fdo-rs / fido-device-onboard-rs

An implementation of the FIDO Device Onboard (FDO) spec written in Rust.
BSD 3-Clause "New" or "Revised" License
62 stars 34 forks source link

Support Parsec for Owner Tool interactions #127

Open puiterwijk opened 2 years ago

puiterwijk commented 2 years ago

At this moment, the owner tool only uses keys (in der format) on the file system. We should also add support for Parsec stored keys, so we can actually use keys that are for example in secure storage.

puiterwijk commented 2 years ago

This depends on https://github.com/awslabs/aws-nitro-enclaves-cose/issues/35

ionut-arm commented 2 years ago

Hey! I had a question regarding the integration testing for FDO tools, and how this might affect the Parsec story: are you testing (or planning on testing) these implementations on some representative boards? As we're trying to figure out how the integration works, it would be good to have a board to demo it on.

Also, since at the moment key support relies on TPM backing and/or on storing keys on disk, has there been any pull to expand the list of supported hardware backends?