --

    M makefiles/pseudomodules.inc.mk (1)
    A pkg/fido2_tests/Makefile (9)
    M sys/Kconfig (1)
    M sys/Makefile.dep (31)
    A sys/fido2/Kconfig (7)
    A sys/fido2/Makefile (7)
    A sys/fido2/ctap/Kconfig (34)
    A sys/fido2/ctap/Makefile (11)
    A sys/fido2/ctap/ctap.c (1511)
    A sys/fido2/ctap/ctap_cbor.c (1687)
    A sys/fido2/ctap/ctap_crypto.c (305)
    A sys/fido2/ctap/ctap_mem.c (106)
    A sys/fido2/ctap/ctap_utils.c (90)
    A sys/fido2/ctap/transport/Makefile (7)
    A sys/fido2/ctap/transport/ctap_transport.c (138)
    A sys/fido2/ctap/transport/hid/Makefile (3)
    A sys/fido2/ctap/transport/hid/ctap_transport_hid.c (603)
    A sys/fido2/doc.txt (22)
    A sys/include/fido2/ctap.h (788)
    A sys/include/fido2/ctap/ctap_cbor.h (164)
    A sys/include/fido2/ctap/ctap_crypto.h (209)
    A sys/include/fido2/ctap/ctap_mem.h (58)
    A sys/include/fido2/ctap/ctap_status.h (92)
    A sys/include/fido2/ctap/ctap_utils.h (81)
    A sys/include/fido2/ctap/transport/ctap_transport.h (84)
    A sys/include/fido2/ctap/transport/hid/ctap_transport_hid.h (261)
    A tests/sys_fido2_ctap/Makefile (22)
    A tests/sys_fido2_ctap/README.md (23)
    A tests/sys_fido2_ctap/main.c (17)

-- Patch Links --

https://github.com/RIOT-OS/RIOT/pull/16489.patch
https://github.com/RIOT-OS/RIOT/pull/16489.diff

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/RIOT-OS/RIOT/pull/16489
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riot-os.org/pipermail/notifications/attachments/20210521/8bb0f7ae/attachment-0001.htm>


More information about the notifications mailing list