PoC: Add vendor command for signing an arbitrary SHA256 hash#397
PoC: Add vendor command for signing an arbitrary SHA256 hash#397rgerganov wants to merge 1 commit into
Conversation
|
btw I tried this along with solokeys/solo1-cli#67 and it works, pretty neat idea. |
|
Rebased the patch and added support for pinAuth |
|
question is on what base we would run pin, basically force if available, or let the user decide some way on creating the credential or whatever |
I am trying to mimic the semantics of GetAssertion. If there is a PIN set, then platform needs to send pinAuth. Otherwise, only a button press is needed for signing. |
|
but get assertion has uv kinda optional as far as I read it in the document, depending on how the options.uv is set and it defaults to false |
|
okay considering this: |
This patch adds new CTAP2 vendor command with command value 0x50. The
command arguments are credentialId and user specified SHA256 hash. It
returns a DER encoded signature of the given hash, using the key
which corresponds to the specified credentialId.
Example request:
{1: <sha256_hash>,
2: {"id": <credential_id>, "type": "public-key"},
3: [pinAuth]}
Example response:
{1: <der_signature>}
Issue: solokeys#395
|
I have rebased the patch on top of master |
This patch adds new CTAP2 vendor command with command value 0x50. The
command arguments are credentialId and user specified SHA256 hash. It
returns a DER encoded signature of the given hash, using the key
which corresponds to the specified credentialId.
Example request:
{1: <sha256_hash>, 2: {"id": <credential_id>, "type": "public-key"}}
Example response:
{1: <der_signature>}
Issue: #395