shimun/solo
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity

Compare commits

base: shimun:reset-timeout
Branches Tags
shimun:master shimun:master-old shimun:reset-timeout shimun:max_enumeration_issue shimun:hmac-secret-uv shimun:cred_dfs shimun:rgerganov-cred-meta-fix shimun:fix_version_in_build shimun:cbor_safety shimun:backup_improvements shimun:b3.1.1 shimun:aaguid_cert_update shimun:library_refactor shimun:all-contributors/add-Nitrokey shimun:bump3.0.0 shimun:all-contributors/add-ccinelli shimun:simplify_build shimun:move_certs_and_lock_to_data shimun:fido2_on_u2f shimun:redue_bootloader_size shimun:all-contributors/add-jolo1581 shimun:key-backup shimun:ctap2_issues shimun:nfc_conformance shimun:all-contributors/add-oplik0 shimun:ccid shimun:cap_button_delay shimun:all-contributors/add-kimusan shimun:fixb_build shimun:update-udev-docs shimun:nfc_fido2_fixes shimun:documentation_improvements shimun:bump_2.4.3 shimun:fix_cdc_interfaces shimun:cache_button shimun:merlokk-pps_impl shimun:all-contributors/add-szszszsz shimun:windows_hello_error_codes shimun:fix-hmac-secret shimun:fault_tolerance shimun:extapdu shimun:sanitize shimun:persistedkey shimun:fido2-conformance
shimun:8lfp9n2gyxjssac4d2c7n5pcj1ydmg6n shimun:4.0.0 shimun:3.1.3 shimun:3.1.2 shimun:3.1.1 shimun:3.1.0 shimun:3.0.1 shimun:3.0.0 shimun:2.5.3 shimun:2.5.2 shimun:2.5.1 shimun:2.5.0 shimun:2.4.3 shimun:2.4.2 shimun:2.4.1 shimun:2.4.0 shimun:2.3.0 shimun:2.2.2 shimun:2.2.1 shimun:2.2.0 shimun:2.1.0 shimun:2.0.0 shimun:1.1.1 shimun:1.1.0 shimun:1.0.2 shimun:1.0.1 shimun:basic-hacker-build shimun:fido2-cert
..
compare: shimun:cred_dfs
Branches Tags
shimun:master shimun:master-old shimun:reset-timeout shimun:max_enumeration_issue shimun:hmac-secret-uv shimun:cred_dfs shimun:rgerganov-cred-meta-fix shimun:fix_version_in_build shimun:cbor_safety shimun:backup_improvements shimun:b3.1.1 shimun:aaguid_cert_update shimun:library_refactor shimun:all-contributors/add-Nitrokey shimun:bump3.0.0 shimun:all-contributors/add-ccinelli shimun:simplify_build shimun:move_certs_and_lock_to_data shimun:fido2_on_u2f shimun:redue_bootloader_size shimun:all-contributors/add-jolo1581 shimun:key-backup shimun:ctap2_issues shimun:nfc_conformance shimun:all-contributors/add-oplik0 shimun:ccid shimun:cap_button_delay shimun:all-contributors/add-kimusan shimun:fixb_build shimun:update-udev-docs shimun:nfc_fido2_fixes shimun:documentation_improvements shimun:bump_2.4.3 shimun:fix_cdc_interfaces shimun:cache_button shimun:merlokk-pps_impl shimun:all-contributors/add-szszszsz shimun:windows_hello_error_codes shimun:fix-hmac-secret shimun:fault_tolerance shimun:extapdu shimun:sanitize shimun:persistedkey shimun:fido2-conformance
shimun:8lfp9n2gyxjssac4d2c7n5pcj1ydmg6n shimun:4.0.0 shimun:3.1.3 shimun:3.1.2 shimun:3.1.1 shimun:3.1.0 shimun:3.0.1 shimun:3.0.0 shimun:2.5.3 shimun:2.5.2 shimun:2.5.1 shimun:2.5.0 shimun:2.4.3 shimun:2.4.2 shimun:2.4.1 shimun:2.4.0 shimun:2.3.0 shimun:2.2.2 shimun:2.2.1 shimun:2.2.0 shimun:2.1.0 shimun:2.0.0 shimun:1.1.1 shimun:1.1.0 shimun:1.0.2 shimun:1.0.1 shimun:basic-hacker-build shimun:fido2-cert

3 Commits
reset-time ... cred_dfs

Author SHA1 Message Date
Conor Patrick
ec52ca2605 refactor credmgmt 2020-03-27 10:43:26 -04:00
Conor Patrick
5d2acf19f1 change parsing TAG_CM to TAG_PARSE 2020-03-27 00:28:41 -04:00
Conor Patrick
6196481b7f allow depth-first-search and account for interleaved RK's 2020-03-27 00:28:23 -04:00
2 changed files with 9 additions and 17 deletions
Expand all files Collapse all files

2
STABLE_VERSION
View File

@ -1 +1 @@
4.0.0
3.2.0

18
fido2/ctap.c
View File

@ -31,7 +31,6 @@ uint8_t PIN_TOKEN[PIN_TOKEN_SIZE];
uint8_t KEY_AGREEMENT_PUB[64];
static uint8_t KEY_AGREEMENT_PRIV[32];
static int8_t PIN_BOOT_ATTEMPTS_LEFT = PIN_BOOT_ATTEMPTS;
static uint32_t BOOT_TIME = 0;
AuthenticatorState STATE;
@ -462,7 +461,6 @@ static int ctap_make_extensions(CTAP_extensions * ext, uint8_t * ext_encoder_buf
// Generate credRandom
crypto_sha256_hmac_init(CRYPTO_TRANSPORT_KEY2, 0, credRandom);
crypto_sha256_update((uint8_t*)&ext->hmac_secret.credential->id, sizeof(CredentialId));
crypto_sha256_update(&getAssertionState.user_verified, 1);
crypto_sha256_hmac_final(CRYPTO_TRANSPORT_KEY2, 0, credRandom);
// Decrypt saltEnc
@ -1588,15 +1586,18 @@ static int scan_for_next_rk(int index, uint8_t * initialRpIdHash){
if (initialRpIdHash != NULL) {
memmove(lastRpIdHash, initialRpIdHash, 32);
index = -1;
index = 0;
}
else
{
ctap_load_rk(index, &rk);
memmove(lastRpIdHash, rk.id.rpIdHash, 32);
index++;
}
do
ctap_load_rk(index, &rk);
while ( memcmp( rk.id.rpIdHash, lastRpIdHash, 32 ) != 0 )
{
index++;
if ((unsigned int)index >= ctap_rk_size())
@ -1605,7 +1606,6 @@ static int scan_for_next_rk(int index, uint8_t * initialRpIdHash){
}
ctap_load_rk(index, &rk);
}
while ( memcmp( rk.id.rpIdHash, lastRpIdHash, 32 ) != 0 );
return index;
}
@ -2286,18 +2286,11 @@ uint8_t ctap_request(uint8_t * pkt_raw, int length, CTAP_RESPONSE * resp)
break;
case CTAP_RESET:
printf1(TAG_CTAP,"CTAP_RESET\n");
if ((millis() - BOOT_TIME) > 10 * 1000)
{
status = CTAP2_ERR_NOT_ALLOWED;
}
else
{
status = ctap2_user_presence_test();
if (status == CTAP1_ERR_SUCCESS)
{
ctap_reset();
}
}
break;
case GET_NEXT_ASSERTION:
printf1(TAG_CTAP,"CTAP_NEXT_ASSERTION\n");
@ -2390,7 +2383,6 @@ void ctap_init()
firmware_version.major, firmware_version.minor, firmware_version.patch, firmware_version.reserved,
firmware_version.major, firmware_version.minor, firmware_version.patch, firmware_version.reserved
);
BOOT_TIME = millis();
crypto_ecc256_init();
int is_init = authenticator_read_state(&STATE);