shimun/solo
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity

remove extra layer of map

Browse Source
This commit is contained in:
Conor Patrick 2019-03-20 23:40:58 -04:00
parent 946e932b1e
commit 3a48756f96
2 changed files with 11 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
fido2/ctap.c
View File

@ -383,16 +383,11 @@ static int ctap_make_extensions(CTAP_extensions * ext, uint8_t * ext_encoder_buf
crypto_aes256_encrypt(output, ext->hmac_secret.saltLen); crypto_aes256_encrypt(output, ext->hmac_secret.saltLen);
// output // output
cbor_encoder_init(&extensions, ext_encoder_buf, *ext_encoder_buf_size, 0);
printf1(TAG_GREEN, "have %d bytes for Extenstions encoder\r\n",*ext_encoder_buf_size); printf1(TAG_GREEN, "have %d bytes for Extenstions encoder\r\n",*ext_encoder_buf_size);
CborEncoder ext_map; cbor_encoder_init(&extensions, ext_encoder_buf, *ext_encoder_buf_size, 0);
ret = cbor_encoder_create_map(&extensions, &ext_map, 1);
check_ret(ret);
{ {
ret = cbor_encode_int(&ext_map,GA_extensions);
check_ret(ret);
CborEncoder hmac_secret_map; CborEncoder hmac_secret_map;
ret = cbor_encoder_create_map(&ext_map, &hmac_secret_map, 1); ret = cbor_encoder_create_map(&extensions, &hmac_secret_map, 1);
check_ret(ret); check_ret(ret);
{ {
ret = cbor_encode_text_stringz(&hmac_secret_map, "hmac-secret"); ret = cbor_encode_text_stringz(&hmac_secret_map, "hmac-secret");
@ -401,11 +396,9 @@ static int ctap_make_extensions(CTAP_extensions * ext, uint8_t * ext_encoder_buf
ret = cbor_encode_byte_string(&hmac_secret_map, output, ext->hmac_secret.saltLen); ret = cbor_encode_byte_string(&hmac_secret_map, output, ext->hmac_secret.saltLen);
check_ret(ret); check_ret(ret);
} }
ret = cbor_encoder_close_container(&ext_map, &hmac_secret_map); ret = cbor_encoder_close_container(&extensions, &hmac_secret_map);
check_ret(ret); check_ret(ret);
} }
ret = cbor_encoder_close_container(&extensions, &ext_map);
check_ret(ret);
*ext_encoder_buf_size = cbor_encoder_get_buffer_size(&extensions, ext_encoder_buf); *ext_encoder_buf_size = cbor_encoder_get_buffer_size(&extensions, ext_encoder_buf);
} }
else else
@ -1071,7 +1064,7 @@ uint8_t ctap_get_next_assertion(CborEncoder * encoder)
uint8_t ctap_get_assertion(CborEncoder * encoder, uint8_t * request, int length) uint8_t ctap_get_assertion(CborEncoder * encoder, uint8_t * request, int length)
{ {
CTAP_getAssertion GA; CTAP_getAssertion GA;
uint8_t auth_data_buf[sizeof(CTAP_authDataHeader) + 100]; uint8_t auth_data_buf[sizeof(CTAP_authDataHeader) + 80];
int ret = ctap_parse_get_assertion(&GA,request,length); int ret = ctap_parse_get_assertion(&GA,request,length);
if (ret != 0) if (ret != 0)

14
tools/ctap_test.py
View File

@ -787,7 +787,7 @@ class Tester:
salt1 = b"\x5a" * 32 salt1 = b"\x5a" * 32
salt2 = b"\x96" * 32 salt2 = b"\x96" * 32
self.testReset() # self.testReset()
with Test("Get info has hmac-secret"): with Test("Get info has hmac-secret"):
info = self.ctap.get_info() info = self.ctap.get_info()
@ -841,20 +841,20 @@ class Tester:
): ):
ext = auth.auth_data.extensions ext = auth.auth_data.extensions
assert ext assert ext
assert "hmac-secret" in ext[4] assert "hmac-secret" in ext
assert type(ext[4]["hmac-secret"]) == type(b"") assert type(ext["hmac-secret"]) == type(b"")
assert len(ext[4]["hmac-secret"]) == len(salt_list) * 32 assert len(ext["hmac-secret"]) == len(salt_list) * 32
with Test("Check that shannon_entropy of hmac-secret is good"): with Test("Check that shannon_entropy of hmac-secret is good"):
ext = auth.auth_data.extensions ext = auth.auth_data.extensions
dec = cipher.decryptor() dec = cipher.decryptor()
key = dec.update(ext[4]["hmac-secret"]) + dec.finalize() key = dec.update(ext["hmac-secret"]) + dec.finalize()
if len(salt_list) == 1: if len(salt_list) == 1:
assert shannon_entropy(ext[4]["hmac-secret"]) > 4.6 assert shannon_entropy(ext["hmac-secret"]) > 4.6
assert shannon_entropy(key) > 4.6 assert shannon_entropy(key) > 4.6
if len(salt_list) == 2: if len(salt_list) == 2:
assert shannon_entropy(ext[4]["hmac-secret"]) > 5.6 assert shannon_entropy(ext["hmac-secret"]) > 5.6
assert shannon_entropy(key) > 5.6 assert shannon_entropy(key) > 5.6
def test_fido2_other(self,): def test_fido2_other(self,):