From 36fdc64fabae13fa1f6bd1747a74eb8868a5ae0f Mon Sep 17 00:00:00 2001
From: Conor Patrick <conorpp94@gmail.com>
Date: Mon, 12 Nov 2018 02:16:00 -0500
Subject: [PATCH] passing interop w/o rk

---
 fido2/ctap.c       | 25 +++++++++++++++----------
 fido2/ctap_parse.c | 10 ++++++++++
 2 files changed, 25 insertions(+), 10 deletions(-)

diff --git a/fido2/ctap.c b/fido2/ctap.c
index fc04999..7750dc9 100644
--- a/fido2/ctap.c
+++ b/fido2/ctap.c
@@ -335,8 +335,7 @@ static int ctap_make_auth_data(struct rpId * rp, CborEncoder * map, uint8_t * au
     device_set_status(CTAPHID_STATUS_PROCESSING);
 
     authData->head.flags = (but << 0);
-    // not [yet] doing user verification
-    // authData->head.flags |= (ctap_user_verification(0) << 2);
+    authData->head.flags |= (ctap_is_pin_set() << 2);
 
 
 
@@ -735,8 +734,8 @@ uint8_t ctap_end_get_assertion(CborEncoder * map, CTAP_credentialDescriptor * cr
     uint8_t sigbuf[64];
     uint8_t sigder[72];
 
-    ret = ctap_add_user_entity(map, &cred->credential.enc.user);
-    check_retr(ret);
+    //ret = ctap_add_user_entity(map, &cred->credential.enc.user);
+    //check_retr(ret);
 
     // Re-encrypt the credential
     crypto_aes256_init(CRYPTO_TRANSPORT_KEY, NULL);
@@ -775,7 +774,7 @@ uint8_t ctap_get_next_assertion(CborEncoder * encoder)
     auth_data_update_count(authData);
 
 
-    ret = cbor_encoder_create_map(encoder, &map, 4);
+    ret = cbor_encoder_create_map(encoder, &map, 3);
     check_ret(ret);
 
     {
@@ -825,7 +824,10 @@ uint8_t ctap_get_assertion(CborEncoder * encoder, uint8_t * request, int length)
         return CTAP2_ERR_MISSING_PARAMETER;
     }
     CborEncoder map;
-    ret = cbor_encoder_create_map(encoder, &map, 5);
+    if (GA.credLen > 1)
+        ret = cbor_encoder_create_map(encoder, &map, 4);
+    else
+        ret = cbor_encoder_create_map(encoder, &map, 3);
     check_ret(ret);
 
     ret = ctap_make_auth_data(&GA.rp, &map, auth_data_buf, sizeof(auth_data_buf), NULL, 0,0,NULL);
@@ -867,10 +869,13 @@ uint8_t ctap_get_assertion(CborEncoder * encoder, uint8_t * request, int length)
     }
 
     {
-        ret = cbor_encode_int(&map, RESP_numberOfCredentials);
-        check_ret(ret);
-        ret = cbor_encode_int(&map, validCredCount);
-        check_ret(ret);
+        if (GA.credLen > 1)
+        {
+            ret = cbor_encode_int(&map, RESP_numberOfCredentials);
+            check_ret(ret);
+            ret = cbor_encode_int(&map, validCredCount);
+            check_ret(ret);
+        }
     }
 
     CTAP_credentialDescriptor * cred = &GA.creds[validCredCount - 1];
diff --git a/fido2/ctap_parse.c b/fido2/ctap_parse.c
index 1360d2b..2b6905a 100644
--- a/fido2/ctap_parse.c
+++ b/fido2/ctap_parse.c
@@ -895,6 +895,16 @@ uint8_t ctap_parse_get_assertion(CTAP_getAssertion * GA, uint8_t * request, int
                 printf1(TAG_GA,"CTAP_pinAuth\n");
 
                 ret = parse_fixed_byte_string(&map, GA->pinAuth, 16);
+                if (CTAP1_ERR_INVALID_LENGTH != ret)    // damn microsoft
+                {
+                    check_retr(ret);
+
+                }
+                else
+                {
+                    ret = 0;
+                }
+
                 check_retr(ret);
                 GA->pinAuthPresent = 1;