shimun/solo
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity

check errors

Browse Source
This commit is contained in:
Conor Patrick 2019-03-21 12:47:15 -04:00
parent d68011ef04
commit a1a75e4ab5
3 changed files with 81 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
fido2/ctap.c
View File

@ -354,7 +354,7 @@ static int ctap_make_extensions(CTAP_extensions * ext, uint8_t * ext_encoder_buf
else else
{ {
printf1(TAG_CTAP, "saltAuth is invalid\r\n"); printf1(TAG_CTAP, "saltAuth is invalid\r\n");
return CTAP1_ERR_OTHER; return CTAP2_ERR_EXTENSION_FIRST;
} }
// Generate credRandom // Generate credRandom

4
fido2/ctap_parse.c
View File

@ -601,11 +601,11 @@ uint8_t ctap_parse_hmac_secret(CborValue * val, CTAP_hmac_secret * hs)
case EXT_HMAC_SECRET_SALT_ENC: case EXT_HMAC_SECRET_SALT_ENC:
salt_len = 64; salt_len = 64;
ret = cbor_value_copy_byte_string(&map, hs->saltEnc, &salt_len, NULL); ret = cbor_value_copy_byte_string(&map, hs->saltEnc, &salt_len, NULL);
check_ret(ret); if ((salt_len != 32 && salt_len != 64) || ret == CborErrorOutOfMemory)
if (salt_len != 32 && salt_len != 64)
{ {
return CTAP1_ERR_INVALID_LENGTH; return CTAP1_ERR_INVALID_LENGTH;
} }
check_ret(ret);
hs->saltLen = salt_len; hs->saltLen = salt_len;
parsed_count++; parsed_count++;
break; break;

82
tools/ctap_test.py
View File

@ -786,6 +786,7 @@ class Tester:
salt1 = b"\x5a" * 32 salt1 = b"\x5a" * 32
salt2 = b"\x96" * 32 salt2 = b"\x96" * 32
salt3 = b"\x03" * 32
# self.testReset() # self.testReset()
@ -808,6 +809,16 @@ class Tester:
assert "hmac-secret" in reg.auth_data.extensions assert "hmac-secret" in reg.auth_data.extensions
assert reg.auth_data.extensions["hmac-secret"] == True assert reg.auth_data.extensions["hmac-secret"] == True
reg = self.testMC(
"Send MC with fake extension set to true, expect SUCCESS",
cdh,
rp,
user,
key_params,
expectedError=CtapError.ERR.SUCCESS,
other={"extensions": {"tetris": True}},
)
with Test("Get shared secret"): with Test("Get shared secret"):
key_agreement, shared_secret = ( key_agreement, shared_secret = (
self.client.pin_protocol._init_shared_secret() self.client.pin_protocol._init_shared_secret()
@ -818,14 +829,18 @@ class Tester:
default_backend(), default_backend(),
) )
for salt_list in ((salt1,), (salt1, salt2)): def get_salt_params(salts):
enc = cipher.encryptor() enc = cipher.encryptor()
salt_enc = b"" salt_enc = b""
for salt in salt_list: for salt in salts:
salt_enc += enc.update(salt) salt_enc += enc.update(salt)
salt_enc += enc.finalize() salt_enc += enc.finalize()
salt_auth = hmac_sha256(shared_secret, salt_enc)[:16] salt_auth = hmac_sha256(shared_secret, salt_enc)[:16]
return salt_enc, salt_auth
for salt_list in ((salt1,), (salt1, salt2)):
salt_enc, salt_auth = get_salt_params(salt_list)
auth = self.testGA( auth = self.testGA(
"Send GA request with %d salts hmac-secret, expect success" "Send GA request with %d salts hmac-secret, expect success"
@ -855,12 +870,71 @@ class Tester:
dec = cipher.decryptor() dec = cipher.decryptor()
key = dec.update(ext["hmac-secret"]) + dec.finalize() key = dec.update(ext["hmac-secret"]) + dec.finalize()
print(shannon_entropy(ext["hmac-secret"]))
if len(salt_list) == 1: if len(salt_list) == 1:
assert shannon_entropy(ext["hmac-secret"]) > 4.6 assert shannon_entropy(ext["hmac-secret"]) > 4.6
assert shannon_entropy(key) > 4.6 assert shannon_entropy(key) > 4.6
if len(salt_list) == 2: if len(salt_list) == 2:
assert shannon_entropy(ext["hmac-secret"]) > 5.6 assert shannon_entropy(ext["hmac-secret"]) > 5.4
assert shannon_entropy(key) > 5.6 assert shannon_entropy(key) > 5.4
salt_enc, salt_auth = get_salt_params((salt3,))
auth = self.testGA(
"Send GA request with hmac-secret missing keyAgreement, expect error",
rp["id"],
cdh,
other={"extensions": {"hmac-secret": {2: salt_enc, 3: salt_auth}}},
)
auth = self.testGA(
"Send GA request with hmac-secret missing saltAuth, expect MISSING_PARAMETER",
rp["id"],
cdh,
other={"extensions": {"hmac-secret": {1: key_agreement, 2: salt_enc}}},
expectedError=CtapError.ERR.MISSING_PARAMETER,
)
auth = self.testGA(
"Send GA request with hmac-secret missing saltEnc, expect MISSING_PARAMETER",
rp["id"],
cdh,
other={"extensions": {"hmac-secret": {1: key_agreement, 3: salt_auth}}},
expectedError=CtapError.ERR.MISSING_PARAMETER,
)
bad_auth = list(salt_auth[:])
bad_auth[len(bad_auth) // 2] = bad_auth[len(bad_auth) // 2] ^ 1
bad_auth = bytes(bad_auth)
auth = self.testGA(
"Send GA request with hmac-secret containing bad saltAuth, expect EXTENSION_FIRST",
rp["id"],
cdh,
other={
"extensions": {
"hmac-secret": {1: key_agreement, 2: salt_enc, 3: bad_auth}
}
},
expectedError=CtapError.ERR.EXTENSION_FIRST,
)
salt4 = b"\x5a" * 16
salt5 = b"\x96" * 64
for salt_list in ((salt4,), (salt4, salt5)):
salt_enc, salt_auth = get_salt_params(salt_list)
salt_auth = hmac_sha256(shared_secret, salt_enc)[:16]
auth = self.testGA(
"Send GA request with incorrect salt length %d, expect INVALID_LENGTH"
% len(salt_enc),
rp["id"],
cdh,
other={
"extensions": {
"hmac-secret": {1: key_agreement, 2: salt_enc, 3: salt_auth}
}
},
expectedError=CtapError.ERR.INVALID_LENGTH,
)
def test_fido2_other(self,): def test_fido2_other(self,):