fix u2f user presence check, added dont-enforce-user-presence-and-sign, fix counter

fido2/u2f.c

@@ -233,7 +233,7 @@ static int16_t u2f_authenticate(struct u2f_authenticate_request * req, uint8_t c
         }
     }
     if (
-            control != U2F_AUTHENTICATE_SIGN ||
+            (control != U2F_AUTHENTICATE_SIGN && control != U2F_AUTHENTICATE_SIGN_NO_USER) ||
             req->khl != U2F_KEY_HANDLE_SIZE ||
             u2f_appid_eq(&req->kh, req->app) != 0 ||     // Order of checks is important
             u2f_load_key(&req->kh, req->app) != 0
@@ -243,9 +243,11 @@ static int16_t u2f_authenticate(struct u2f_authenticate_request * req, uint8_t c
         return U2F_SW_WRONG_PAYLOAD;
     }
 
+	// dont-enforce-user-presence-and-sign
+	if (control == U2F_AUTHENTICATE_SIGN_NO_USER)
+		up = 0;
 
-
-	if(!fromNFC)
+	if(!fromNFC && up)
 	{
 		if (ctap_user_presence_test() == 0)
 		{
@@ -254,12 +256,17 @@ static int16_t u2f_authenticate(struct u2f_authenticate_request * req, uint8_t c
 	}
 
     count = ctap_atomic_count(0);
+	uint8_t vcount[4];
+	vcount[3] = (count) & 0xff;
+	vcount[2] = (count >> 8) & 0xff;
+	vcount[1] = (count >> 16) & 0xff;
+	vcount[0] = (count >> 24) & 0xff;
 
     crypto_sha256_init();
 
     crypto_sha256_update(req->app, 32);
     crypto_sha256_update(&up, 1);
-    crypto_sha256_update((uint8_t *)&count,4);
+    crypto_sha256_update(vcount, 4);
     crypto_sha256_update(req->chal, 32);
 
     crypto_sha256_final(hash);
@@ -268,7 +275,7 @@ static int16_t u2f_authenticate(struct u2f_authenticate_request * req, uint8_t c
     crypto_ecc256_sign(hash, 32, sig);
 
     u2f_response_writeback(&up, 1);
-    u2f_response_writeback((uint8_t *)&count,4);
+    u2f_response_writeback(vcount, 4);
     dump_signature_der(sig);
 
     return U2F_SW_NO_ERROR;

fido2/u2f.h

@@ -53,6 +53,7 @@
 // U2F Authenticate
 #define U2F_AUTHENTICATE_CHECK              0x7
 #define U2F_AUTHENTICATE_SIGN               0x3
+#define U2F_AUTHENTICATE_SIGN_NO_USER       0x8
 
 
 // Command status responses