Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Move out check credProtectPolicy logic #516

Merged
merged 4 commits into from
Jul 23, 2022
Merged

Move out check credProtectPolicy logic #516

merged 4 commits into from
Jul 23, 2022

Conversation

hcyang-google
Copy link
Collaborator

Move the credProtectPolicy check outside credential ID decryption &
discoverable credential finding. Modify the unit tests, and add unit
tests for credProtectPolicy checking in non resident flows that were
originally missing.

This should have no behavioral differences.

@hcyang-google
Move out check credProtectPolicy logic
148410c 
Move the credProtectPolicy check outside credential ID decryption &
discoverable credential finding. Modify the unit tests, and add unit
tests for credProtectPolicy checking in non resident flows that were
originally missing.
ia0
ia0 reviewed Jul 21, 2022
View reviewed changes
Copy link
Member

@ia0 ia0 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

code-wise LGTM

src/ctap/credential_id.rs Outdated Show resolved Hide resolved
@coveralls
Copy link

coveralls commented Jul 22, 2022
edited

Coverage Status

Coverage decreased (-0.4%) to 88.07% when pulling 88b8a32 on hcyang-google:cred_protect into 9bb1a2f on google:develop.

@hcyang-google
Copy link
Collaborator Author

I think coverage decreased because the amount of covered code paths along with total code paths decreased. The introduced code paths in this PR should be covered well, and the only deleted unit test corresponds to a deleted path.

kaczmarczyck
kaczmarczyck reviewed Jul 22, 2022
View reviewed changes
src/ctap/mod.rs Show resolved Hide resolved
src/ctap/mod.rs Outdated Show resolved Hide resolved
@hcyang-google hcyang-google merged commit 8ef813c into google:develop Jul 23, 2022
@hcyang-google hcyang-google deleted the cred_protect branch July 23, 2022 03:10
kaczmarczyck added a commit to kaczmarczyck/OpenSK that referenced this pull request May 9, 2023
@kaczmarczyck
Fixes credProtect checking in CTAP1
c94fbb8 
We accidentally lost this check in google#516. I refactored some of the
filters for better style.

The actual difference in logic is just one line in CTAP1 authenticate,
everything else is style, a test and the order in which we convert and
filter the credentials:

```
let credential_source = filter_listed_credential(credential_source, false)
            .ok_or(Ctap1StatusCode::SW_WRONG_DATA)?;
```
@kaczmarczyck kaczmarczyck mentioned this pull request May 9, 2023
Merged
kaczmarczyck added a commit that referenced this pull request May 9, 2023
@kaczmarczyck
Fixes credProtect checking in CTAP1 (#629)
fbf07d7 
We accidentally lost this check in #516. I refactored some of the
filters for better style.

The actual difference in logic is just one line in CTAP1 authenticate,
everything else is style, a test and the order in which we convert and
filter the credentials:

```
let credential_source = filter_listed_credential(credential_source, false)
            .ok_or(Ctap1StatusCode::SW_WRONG_DATA)?;
```
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ia0 ia0 ia0 left review comments

@kaczmarczyck kaczmarczyck kaczmarczyck approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@hcyang-google @coveralls @ia0 @kaczmarczyck