shimun/ctap
1
0
Fork 0
Code Issues Pull Requests 1 Releases Wiki Activity

Compare commits

merge into: shimun:ctap_hmac
Branches Tags
shimun:master shimun:tolerate_unknown shimun:serde_cbor shimun:2.1 shimun:instant_timeout shimun:assert_multiple shimun:ctap_hmac shimun:builder shimun:assert_mul shimun:hmac_ext
shimun:0.4.1 shimun:0.4.0 shimun:0.3.0
...
pull from: shimun:2.1
Branches Tags
shimun:master shimun:tolerate_unknown shimun:serde_cbor shimun:2.1 shimun:instant_timeout shimun:assert_multiple shimun:ctap_hmac shimun:builder shimun:assert_mul shimun:hmac_ext
shimun:0.4.1 shimun:0.4.0 shimun:0.3.0

8 Commits
ctap_hmac ... 2.1

Author SHA1 Message Date
shimun
03d55f3ebd init shared_secret on demand 2020-04-13 20:01:09 +02:00
shimun
e86953077b deprecate HmacExtension 2020-04-13 16:50:54 +02:00
shimun
5da5ac54f0 revamp extensions 2020-04-13 16:42:45 +02:00
shimun
bb202c8a54 implement fido 2.1 2020-04-10 20:55:53 +02:00
shimun
80c175077f fix timeout = None causing an instant timeout err 2020-04-05 22:42:29 +02:00
shimun
addc251418 added readme 2020-04-05 19:27:02 +02:00
shimun
a00f8fbe3b added timeout option 2020-04-05 19:26:52 +02:00
shimun
cc48719cfa support sending requests to multiple devices 2020-04-03 23:05:38 +02:00
12 changed files with 566 additions and 148 deletions
Expand all files Collapse all files

9
Cargo.toml
View File

@@ -1,12 +1,13 @@
[package] [package]
name = "ctap_hmac" name = "ctap_hmac"
description = "A Rust implementation of the FIDO2 CTAP protocol, including the HMAC extension" description = "A Rust implementation of the FIDO2 CTAP protocol, including the HMAC extension"
version = "0.3.0" version = "0.4.2"
license = "Apache-2.0/MIT" license = "Apache-2.0/MIT"
homepage = "https://github.com/ArdaXi/ctap/pull/2" homepage = "https://github.com/shimunn/ctap"
repository = "https://github.com/shimunn/ctap" repository = "https://github.com/shimunn/ctap"
authors = ["Arda Xi <arda@ardaxi.com>", "shimun <shimun@shimun.net>"] authors = ["Arda Xi <arda@ardaxi.com>", "shimun <shimun@shimun.net>"]
edition = "2018" edition = "2018"
readme = "README.md"
[dependencies] [dependencies]
rand = "0.6" rand = "0.6"
@@ -21,6 +22,10 @@ untrusted = "0.6"
rust-crypto = "0.2" rust-crypto = "0.2"
csv-core = "0.1.6" csv-core = "0.1.6"
derive_builder = "0.9.0" derive_builder = "0.9.0"
crossbeam = { version = "0.7.3", optional = true }
[dev-dependencies] [dev-dependencies]
crossbeam = "0.7.3" crossbeam = "0.7.3"
hex = "0.4.0" hex = "0.4.0"
[features]
request_multiple = ["crossbeam"]

40
examples/hmac.rs
View File

@@ -2,8 +2,8 @@ extern crate ctap_hmac as ctap;
use crypto::digest::Digest; use crypto::digest::Digest;
use crypto::sha2::Sha256; use crypto::sha2::Sha256;
use ctap::extensions::hmac::HmacExtension; use ctap::extensions::{self, FidoExtensionResponseParserExt};
use ctap::{FidoCredential, FidoCredentialRequestBuilder, AuthenticatorOptions}; use ctap::{FidoAssertionRequestBuilder, FidoCredential, FidoCredentialRequestBuilder};
use hex; use hex;
use std::env::args; use std::env::args;
use std::io::prelude::*; use std::io::prelude::*;
@@ -16,24 +16,37 @@ fn main() -> ctap::FidoResult<()> {
let mut devices = ctap::get_devices()?; let mut devices = ctap::get_devices()?;
let device_info = &mut devices.next().expect("No authenticator found"); let device_info = &mut devices.next().expect("No authenticator found");
let mut device = ctap::FidoDevice::new(device_info)?; let mut device = ctap::FidoDevice::new(device_info)?;
let credential = match args().nth(1).map(|h| FidoCredential {
let mut credential = match args().skip(1).next().map(|h| FidoCredential {
id: hex::decode(&h).expect("Invalid credential"), id: hex::decode(&h).expect("Invalid credential"),
public_key: None, public_key: None,
}) { }) {
Some(cred) => cred, Some(cred) => cred,
_ => { _ => {
let req = FidoCredentialRequestBuilder::default().rp_id(RP_ID).rp_name("ctap_hmac crate").user_name("example").uv(false).build().unwrap(); let mut req = FidoCredentialRequestBuilder::default()
.rp_id(RP_ID)
.rp_name("ctap_hmac crate")
.user_name("example")
.uv(false)
.build()
.unwrap();
assert!(
&device.supports_extension::<extensions::HmacSecret>(),
"Your device does not support the hmac extension"
);
let hmac = extensions::HmacSecret::new();
req.with_extension(&hmac)?;
dbg!(&req);
println!("Authorize using your device"); println!("Authorize using your device");
let cred = device.make_hmac_credential(req).expect("Failed to request credential"); let cred = req
.make_credential(&mut device)
.expect("Failed to request credential");
println!("Credential: {}\nNote: You can pass this credential as first argument in order to reproduce results", hex::encode(&cred.id)); println!("Credential: {}\nNote: You can pass this credential as first argument in order to reproduce results", hex::encode(&cred.id));
cred cred
} }
}; };
let credential = credential;
print!("Type in your message: "); print!("Type in your message: ");
stdout().flush(); stdout().flush().unwrap();
let mut message = String::new(); let mut message = String::new();
stdin() stdin()
.read_line(&mut message) .read_line(&mut message)
@@ -44,7 +57,16 @@ fn main() -> ctap::FidoResult<()> {
let mut digest = Sha256::new(); let mut digest = Sha256::new();
digest.input(&message.as_bytes()); digest.input(&message.as_bytes());
digest.result(&mut salt); digest.result(&mut salt);
let (cred, (hash1, _hash2)) = device.get_hmac_assertion(RP_ID, &[&credential], &salt, None, None)?; let credential = &&credential;
let hmac = extensions::HmacSecret::new().for_device(&mut device, &salt, None)?;
let mut request = FidoAssertionRequestBuilder::default()
.rp_id(RP_ID)
.credential(credential)
.build()
.unwrap();
request.with_extension(&hmac)?;
let (_cred, auth_data) = device.get_assertion(&request)?;
let (hash1, _hash2) = auth_data.parse_extension_data(&hmac)?;
println!("Hash: {}", hex::encode(&hash1)); println!("Hash: {}", hex::encode(&hash1));
Ok(()) Ok(())
} }

75
examples/multiple.rs
View File

@@ -1,55 +1,48 @@
extern crate ctap_hmac as ctap; extern crate ctap_hmac as ctap;
use ctap::{
FidoAssertionRequestBuilder, FidoCredential, FidoCredentialRequestBuilder, FidoDevice,
FidoResult,
};
use crypto::digest::Digest;
use crypto::sha2::Sha256;
use ctap::{FidoCredential, FidoCredentialRequestBuilder, FidoAssertionRequestBuilder, AuthenticatorOptions, FidoDevice, FidoError, FidoResult};
use failure::_core::time::Duration;
use hex; use hex;
use std::env::args; use std::env::args;
use std::io::prelude::*; use std::time::Duration;
use std::io::stdin;
use std::io::stdout;
use std::sync::mpsc::channel;
use std::sync::Mutex;
use crossbeam::thread;
const RP_ID: &str = "ctap_demo"; const RP_ID: &str = "ctap_demo";
fn run() -> ctap::FidoResult<()> { fn main() -> ctap::FidoResult<()> {
let mut credentials = args().skip(1).map(|id| FidoCredential { let mut credentials = args()
.skip(1)
.map(|id| FidoCredential {
id: hex::decode(&id).expect("Invalid credential"), id: hex::decode(&id).expect("Invalid credential"),
public_key: None, public_key: None,
}).collect::<Vec<_>>(); })
.collect::<Vec<_>>();
if credentials.len() == 0 { if credentials.len() == 0 {
credentials = ctap::get_devices()?.map(|h| FidoDevice::new(&h).and_then(|mut dev| FidoCredentialRequestBuilder::default() credentials = ctap::get_devices()?
.rp_id(RP_ID).build().unwrap().make_credential(&mut dev))).collect::<FidoResult<Vec<FidoCredential>>>()?; .map(|h| {
FidoDevice::new(&h).and_then(|mut dev| {
FidoCredentialRequestBuilder::default()
.rp_id(RP_ID)
.build()
.unwrap()
.make_credential(&mut dev)
})
})
.collect::<FidoResult<Vec<FidoCredential>>>()?;
} }
let credentials = credentials.iter().collect::<Vec<_>>(); let credentials = credentials.iter().collect::<Vec<_>>();
let (s, r) = channel(); let req = FidoAssertionRequestBuilder::default()
thread::scope(|scope| { .rp_id(RP_ID)
let handles = ctap::get_devices()?.map(|h| { .credentials(&credentials[..])
let req = FidoAssertionRequestBuilder::default().rp_id(RP_ID).credentials(&credentials[..]).build().unwrap(); .build()
let s = s.clone(); .unwrap();
scope.spawn(move |_| { let mut devices = ctap::get_devices()?
FidoDevice::new(&h).and_then(|mut dev| { .map(|handle| FidoDevice::new(&handle))
req.get_assertion(&mut dev).map(|res| { .collect::<FidoResult<Vec<_>>>()?;
s.send(res.clone()); // run with --features request_multiple
res let (cred, _) =
}) ctap::get_assertion_devices(&req, devices.iter_mut(), Some(Duration::from_secs(10)))?;
}) println!("Success, got assertion for: {}", hex::encode(&cred.id));
})
}).collect::<Vec<_>>();
for h in handles {
h.join();
}
Ok::<(), FidoError>(())
}).unwrap();
for res in r.iter().take(credentials.len()) {
dbg!(res);
}
Ok(()) Ok(())
} }
fn main() {
dbg!(run());
}

41
src/cbor.rs
View File

@@ -274,6 +274,12 @@ pub struct GetInfoResponse {
pub options: OptionsInfo, pub options: OptionsInfo,
pub max_msg_size: u16, pub max_msg_size: u16,
pub pin_protocols: Vec<u8>, pub pin_protocols: Vec<u8>,
pub max_credential_count_in_list: Option<u32>,
pub max_credential_id_len: Option<u32>,
pub transports: Vec<String>,
pub algorithms: Vec<CoseKey>,
pub max_authenticator_config_len: Option<u32>,
pub default_cred_protect: Option<u8>,
} }
impl GetInfoResponse { impl GetInfoResponse {
@@ -282,28 +288,49 @@ impl GetInfoResponse {
if status != 0 { if status != 0 {
Err(FidoErrorKind::CborError(CborErrorCode::from(status)))? Err(FidoErrorKind::CborError(CborErrorCode::from(status)))?
} }
let mut decoder = Decoder::new(Config::default(), reader); let mut generic = GenericDecoder::new(Config::default(), reader);
let mut response = GetInfoResponse::default(); let mut response = GetInfoResponse::default();
for _ in 0..decoder.object()? { for _ in 0..generic.borrow_mut().object()? {
match decoder.u8()? { match generic.borrow_mut().u8()? {
0x01 => { 0x01 => {
let decoder = generic.borrow_mut();
for _ in 0..decoder.array()? { for _ in 0..decoder.array()? {
response.versions.push(decoder.text()?); response.versions.push(decoder.text()?);
} }
} }
0x02 => { 0x02 => {
let decoder = generic.borrow_mut();
for _ in 0..decoder.array()? { for _ in 0..decoder.array()? {
response.extensions.push(decoder.text()?); response.extensions.push(decoder.text()?);
} }
} }
0x03 => response.aaguid.copy_from_slice(&decoder.bytes()?[..]), 0x03 => response
0x04 => response.options = OptionsInfo::decode(&mut decoder)?, .aaguid
0x05 => response.max_msg_size = decoder.u16()?, .copy_from_slice(&generic.borrow_mut().bytes()?[..]),
0x04 => response.options = OptionsInfo::decode(&mut generic.borrow_mut())?,
0x05 => response.max_msg_size = generic.borrow_mut().u16()?,
0x06 => { 0x06 => {
let decoder = generic.borrow_mut();
for _ in 0..decoder.array()? { for _ in 0..decoder.array()? {
response.pin_protocols.push(decoder.u8()?); response.pin_protocols.push(decoder.u8()?);
} }
} }
0x07 => response.max_credential_count_in_list = Some(generic.borrow_mut().u32()?),
0x08 => response.max_credential_id_len = Some(generic.borrow_mut().u32()?),
0x09 => {
let decoder = generic.borrow_mut();
for _ in 0..decoder.array()? {
response.transports.push(decoder.text()?);
}
}
0x0A => {
for _ in 0..generic.borrow_mut().array()? {
response.algorithms.push(CoseKey::decode(&mut generic)?);
}
}
0x0B => response.max_authenticator_config_len = Some(generic.borrow_mut().u32()?),
0x0C => response.default_cred_protect = Some(generic.borrow_mut().u8()?),
_ => continue, _ => continue,
} }
} }
@@ -565,7 +592,7 @@ impl P256Key {
} }
} }
#[derive(Debug, Default)] #[derive(Debug, Default, Clone)]
pub struct CoseKey { pub struct CoseKey {
key_type: u16, key_type: u16,
algorithm: i32, algorithm: i32,

2
src/crypto.rs
View File

@@ -15,7 +15,7 @@ use rust_crypto::buffer::{RefReadBuffer, RefWriteBuffer};
use rust_crypto::symmetriccipher::{Decryptor, Encryptor}; use rust_crypto::symmetriccipher::{Decryptor, Encryptor};
use untrusted::Input; use untrusted::Input;
#[derive(Debug)] #[derive(Debug, Clone)]
pub struct SharedSecret { pub struct SharedSecret {
pub public_key: CoseKey, pub public_key: CoseKey,
pub shared_secret: [u8; 32], pub shared_secret: [u8; 32],

4
src/error.rs
View File

@@ -23,6 +23,8 @@ pub struct CborErrorCode(u8);
pub enum FidoErrorKind { pub enum FidoErrorKind {
#[fail(display = "Read/write error with device.")] #[fail(display = "Read/write error with device.")]
Io, Io,
#[fail(display = "Operation timed out")]
Timeout,
#[fail(display = "Error while reading packet from device.")] #[fail(display = "Error while reading packet from device.")]
ReadPacket, ReadPacket,
#[fail(display = "Error while writing packet to device.")] #[fail(display = "Error while writing packet to device.")]
@@ -45,7 +47,7 @@ pub enum FidoErrorKind {
EncryptPin, EncryptPin,
#[fail(display = "Failed to decrypt PIN.")] #[fail(display = "Failed to decrypt PIN.")]
DecryptPin, DecryptPin,
#[fail(display = "Supplied key has incorrect type.")] #[fail(display = "Failed to verify response signature.")]
VerifySignature, VerifySignature,
#[fail(display = "Failed to verify response signature.")] #[fail(display = "Failed to verify response signature.")]
KeyType, KeyType,

57
src/extensions/cred_protect.rs Normal file
View File

@@ -0,0 +1,57 @@
use crate::extensions::FidoExtension;
use crate::FidoResult;
use crate::{FidoAssertionRequest, FidoCredentialRequest};
use cbor_codec::value::Value;
use num_traits::ToPrimitive;
#[derive(Copy, Clone, Debug, FromPrimitive, ToPrimitive, PartialEq)]
pub enum CredProtectLevel {
UvOptional = 0x01,
UvOptionalWithCredentialIDList = 0x02,
UvRequired = 0x03,
}
impl CredProtectLevel {
fn extension_input(self) -> Value {
Value::U8(self.to_u8().unwrap())
}
}
pub struct CredProtect(Value);
impl CredProtect {
pub fn level(level: CredProtectLevel) -> Self {
Self(level.extension_input())
}
fn extension_name() -> &'static str {
"credProtect"
}
fn extension_input(&self) -> &Value {
&self.0
}
}
impl FidoExtension for CredProtect {
fn extension_name() -> &'static str {
CredProtect::extension_name()
}
fn patch_assertion_request<'a, 'b>(
&'b self,
_request: &mut FidoAssertionRequest<'a, 'b>,
) -> FidoResult<()> {
Ok(())
}
fn patch_credential_request<'a>(
&'a self,
request: &mut FidoCredentialRequest<'a>,
) -> FidoResult<()> {
request
.extension_data
.insert(CredProtect::extension_name(), self.extension_input());
Ok(())
}
}

190
src/extensions/hmac.rs
View File

@@ -1,11 +1,14 @@
use crate::{ use crate::cbor::AuthenticatorData;
AuthenticatorOptions, FidoAssertionRequestBuilder, use crate::crypto::SharedSecret;
FidoCredentialRequest, use crate::extensions::{
FidoExtension, FidoExtensionResponseParser, FidoExtensionResponseParserExt,
}; };
use crate::{FidoAssertionRequest, FidoAssertionRequestBuilder, FidoCredentialRequest};
use crate::{FidoCredential, FidoDevice, FidoErrorKind, FidoResult}; use crate::{FidoCredential, FidoDevice, FidoErrorKind, FidoResult};
use cbor_codec::value::{Bytes, Int, Key, Text, Value}; use cbor_codec::value::{Bytes, Int, Key, Text, Value};
use cbor_codec::Encoder; use cbor_codec::Encoder;
use cbor_codec::{Config, GenericDecoder}; use cbor_codec::{Config, GenericDecoder};
use failure::ResultExt;
use rust_crypto::buffer::{RefReadBuffer, RefWriteBuffer}; use rust_crypto::buffer::{RefReadBuffer, RefWriteBuffer};
use rust_crypto::digest::Digest; use rust_crypto::digest::Digest;
use rust_crypto::hmac::Hmac; use rust_crypto::hmac::Hmac;
@@ -13,8 +16,11 @@ use rust_crypto::mac::Mac;
use rust_crypto::sha2::Sha256; use rust_crypto::sha2::Sha256;
use std::collections::BTreeMap; use std::collections::BTreeMap;
use std::io::Cursor; use std::io::Cursor;
use std::iter::FromIterator;
#[deprecated(
since = "0.4.2",
note = "Please use FidoAssertionRequest::with_extension(HmacSecret) instead"
)]
pub trait HmacExtension { pub trait HmacExtension {
fn extension_name() -> &'static str { fn extension_name() -> &'static str {
"hmac-secret" "hmac-secret"
@@ -40,8 +46,10 @@ pub trait HmacExtension {
/// Convenience function to create an credential which includes extension specific data /// Convenience function to create an credential which includes extension specific data
/// Use `FidoDevice::make_credential` if you need more control /// Use `FidoDevice::make_credential` if you need more control
fn make_hmac_credential(&mut self, request: FidoCredentialRequest) -> FidoResult<FidoCredential>; fn make_hmac_credential(
&mut self,
request: &FidoCredentialRequest,
) -> FidoResult<FidoCredential>;
/// Request an assertion from the authenticator for a given credential and salt(s). /// Request an assertion from the authenticator for a given credential and salt(s).
/// at least one `salt` must be provided, consider using a hashing function like SHA256 /// at least one `salt` must be provided, consider using a hashing function like SHA256
@@ -53,13 +61,11 @@ pub trait HmacExtension {
/// provided, and will fail if a PIN is required but not provided or if the /// provided, and will fail if a PIN is required but not provided or if the
/// device returns malformed data. /// device returns malformed data.
/// ///
fn get_hmac_assertion<'a>( fn get_hmac_assertion<'a: 'b, 'b>(
&mut self, &mut self,
rp_id: &str, assertion: &FidoAssertionRequest<'a, 'b>,
credentials: &'a [&'a FidoCredential],
salt: &[u8; 32], salt: &[u8; 32],
salt2: Option<&[u8; 32]>, salt2: Option<&[u8; 32]>,
options: Option<AuthenticatorOptions>,
) -> FidoResult<(&'a FidoCredential, ([u8; 32], Option<[u8; 32]>))>; ) -> FidoResult<(&'a FidoCredential, ([u8; 32], Option<[u8; 32]>))>;
/// Convenience function for `get_hmac_assertion` that will accept arbitrary /// Convenience function for `get_hmac_assertion` that will accept arbitrary
@@ -75,19 +81,87 @@ pub trait HmacExtension {
digest.input(input); digest.input(input);
digest.result(&mut salt); digest.result(&mut salt);
self.get_hmac_assertion( self.get_hmac_assertion(
rp_id, &FidoAssertionRequestBuilder::default()
&[credential], .rp_id(rp_id)
.credential(&credential)
.build()
.unwrap(),
&salt, &salt,
None, None,
Some(AuthenticatorOptions { uv: true, rk: true, up: false }),
) )
.map(|(_cred, secret)| secret.0) .map(|(_cred, secret)| secret.0)
} }
} }
#[allow(deprecated)]
impl HmacExtension for FidoDevice { impl HmacExtension for FidoDevice {
fn get_data(&mut self, salt: &[u8; 32], salt2: Option<&[u8; 32]>) -> FidoResult<Value> { fn get_data(&mut self, salt: &[u8; 32], salt2: Option<&[u8; 32]>) -> FidoResult<Value> {
let shared_secret = self.shared_secret.as_ref().unwrap(); Ok(HmacSecret::extension_input(self, salt, salt2)?)
}
fn make_hmac_credential(
&mut self,
request: &FidoCredentialRequest,
) -> FidoResult<FidoCredential> {
let mut request = request.clone();
request.rk = true;
request.extension_data.insert(
<Self as HmacExtension>::extension_name(),
<Self as HmacExtension>::extension_input(),
);
self.make_credential(&request)
}
fn get_hmac_assertion<'a: 'b, 'b>(
&mut self,
request: &FidoAssertionRequest<'a, 'b>,
salt: &[u8; 32],
salt2: Option<&[u8; 32]>,
) -> FidoResult<(&'a FidoCredential, ([u8; 32], Option<[u8; 32]>))> {
while self.shared_secret.is_none() {
self.init_shared_secret()?;
}
let mut request = request.clone();
let ext = HmacSecret::new().for_device(self, salt, salt2)?;
request.with_extension(&ext)?;
let (cred, auth_data) = self.get_assertion(&request)?;
let cred = request
.credentials
.iter()
.find(|c| c.id == cred.id)
.unwrap();
Ok((cred, auth_data.parse_extension_data(&ext)?))
}
}
#[derive(Debug, Clone)]
pub enum HmacSecret {
Assertion {
extension_data: Value,
shared_secret: SharedSecret,
salt2: bool,
},
Credential,
}
impl HmacSecret {
pub fn new() -> Self {
Self::Credential
}
fn extension_input(
device: &mut FidoDevice,
salt: &[u8; 32],
salt2: Option<&[u8; 32]>,
) -> FidoResult<Value> {
let shared_secret = loop {
if let Some(ref secret) = device.shared_secret {
break secret;
}
device.init_shared_secret()?;
};
let mut encryptor = shared_secret.encryptor(); let mut encryptor = shared_secret.encryptor();
let mut salt_enc = [0u8; 64]; let mut salt_enc = [0u8; 64];
let mut output = RefWriteBuffer::new(&mut salt_enc); let mut output = RefWriteBuffer::new(&mut salt_enc);
@@ -115,7 +189,7 @@ impl HmacExtension for FidoDevice {
let mut map = BTreeMap::new(); let mut map = BTreeMap::new();
map.insert( map.insert(
Key::Int(Int::from_i64(0x01)), Key::Int(Int::from_i64(0x01)),
key_agreement().map_err(|_| FidoErrorKind::Io)?, key_agreement().context(FidoErrorKind::Io)?,
); );
map.insert( map.insert(
Key::Int(Int::from_i64(0x02)), Key::Int(Int::from_i64(0x02)),
@@ -138,50 +212,67 @@ impl HmacExtension for FidoDevice {
Ok(Value::Map(map)) Ok(Value::Map(map))
} }
fn make_hmac_credential(&mut self, request: FidoCredentialRequest) -> FidoResult<FidoCredential> { pub fn for_device(
let mut request = request;
request.rk = true;
request.extension_data.insert(<Self as HmacExtension>::extension_name(), <Self as HmacExtension>::extension_input());
self.make_credential(&request)
}
fn get_hmac_assertion<'a>(
&mut self, &mut self,
rp_id: &str, device: &mut FidoDevice,
credentials: &'a [&'a FidoCredential],
salt: &[u8; 32], salt: &[u8; 32],
salt2: Option<&[u8; 32]>, salt2: Option<&[u8; 32]>,
options: Option<AuthenticatorOptions>, ) -> FidoResult<Self> {
) -> FidoResult<(&'a FidoCredential, ([u8; 32], Option<[u8; 32]>))> { Ok(Self::Assertion {
while self.shared_secret.is_none() { extension_data: Self::extension_input(device, salt, salt2)?,
self.init_shared_secret()?; shared_secret: device.shared_secret.as_ref().unwrap().clone(),
salt2: salt2.is_some(),
})
} }
let ext_data: Value = self.get_data(salt, salt2)?; }
let ext_data: BTreeMap<&str, &Value> = BTreeMap::from_iter( impl FidoExtension for HmacSecret {
[(<Self as HmacExtension>::extension_name(), &ext_data)] fn extension_name() -> &'static str {
.iter() "hmac-secret"
.cloned(),
);
let mut builder = FidoAssertionRequestBuilder::default()
.credentials(credentials)
.rp_id(rp_id)
.extension_data(ext_data);
if let Some(opts) = options {
builder = builder.uv(opts.uv).up(opts.up);
} }
let (cred, auth_data) = fn patch_assertion_request<'a, 'b>(
self.get_assertion(&builder.build().unwrap())?; &'b self,
let shared_secret = self.shared_secret.as_ref().unwrap(); request: &mut FidoAssertionRequest<'a, 'b>,
) -> FidoResult<()> {
match self {
Self::Assertion { extension_data, .. } => request
.extension_data
.insert(Self::extension_name(), extension_data),
_ => return Err(FidoErrorKind::DeviceUnsupported.into()),
};
Ok(())
}
fn patch_credential_request<'a>(
&'a self,
request: &mut FidoCredentialRequest<'a>,
) -> FidoResult<()> {
request
.extension_data
.insert(Self::extension_name(), &Value::Bool(true));
Ok(())
}
}
impl FidoExtensionResponseParser for HmacSecret {
type Output = ([u8; 32], Option<[u8; 32]>);
fn parse_response(&self, response: &AuthenticatorData) -> FidoResult<Self::Output> {
let (shared_secret, salt2) = match self {
Self::Assertion {
shared_secret,
salt2,
..
} => (shared_secret, salt2),
_ => return Err(FidoErrorKind::DeviceUnsupported.into()),
};
let mut decryptor = shared_secret.decryptor(); let mut decryptor = shared_secret.decryptor();
let mut hmac_secret_combined = [0u8; 64]; let mut hmac_secret_combined = [0u8; 64];
let _output = RefWriteBuffer::new(&mut hmac_secret_combined); let _output = RefWriteBuffer::new(&mut hmac_secret_combined);
let hmac_secret_enc = match auth_data let hmac_secret_enc = match response
.extensions .extensions
.get(<Self as HmacExtension>::extension_name()) .get(Self::extension_name())
.ok_or(FidoErrorKind::CborDecode)? .ok_or(FidoErrorKind::CborDecode)?
{ {
Value::Bytes(hmac_ciphered) => Ok(match hmac_ciphered { Value::Bytes(hmac_ciphered) => Ok(match hmac_ciphered {
@@ -206,7 +297,6 @@ impl HmacExtension for FidoDevice {
let mut hmac_secret_1 = [0u8; 32]; let mut hmac_secret_1 = [0u8; 32];
hmac_secret_0.copy_from_slice(&hmac_secret[0..32]); hmac_secret_0.copy_from_slice(&hmac_secret[0..32]);
hmac_secret_1.copy_from_slice(&hmac_secret[32..]); hmac_secret_1.copy_from_slice(&hmac_secret[32..]);
let cred = credentials.into_iter().find(|c| c.id == cred.id).unwrap(); Ok((hmac_secret_0, Some(hmac_secret_1).filter(|_| *salt2)))
Ok((cred, (hmac_secret_0, salt2.and(Some(hmac_secret_1)))))
} }
} }

34
src/extensions/mod.rs
View File

@@ -1,2 +1,36 @@
pub mod hmac; pub mod hmac;
pub use hmac::*; pub use hmac::*;
mod cred_protect;
use crate::cbor::AuthenticatorData;
use crate::{FidoAssertionRequest, FidoCredentialRequest, FidoResult};
pub use cred_protect::*;
pub trait FidoExtension {
fn extension_name() -> &'static str;
fn patch_assertion_request<'a, 'b>(
&'b self,
request: &mut FidoAssertionRequest<'a, 'b>,
) -> FidoResult<()>;
fn patch_credential_request<'a>(
&'a self,
request: &mut FidoCredentialRequest<'a>,
) -> FidoResult<()>;
}
pub trait FidoExtensionResponseParser {
type Output;
fn parse_response(&self, response: &AuthenticatorData) -> FidoResult<Self::Output>;
}
pub trait FidoExtensionResponseParserExt<Ext: FidoExtensionResponseParser> {
fn parse_extension_data(&self, extension: &Ext) -> FidoResult<Ext::Output>;
}
impl<Ext: FidoExtensionResponseParser> FidoExtensionResponseParserExt<Ext> for AuthenticatorData {
fn parse_extension_data(
&self,
extension: &Ext,
) -> FidoResult<<Ext as FidoExtensionResponseParser>::Output> {
extension.parse_response(self)
}
}

163
src/lib.rs
View File

@@ -61,6 +61,7 @@ pub mod extensions;
mod hid_common; mod hid_common;
mod hid_linux; mod hid_linux;
mod packet; mod packet;
mod util;
use std::cmp; use std::cmp;
use std::fs; use std::fs;
@@ -68,14 +69,14 @@ use std::io::{Cursor, Write};
use std::u16; use std::u16;
use std::u8; use std::u8;
use self::cbor::{ use self::cbor::{AuthenticatorOptions, PublicKeyCredentialDescriptor};
PublicKeyCredentialDescriptor,
};
pub use self::error::*; pub use self::error::*;
pub use self::cbor::AuthenticatorOptions;
use self::hid_linux as hid; use self::hid_linux as hid;
use self::packet::CtapCommand; use self::packet::CtapCommand;
use crate::cbor::{AuthenticatorData, GetAssertionRequest}; pub use self::util::*;
use crate::cbor::{AuthenticatorData, GetAssertionRequest, GetInfoResponse};
use crate::packet::CtapStatus;
use crate::extensions::FidoExtension;
use failure::{Fail, ResultExt}; use failure::{Fail, ResultExt};
use num_traits::FromPrimitive; use num_traits::FromPrimitive;
use rand::prelude::*; use rand::prelude::*;
@@ -99,7 +100,6 @@ pub struct FidoCredential {
/// The public key provided by the authenticator, in uncompressed form. /// The public key provided by the authenticator, in uncompressed form.
pub public_key: Option<Vec<u8>>, pub public_key: Option<Vec<u8>>,
} }
/// An opened FIDO authenticator. /// An opened FIDO authenticator.
pub struct FidoDevice { pub struct FidoDevice {
device: fs::File, device: fs::File,
@@ -109,6 +109,47 @@ pub struct FidoDevice {
shared_secret: Option<crypto::SharedSecret>, shared_secret: Option<crypto::SharedSecret>,
pin_token: Option<crypto::PinToken>, pin_token: Option<crypto::PinToken>,
aaguid: [u8; 16], aaguid: [u8; 16],
info: GetInfoResponse,
}
pub struct FidoCancelHandle {
device: fs::File,
packet_size: u16,
channel_id: [u8; 4],
}
impl FidoCancelHandle {
pub fn cancel(&mut self) -> FidoResult<()> {
let payload = &[];
let to_send = payload.len() as u16;
let max_payload = (self.packet_size - 7) as usize;
let (frame, payload) = payload.split_at(cmp::min(payload.len(), max_payload));
packet::write_init_packet(
&mut self.device,
64,
&self.channel_id,
&CtapCommand::Cancel,
to_send,
frame,
)?;
if payload.is_empty() {
return Ok(());
}
let max_payload = (self.packet_size - 5) as usize;
for (seq, frame) in (0..u8::MAX).zip(payload.chunks(max_payload)) {
packet::write_cont_packet(&mut self.device, 64, &self.channel_id, seq, frame)?;
}
self.device.flush().context(FidoErrorKind::WritePacket)?;
Ok(())
}
pub fn cancel_after<T>(&mut self, body: impl Fn(()) -> T) -> FidoResult<T> {
let res = body(());
match self.cancel() {
Ok(_) => Ok(res),
Err(e) => Err(e),
}
}
} }
/// Request a new credential from the authenticator. The `rp_id` should be /// Request a new credential from the authenticator. The `rp_id` should be
@@ -166,6 +207,10 @@ impl<'a> FidoCredentialRequest<'a> {
pub fn make_credential(&self, device: &mut FidoDevice) -> FidoResult<FidoCredential> { pub fn make_credential(&self, device: &mut FidoDevice) -> FidoResult<FidoCredential> {
device.make_credential(&self) device.make_credential(&self)
} }
pub fn with_extension<Ext: FidoExtension>(&mut self, extension: &'a Ext) -> FidoResult<()> {
extension.patch_credential_request(self)
}
} }
/// Request an assertion from the authenticator for a given credential. /// Request an assertion from the authenticator for a given credential.
@@ -179,7 +224,7 @@ impl<'a> FidoCredentialRequest<'a> {
#[derive(Clone, Debug, Builder)] #[derive(Clone, Debug, Builder)]
#[builder(setter(into))] #[builder(setter(into))]
#[builder(pattern = "owned")] #[builder(pattern = "owned")]
pub struct FidoAssertionRequest<'a> { pub struct FidoAssertionRequest<'a, 'b> {
#[builder(default)] #[builder(default)]
up: bool, up: bool,
#[builder(default)] #[builder(default)]
@@ -194,21 +239,20 @@ pub struct FidoAssertionRequest<'a> {
#[builder(default = "&[0u8; 32]")] #[builder(default = "&[0u8; 32]")]
client_data_hash: &'a [u8], client_data_hash: &'a [u8],
#[builder(default)] #[builder(default)]
extension_data: BTreeMap<&'a str, &'a cbor_codec::value::Value>, extension_data: BTreeMap<&'b str, &'b cbor_codec::value::Value>,
} }
impl<'a> FidoAssertionRequest<'a> { impl<'a, 'b> FidoAssertionRequest<'a, 'b> {
pub fn get_assertion( pub fn get_assertion(&self, device: &mut FidoDevice) -> FidoResult<&'a FidoCredential> {
&self, device.get_assertion(self).map(|res| res.0)
device: &mut FidoDevice, }
) -> FidoResult<&'a FidoCredential> {
device pub fn with_extension<Ext: FidoExtension>(&mut self, extension: &'b Ext) -> FidoResult<()> {
.get_assertion(self) extension.patch_assertion_request(self)
.map(|res| res.0)
} }
} }
impl<'a> FidoAssertionRequestBuilder<'a> { impl<'a, 'b> FidoAssertionRequestBuilder<'a, 'b> {
pub fn credential(mut self, credential: &'a &'a FidoCredential) -> Self { pub fn credential(mut self, credential: &'a &'a FidoCredential) -> Self {
self.credentials = Some(std::slice::from_ref(credential)); self.credentials = Some(std::slice::from_ref(credential));
self self
@@ -233,6 +277,7 @@ impl FidoDevice {
shared_secret: None, shared_secret: None,
pin_token: None, pin_token: None,
aaguid: [0; 16], aaguid: [0; 16],
info: GetInfoResponse::default(),
}; };
dev.init()?; dev.init()?;
Ok(dev) Ok(dev)
@@ -267,6 +312,7 @@ impl FidoDevice {
} }
self.needs_pin = response.options.client_pin == Some(true); self.needs_pin = response.options.client_pin == Some(true);
self.aaguid = response.aaguid; self.aaguid = response.aaguid;
self.info = response;
Ok(()) Ok(())
} }
@@ -324,10 +370,25 @@ impl FidoDevice {
} }
} }
pub fn cancel_handle(&mut self) -> FidoResult<FidoCancelHandle> {
Ok(self
.device
.try_clone()
.map(|device| FidoCancelHandle {
device,
packet_size: self.packet_size,
channel_id: self.channel_id,
})
.context(FidoErrorKind::Io)?)
}
pub fn supports_extension<Ext: FidoExtension>(&self) -> bool {
self.info.extensions.iter().any(|ext| ext == Ext::extension_name())
}
pub fn make_credential( pub fn make_credential(
&mut self, &mut self,
request: &FidoCredentialRequest<'_> request: &FidoCredentialRequest<'_>,
) -> FidoResult<FidoCredential> { ) -> FidoResult<FidoCredential> {
let rp = cbor::PublicKeyCredentialRpEntity { let rp = cbor::PublicKeyCredentialRpEntity {
id: request.rp_id, id: request.rp_id,
@@ -343,7 +404,8 @@ impl FidoDevice {
let options = Some(AuthenticatorOptions { let options = Some(AuthenticatorOptions {
up: false, up: false,
uv: request.uv, rk: request.rk uv: request.uv,
rk: request.rk,
}); });
if self.needs_pin && self.pin_token.is_none() { if self.needs_pin && self.pin_token.is_none() {
Err(FidoErrorKind::PinRequired)? Err(FidoErrorKind::PinRequired)?
@@ -364,13 +426,17 @@ impl FidoDevice {
rp, rp,
user, user,
pub_key_cred_params: &pub_key_cred_params, pub_key_cred_params: &pub_key_cred_params,
exclude_list: &request.exclude_list.iter() exclude_list: &request
.exclude_list
.iter()
.map(|cred| PublicKeyCredentialDescriptor { .map(|cred| PublicKeyCredentialDescriptor {
cred_type: "public-key".into(), cred_type: "public-key".into(),
id: cred.id.clone(), id: cred.id.clone(),
}) })
.collect::<Vec<_>>()[..], .collect::<Vec<_>>()[..],
extensions: &request.extension_data.iter() extensions: &request
.extension_data
.iter()
.map(|(name, data)| (*name, *data)) .map(|(name, data)| (*name, *data))
.collect::<Vec<_>>()[..], .collect::<Vec<_>>()[..],
options, options,
@@ -408,11 +474,9 @@ impl FidoDevice {
/// ///
/// This method will fail if a PIN is required but the device is not /// This method will fail if a PIN is required but the device is not
/// unlocked or if the device returns malformed data. /// unlocked or if the device returns malformed data.
pub fn get_assertion<'a, 'b>(
pub fn get_assertion<'a>(
&mut self, &mut self,
assertion: &FidoAssertionRequest<'a>, assertion: &FidoAssertionRequest<'a, 'b>,
) -> FidoResult<(&'a FidoCredential, AuthenticatorData)> { ) -> FidoResult<(&'a FidoCredential, AuthenticatorData)> {
while self.shared_secret.is_none() { while self.shared_secret.is_none() {
self.init_shared_secret()?; self.init_shared_secret()?;
@@ -446,7 +510,7 @@ impl FidoDevice {
options: Some(AuthenticatorOptions { options: Some(AuthenticatorOptions {
rk: assertion.rk, rk: assertion.rk,
uv: assertion.uv, uv: assertion.uv,
up: assertion.up up: assertion.up,
}), }),
pin_auth: pin_auth, pin_auth: pin_auth,
pin_protocol: pin_auth.and(Some(0x01)), pin_protocol: pin_auth.and(Some(0x01)),
@@ -467,19 +531,48 @@ impl FidoDevice {
}) })
.next(); .next();
credential.and_then(|cred| { credential
cred.public_key.as_ref().map(|public_key| .and_then(|cred| {
Some(crypto::verify_signature( if cred
.public_key
.as_ref()
.map(|public_key| {
crypto::verify_signature(
&public_key, &public_key,
&assertion.client_data_hash, &assertion.client_data_hash,
&response.auth_data_bytes, &response.auth_data_bytes,
&response.signature, &response.signature,
) )
).unwrap_or(true)).iter().filter_map( |valid| match valid { })
true => Some(cred), .unwrap_or(true)
false => None, {
}).next() Some(cred)
}).ok_or(FidoError::from(FidoErrorKind::VerifySignature)).map(|cred| (cred, response.auth_data)) } else {
None
}
})
.ok_or(FidoError::from(FidoErrorKind::VerifySignature))
.map(|cred| (cred, response.auth_data))
}
pub fn ping(&mut self, data: &[u8]) -> FidoResult<Vec<u8>> {
self.exchange(CtapCommand::Ping, data)
}
pub fn wink(&mut self) -> FidoResult<()> {
self.send(&CtapCommand::Wink, &[]).map(|_| ())
}
fn lock(&mut self, time_sec: u8) -> FidoResult<()> {
self.exchange(CtapCommand::Lock, &[time_sec]).map(|_| ())
}
fn keepalive(&mut self) -> FidoResult<CtapStatus> {
self.exchange(CtapCommand::Keepalive, &[])?
.first()
.cloned()
.and_then(CtapStatus::from_u8)
.ok_or(FidoError::from(FidoErrorKind::CborDecode))
} }
fn cbor(&mut self, request: cbor::Request) -> FidoResult<cbor::Response> { fn cbor(&mut self, request: cbor::Request) -> FidoResult<cbor::Response> {
@@ -500,7 +593,7 @@ impl FidoDevice {
} }
fn send(&mut self, cmd: &CtapCommand, payload: &[u8]) -> FidoResult<()> { fn send(&mut self, cmd: &CtapCommand, payload: &[u8]) -> FidoResult<()> {
if payload.is_empty() || payload.len() > u16::MAX as usize { if payload.len() > u16::MAX as usize {
Err(FidoErrorKind::WritePacket)? Err(FidoErrorKind::WritePacket)?
} }
let to_send = payload.len() as u16; let to_send = payload.len() as u16;

9
src/packet.rs
View File

@@ -13,7 +13,7 @@ use std::io::{Read, Write};
static FRAME_INIT: u8 = 0x80; static FRAME_INIT: u8 = 0x80;
#[repr(u8)] #[repr(u8)]
#[derive(FromPrimitive, ToPrimitive, PartialEq)] #[derive(Debug, FromPrimitive, ToPrimitive, PartialEq)]
pub enum CtapCommand { pub enum CtapCommand {
Invalid = 0x00, Invalid = 0x00,
Ping = 0x01, Ping = 0x01,
@@ -36,6 +36,13 @@ impl CtapCommand {
} }
} }
#[repr(u8)]
#[derive(Debug, FromPrimitive, ToPrimitive, PartialEq)]
pub enum CtapStatus {
Processing = 0x01,
AwaitingUserPresence = 0x02,
}
#[repr(u8)] #[repr(u8)]
#[derive(FromPrimitive, Fail, Debug)] #[derive(FromPrimitive, Fail, Debug)]
pub enum CtapError { pub enum CtapError {

88
src/util.rs Normal file
View File

@@ -0,0 +1,88 @@
#[cfg(feature = "request_multiple")]
use crate::{
cbor::AuthenticatorData, FidoAssertionRequest, FidoCredential, FidoCredentialRequest,
FidoDevice, FidoErrorKind, FidoResult,
};
#[cfg(feature = "request_multiple")]
use crossbeam::thread;
#[cfg(feature = "request_multiple")]
use std::sync::mpsc::channel;
#[cfg(feature = "request_multiple")]
use std::time::Duration;
#[cfg(feature = "request_multiple")]
pub fn request_multiple_devices<
'a,
T: Send + 'a,
F: Fn(&mut FidoDevice) -> FidoResult<T> + 'a + Sync,
>(
devices: impl Iterator<Item = (&'a mut FidoDevice, &'a F)>,
timeout: Option<Duration>,
) -> FidoResult<T> {
thread::scope(|scope| -> FidoResult<T> {
let (tx, rx) = channel();
let handles = devices
.map(|(device, fn_)| {
let cancel = device.cancel_handle()?;
let tx = tx.clone();
let thread_handle = scope.spawn(move |_| tx.send(fn_(device)));
Ok((cancel, thread_handle))
})
.collect::<FidoResult<Vec<_>>>()?;
let mut err = None;
let mut slept = Duration::from_millis(0);
let interval = Duration::from_millis(10);
let mut received = 0usize;
let res = loop {
match timeout {
Some(t) if t < slept => {
break if let Some(cause) = err {
cause
} else {
Err(FidoErrorKind::Timeout.into())
};
}
_ => (),
}
if timeout.map(|t| t < slept).unwrap_or(true) {}
if let Ok(msg) = rx.recv_timeout(interval) {
received += 1;
match msg {
e @ Err(_) if received == handles.len() => break e,
e @ Err(_) => err = Some(e),
res @ Ok(_) => break res,
}
} else {
slept += interval;
}
};
for (mut cancel, join) in handles {
// Canceling out of courtesy don't care if it fails
let _ = cancel.cancel();
let _ = join.join();
}
res
})
.unwrap()
}
/// Will send the `assertion_request` to all supplied `devices` and return either the first successful assertion or the last error
#[cfg(feature = "request_multiple")]
pub fn get_assertion_devices<'a>(
assertion_request: &'a FidoAssertionRequest,
devices: impl Iterator<Item = &'a mut FidoDevice>,
timeout: Option<Duration>,
) -> FidoResult<(&'a FidoCredential, AuthenticatorData)> {
let get_assertion = |device: &mut FidoDevice| device.get_assertion(assertion_request);
request_multiple_devices(devices.map(|device| (device, &get_assertion)), timeout)
}
/// Will send the `credential_request` to all supplied `devices` and return either the first credential or the last error
#[cfg(feature = "request_multiple")]
pub fn make_credential_devices<'a>(
credential_request: &'a FidoCredentialRequest,
devices: impl Iterator<Item = &'a mut FidoDevice>,
timeout: Option<Duration>,
) -> FidoResult<FidoCredential> {
let make_credential = |device: &mut FidoDevice| device.make_credential(credential_request);
request_multiple_devices(devices.map(|device| (device, &make_credential)), timeout)
}