shimun/solo
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity

consider credProtect with exclude list, and also check user presence

Browse Source
This commit is contained in:
Conor Patrick 2020-03-24 22:11:10 -04:00
parent 3b42289cce
commit 241f58657b
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
fido2/ctap.c
View File

@ -922,8 +922,13 @@ uint8_t ctap_make_credential(CborEncoder * encoder, uint8_t * request, int lengt
if (ctap_authenticate_credential(&MC.rp, excl_cred))
{
printf1(TAG_MC, "Cred %d failed!\r\n",i);
return CTAP2_ERR_CREDENTIAL_EXCLUDED;
if ( check_credential_metadata(&excl_cred->credential.id, MC.pinAuthPresent, 1) == 0)
{
ret = ctap2_user_presence_test();
check_retr(ret);
printf1(TAG_MC, "Cred %d failed!\r\n",i);
return CTAP2_ERR_CREDENTIAL_EXCLUDED;
}
}
ret = cbor_value_advance(&MC.excludeList);