shimun/solo
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity

consider credProtect with exclude list, and also check user presence

Browse Source
This commit is contained in:
Conor Patrick 2020-03-24 22:11:10 -04:00
parent 3b42289cce
commit 241f58657b
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
fido2/ctap.c
View File

@ -922,9 +922,14 @@ uint8_t ctap_make_credential(CborEncoder * encoder, uint8_t * request, int lengt
if (ctap_authenticate_credential(&MC.rp, excl_cred)) if (ctap_authenticate_credential(&MC.rp, excl_cred))
{ {
if ( check_credential_metadata(&excl_cred->credential.id, MC.pinAuthPresent, 1) == 0)
{
ret = ctap2_user_presence_test();
check_retr(ret);
printf1(TAG_MC, "Cred %d failed!\r\n",i); printf1(TAG_MC, "Cred %d failed!\r\n",i);
return CTAP2_ERR_CREDENTIAL_EXCLUDED; return CTAP2_ERR_CREDENTIAL_EXCLUDED;
} }
}
ret = cbor_value_advance(&MC.excludeList); ret = cbor_value_advance(&MC.excludeList);
check_ret(ret); check_ret(ret);