trezor-firmware

arno/trezor-firmware

Fork 0

mirror of https://github.com/trezor/trezor-firmware.git synced 2024-11-15 20:19:23 +00:00

Commit Graph

Author	SHA1	Message	Date
matejcik	b1e4246b46	refactor(core/webauthn): make sure KEY_AGREEMENT_*KEY is generated once per power-up This is what the spec recommends and it has been the case before workflow-restarts, when `apps.webauthn.fido2` was imported exactly once per lifetime. With workflow-restarts, `fido2` is being imported repeatedly and the keys regenerated. This does not seem to be a problem per the spec -- a FIDO workflow will retain the same keys, and non-FIDO workflows can be seen as unplugs/replugs as far as the FIDO functionality is concerned. However, regenerating the keys is slow, which is a problem for the hardware-based unit tests. We can avoid the slowness by returning to the spec-mandated behavior and generating once per power-up.	2021-05-06 13:14:21 +02:00

Author

SHA1

Message

Date

matejcik

b1e4246b46

refactor(core/webauthn): make sure KEY_AGREEMENT_*KEY is generated once per power-up

This is what the spec recommends and it has been the case before
workflow-restarts, when `apps.webauthn.fido2` was imported exactly once
per lifetime.

With workflow-restarts, `fido2` is being imported repeatedly and the
keys regenerated. This does not seem to be a problem per the spec -- a
FIDO workflow will retain the same keys, and non-FIDO workflows can be
seen as unplugs/replugs as far as the FIDO functionality is concerned.

However, regenerating the keys is slow, which is a problem for the
hardware-based unit tests. We can avoid the slowness by returning to the
spec-mandated behavior and generating once per power-up.

2021-05-06 13:14:21 +02:00

1 Commits