From 35c40985dd5027c3c2b3e954b01b365cc73f07de Mon Sep 17 00:00:00 2001 From: "Morten V. Christiansen" Date: Mon, 27 Apr 2026 16:32:09 +0200 Subject: [PATCH] Update Setup.md and Workplan.md for 2026-04-27 emulator session MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Records CardEmulator addition, the two fido2-direct id=/raw_id= bug fixes, and the expanded test count (100 → 122). Marks project status unchanged: Phases 7 and 9 remain externally gated. Co-Authored-By: Claude Sonnet 4.6 --- Setup.md | 20 ++++++++++++++++++++ Workplan.md | 9 ++++++++- 2 files changed, 28 insertions(+), 1 deletion(-) diff --git a/Setup.md b/Setup.md index bd60b21..057b019 100644 --- a/Setup.md +++ b/Setup.md @@ -648,6 +648,26 @@ Session note (2026-04-26, markdown maintenance re-scan): - direct FIDO2 enrollment/login support exists in code and is documented as an optional follow-up path, not the default deployed runtime - the main unresolved engineering limit is still the higher-fan-out Qubes forwarding ceiling on the browser-facing path, not basic chain bring-up +Session note (2026-04-27, card emulator and bug fixes): +- Added software emulator of the ChromeCard FIDO2 authenticator: + - `/home/user/chromecard/tests/card_emulator.py` + - implements `make_credential` and `get_assertion` with real P-256 cryptography + - in-memory credential store keyed by credential ID (matching firmware layout) + - auth_data byte layout and COSE key encoding mirror `fido_make_cred.c` / `fido_get_assertion.c` exactly + - `user_confirms=True/False` parameter simulates the card's Yes/No confirmation dialog + - `refusing()` method returns a wrapper that forces `user_confirms=False` for integration test paths + - `forget_user(username)` simulates card-side credential removal + - module docstring is the usage guide +- Fixed two bugs in `k_proxy_app.py` that were silently breaking fido2-direct mode: + - `RegistrationResponse(id=..., ...)` → `RegistrationResponse(raw_id=..., ...)` (fido2 2.2.0 API) + - `AuthenticationResponse(id=..., ...)` → `AuthenticationResponse(raw_id=..., ...)` (same) + - both calls raised `TypeError` at runtime, caught by the surrounding `except`, so register and + authenticate in fido2-direct mode always returned failure without any visible error +- Extended test suite: 22 new tests across `TestCardEmulatorUnit` and `TestCardEmulatorIntegration` + - covers: register, authenticate, user-says-no (register and auth), forget, two-user isolation, + sign-count monotonicity, wrong RP rejection, empty allow-list rejection + - total test count is now 122, all passing locally without card or VMs + ## Known FIDO2 Transport Boundary - FIDO2 on this firmware is handled via USB HID (CTAPHID), not Wi-Fi/BLE/MQTT. diff --git a/Workplan.md b/Workplan.md index ea39e52..089df63 100644 --- a/Workplan.md +++ b/Workplan.md @@ -553,8 +553,15 @@ Status (2026-04-27): - fido2-direct mode confirmed working end-to-end with real card via browser on k_client. - Full register → login → counter → logout flow verified with physical card button presses. - Bug fixed: ClientState.enroll() now calls /session/logout on k_proxy before re-enrolling. -- 100-test unit suite added for k_proxy (tests/test_k_proxy.py); runs locally without card or VMs. - All three service files refactored and re-deployed. +- Added CardEmulator: software emulator of the ChromeCard FIDO2 authenticator for use in tests. + - real P-256 crypto; auth_data layout mirrors firmware exactly + - user_confirms=True/False simulates card Yes/No; refusing() wrapper for integration test paths + - forget_user() simulates card-side key removal + - module docstring in tests/card_emulator.py is the usage guide +- Fixed two silent fido2-direct bugs: RegistrationResponse and AuthenticationResponse were both + constructed with id= instead of raw_id=; all direct-mode register/authenticate calls were failing. +- Test suite now at 122 tests (was 100), all passing locally without card or VMs. Phase status (2026-04-27): - Phase 6.5 (concurrency): deferred. Ceiling (~10 in-flight) is acceptable until multi-card use cases arrive.