shimun/solo
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity

Fix credential order: need to start with most recent

Browse Source
This commit is contained in:
Conor Patrick 2020-03-23 18:38:04 -04:00
parent 3cbf7ec451
commit 872a320abc
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
fido2/ctap.c
View File

@ -1169,15 +1169,15 @@ static void save_credential_list(CTAP_authDataHeader * head, uint8_t * clientDat
} }
getAssertionState.count = count; getAssertionState.count = count;
getAssertionState.index = 0;
printf1(TAG_GA,"saved %d credentials\n",count); printf1(TAG_GA,"saved %d credentials\n",count);
} }
static CTAP_credentialDescriptor * pop_credential() static CTAP_credentialDescriptor * pop_credential()
{ {
if (getAssertionState.count > 0) if (getAssertionState.count > 0 && getAssertionState.index < getAssertionState.count)
{ {
getAssertionState.count--; return &getAssertionState.creds[getAssertionState.index++];
return &getAssertionState.creds[getAssertionState.count];
} }
else else
{ {
@ -1664,14 +1664,14 @@ uint8_t ctap_get_assertion(CborEncoder * encoder, uint8_t * request, int length)
printf1(TAG_GA,"CRED ID (# %d)\n", GA.creds[j].credential.id.count); printf1(TAG_GA,"CRED ID (# %d)\n", GA.creds[j].credential.id.count);
} }
CTAP_credentialDescriptor * cred = &GA.creds[validCredCount - 1]; CTAP_credentialDescriptor * cred = &GA.creds[0];
GA.extensions.hmac_secret.credential = &cred->credential; GA.extensions.hmac_secret.credential = &cred->credential;
uint32_t auth_data_buf_sz = sizeof(auth_data_buf); uint32_t auth_data_buf_sz = sizeof(auth_data_buf);
#ifdef ENABLE_U2F_EXTENSIONS #ifdef ENABLE_U2F_EXTENSIONS
if ( is_extension_request((uint8_t*)&GA.creds[validCredCount - 1].credential.id, sizeof(CredentialId)) ) if ( is_extension_request((uint8_t*)&GA.creds[0].credential.id, sizeof(CredentialId)) )
{ {
auth_data_buf_sz = sizeof(CTAP_authDataHeader); auth_data_buf_sz = sizeof(CTAP_authDataHeader);
@ -1708,8 +1708,6 @@ uint8_t ctap_get_assertion(CborEncoder * encoder, uint8_t * request, int length)
} }
save_credential_list((CTAP_authDataHeader*)auth_data_buf, GA.clientDataHash, GA.creds, validCredCount-1); // skip last one
ret = ctap_end_get_assertion(&map, cred, auth_data_buf, auth_data_buf_sz, GA.clientDataHash); // 1,2,3,4 ret = ctap_end_get_assertion(&map, cred, auth_data_buf, auth_data_buf_sz, GA.clientDataHash); // 1,2,3,4
check_retr(ret); check_retr(ret);
@ -1724,6 +1722,8 @@ uint8_t ctap_get_assertion(CborEncoder * encoder, uint8_t * request, int length)
ret = cbor_encoder_close_container(encoder, &map); ret = cbor_encoder_close_container(encoder, &map);
check_ret(ret); check_ret(ret);
save_credential_list((CTAP_authDataHeader*)auth_data_buf, GA.clientDataHash, GA.creds + 1, validCredCount - 1); // skip first one
return 0; return 0;
} }