diff --git a/deploy.sh b/deploy.sh
index 974888dfb9ec6f0c50ccf8ef0f5089324c975e7d..e86fcd303936d6fd08adef515bcce82a0ac0a9b7 100755
--- a/deploy.sh
+++ b/deploy.sh
@@ -148,15 +148,19 @@ build_app_padding () {
) | xxd -p -r > "${tab_folder}/padding.bin"
}
-build_app () {
+comma_separated () {
# Flatten the array
# This is equivalent to the following python snippet: ' '.join(arr).replace(' ', ',')
- local feature_list=$(IFS=$'\n'; echo "$@")
- if [ "X${feature_list}" != "X" ]
+ local list=$(IFS=$'\n'; echo "$@")
+ if [ "X${list}" != "X" ]
then
- feature_list="${feature_list// /,}"
+ feature_list="${list// /,}"
fi
+ echo ${list}
+}
+build_app () {
+ local feature_list="$(comma_separated "$@")"
cargo build \
--release \
--target=thumbv7em-none-eabi \
@@ -176,9 +180,11 @@ build_app () {
}
build_crypto_bench () {
+ local feature_list="$(comma_separated "$@")"
cargo build \
--release \
--target=thumbv7em-none-eabi \
+ --features="${feature_list}" \
--example crypto_bench
mkdir -p "target/tab"
@@ -310,7 +316,7 @@ fi
if [ "$install_app" = "crypto_bench" ]
then
- build_crypto_bench
+ build_crypto_bench "${!enabled_features[@]}"
fi
if [ "$install_app" != "none" ]
diff --git a/run_desktop_tests.sh b/run_desktop_tests.sh
index 2e7cc80579c438f6513e27f0e5de6de9316a87ef..a4682b259636b1ea17c42625bc9d1be46d8c1dd5 100755
--- a/run_desktop_tests.sh
+++ b/run_desktop_tests.sh
@@ -13,7 +13,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-set -eux
+set -ex
echo "Checking formatting..."
cargo fmt --all -- --check
diff --git a/src/ctap/ctap1.rs b/src/ctap/ctap1.rs
index f3a9ce3e3221731a665e9fd97250b8f26f374bbe..56bec45026b4596dd40f53bf20748ccba488c4d8 100644
--- a/src/ctap/ctap1.rs
+++ b/src/ctap/ctap1.rs
@@ -309,7 +309,7 @@ impl Ctap1Command {
signature_data.extend(key_handle);
signature_data.extend_from_slice(&user_pk);
- let attestation_key = crypto::ecdsa::SecKey::from_bytes(&ATTESTATION_PRIVATE_KEY).unwrap();
+ let attestation_key = crypto::ecdsa::SecKey::from_bytes(ATTESTATION_PRIVATE_KEY).unwrap();
let signature = attestation_key.sign_rfc6979::<crypto::sha256::Sha256>(&signature_data);
response.extend(signature.to_asn1_der());
diff --git a/src/ctap/key_material.rs b/src/ctap/key_material.rs
index 56f5252fe89b351bc9f1036b08a1f9efe57bc366..1958040c727b71f615f76d8eb8ed5a78853a1615 100644
--- a/src/ctap/key_material.rs
+++ b/src/ctap/key_material.rs
@@ -12,10 +12,10 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-pub const AAGUID: [u8; 16] = *include_bytes!(concat!(env!("OUT_DIR"), "/opensk_aaguid.bin"));
+pub const AAGUID: &[u8; 16] = include_bytes!(concat!(env!("OUT_DIR"), "/opensk_aaguid.bin"));
pub const ATTESTATION_CERTIFICATE: &[u8] =
include_bytes!(concat!(env!("OUT_DIR"), "/opensk_cert.bin"));
-pub const ATTESTATION_PRIVATE_KEY: [u8; 32] =
- *include_bytes!(concat!(env!("OUT_DIR"), "/opensk_pkey.bin"));
+pub const ATTESTATION_PRIVATE_KEY: &[u8; 32] =
+ include_bytes!(concat!(env!("OUT_DIR"), "/opensk_pkey.bin"));
diff --git a/src/ctap/mod.rs b/src/ctap/mod.rs
index 26740d58f6e85f704a68ca25225b06ce5e95446d..e444df8a642f2d6f772c377a33f7bfa8768e779f 100644
--- a/src/ctap/mod.rs
+++ b/src/ctap/mod.rs
@@ -429,7 +429,7 @@ where
};
let mut auth_data = self.generate_auth_data(&rp_id_hash, flags);
- auth_data.extend(&AAGUID);
+ auth_data.extend(AAGUID);
// The length is fixed to 0x20 or 0x70 and fits one byte.
if credential_id.len() > 0xFF {
return Err(Ctap2StatusCode::CTAP2_ERR_VENDOR_RESPONSE_TOO_LONG);
@@ -446,7 +446,7 @@ where
signature_data.extend(client_data_hash);
let (signature, x5c) = if USE_BATCH_ATTESTATION {
let attestation_key =
- crypto::ecdsa::SecKey::from_bytes(&ATTESTATION_PRIVATE_KEY).unwrap();
+ crypto::ecdsa::SecKey::from_bytes(ATTESTATION_PRIVATE_KEY).unwrap();
(
attestation_key.sign_rfc6979::<crypto::sha256::Sha256>(&signature_data),
Some(vec![ATTESTATION_CERTIFICATE.to_vec()]),
@@ -640,7 +640,7 @@ where
String::from(FIDO2_VERSION_STRING),
],
extensions: Some(vec![]),
- aaguid: AAGUID,
+ aaguid: *AAGUID,
options: Some(options_map),
max_msg_size: Some(1024),
pin_protocols: Some(vec![
@@ -978,7 +978,7 @@ mod test {
0x82, 0x66, 0x55, 0x32, 0x46, 0x5F, 0x56, 0x32, 0x68, 0x46, 0x49, 0x44, 0x4F, 0x5F,
0x32, 0x5F, 0x30, 0x02, 0x80, 0x03, 0x50,
]);
- expected_response.extend(&AAGUID);
+ expected_response.extend(AAGUID);
expected_response.extend(&[
0x04, 0xA3, 0x62, 0x72, 0x6B, 0xF5, 0x62, 0x75, 0x70, 0xF5, 0x69, 0x63, 0x6C, 0x69,
0x65, 0x6E, 0x74, 0x50, 0x69, 0x6E, 0xF4, 0x05, 0x19, 0x04, 0x00, 0x06, 0x81, 0x01,
@@ -1045,7 +1045,7 @@ mod test {
0x34, 0xE2, 0x75, 0x1E, 0x68, 0x2F, 0xAB, 0x9F, 0x2D, 0x30, 0xAB, 0x13, 0xD2,
0x12, 0x55, 0x86, 0xCE, 0x19, 0x47, 0x41, 0x00, 0x00, 0x00, 0x00,
];
- expected_auth_data.extend(&AAGUID);
+ expected_auth_data.extend(AAGUID);
expected_auth_data.extend(&[0x00, 0x20]);
assert_eq!(
auth_data[0..expected_auth_data.len()],
@@ -1082,7 +1082,7 @@ mod test {
0x34, 0xE2, 0x75, 0x1E, 0x68, 0x2F, 0xAB, 0x9F, 0x2D, 0x30, 0xAB, 0x13, 0xD2,
0x12, 0x55, 0x86, 0xCE, 0x19, 0x47, 0x41, 0x00, 0x00, 0x00, 0x00,
];
- expected_auth_data.extend(&AAGUID);
+ expected_auth_data.extend(AAGUID);
expected_auth_data.extend(&[0x00, ENCRYPTED_CREDENTIAL_ID_SIZE as u8]);
assert_eq!(
auth_data[0..expected_auth_data.len()],