shimun/solo
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity

remove add_user param

Browse Source
This commit is contained in:
Conor Patrick 2019-04-10 12:47:23 -04:00
parent 5f49f4680e
commit 5fc8d214fd
1 changed files with 6 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
fido2/ctap.c
View File

@ -1002,7 +1002,7 @@ static CTAP_credentialDescriptor * pop_credential()
} }
// adds 2 to map, or 3 if add_user is true // adds 2 to map, or 3 if add_user is true
uint8_t ctap_end_get_assertion(CborEncoder * map, CTAP_credentialDescriptor * cred, uint8_t * auth_data_buf, unsigned int auth_data_buf_sz, uint8_t * clientDataHash, int add_user) uint8_t ctap_end_get_assertion(CborEncoder * map, CTAP_credentialDescriptor * cred, uint8_t * auth_data_buf, unsigned int auth_data_buf_sz, uint8_t * clientDataHash)
{ {
int ret; int ret;
uint8_t sigbuf[64]; uint8_t sigbuf[64];
@ -1039,7 +1039,7 @@ uint8_t ctap_end_get_assertion(CborEncoder * map, CTAP_credentialDescriptor * cr
check_ret(ret); check_ret(ret);
} }
if (add_user) if (cred->credential.user.id_size)
{ {
printf1(TAG_GREEN, "adding user details to output\r\n"); printf1(TAG_GREEN, "adding user details to output\r\n");
ret = ctap_add_user_entity(map, &cred->credential.user); // 4 ret = ctap_add_user_entity(map, &cred->credential.user); // 4
@ -1065,9 +1065,8 @@ uint8_t ctap_get_next_assertion(CborEncoder * encoder)
} }
auth_data_update_count(&authData); auth_data_update_count(&authData);
int add_user_info = cred->credential.user.id_size;
if (add_user_info) if (cred->credential.user.id_size)
{ {
printf1(TAG_GREEN, "adding user info to assertion response\r\n"); printf1(TAG_GREEN, "adding user info to assertion response\r\n");
ret = cbor_encoder_create_map(encoder, &map, 4); ret = cbor_encoder_create_map(encoder, &map, 4);
@ -1078,13 +1077,9 @@ uint8_t ctap_get_next_assertion(CborEncoder * encoder)
ret = cbor_encoder_create_map(encoder, &map, 3); ret = cbor_encoder_create_map(encoder, &map, 3);
} }
check_ret(ret); check_ret(ret);
printf1(TAG_RED, "RPID hash: "); dump_hex1(TAG_RED, authData.rpIdHash, 32); printf1(TAG_RED, "RPID hash: "); dump_hex1(TAG_RED, authData.rpIdHash, 32);
// if only one account for this RP, null out the user details // if only one account for this RP, null out the user details
if (!getAssertionState.user_verified) if (!getAssertionState.user_verified)
{ {
@ -1092,8 +1087,7 @@ uint8_t ctap_get_next_assertion(CborEncoder * encoder)
memset(cred->credential.user.name, 0, USER_NAME_LIMIT); memset(cred->credential.user.name, 0, USER_NAME_LIMIT);
} }
ret = ctap_end_get_assertion(&map, cred, (uint8_t *)&authData, sizeof(CTAP_authDataHeader), getAssertionState.clientDataHash);
ret = ctap_end_get_assertion(&map, cred, (uint8_t *)&authData, sizeof(CTAP_authDataHeader), getAssertionState.clientDataHash, add_user_info); // 4, 1, 3
check_retr(ret); check_retr(ret);
ret = cbor_encoder_close_container(encoder, &map); ret = cbor_encoder_close_container(encoder, &map);
@ -1136,13 +1130,12 @@ uint8_t ctap_get_assertion(CborEncoder * encoder, uint8_t * request, int length)
printf1(TAG_GA, "ALLOW_LIST has %d creds\n", GA.credLen); printf1(TAG_GA, "ALLOW_LIST has %d creds\n", GA.credLen);
int validCredCount = ctap_filter_invalid_credentials(&GA); int validCredCount = ctap_filter_invalid_credentials(&GA);
int add_user_info = GA.creds[validCredCount - 1].credential.user.id_size;
if (validCredCount > 1) if (validCredCount > 1)
{ {
map_size += 1; map_size += 1;
} }
if (add_user_info) if (GA.creds[validCredCount - 1].credential.user.id_size)
{ {
map_size += 1; map_size += 1;
} }
@ -1218,7 +1211,7 @@ uint8_t ctap_get_assertion(CborEncoder * encoder, uint8_t * request, int length)
save_credential_list((CTAP_authDataHeader*)auth_data_buf, GA.clientDataHash, GA.creds, validCredCount-1); // skip last one save_credential_list((CTAP_authDataHeader*)auth_data_buf, GA.clientDataHash, GA.creds, validCredCount-1); // skip last one
ret = ctap_end_get_assertion(&map, cred, auth_data_buf, auth_data_buf_sz, GA.clientDataHash, add_user_info); // 1,2,3,4 ret = ctap_end_get_assertion(&map, cred, auth_data_buf, auth_data_buf_sz, GA.clientDataHash); // 1,2,3,4
check_retr(ret); check_retr(ret);
if (validCredCount > 1) if (validCredCount > 1)