An implementation of the FIDO Device Onboard (FDO) spec written in Rust.

Overview

fido-device-onboard-rs

An implementation of the FIDO Device Onboard Specification written in rust.

The current implementation targets specification version: v1.0 20210323a.

Components

The fido-fdo-rs implements all core components of the FIDO Device Onboard Specification including:

Protocols

Crates and parts

  • fdo-client-linuxapp: Performs TO1 and TO2 client side protocols.
  • fdo-data-formats: [DI, TO0, TO1, TO2]: Implements the different low-level messaging formats used.
  • fdo-http-wrapper: Helpers for HTTP operations in both FDO server and client.
  • fdo-integration-tests: This crate contains the integration testing.
  • fdo-libfdo-data: C wrapper around fdo-data-formats, allowing code in other languages to parse Ownership Vouchers, and possibly other data formats in the future.
  • fdo-manufacturing-client: Client side implementation of Device Initalize and Device Initialize over Untrusted Networks (DIUN) protocols.
  • fdo-manufacturing-server: Server side implementation of Device Initalize protocol. It supports as well Untrusted Networks (DIUN) protocols, that can be used for local prototypes.
  • fdo-owner-onboarding-server: Onboarding server, server side of TO2 protocol.
  • fdo-owner-tool: Tool for initializing devices, dump ownership vouchers, dump device credentials, extend ownership vouchers and report the device to the rendezvous service.
  • fdo-rendezvous-server: Rendezvous server implementation.
  • fdo-store: Implementation of different backend datastores for services.
  • fdo-util: Utilities/helpers for server (and, in the future client) crates.
  • fdo-iot-stream-message: Implements the stream message creation/parsing of StreamMsg. Currently not implemented.

Building

To build on Fedora/RHEL/CentOS you can do the following:

sudo yum install -y cargo git-core openssl-devel
git clone https://github.com/fedora-iot/fido-device-onboard-rs.git
cd fido-device-onboard-rs
cargo build --release
Issues
  • in libfdo_data, when we load an empty []byte - we are not getting nil we get a panic.

    in libfdo_data, when we load an empty []byte - we are not getting nil we get a panic.

    in libfdo_data, when we load an empty []byte - voucher isn't nil, we get panic (before the check) https://github.com/Avielyo10/edge-api/blob/fdo-client/pkg/services/ownershipvoucher/ownershipvoucher.go#L20

    bug jira 
    opened by Avielyo10 9
  • Add libfdo-data

    Add libfdo-data

    libfdo-data is a C wrapper around fdo-data-formats, allowing code in other languages to parse Ownership Vouchers, and possibly other data formats later on.

    Signed-off-by: Patrick Uiterwijk [email protected]

    opened by puiterwijk 8
  • Device Credential: semi-TPM

    Device Credential: semi-TPM

    We can do a Device Credential system where the DC is in a filesystem, but it doesn't contain the private key (or HMAC key), but just the data used to ask the TPM to reproduce the key.

    enhancement jira 
    opened by puiterwijk 5
  • feat: implement semi-TPM Device Credential

    feat: implement semi-TPM Device Credential

    This implements a system where the keys for the device credential are created by the TPM (never leaving the TPM), but the references to the keys, and rendezvous info, etc, are stored on the filesystem. This protects against having the actual private keys stolen when the device credential file is extracted from a disk.

    The current implementation only supports the ECDSA ciphers mentioned by the FDO specification.

    The current test suite does not set up a software TPM to execute the TPM tests during CI, but it will execute the TPM tests if a TPM exists on the system.

    Fixes: #200 Signed-off-by: Patrick Uiterwijk [email protected]

    opened by puiterwijk 4
  • feat(client): send errors back while performing TO1/TO2

    feat(client): send errors back while performing TO1/TO2

    Implements #9, sends back errors to RV while performing TO1 and TO2.

    • Changes related to handling errors on TO2.
    • Changes related to handling errors on TO1.
    opened by 7flying 4
  • chore: update ciborium requirement from 0.1.0 to 0.2.0

    chore: update ciborium requirement from 0.1.0 to 0.2.0

    Updates the requirements on ciborium to permit the latest version.

    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 4
  • release 0.2.0

    release 0.2.0

    now that kdf is fixed with https://github.com/fedora-iot/fido-device-onboard-rs/pull/160 should we go ahead and tag 0.2.0? @puiterwijk @nullr0ute (are we openssl complaint again?)

    opened by runcom 3
  • fix: actually enforce tag on COSESign deserialize

    fix: actually enforce tag on COSESign deserialize

    We were returning an error if the COSESign tag was invalid, but if it was wrong we were logging an error. We make sure here that we actually enforce the tags, but then also not fully crash when we somehow get into the situation where it didn't hold up.

    Signed-off-by: Patrick Uiterwijk [email protected]

    opened by puiterwijk 3
  • fix: converge on naming for server(s)

    fix: converge on naming for server(s)

    Align on naming for server(s) - will need to update the spec and something else later after this lands

    Signed-off-by: Antonio Murdaca [email protected]

    opened by runcom 3
  • Create backbone to produce documentation

    Create backbone to produce documentation

    We should have man pages to ship them in RPMs too (this comes from a user's feedback, go online isn't an option)

    This ticket is about creating the backbone to support generating documentation, this is NOT about writing documentation

    jira 
    opened by runcom 2
  • chore: update nix requirement from 0.23.0 to 0.24.1

    chore: update nix requirement from 0.23.0 to 0.24.1

    Updates the requirements on nix to permit the latest version.

    Changelog

    Sourced from nix's changelog.

    [0.24.1] - 2022-04-22

    Added

    Changed

    Fixed

    • Fixed UnixAddr::size on Linux-based OSes. (#1702)

    Removed

    [0.24.0] - 2022-04-21

    Added

    • Added fine-grained features flags. Most Nix functionality can now be conditionally enabled. By default, all features are enabled. (#1611)
    • Added statfs FS type magic constants for target_os = "android" and synced constants with libc v0.2.121. (#1690)
    • Added fexecve on DragonFly. (#1577)
    • sys::uio::IoVec is now Send and Sync (#1582)
    • Added EPOLLEXCLUSIVE on Android. (#1567)
    • Added fdatasync for FreeBSD, Fuchsia, NetBSD, and OpenBSD. (#1581)
    • Added sched_setaffinity and sched_getaffinity on DragonFly. (#1537)
    • Added posix_fallocate on DragonFly. (#1621)
    • Added SO_TIMESTAMPING support (#1547)
    • Added getter methods to MqAttr struct (#1619)
    • Added the TxTime sockopt and control message. (#1564)
    • Added POSIX per-process timer support (#1622)
    • Added sendfile on DragonFly. (#1615)
    • Added UMOUNT_NOFOLLOW, FUSE_SUPER_MAGIC on Linux. (#1634)
    • Added getresuid, setresuid, getresgid, and setresgid on DragonFly, FreeBSD, and OpenBSD. (#1628)
    • Added MAP_FIXED_NOREPLACE on Linux. (#1636)
    • Added fspacectl on FreeBSD (#1640)
    • Added accept4 on DragonFly, Emscripten, Fuchsia, Illumos, and NetBSD.

    ... (truncated)

    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 2
  • chore: update aws-nitro-enclaves-cose requirement from 0.4.0 to 0.5.0

    chore: update aws-nitro-enclaves-cose requirement from 0.4.0 to 0.5.0

    Updates the requirements on aws-nitro-enclaves-cose to permit the latest version.

    Release notes

    Sourced from aws-nitro-enclaves-cose's releases.

    Release v0.5.0

    • Support signing with an AWS KMS private key via the key_kms feature. (thank you @​puiterwijk)
    • Abstract Openssl operations (thank you @​raoulstrackx)
    • Update and declare MSRV to 1.58
    Changelog

    Sourced from aws-nitro-enclaves-cose's changelog.

    0.5.0

    • Support signing with an AWS KMS private key via the key_kms feature. (thank you @​puiterwijk)
    • Abstract Openssl operations (thank you @​raoulstrackx)
    • Update and declare MSRV to 1.58

    0.4.0

    • Abstract signing support: provide traits to abstract private and public keys.
    • Support signing with a TPM-backed private key via the key_tpm feature.

    0.3.0

    • Breaking change: Use upper case acronyms as advised by clippy
    • New Feature: COSE encryption is now available. Thank you @​runcom for the patches.
    • Allow access to CoseSign1 headers, to allow algorithms to use read and set them. Thank you @​puiterwijk.
    • Minor fixes and version bumps.

    0.2.0

    • Bump serde_with version.
    • CBOR tags support: can add and verify tags on COSESign1.
    • Use PKey instead of EcKey. Just an interface change, RSA not supported yet. (thanks @​puiterwijk) This will likely change again in the future to support awslabs/aws-nitro-enclaves-cose#5.
    • Implement std::error::Error for COSEError (thanks @​puiterwijk)

    0.1.0

    Initial Release

    Commits
    • b95205c update to v0.5.0
    • b236773 fixup: remove tokio fom dev-dependencies
    • 90ea3cc kms: do not create a new runtime, use a handle
    • fd155ed Rebase and update SDK latest version
    • b8d438a rust: set MSRV to 1.58.1
    • 405e3ed Implement AWS KMS cryptography
    • 44ad72a Address reviewer comments
    • f641e9c Address reviewer comments
    • aa19d8a Fix TPM related compile issues
    • 349e4c6 Version bump
    • Additional commits viewable in compare view

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies rust 
    opened by dependabot[bot] 0
  • fix (clientlinuxapp): Log ERROR when failing to install sshkey

    fix (clientlinuxapp): Log ERROR when failing to install sshkey

    closes #202 This PR contains fix for clientlinuxapp logging . When failing to install sshkey while performing fdo-onboarding , the errors were logged as 'TRACE' instead of 'ERROR' which makes it now easier for user to identify errors.

    opened by sarmahaj 1
  • fix(passwordless_login): login with ssh key only

    fix(passwordless_login): login with ssh key only

    for security reason login with password is disabled for user created during device onboarding user created will able to login only using ssh key passed via service info config.

    Signed-off: Sayan Paul [email protected]

    opened by say-paul 0
  • fix: update spec for multiple vouchers

    fix: update spec for multiple vouchers

    For uploading multiple ownership vouchers, the spec says, vouchers should be appended to each other, adding a newline between the different entries. But this newline isn't required; the code can split vouchers on encountering a new initial tag (-----BEGIN OWNERSHIP VOUCHER-----)

    opened by rdotjain 3
  • chore: update serde_yaml requirement from 0.8 to 0.9

    chore: update serde_yaml requirement from 0.8 to 0.9

    Updates the requirements on serde_yaml to permit the latest version.

    Release notes

    Sourced from serde_yaml's releases.

    0.9.0

    API documentation: https://docs.rs/serde_yaml/0.9

    Highlights

    • The serde_yaml::Value enum gains a Tagged variant which represents the deserialization of YAML's !Tag syntax. Tagged scalars, sequences, and mappings are all supported.

    • An empty YAML input (or document containing only comments) will deserialize successfully to an empty map, empty sequence, or Serde struct as long as the struct has only optional fields. Previously this would error.

    • A new .apply_merge() method on Value implements YAML's << merge key convention.

    • The Debug representation of serde_yaml::Value has gotten vastly better (dtolnay/serde-yaml#287).

    • Deserialization of borrowed strings now works.

      #[derive(Deserialize, Debug)]
      struct Struct<'a> {
          borrowed: &'a str,
      }
      

      let yaml = "borrowed: 'kölcsönzött'\n"; let value: Struct = serde_yaml::from_str(yaml)?; println!("{:#?}", value);

    • Value's and Mapping's methods get and get_mut have been generalized to support a &str argument, as opposed to requiring you to allocate and construct a Value::String for indexing into another existing Value.

    • Mapping exposes more APIs that have become conventional on map data structures, such as .keys(), .values(), .into_keys(), .into_values(), .values_mut(), and .retain(|k, v| …).

    Breaking changes

    • Serialization no longer produces leading ---\n on the serialized output. You can prepend this yourself if your use case demands it.

    • Serialization of enum variants is now based on YAML's !Tag syntax, rather than JSON-style singleton maps.

      #[derive(Serialize, Deserialize)]
      enum Enum {
          Newtype(usize),
          Tuple(usize, usize, usize),
          Struct { x: f64, y: f64 },
      }
      
      - !Newtype 1
      - !Tuple [0, 0, 0]
      - !Struct {x: 1.0, y: 2.0}
      

    ... (truncated)

    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies rust 
    opened by dependabot[bot] 0
Releases(v0.4.5)
  • v0.4.5(Mar 29, 2022)

    What's Changed

    • Use the official jekyll build action for CI by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/230
    • ci: do not crash commitlint on missing body by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/234
    • chore: update build requirements on README.md by @7flying in https://github.com/fedora-iot/fido-device-onboard-rs/pull/233
    • chore: add CONTRIBUTING file by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/235
    • chore: add more packages to CONTRIBUTING.md by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/236
    • feat(client): send errors back while performing TO1/TO2 by @7flying in https://github.com/fedora-iot/fido-device-onboard-rs/pull/222
    • chore: port admin-tool to clap 3 by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/242
    • feat: per-device serviceinfo by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/239
    • feat: implement admin-tool All-In-One by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/245
    • chore: update sample owner config file by @7flying in https://github.com/fedora-iot/fido-device-onboard-rs/pull/248
    • feat: update ServiceInfo spec with extra_commands by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/237
    • doc: add documentation for diskencryption SIM by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/249
    • chore: unify openssl-kdf versions in data-formats module by @nullr0ute in https://github.com/fedora-iot/fido-device-onboard-rs/pull/252
    • Add Reencryption implementation by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/251
    • feat: add disk encryption to serviceinfo API server by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/253
    • ci: allow single reviewer if no actual stability impact by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/255
    • chore(fido-device-onboard.spec): update to 0.4.5 latest by @runcom in https://github.com/fedora-iot/fido-device-onboard-rs/pull/232

    Full Changelog: https://github.com/fedora-iot/fido-device-onboard-rs/compare/v0.4.0...v0.4.5

    Source code(tar.gz)
    Source code(zip)
  • v0.4.0(Feb 24, 2022)

    What's Changed

    • chore(examples/config): fix manufacturing server config by @runcom in https://github.com/fedora-iot/fido-device-onboard-rs/pull/196
    • Small fixes on examples configurations by @runcom in https://github.com/fedora-iot/fido-device-onboard-rs/pull/197
    • chore(examples/config): paths must be absolute by @runcom in https://github.com/fedora-iot/fido-device-onboard-rs/pull/198
    • refactor(owner-tool): remove remnants of report-to-rendezvous subcommand by @7flying in https://github.com/fedora-iot/fido-device-onboard-rs/pull/208
    • feat: add an admin-tool cli by @runcom in https://github.com/fedora-iot/fido-device-onboard-rs/pull/216
    • embed rendezvous-info and owner-addresses in the config by @runcom in https://github.com/fedora-iot/fido-device-onboard-rs/pull/220
    • fix(admin-tool): randomize cert serial by @runcom in https://github.com/fedora-iot/fido-device-onboard-rs/pull/219
    • chore: update serial_test requirement from 0.5.1 to 0.6.0 by @dependabot in https://github.com/fedora-iot/fido-device-onboard-rs/pull/218
    • feat: implement DIUN root cert verification by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/225
    • feat: implement semi-TPM Device Credential by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/224
    • feature: add serviceinfo API client by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/210
    • feat: fall back to non-interoperable KDF by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/228
    • chore: bump version to 0.4.0 by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/229

    New Contributors

    • @7flying made their first contribution in https://github.com/fedora-iot/fido-device-onboard-rs/pull/208

    Full Changelog: https://github.com/fedora-iot/fido-device-onboard-rs/compare/v0.3.0...v0.4.0

    Source code(tar.gz)
    Source code(zip)
  • v0.3.0(Feb 1, 2022)

    Release 0.3.0

    Moves to FDO spec 1.1.

    What's Changed

    • fix(spec): Version has to come before forgemeta by @runcom in https://github.com/fedora-iot/fido-device-onboard-rs/pull/182
    • Implement file and command serviceinfo modules by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/186
    • chore(systemd): always run the fdo client by @runcom in https://github.com/fedora-iot/fido-device-onboard-rs/pull/188
    • chore(systemd): env file is optional, mark it by @runcom in https://github.com/fedora-iot/fido-device-onboard-rs/pull/189
    • fix: fix typo in expected environment variable by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/187
    • chore: don't call .to_string() in a format argument by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/191
    • chore(systemd): mv creds may fail by @runcom in https://github.com/fedora-iot/fido-device-onboard-rs/pull/190
    • chore(dracut): strenghten manufacturing client service by @runcom in https://github.com/fedora-iot/fido-device-onboard-rs/pull/194
    • Move to FDO version 1.1 by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/192
    • chore: bump to version 0.3.0 by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/195

    Full Changelog: https://github.com/fedora-iot/fido-device-onboard-rs/compare/v0.2.0...v0.3.0

    Source code(tar.gz)
    Source code(zip)
  • v0.2.0(Dec 10, 2021)

    What's Changed

    • fix: ensure Nonce and Guid are bstr .size 16 by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/100
    • fix: adding golang to devcontainer by @jnogol in https://github.com/fedora-iot/fido-device-onboard-rs/pull/101
    • fix: support ips in rendezvous info by @runcom in https://github.com/fedora-iot/fido-device-onboard-rs/pull/103
    • fix: ensure all tests use new server ports by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/105
    • feat: mfg-client check whether device has active credentials by @jnogol in https://github.com/fedora-iot/fido-device-onboard-rs/pull/104
    • Add a new pri-fidoiot voucher by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/109
    • fix: (de)serialize simple messages correctly by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/111
    • fix: ensure KeyExchanges are bstr by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/112
    • fix: use correct lengths for random sizes by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/113
    • fix: add owner public key by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/114
    • fix: log and return error on sequence break by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/116
    • fix: use the correct nonce key for nonce7 by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/117
    • fix: make ServiceInfo a Vec<Vec> by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/118
    • feat: use ciborium for serializing by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/120
    • fix: don't wrap EAT payload into a bstr by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/121
    • fix: allow missing messagetype in case of error by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/122
    • fix: use error from for CoseError by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/123
    • feat: implement custom KDF by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/124
    • chore: automatically label possible stability impact by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/78
    • build: perform more effective caching by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/128
    • fix: actually enforce tag on COSESign deserialize by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/119
    • feat: add Ownership Voucher management API by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/107
    • fix(libfdo-data): build with cargo-c by @runcom in https://github.com/fedora-iot/fido-device-onboard-rs/pull/140
    • ci: fix permissions on labeler workflow by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/144
    • build: use standard ubuntu image for CI by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/134
    • fix(libfdo-data): set soname to the shared library by @runcom in https://github.com/fedora-iot/fido-device-onboard-rs/pull/143
    • feat: cancel to2 if to1d was invalid by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/145
    • [data-formats/ownershipvoucher] - Sanitizing manufacturing info by @jnogol in https://github.com/fedora-iot/fido-device-onboard-rs/pull/141
    • feat(store): implement metadata storage by @runcom in https://github.com/fedora-iot/fido-device-onboard-rs/pull/125
    • feat: add serviceinfo api specification draft by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/138
    • feat: create initial documentation framework by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/149
    • ci: require extra review on stability impact by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/150
    • ci: fix mergify config file by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/151
    • feat: default log level to info by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/147
    • feat: Make the Owner Tool dump OV as PEM by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/131
    • fix: ensure cborparser doesn't crash on too little data by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/139
    • feat: perform report to rendezvous periodically by @runcom in https://github.com/fedora-iot/fido-device-onboard-rs/pull/146
    • fix: call async on futures by @runcom in https://github.com/fedora-iot/fido-device-onboard-rs/pull/154
    • build: add spec to build RPM by @runcom in https://github.com/fedora-iot/fido-device-onboard-rs/pull/70
    • fix: add missing build dep and fix owner-tool location by @runcom in https://github.com/fedora-iot/fido-device-onboard-rs/pull/156
    • fix(spec): use forgesource by @runcom in https://github.com/fedora-iot/fido-device-onboard-rs/pull/157
    • fix(spec): use forgesetup by @runcom in https://github.com/fedora-iot/fido-device-onboard-rs/pull/158
    • fix(serviceinfo): install ssh key with correct ownership by @runcom in https://github.com/fedora-iot/fido-device-onboard-rs/pull/159
    • feat: switch back to openssl-kdf by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/160
    • fix(spec): build with version if commit undefined by @runcom in https://github.com/fedora-iot/fido-device-onboard-rs/pull/162
    • fix: check paths in configs are absolute by @runcom in https://github.com/fedora-iot/fido-device-onboard-rs/pull/165
    • chore: add commitlint configuration by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/167
    • Implement parsing multiple Ownership Vouchers, and add libfdo-data-go by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/166
    • feat: move from chrono to time by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/176
    • Remove todos, limit panics, and check for them by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/174
    • ci: fix dependabot check by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/179
    • chore: update ciborium requirement from 0.1.0 to 0.2.0 by @dependabot in https://github.com/fedora-iot/fido-device-onboard-rs/pull/163
    • feat: add non-interoperable KDF by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/169
    • feat: bump to v0.2.0 by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/180
    • Add --version flag by @puiterwijk in https://github.com/fedora-iot/fido-device-onboard-rs/pull/181

    Full Changelog: https://github.com/fedora-iot/fido-device-onboard-rs/compare/v0.1.0...v0.2.0

    Source code(tar.gz)
    Source code(zip)
  • v0.1.0(Nov 4, 2021)

Owner
Fedora IoT
Fedora IoT
ULE - Rust-based minecraft server core

ULE - Minecraft's server core written in Rust This's server core fully written i

null 11 Jul 16, 2022
Package raw enables reading and writing data at the device driver level for a network interface. MIT Licensed.

raw Package raw enables reading and writing data at the device driver level for a network interface. MIT Licensed. For more information about using ra

Matt Layher 423 Jul 27, 2022
Deskreen turns any device with a web browser into a secondary screen for your computer

Deskreen Website: https://deskreen.com ▶️ Deskreen Youtube channel (video tutorials, demos, use cases for Deskreen day to day usage) Deskreen turns an

Paul Pavlo Buidenkov 13.3k Aug 18, 2022
Optimize Windows's network/NIC driver settings for NewTek's NDI(Network-Device-Interface).

windows-ndi-optimizer[WIP] Optimize Windows's network/NIC driver settings for NewTek's NDI(Network-Device-Interface). How it works This is batchfile d

Nil Hiiragi 3 Apr 15, 2022
Go wrapper around Device Console Windows tool.

go-devcon Go wrapper around the Windows Device Console (devcon.exe). go install github.com/mikerourke/go-devcon Introduction Here's a brief overview

Mike Rourke 0 Nov 4, 2021
IRC bot for launch ddos attack, Mainly of scan target are IoT device that run linux and open default SSH port

IRC bot for launch ddos attack, Mainly of scan target are IoT device that run linux and open default SSH port

R4bin 3 Nov 10, 2021
Nomad plugin for reserving device mappings used by ebs devices.

Nomad Skeleton Device Plugin Skeleton project for Nomad device plugins. This project is intended for bootstrapping development of a new device plugin.

Turbine Inc. 0 Jan 5, 2022
A Socket.IO backend implementation written in Go

go-socket.io The socketio package is a simple abstraction layer for different web browser- supported transport mechanisms. It is fully compatible with

Jukka-Pekka Kekkonen 406 Jul 23, 2022
A Windows named pipe implementation written in pure Go.

npipe Package npipe provides a pure Go wrapper around Windows named pipes. Windows named pipe documentation: http://msdn.microsoft.com/en-us/library/w

Nate Finch 250 Aug 3, 2022
An open source Pusher server implementation compatible with Pusher client libraries written in Go

Try browsing the code on Sourcegraph! IPÊ An open source Pusher server implementation compatible with Pusher client libraries written in Go. Why I wro

Hava 0 Oct 15, 2021
Anniv implementation written in go

anniv-go anniv-go is a anniv implementation written in go. Still working in progress. Features Basic information User system Playlists Token managemen

Project Anni 1 Jun 14, 2022
An implementation of the Nano protocol written from scratch in Go (golang).

Go Nano An implementation of the Nano protocol written from scratch in Go (golang). About the Project A crypto currency has to be resilient to survive

Shania 0 Dec 28, 2021
A go implementation of the STUN client (RFC 3489 and RFC 5389)

go-stun go-stun is a STUN (RFC 3489, 5389) client implementation in golang (a.k.a. UDP hole punching). RFC 3489: STUN - Simple Traversal of User Datag

Cong Ding 511 Aug 12, 2022
A QUIC implementation in pure go

A QUIC implementation in pure Go quic-go is an implementation of the QUIC protocol in Go. It implements the IETF QUIC draft-29 and draft-32. Version c

Lucas Clemente 7.1k Aug 13, 2022
Fast RFC 5389 STUN implementation in go

STUN Package stun implements Session Traversal Utilities for NAT (STUN) [RFC5389] protocol and client with no external dependencies and zero allocatio

null 488 Aug 15, 2022
Pure Go implementation of the WebRTC API

Pion WebRTC A pure Go implementation of the WebRTC API New Release Pion WebRTC v3.0.0 has been released! See the release notes to learn about new feat

Pion 9.7k Aug 14, 2022
A LWM2M Client and Server implementation (For Go/Golang)

Betwixt - A LWM2M Client and Server in Go Betwixt is a Lightweight M2M implementation written in Go OMA Lightweight M2M is a protocol from the Open Mo

Zubair Hamed 54 May 28, 2022
An Etsy StatsD (https://github.com/etsy/statsd) implementation in Go

STATSD-GO Port of Etsy's statsd, written in Go. This was forked from https://github.com/amir/gographite to provide Ganglia submission support. USAGE U

Jeff Buchbinder 45 Mar 5, 2021
Implementation of the FTPS protocol for Golang.

FTPS Implementation for Go Information This implementation does not implement the full FTP/FTPS specification. Only a small subset. I have not done a

Marco Beierer 27 Mar 14, 2022