Reduce credential ID size #29
Assignees
Comments
robin-nitrokey
added a commit
to robin-nitrokey/fido-authenticator
that referenced
this issue
Jul 10, 2023
This patch implements the following changes to reduce the ID length for new credentials: - Rename the old Credential type to FullCredential and introduce a StrippedCredential type and a Credential enum to differentiate between full and reduced credential data. - Flatten the credential data to reduce encoding overhead. - Remove the RP id from the credential data to reduce the total length. - Add a marker field use_short_id to FullCredential so that we don’t change the credential ID for existing RKs. To do: - Add tests for EncryptedSerializedCredential serialized length (should be less than 255). - Add tests for FullCredential serialized length (should fit into one littlefs block). Fixes: Nitrokey#29
robin-nitrokey
added a commit
to robin-nitrokey/fido-authenticator
that referenced
this issue
Jul 10, 2023
This patch implements the following changes to reduce the ID length for new credentials: - Rename the old Credential type to FullCredential and introduce a StrippedCredential type and a Credential enum to differentiate between full and reduced credential data. - Flatten the credential data to reduce encoding overhead. - Remove the RP id from the credential data to reduce the total length. - Add a marker field use_short_id to FullCredential so that we don’t change the credential ID for existing RKs. To do: - Add tests for EncryptedSerializedCredential serialized length (should be less than 255). - Add tests for FullCredential serialized length (should fit into one littlefs block). - Investigate if we can remove more fields from StrippedCredential. Fixes: Nitrokey#29
4 tasks
robin-nitrokey
added a commit
to robin-nitrokey/fido-authenticator
that referenced
this issue
Jul 10, 2023
This patch implements the following changes to reduce the ID length for new credentials: - Rename the old Credential type to FullCredential and introduce a StrippedCredential type and a Credential enum to differentiate between full and reduced credential data. - Flatten the credential data to reduce encoding overhead. - Remove the RP id from the credential data to reduce the total length. - Add a marker field use_short_id to FullCredential so that we don’t change the credential ID for existing RKs. To do: - Add tests for EncryptedSerializedCredential serialized length (should be less than 255). - Add tests for FullCredential serialized length (should fit into one littlefs block). - Investigate if we can remove more fields from StrippedCredential. Fixes: Nitrokey#29
robin-nitrokey
added a commit
to robin-nitrokey/fido-authenticator
that referenced
this issue
Jul 27, 2023
This patch implements the following changes to reduce the ID length for new credentials: - Rename the old Credential type to FullCredential and introduce a StrippedCredential type and a Credential enum to differentiate between full and reduced credential data. - Flatten the credential data to reduce encoding overhead. - Remove the RP id from the credential data to reduce the total length. - Add a marker field use_short_id to FullCredential so that we don’t change the credential ID for existing RKs. To do: - Add tests for EncryptedSerializedCredential serialized length (should be less than 255). - Add tests for FullCredential serialized length (should fit into one littlefs block). - Investigate if we can remove more fields from StrippedCredential. Fixes: Nitrokey#29
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Tracking issue for: trussed-dev#37
The text was updated successfully, but these errors were encountered: