Bugfix (google#304)

* Add Feitian OpenSK USB Dongle (google#257) Co-authored-by: superskybird <[email protected]> * Fix `config.py` tool according to the new API of fido2 python package (google#284) * Fix fido2 API update. Since fido2 0.8.1 the device descriptor moved to NamedTuple, breaking our configuration tool. Code is now updated accordingly and the setup script ensure we're using the correct version for fido2 package. * Make Yapf happy * Fix missing update for fido2 0.9.1 Also split the comment into 2 lines so that the touch is not hidden at the end of the screen. * adds README changes, logo and certificate (google#285) Co-authored-by: Geoffrey <[email protected]> Co-authored-by: superskybird <[email protected]> Co-authored-by: kaczmarczyck <[email protected]>
emvuys · Apr 13, 2021 · 748b7e7 · 748b7e7
1 parent b0c1b73
commit 748b7e7
Show file tree

Hide file tree

Showing 5 changed files with 15 additions and 16 deletions.
diff --git a/README.md b/README.md
@@ -24,15 +24,16 @@ few limitations:
 
 ### FIDO2
 
-Although we tested and implemented our firmware based on the published
-[CTAP2.0 specifications](https://fidoalliance.org/specs/fido-v2.0-ps-20190130/fido-client-to-authenticator-protocol-v2.0-ps-20190130.html),
-our implementation was not reviewed nor officially tested and doesn't claim to
-be FIDO Certified.
-We started adding features of the upcoming next version of the
-[CTAP2.1 specifications](https://fidoalliance.org/specs/fido2/fido-client-to-authenticator-protocol-v2.1-rd-20191217.html).
-The development is currently between 2.0 and 2.1, with updates hidden behind
-a feature flag.
-Please add the flag `--ctap2.1` to the deploy command to include them.
+The stable branch implements the published
+[CTAP2.0 specifications](https://fidoalliance.org/specs/fido-v2.0-ps-20190130/fido-client-to-authenticator-protocol-v2.0-ps-20190130.html)
+and is FIDO certified.
+
+<img alt="FIDO2 certified L1" src="docs/img/FIDO2_Certified_L1.png" width="200px">
+
+It already contains some preview features of 2.1, that you can try by adding the
+flag `--ctap2.1` to the deploy command. The full
+[CTAP2.1 specification](https://fidoalliance.org/specs/fido-v2.1-rd-20201208/fido-client-to-authenticator-protocol-v2.1-rd-20201208.html)
+is work in progress in the develop branch and is tested less thoroughly.
 
 ### Cryptography
 

diff --git a/docs/FIDO2 Certificate Google FIDO20020210209001.pdf b/docs/FIDO2 Certificate Google FIDO20020210209001.pdf
diff --git a/docs/img/FIDO2_Certified_L1.png b/docs/img/FIDO2_Certified_L1.png
diff --git a/setup.sh b/setup.sh
@@ -46,4 +46,4 @@ mkdir -p elf2tab
 cargo install elf2tab --version 0.6.0 --root elf2tab/
 
 # Install python dependencies to factory configure OpenSK (crypto, JTAG lockdown)
-pip3 install --user --upgrade colorama tqdm cryptography fido2
+pip3 install --user --upgrade colorama tqdm cryptography "fido2>=0.9.1"
diff --git a/tools/configure.py b/tools/configure.py
@@ -64,8 +64,7 @@ def info(msg):
 def get_opensk_devices(batch_mode):
   devices = []
   for dev in hid.CtapHidDevice.list_devices():
-    if (dev.descriptor["vendor_id"],
-        dev.descriptor["product_id"]) == OPENSK_VID_PID:
+    if (dev.descriptor.vid, dev.descriptor.pid) == OPENSK_VID_PID:
       if dev.capabilities & hid.CAPABILITY.CBOR:
         if batch_mode:
           devices.append(ctap2.CTAP2(dev))
@@ -138,10 +137,9 @@ def main(args):
     if authenticator.device.capabilities & hid.CAPABILITY.WINK:
       authenticator.device.wink()
     aaguid = uuid.UUID(bytes=authenticator.get_info().aaguid)
-    info(("Programming device {} AAGUID {} ({}). "
-          "Please touch the device to confirm...").format(
-              authenticator.device.descriptor.get("product_string", "Unknown"),
-              aaguid, authenticator.device))
+    info("Programming OpenSK device AAGUID {} ({}).".format(
+        aaguid, authenticator.device))
+    info("Please touch the device to confirm...")
     try:
       result = authenticator.send_cbor(
           OPENSK_VENDOR_CONFIGURE,