FIDO testers wanted

A small update has been released, which fixes some edge-cases in regards to very large credentials.

The applet now properly reports once the chip runs out of persistent memory to store resident credentials, but keeps on working for server-type credentials which don’t require persistent memory.

image

Persistent memory is now only ever allocated once for any credential if and only if it is required (i.e. to store a resident credential), all other (server-type / non-resident) credentials are handled completely in RAM. RAM is statically allocated, which means the applet never uses more than the ~2kB of RAM it initially allocates at installation. Memory and RAM usage is subject to future optimization.

Please report any issues you find, and feel free to test! (You have to re-install the applet via Fidesmo, which will delete your keys). This update is a small once and probably won’t add anything to your usage if you already use the FIDO2 applet, so feel free to skip it. This update is really just something to comply with the spec and get closer to certification.

The CTAP-Bridge (GitHub - StarGate01/CTAP-bridge: FIDO2 PC/SC CTAPHID Bridge) and the FIDO2 docs (https://github.com/DangerousThings/flexsecure-applets/blob/master/docs/applets/6-fido2.md) have also received small updates.

1 Like