mortenVChristiansen
/
k_card
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
k_card/k_phone/lib
History
Morten V. Christiansen 4b719a0846 Switch token binding from per-request URL+method to domain-level host+nonce 
Challenge is now SHA256(host|nonce) instead of SHA256(url|method|nonce).
A single card interaction authorises access to any path and method on the
gated domain, which is the intended granularity. Tests updated accordingly:
path/method rejection cases replaced with domain-level and tampered-host cases.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 		2026-05-09 23:52:48 +02:00
..
ctaphid_channel.dart Phase 9: add Component 1 (filter_proxy), tests, session gate, doc update 2026-05-02 20:10:54 +02:00
enrollment_db.dart Phase 9: add Component 1 (filter_proxy), tests, session gate, doc update 2026-05-02 20:10:54 +02:00
fido2_ops.dart Implement per-request FIDO2 token binding across all components 2026-05-08 12:01:23 +02:00
filter_proxy.dart Switch token binding from per-request URL+method to domain-level host+nonce 2026-05-09 23:52:48 +02:00
main.dart Phase 9: add Component 1 (filter_proxy), tests, session gate, doc update 2026-05-02 20:10:54 +02:00
portal_html.dart Refactor k_phone (v2) and add component3 Go binary 2026-05-05 21:04:19 +02:00
proxy_service.dart Switch token binding from per-request URL+method to domain-level host+nonce 2026-05-09 23:52:48 +02:00
session_manager.dart Refactor k_phone (v2) and add component3 Go binary 2026-05-05 21:04:19 +02:00