Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add init-time configuration options #344

Closed
daringer opened this issue Sep 19, 2023 · 0 comments · Fixed by #337
Closed

Add init-time configuration options #344

daringer opened this issue Sep 19, 2023 · 0 comments · Fixed by #337

Comments

@daringer
Copy link
Collaborator

The firmware should allow some configuration during boot-up (init-time). There is need for the firmware functionality and the accompanied admin-app functionality to actually allow a client to set those configurations.

The aim here is to implement a very basic functionality, no authentication for setting this options shall be implemented for now.
@daringer daringer linked a pull request Sep 19, 2023 that will close this issue
Add basic config mechanism for fido2 #337
Merged
1 task
robin-nitrokey added a commit that referenced this issue Sep 27, 2023
@robin-nitrokey
Add basic config mechanism for fido2
b97d4cc 
This patch adds a basic config mechanism using the admin app.  The
configuration is loaded and applied during initialization.  The admin
app now has a special role, is constructed first and can no longer be
disabled.  Other applications can receive a reference to the
configuration loaded by the admin app.

To avoid overwriting configuration values for apps that are not enabled
in the current firmware, the components of the Config struct are not
feature-gated.  It could be simplified by using a derive macro but that
seems overcomplicated for a first implementation.

The first use case for the config mechanism is enabling or disabling
skipping the FIDO2 user presence check directly after boot.

Fixes: #344
robin-nitrokey added a commit that referenced this issue Sep 27, 2023
@robin-nitrokey
Add basic config mechanism for fido2
e88a3d7 
This patch adds a basic config mechanism using the admin app.  The
configuration is loaded and applied during initialization.  The admin
app now has a special role, is constructed first and can no longer be
disabled.  Other applications can receive a reference to the
configuration loaded by the admin app.

To avoid overwriting configuration values for apps that are not enabled
in the current firmware, the components of the Config struct are not
feature-gated.  It could be simplified by using a derive macro but that
seems overcomplicated for a first implementation.

The first use case for the config mechanism is enabling or disabling
skipping the FIDO2 user presence check directly after boot.

Fixes: #344
robin-nitrokey added a commit that referenced this issue Sep 27, 2023
@robin-nitrokey
Add basic config mechanism for fido2
47ba14c 
This patch adds a basic config mechanism using the admin app.  The
configuration is loaded and applied during initialization.  The admin
app now has a special role, is constructed first and can no longer be
disabled.  Other applications can receive a reference to the
configuration loaded by the admin app.

To avoid overwriting configuration values for apps that are not enabled
in the current firmware, the components of the Config struct are not
feature-gated.  It could be simplified by using a derive macro but that
seems overcomplicated for a first implementation.

The first use case for the config mechanism is enabling or disabling
skipping the FIDO2 user presence check directly after boot.

Fixes: #344
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add basic config mechanism for fido2 Nitrokey/nitrokey-3-firmware
1 participant
@daringer