shimun/solo
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity

rearrange cbor encoding order in make_credential and get_info

Browse Source
This commit is contained in:
Conor Patrick 2019-04-10 12:11:31 -04:00
parent 5e0edf3e11
commit 4cc72bcd97
1 changed files with 61 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

113
fido2/ctap.c
View File

@ -117,28 +117,6 @@ uint8_t ctap_get_info(CborEncoder * encoder)
check_ret(ret); check_ret(ret);
} }
ret = cbor_encode_uint(&map, RESP_maxMsgSize);
check_ret(ret);
{
ret = cbor_encode_int(&map, CTAP_MAX_MESSAGE_SIZE);
check_ret(ret);
}
ret = cbor_encode_uint(&map, RESP_pinProtocols);
check_ret(ret);
{
ret = cbor_encoder_create_array(&map, &pins, 1);
check_ret(ret);
{
ret = cbor_encode_int(&pins, 1);
check_ret(ret);
}
ret = cbor_encoder_close_container(&map, &pins);
check_ret(ret);
}
ret = cbor_encode_uint(&map, RESP_options); ret = cbor_encode_uint(&map, RESP_options);
check_ret(ret); check_ret(ret);
{ {
@ -188,6 +166,30 @@ uint8_t ctap_get_info(CborEncoder * encoder)
check_ret(ret); check_ret(ret);
} }
ret = cbor_encode_uint(&map, RESP_maxMsgSize);
check_ret(ret);
{
ret = cbor_encode_int(&map, CTAP_MAX_MESSAGE_SIZE);
check_ret(ret);
}
ret = cbor_encode_uint(&map, RESP_pinProtocols);
check_ret(ret);
{
ret = cbor_encoder_create_array(&map, &pins, 1);
check_ret(ret);
{
ret = cbor_encode_int(&pins, 1);
check_ret(ret);
}
ret = cbor_encoder_close_container(&map, &pins);
check_ret(ret);
}
} }
ret = cbor_encoder_close_container(encoder, &map); ret = cbor_encoder_close_container(encoder, &map);
@ -730,6 +732,14 @@ uint8_t ctap_make_credential(CborEncoder * encoder, uint8_t * request, int lengt
CborEncoder map; CborEncoder map;
ret = cbor_encoder_create_map(encoder, &map, 3); ret = cbor_encoder_create_map(encoder, &map, 3);
check_ret(ret); check_ret(ret);
{
ret = cbor_encode_int(&map,RESP_fmt);
check_ret(ret);
ret = cbor_encode_text_stringz(&map, "packed");
check_ret(ret);
}
uint32_t auth_data_sz = sizeof(auth_data_buf); uint32_t auth_data_sz = sizeof(auth_data_buf);
ret = ctap_make_auth_data(&MC.rp, &map, auth_data_buf, &auth_data_sz, ret = ctap_make_auth_data(&MC.rp, &map, auth_data_buf, &auth_data_sz,
@ -763,13 +773,6 @@ uint8_t ctap_make_credential(CborEncoder * encoder, uint8_t * request, int lengt
ret = ctap_add_attest_statement(&map, sigder, sigder_sz); ret = ctap_add_attest_statement(&map, sigder, sigder_sz);
check_retr(ret); check_retr(ret);
{
ret = cbor_encode_int(&map,RESP_fmt);
check_ret(ret);
ret = cbor_encode_text_stringz(&map, "packed");
check_ret(ret);
}
ret = cbor_encoder_close_container(encoder, &map); ret = cbor_encoder_close_container(encoder, &map);
check_ret(ret); check_ret(ret);
return CTAP1_ERR_SUCCESS; return CTAP1_ERR_SUCCESS;
@ -797,13 +800,6 @@ static uint8_t ctap_add_credential_descriptor(CborEncoder * map, CTAP_credential
ret = cbor_encoder_create_map(map, &desc, 2); ret = cbor_encoder_create_map(map, &desc, 2);
check_ret(ret); check_ret(ret);
{
ret = cbor_encode_text_string(&desc, "type", 4);
check_ret(ret);
ret = cbor_encode_text_string(&desc, "public-key", 10);
check_ret(ret);
}
{ {
ret = cbor_encode_text_string(&desc, "id", 2); ret = cbor_encode_text_string(&desc, "id", 2);
check_ret(ret); check_ret(ret);
@ -812,6 +808,15 @@ static uint8_t ctap_add_credential_descriptor(CborEncoder * map, CTAP_credential
check_ret(ret); check_ret(ret);
} }
{
ret = cbor_encode_text_string(&desc, "type", 4);
check_ret(ret);
ret = cbor_encode_text_string(&desc, "public-key", 10);
check_ret(ret);
}
ret = cbor_encoder_close_container(map, &desc); ret = cbor_encoder_close_container(map, &desc);
check_ret(ret); check_ret(ret);
@ -843,6 +848,13 @@ uint8_t ctap_add_user_entity(CborEncoder * map, CTAP_userEntity * user)
if (dispname) if (dispname)
{ {
ret = cbor_encode_text_string(&entity, "icon", 4);
check_ret(ret);
ret = cbor_encode_text_stringz(&entity, (const char *)user->icon);
check_ret(ret);
ret = cbor_encode_text_string(&entity, "name", 4); ret = cbor_encode_text_string(&entity, "name", 4);
check_ret(ret); check_ret(ret);
@ -855,13 +867,6 @@ uint8_t ctap_add_user_entity(CborEncoder * map, CTAP_userEntity * user)
ret = cbor_encode_text_stringz(&entity, (const char *)user->displayName); ret = cbor_encode_text_stringz(&entity, (const char *)user->displayName);
check_ret(ret); check_ret(ret);
ret = cbor_encode_text_string(&entity, "icon", 4);
check_ret(ret);
ret = cbor_encode_text_stringz(&entity, (const char *)user->icon);
check_ret(ret);
} }
ret = cbor_encoder_close_container(map, &entity); ret = cbor_encoder_close_container(map, &entity);
@ -1007,11 +1012,11 @@ uint8_t ctap_end_get_assertion(CborEncoder * map, CTAP_credentialDescriptor * cr
if (add_user) if (add_user)
{ {
printf1(TAG_GREEN, "adding user details to output\r\n"); printf1(TAG_GREEN, "adding user details to output\r\n");
ret = ctap_add_user_entity(map, &cred->credential.user); ret = ctap_add_user_entity(map, &cred->credential.user); // 4
check_retr(ret); check_retr(ret);
} }
ret = ctap_add_credential_descriptor(map, cred); ret = ctap_add_credential_descriptor(map, cred); // 1
check_retr(ret); check_retr(ret);
crypto_ecc256_load_key((uint8_t*)&cred->credential.id, sizeof(CredentialId), NULL, 0); crypto_ecc256_load_key((uint8_t*)&cred->credential.id, sizeof(CredentialId), NULL, 0);
@ -1028,7 +1033,7 @@ uint8_t ctap_end_get_assertion(CborEncoder * map, CTAP_credentialDescriptor * cr
} }
{ {
ret = cbor_encode_int(map, RESP_signature); ret = cbor_encode_int(map, RESP_signature); // 3
check_ret(ret); check_ret(ret);
ret = cbor_encode_byte_string(map, sigder, sigder_sz); ret = cbor_encode_byte_string(map, sigder, sigder_sz);
check_ret(ret); check_ret(ret);
@ -1166,13 +1171,7 @@ uint8_t ctap_get_assertion(CborEncoder * encoder, uint8_t * request, int length)
printf1(TAG_GA,"CRED ID (# %d)\n", GA.creds[j].credential.id.count); printf1(TAG_GA,"CRED ID (# %d)\n", GA.creds[j].credential.id.count);
} }
if (validCredCount > 1)
{
ret = cbor_encode_int(&map, RESP_numberOfCredentials);
check_ret(ret);
ret = cbor_encode_int(&map, validCredCount);
check_ret(ret);
}
CTAP_credentialDescriptor * cred = &GA.creds[validCredCount - 1]; CTAP_credentialDescriptor * cred = &GA.creds[validCredCount - 1];
@ -1223,6 +1222,14 @@ uint8_t ctap_get_assertion(CborEncoder * encoder, uint8_t * request, int length)
ret = ctap_end_get_assertion(&map, cred, auth_data_buf, GA.clientDataHash, add_user_info); ret = ctap_end_get_assertion(&map, cred, auth_data_buf, GA.clientDataHash, add_user_info);
check_retr(ret); check_retr(ret);
if (validCredCount > 1)
{
ret = cbor_encode_int(&map, RESP_numberOfCredentials);
check_ret(ret);
ret = cbor_encode_int(&map, validCredCount);
check_ret(ret);
}
ret = cbor_encoder_close_container(encoder, &map); ret = cbor_encoder_close_container(encoder, &map);
check_ret(ret); check_ret(ret);