Handle empty pinAuth fields.

CTAP2 specifies that an empty pinAuth field is special: it indicates that the device should block for touch, i.e. it's just a way of letting a user select from multiple authenticators[1]. This change handles empty pinAuth fields in GetAssertion and MakeCredential commands. [1] https://fidoalliance.org/specs/fido-v2.0-ps-20190130/fido-client-to-authenticator-protocol-v2.0-ps-20190130.html#using-pinToken-in-authenticatorMakeCredential
2019-04-20 16:26:32 -07:00
parent f28cf9c6d0
commit a5f794c0ff
3 changed files with 48 additions and 3 deletions
--- a/fido2/ctap.h
+++ b/fido2/ctap.h
@@ -243,6 +243,11 @@ typedef struct

    uint8_t pinAuth[16];
    uint8_t pinAuthPresent;
+    // pinAuthEmpty is true iff an empty bytestring was provided as pinAuth.
+    // This is exclusive with |pinAuthPresent|. It exists because an empty
+    // pinAuth is a special signal to block for touch. See
+    // https://fidoalliance.org/specs/fido-v2.0-ps-20190130/fido-client-to-authenticator-protocol-v2.0-ps-20190130.html#using-pinToken-in-authenticatorMakeCredential
+    uint8_t pinAuthEmpty;
    int pinProtocol;
    CTAP_extensions extensions;

@@ -266,6 +271,11 @@ typedef struct

    uint8_t pinAuth[16];
    uint8_t pinAuthPresent;
+    // pinAuthEmpty is true iff an empty bytestring was provided as pinAuth.
+    // This is exclusive with |pinAuthPresent|. It exists because an empty
+    // pinAuth is a special signal to block for touch. See
+    // https://fidoalliance.org/specs/fido-v2.0-ps-20190130/fido-client-to-authenticator-protocol-v2.0-ps-20190130.html#using-pinToken-in-authenticatorGetAssertion
+    uint8_t pinAuthEmpty;
    int pinProtocol;

    CTAP_credentialDescriptor creds[ALLOW_LIST_MAX_SIZE];