shimun/ctap
1
0
Fork 0
Code Issues Pull Requests 1 Releases Wiki Activity

added feature assert_devices

Browse Source
This commit is contained in:
shimun
2020-03-31 19:06:53 +02:00
parent d4c9dd913f
commit 501b28e0d9
5 changed files with 94 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
src/lib.rs
View File

@@ -61,6 +61,7 @@ pub mod extensions;
mod hid_common;
mod hid_linux;
mod packet;
mod util;
use std::cmp;
use std::fs;
@@ -68,11 +69,11 @@ use std::io::{Cursor, Write};
use std::u16;
use std::u8;
pub use self::cbor::AuthenticatorOptions;
use self::cbor::PublicKeyCredentialDescriptor;
use self::cbor::{AuthenticatorOptions, PublicKeyCredentialDescriptor};
pub use self::error::*;
use self::hid_linux as hid;
use self::packet::CtapCommand;
pub use self::util::*;
use crate::cbor::{AuthenticatorData, GetAssertionRequest};
use failure::{Fail, ResultExt};
use num_traits::FromPrimitive;
@@ -97,7 +98,6 @@ pub struct FidoCredential {
/// The public key provided by the authenticator, in uncompressed form.
pub public_key: Option<Vec<u8>>,
}
/// An opened FIDO authenticator.
pub struct FidoDevice {
device: fs::File,
@@ -517,23 +517,23 @@ impl FidoDevice {
credential
.and_then(|cred| {
cred.public_key
if cred
.public_key
.as_ref()
.map(|public_key| {
Some(crypto::verify_signature(
crypto::verify_signature(
&public_key,
&assertion.client_data_hash,
&response.auth_data_bytes,
&response.signature,
))
.unwrap_or(true)
)
})
.iter()
.filter_map(|valid| match valid {
true => Some(cred),
false => None,
})
.next()
.unwrap_or(true)
{
Some(cred)
} else {
None
}
})
.ok_or(FidoError::from(FidoErrorKind::VerifySignature))
.map(|cred| (cred, response.auth_data))