small bug fixes
This commit is contained in:
Conor Patrick
parent
b62e9906c7
commit
2d233f164e
23
fido2/ctap.c
23
fido2/ctap.c
@ -33,7 +33,6 @@ static int8_t PIN_BOOT_ATTEMPTS_LEFT = PIN_BOOT_ATTEMPTS;
|
||||
|
||||
AuthenticatorState STATE;
|
||||
|
||||
|
||||
static void ctap_reset_key_agreement();
|
||||
|
||||
static struct {
|
||||
@ -470,7 +469,6 @@ static int ctap_make_auth_data(struct rpId * rp, CborEncoder * map, uint8_t * au
|
||||
authData->head.flags |= (ctap_is_pin_set() << 2);
|
||||
|
||||
|
||||
|
||||
if (credInfo != NULL)
|
||||
{
|
||||
// add attestedCredentialData
|
||||
@ -521,9 +519,6 @@ static int ctap_make_auth_data(struct rpId * rp, CborEncoder * map, uint8_t * au
|
||||
}
|
||||
done_rk:
|
||||
|
||||
// DELETE
|
||||
//crypto_aes256_init(CRYPTO_TRANSPORT_KEY, NULL);
|
||||
//crypto_aes256_encrypt((uint8_t*)&authData->attest.credential.user, CREDENTIAL_ENC_SIZE);
|
||||
printf1(TAG_GREEN, "MADE credId: "); dump_hex1(TAG_GREEN, (uint8_t*) &authData->attest.id, sizeof(CredentialId));
|
||||
|
||||
ctap_generate_cose_key(&cose_key, (uint8_t*)&authData->attest.id, sizeof(CredentialId), credInfo->publicKeyCredentialType, credInfo->COSEAlgorithmIdentifier);
|
||||
@ -532,8 +527,6 @@ done_rk:
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
||||
if (ext != NULL)
|
||||
{
|
||||
ext_encoder_buf_size = *len - auth_data_sz;
|
||||
@ -976,6 +969,7 @@ static void save_credential_list(CTAP_authDataHeader * head, uint8_t * clientDat
|
||||
memmove(getAssertionState.clientDataHash, clientDataHash, CLIENT_DATA_HASH_SIZE);
|
||||
memmove(&getAssertionState.authData, head, sizeof(CTAP_authDataHeader));
|
||||
memmove(getAssertionState.creds, creds, sizeof(CTAP_credentialDescriptor) * (count));
|
||||
|
||||
}
|
||||
getAssertionState.count = count;
|
||||
printf1(TAG_GA,"saved %d credentials\n",count);
|
||||
@ -1040,7 +1034,6 @@ uint8_t ctap_get_next_assertion(CborEncoder * encoder)
|
||||
CborEncoder map;
|
||||
CTAP_authDataHeader authData;
|
||||
memmove(&authData, &getAssertionState.authData, sizeof(CTAP_authDataHeader));
|
||||
// CTAP_authDataHeader * authData = &getAssertionState.authData;
|
||||
|
||||
CTAP_credentialDescriptor * cred = pop_credential();
|
||||
|
||||
@ -1063,6 +1056,7 @@ uint8_t ctap_get_next_assertion(CborEncoder * encoder)
|
||||
ret = cbor_encoder_create_map(encoder, &map, 3);
|
||||
}
|
||||
|
||||
|
||||
check_ret(ret);
|
||||
printf1(TAG_RED, "RPID hash: "); dump_hex1(TAG_RED, authData.rpIdHash, 32);
|
||||
|
||||
@ -1073,6 +1067,7 @@ uint8_t ctap_get_next_assertion(CborEncoder * encoder)
|
||||
check_ret(ret);
|
||||
}
|
||||
|
||||
|
||||
// if only one account for this RP, null out the user details
|
||||
if (!getAssertionState.user_verified)
|
||||
{
|
||||
@ -1147,11 +1142,7 @@ uint8_t ctap_get_assertion(CborEncoder * encoder, uint8_t * request, int length)
|
||||
ret = cbor_encoder_create_map(encoder, &map, map_size);
|
||||
check_ret(ret);
|
||||
|
||||
if (validCredCount > 0)
|
||||
{
|
||||
save_credential_list((CTAP_authDataHeader*)auth_data_buf, GA.clientDataHash, GA.creds, validCredCount-1); // skip last one
|
||||
}
|
||||
else
|
||||
if (validCredCount == 0)
|
||||
{
|
||||
printf2(TAG_ERR,"Error, no authentic credential\n");
|
||||
return CTAP2_ERR_NO_CREDENTIALS;
|
||||
@ -1188,8 +1179,8 @@ uint8_t ctap_get_assertion(CborEncoder * encoder, uint8_t * request, int length)
|
||||
{
|
||||
ret = cbor_encode_int(&map,RESP_authData);
|
||||
check_ret(ret);
|
||||
memset(auth_data_buf,0,sizeof(auth_data_buf));
|
||||
ret = cbor_encode_byte_string(&map, auth_data_buf, sizeof(auth_data_buf));
|
||||
memset(auth_data_buf,0,sizeof(CTAP_authDataHeader));
|
||||
ret = cbor_encode_byte_string(&map, auth_data_buf, sizeof(CTAP_authDataHeader));
|
||||
check_ret(ret);
|
||||
}
|
||||
else
|
||||
@ -1200,6 +1191,7 @@ uint8_t ctap_get_assertion(CborEncoder * encoder, uint8_t * request, int length)
|
||||
check_retr(ret);
|
||||
}
|
||||
|
||||
save_credential_list((CTAP_authDataHeader*)auth_data_buf, GA.clientDataHash, GA.creds, validCredCount-1); // skip last one
|
||||
|
||||
ret = ctap_end_get_assertion(&map, cred, auth_data_buf, GA.clientDataHash, add_user_info);
|
||||
check_retr(ret);
|
||||
@ -1522,7 +1514,6 @@ uint8_t ctap_request(uint8_t * pkt_raw, int length, CTAP_RESPONSE * resp)
|
||||
pkt_raw++;
|
||||
length--;
|
||||
|
||||
|
||||
uint8_t * buf = resp->data;
|
||||
|
||||
cbor_encoder_init(&encoder, buf, resp->data_size, 0);
|
||||
|
||||
@ -1786,7 +1786,8 @@ class Tester:
|
||||
entropy += sc.get_rng()
|
||||
|
||||
with Test("Test entropy is close to perfect"):
|
||||
assert shannon_entropy(entropy) > 7.98
|
||||
sum = shannon_entropy(entropy)
|
||||
assert sum > 7.98
|
||||
print("Entropy is %.5f bits per byte." % sum)
|
||||
|
||||
with Test("Test Solo version command"):
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user