• authenticator: zero dynamic allocations

• AttestationStatement bug fix

Full Changelog: https://github.com/r4gus/keylib/compare/0.3.3...0.3.4

dependency updated

bug fix

Changes

• CtapHid.handle doesn't accept a reference to a Auth struct anymore and now either returns nil or a struct { cmd: Cmd, cid: Cid, data: []const u8 } where cmd is the received command, cid is the channel id, and data is the data related to the command (e.g. cbor encoded CTAP2 command). This allows you to act on specific CTAPHID commands. You can call iterator() on the returned struct.
• Auth.handle now expects two arguments. The first is a pointer to a array of 7609 bytes (the max msg size of CTAPHID); this will probably change in the future. The second argument is the CBOR command. The Auth.handle function will write its response to the struct and then return a slice with the message. The slice references the array.

For an overview on how to use the new API, see README.md.

All commands now share the same function signature. This allows users to swap out the default callbacks with their own ones.

Changes

• Users can now choose the std.rand.Random impl the authenticator should use. The default is std.crypto.random.
• Users can now choose the timestamp function the authenticator should use (fn () i64). The default is std.time.milliTimestamp
• Users now have to specify what Random impl should be used for CtapHid. This is a breaking change! If you upgrade to this version you have to pass the RNG to CtapHid.init() as second argument.

Hash: 1220641561f120bf75991cecbe314fd2ffaa7c3d8dcc7db98b493f1666759ac62779

A good chunk of the CTAP2 spec is implemented so it's time to make a first alpha release.

To install the platform authenticator on Debain based Linux distros download the debian package below and then run the following commands:

sudo apt update && sudo apt install -y curl apt-transport-https gnupg
curl https://couchdb.apache.org/repo/keys.asc | gpg --dearmor | sudo tee /usr/share/keyrings/couchdb-archive-keyring.gpg >/dev/null 2>&1
source /etc/os-release
echo "deb [signed-by=/usr/share/keyrings/couchdb-archive-keyring.gpg] https://apache.jfrog.io/artifactory/couchdb-deb/ ${VERSION_CODENAME} main" \
    | sudo tee /etc/apt/sources.list.d/couchdb.list >/dev/null
sudo apt update
sudo apt install ./scallop_0.1.0-1_amd64.deb

After you've installed Scallop visit http://127.0.0.1:5984/_utils/, login using your username and password (the username is usually admin), and create a new database with the name passkee.

Reboot your system

After you've rebooted your system you can start the authenticator by running scallop <password> <couchdb_user> <couchdb_password>.

You can freely choose the <password> but make sure you use the same every time you start the application.

Visit a site like https://passkey.org to test the authenticator, or use it with Github.

Note: Please use a chromium based browser when playing with the authenticator. Firefox has still some issues.