Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright (c) 2019-2021 Yubico AB. All rights reserved. |
3 | | * Use of this source code is governed by a BSD-style |
4 | | * license that can be found in the LICENSE file. |
5 | | */ |
6 | | |
7 | | #include <openssl/sha.h> |
8 | | |
9 | | #include "fido.h" |
10 | | #include "fido/credman.h" |
11 | | #include "fido/es256.h" |
12 | | |
13 | 377 | #define CMD_CRED_METADATA 0x01 |
14 | 506 | #define CMD_RP_BEGIN 0x02 |
15 | 398 | #define CMD_RP_NEXT 0x03 |
16 | 2.04k | #define CMD_RK_BEGIN 0x04 |
17 | 592 | #define CMD_RK_NEXT 0x05 |
18 | 1.17k | #define CMD_DELETE_CRED 0x06 |
19 | 1.25k | #define CMD_UPDATE_CRED 0x07 |
20 | | |
21 | | static int |
22 | | credman_grow_array(void **ptr, size_t *n_alloc, size_t *n_rx, size_t n, |
23 | | size_t size) |
24 | 902 | { |
25 | 902 | void *new_ptr; |
26 | | |
27 | 902 | #ifdef FIDO_FUZZ |
28 | 902 | if (n > UINT8_MAX) { |
29 | 173 | fido_log_debug("%s: n > UINT8_MAX", __func__); |
30 | 173 | return (-1); |
31 | 173 | } |
32 | 729 | #endif |
33 | | |
34 | 729 | if (n < *n_alloc) |
35 | 0 | return (0); |
36 | | |
37 | | /* sanity check */ |
38 | 729 | if (*n_rx > 0 || *n_rx > *n_alloc || n < *n_alloc) { |
39 | 0 | fido_log_debug("%s: n=%zu, n_rx=%zu, n_alloc=%zu", __func__, n, |
40 | 0 | *n_rx, *n_alloc); |
41 | 0 | return (-1); |
42 | 0 | } |
43 | | |
44 | 729 | if ((new_ptr = recallocarray(*ptr, *n_alloc, n, size)) == NULL) |
45 | 1 | return (-1); |
46 | | |
47 | 728 | *ptr = new_ptr; |
48 | 728 | *n_alloc = n; |
49 | | |
50 | 728 | return (0); |
51 | 729 | } |
52 | | |
53 | | static int |
54 | | credman_prepare_hmac(uint8_t cmd, const void *body, cbor_item_t **param, |
55 | | fido_blob_t *hmac_data) |
56 | 2.12k | { |
57 | 2.12k | cbor_item_t *param_cbor[3]; |
58 | 2.12k | const fido_cred_t *cred; |
59 | 2.12k | size_t n; |
60 | 2.12k | int ok = -1; |
61 | | |
62 | 2.12k | memset(¶m_cbor, 0, sizeof(param_cbor)); |
63 | | |
64 | 2.12k | if (body == NULL) |
65 | 614 | return (fido_blob_set(hmac_data, &cmd, sizeof(cmd))); |
66 | | |
67 | 1.51k | switch (cmd) { |
68 | 923 | case CMD_RK_BEGIN: |
69 | 923 | n = 1; |
70 | 923 | if ((param_cbor[0] = fido_blob_encode(body)) == NULL) { |
71 | 1 | fido_log_debug("%s: cbor encode", __func__); |
72 | 1 | goto fail; |
73 | 1 | } |
74 | 922 | break; |
75 | 922 | case CMD_DELETE_CRED: |
76 | 264 | n = 2; |
77 | 264 | if ((param_cbor[1] = cbor_encode_pubkey(body)) == NULL) { |
78 | 9 | fido_log_debug("%s: cbor encode", __func__); |
79 | 9 | goto fail; |
80 | 9 | } |
81 | 255 | break; |
82 | 325 | case CMD_UPDATE_CRED: |
83 | 325 | n = 3; |
84 | 325 | cred = body; |
85 | 325 | param_cbor[1] = cbor_encode_pubkey(&cred->attcred.id); |
86 | 325 | param_cbor[2] = cbor_encode_user_entity(&cred->user); |
87 | 325 | if (param_cbor[1] == NULL || param_cbor[2] == NULL) { |
88 | 21 | fido_log_debug("%s: cbor encode", __func__); |
89 | 21 | goto fail; |
90 | 21 | } |
91 | 304 | break; |
92 | 304 | default: |
93 | 0 | fido_log_debug("%s: unknown cmd=0x%02x", __func__, cmd); |
94 | 0 | return (-1); |
95 | 1.51k | } |
96 | | |
97 | 1.48k | if ((*param = cbor_flatten_vector(param_cbor, n)) == NULL) { |
98 | 7 | fido_log_debug("%s: cbor_flatten_vector", __func__); |
99 | 7 | goto fail; |
100 | 7 | } |
101 | 1.47k | if (cbor_build_frame(cmd, param_cbor, n, hmac_data) < 0) { |
102 | 13 | fido_log_debug("%s: cbor_build_frame", __func__); |
103 | 13 | goto fail; |
104 | 13 | } |
105 | | |
106 | 1.46k | ok = 0; |
107 | 1.51k | fail: |
108 | 1.51k | cbor_vector_free(param_cbor, nitems(param_cbor)); |
109 | | |
110 | 1.51k | return (ok); |
111 | 1.46k | } |
112 | | |
113 | | static int |
114 | | credman_tx(fido_dev_t *dev, uint8_t subcmd, const void *param, const char *pin, |
115 | | const char *rp_id, fido_opt_t uv, int *ms) |
116 | 4.84k | { |
117 | 4.84k | fido_blob_t f; |
118 | 4.84k | fido_blob_t *ecdh = NULL; |
119 | 4.84k | fido_blob_t hmac; |
120 | 4.84k | es256_pk_t *pk = NULL; |
121 | 4.84k | cbor_item_t *argv[4]; |
122 | 4.84k | const uint8_t cmd = CTAP_CBOR_CRED_MGMT_PRE; |
123 | 4.84k | int r = FIDO_ERR_INTERNAL; |
124 | | |
125 | 4.84k | memset(&f, 0, sizeof(f)); |
126 | 4.84k | memset(&hmac, 0, sizeof(hmac)); |
127 | 4.84k | memset(&argv, 0, sizeof(argv)); |
128 | | |
129 | 4.84k | if (fido_dev_is_fido2(dev) == false) { |
130 | 1.72k | fido_log_debug("%s: fido_dev_is_fido2", __func__); |
131 | 1.72k | r = FIDO_ERR_INVALID_COMMAND; |
132 | 1.72k | goto fail; |
133 | 1.72k | } |
134 | | |
135 | | /* subCommand */ |
136 | 3.12k | if ((argv[0] = cbor_build_uint8(subcmd)) == NULL) { |
137 | 7 | fido_log_debug("%s: cbor encode", __func__); |
138 | 7 | goto fail; |
139 | 7 | } |
140 | | |
141 | | /* pinProtocol, pinAuth */ |
142 | 3.11k | if (pin != NULL || uv == FIDO_OPT_TRUE) { |
143 | 2.12k | if (credman_prepare_hmac(subcmd, param, &argv[1], &hmac) < 0) { |
144 | 51 | fido_log_debug("%s: credman_prepare_hmac", __func__); |
145 | 51 | goto fail; |
146 | 51 | } |
147 | 2.07k | if ((r = fido_do_ecdh(dev, &pk, &ecdh, ms)) != FIDO_OK) { |
148 | 754 | fido_log_debug("%s: fido_do_ecdh", __func__); |
149 | 754 | goto fail; |
150 | 754 | } |
151 | 1.32k | if ((r = cbor_add_uv_params(dev, cmd, &hmac, pk, ecdh, pin, |
152 | 1.32k | rp_id, &argv[3], &argv[2], ms)) != FIDO_OK) { |
153 | 251 | fido_log_debug("%s: cbor_add_uv_params", __func__); |
154 | 251 | goto fail; |
155 | 251 | } |
156 | 1.32k | } |
157 | | |
158 | | /* framing and transmission */ |
159 | 2.05k | if (cbor_build_frame(cmd, argv, nitems(argv), &f) < 0 || |
160 | 2.05k | fido_tx(dev, CTAP_CMD_CBOR, f.ptr, f.len, ms) < 0) { |
161 | 30 | fido_log_debug("%s: fido_tx", __func__); |
162 | 30 | r = FIDO_ERR_TX; |
163 | 30 | goto fail; |
164 | 30 | } |
165 | | |
166 | 2.02k | r = FIDO_OK; |
167 | 4.84k | fail: |
168 | 4.84k | es256_pk_free(&pk); |
169 | 4.84k | fido_blob_free(&ecdh); |
170 | 4.84k | cbor_vector_free(argv, nitems(argv)); |
171 | 4.84k | free(f.ptr); |
172 | 4.84k | free(hmac.ptr); |
173 | | |
174 | 4.84k | return (r); |
175 | 2.02k | } |
176 | | |
177 | | static int |
178 | | credman_parse_metadata(const cbor_item_t *key, const cbor_item_t *val, |
179 | | void *arg) |
180 | 47 | { |
181 | 47 | fido_credman_metadata_t *metadata = arg; |
182 | | |
183 | 47 | if (cbor_isa_uint(key) == false || |
184 | 47 | cbor_int_get_width(key) != CBOR_INT_8) { |
185 | 20 | fido_log_debug("%s: cbor type", __func__); |
186 | 20 | return (0); /* ignore */ |
187 | 20 | } |
188 | | |
189 | 27 | switch (cbor_get_uint8(key)) { |
190 | 4 | case 1: |
191 | 4 | return (cbor_decode_uint64(val, &metadata->rk_existing)); |
192 | 4 | case 2: |
193 | 4 | return (cbor_decode_uint64(val, &metadata->rk_remaining)); |
194 | 19 | default: |
195 | 19 | fido_log_debug("%s: cbor type", __func__); |
196 | 19 | return (0); /* ignore */ |
197 | 27 | } |
198 | 27 | } |
199 | | |
200 | | static int |
201 | | credman_rx_metadata(fido_dev_t *dev, fido_credman_metadata_t *metadata, int *ms) |
202 | 27 | { |
203 | 27 | unsigned char reply[FIDO_MAXMSG]; |
204 | 27 | int reply_len; |
205 | 27 | int r; |
206 | | |
207 | 27 | memset(metadata, 0, sizeof(*metadata)); |
208 | | |
209 | 27 | if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply), |
210 | 27 | ms)) < 0) { |
211 | 2 | fido_log_debug("%s: fido_rx", __func__); |
212 | 2 | return (FIDO_ERR_RX); |
213 | 2 | } |
214 | | |
215 | 25 | if ((r = cbor_parse_reply(reply, (size_t)reply_len, metadata, |
216 | 25 | credman_parse_metadata)) != FIDO_OK) { |
217 | 17 | fido_log_debug("%s: credman_parse_metadata", __func__); |
218 | 17 | return (r); |
219 | 17 | } |
220 | | |
221 | 8 | return (FIDO_OK); |
222 | 25 | } |
223 | | |
224 | | static int |
225 | | credman_get_metadata_wait(fido_dev_t *dev, fido_credman_metadata_t *metadata, |
226 | | const char *pin, int *ms) |
227 | 377 | { |
228 | 377 | int r; |
229 | | |
230 | 377 | if ((r = credman_tx(dev, CMD_CRED_METADATA, NULL, pin, NULL, |
231 | 377 | FIDO_OPT_TRUE, ms)) != FIDO_OK || |
232 | 377 | (r = credman_rx_metadata(dev, metadata, ms)) != FIDO_OK) |
233 | 369 | return (r); |
234 | | |
235 | 8 | return (FIDO_OK); |
236 | 377 | } |
237 | | |
238 | | int |
239 | | fido_credman_get_dev_metadata(fido_dev_t *dev, fido_credman_metadata_t *metadata, |
240 | | const char *pin) |
241 | 377 | { |
242 | 377 | int ms = dev->timeout_ms; |
243 | | |
244 | 377 | return (credman_get_metadata_wait(dev, metadata, pin, &ms)); |
245 | 377 | } |
246 | | |
247 | | static int |
248 | | credman_parse_rk(const cbor_item_t *key, const cbor_item_t *val, void *arg) |
249 | 4.37k | { |
250 | 4.37k | fido_cred_t *cred = arg; |
251 | 4.37k | uint64_t prot; |
252 | | |
253 | 4.37k | if (cbor_isa_uint(key) == false || |
254 | 4.37k | cbor_int_get_width(key) != CBOR_INT_8) { |
255 | 102 | fido_log_debug("%s: cbor type", __func__); |
256 | 102 | return (0); /* ignore */ |
257 | 102 | } |
258 | | |
259 | 4.27k | switch (cbor_get_uint8(key)) { |
260 | 964 | case 6: |
261 | 964 | return (cbor_decode_user(val, &cred->user)); |
262 | 996 | case 7: |
263 | 996 | return (cbor_decode_cred_id(val, &cred->attcred.id)); |
264 | 976 | case 8: |
265 | 976 | if (cbor_decode_pubkey(val, &cred->attcred.type, |
266 | 976 | &cred->attcred.pubkey) < 0) |
267 | 352 | return (-1); |
268 | 624 | cred->type = cred->attcred.type; /* XXX */ |
269 | 624 | return (0); |
270 | 599 | case 10: |
271 | 599 | if (cbor_decode_uint64(val, &prot) < 0 || prot > INT_MAX || |
272 | 599 | fido_cred_set_prot(cred, (int)prot) != FIDO_OK) |
273 | 101 | return (-1); |
274 | 498 | return (0); |
275 | 3 | case 11: |
276 | 3 | return (fido_blob_decode(val, &cred->largeblob_key)); |
277 | 734 | default: |
278 | 734 | fido_log_debug("%s: cbor type", __func__); |
279 | 734 | return (0); /* ignore */ |
280 | 4.27k | } |
281 | 4.27k | } |
282 | | |
283 | | static void |
284 | | credman_reset_rk(fido_credman_rk_t *rk) |
285 | 1.85k | { |
286 | 15.8k | for (size_t i = 0; i < rk->n_alloc; i++) { |
287 | 14.0k | fido_cred_reset_tx(&rk->ptr[i]); |
288 | 14.0k | fido_cred_reset_rx(&rk->ptr[i]); |
289 | 14.0k | } |
290 | | |
291 | 1.85k | free(rk->ptr); |
292 | 1.85k | rk->ptr = NULL; |
293 | 1.85k | memset(rk, 0, sizeof(*rk)); |
294 | 1.85k | } |
295 | | |
296 | | static int |
297 | | credman_parse_rk_count(const cbor_item_t *key, const cbor_item_t *val, |
298 | | void *arg) |
299 | 3.45k | { |
300 | 3.45k | fido_credman_rk_t *rk = arg; |
301 | 3.45k | uint64_t n; |
302 | | |
303 | | /* totalCredentials */ |
304 | 3.45k | if (cbor_isa_uint(key) == false || |
305 | 3.45k | cbor_int_get_width(key) != CBOR_INT_8 || |
306 | 3.45k | cbor_get_uint8(key) != 9) { |
307 | 2.76k | fido_log_debug("%s: cbor_type", __func__); |
308 | 2.76k | return (0); /* ignore */ |
309 | 2.76k | } |
310 | | |
311 | 692 | if (cbor_decode_uint64(val, &n) < 0 || n > SIZE_MAX) { |
312 | 1 | fido_log_debug("%s: cbor_decode_uint64", __func__); |
313 | 1 | return (-1); |
314 | 1 | } |
315 | | |
316 | 691 | if (credman_grow_array((void **)&rk->ptr, &rk->n_alloc, &rk->n_rx, |
317 | 691 | (size_t)n, sizeof(*rk->ptr)) < 0) { |
318 | 78 | fido_log_debug("%s: credman_grow_array", __func__); |
319 | 78 | return (-1); |
320 | 78 | } |
321 | | |
322 | 613 | return (0); |
323 | 691 | } |
324 | | |
325 | | static int |
326 | | credman_rx_rk(fido_dev_t *dev, fido_credman_rk_t *rk, int *ms) |
327 | 724 | { |
328 | 724 | unsigned char reply[FIDO_MAXMSG]; |
329 | 724 | int reply_len; |
330 | 724 | int r; |
331 | | |
332 | 724 | credman_reset_rk(rk); |
333 | | |
334 | 724 | if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply), |
335 | 724 | ms)) < 0) { |
336 | 5 | fido_log_debug("%s: fido_rx", __func__); |
337 | 5 | return (FIDO_ERR_RX); |
338 | 5 | } |
339 | | |
340 | | /* adjust as needed */ |
341 | 719 | if ((r = cbor_parse_reply(reply, (size_t)reply_len, rk, |
342 | 719 | credman_parse_rk_count)) != FIDO_OK) { |
343 | 100 | fido_log_debug("%s: credman_parse_rk_count", __func__); |
344 | 100 | return (r); |
345 | 100 | } |
346 | | |
347 | 619 | if (rk->n_alloc == 0) { |
348 | 6 | fido_log_debug("%s: n_alloc=0", __func__); |
349 | 6 | return (FIDO_OK); |
350 | 6 | } |
351 | | |
352 | | /* parse the first rk */ |
353 | 613 | if ((r = cbor_parse_reply(reply, (size_t)reply_len, &rk->ptr[0], |
354 | 613 | credman_parse_rk)) != FIDO_OK) { |
355 | 162 | fido_log_debug("%s: credman_parse_rk", __func__); |
356 | 162 | return (r); |
357 | 162 | } |
358 | | |
359 | 451 | rk->n_rx++; |
360 | | |
361 | 451 | return (FIDO_OK); |
362 | 613 | } |
363 | | |
364 | | static int |
365 | | credman_rx_next_rk(fido_dev_t *dev, fido_credman_rk_t *rk, int *ms) |
366 | 588 | { |
367 | 588 | unsigned char reply[FIDO_MAXMSG]; |
368 | 588 | int reply_len; |
369 | 588 | int r; |
370 | | |
371 | 588 | if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply), |
372 | 588 | ms)) < 0) { |
373 | 64 | fido_log_debug("%s: fido_rx", __func__); |
374 | 64 | return (FIDO_ERR_RX); |
375 | 64 | } |
376 | | |
377 | | /* sanity check */ |
378 | 524 | if (rk->n_rx >= rk->n_alloc) { |
379 | 0 | fido_log_debug("%s: n_rx=%zu, n_alloc=%zu", __func__, rk->n_rx, |
380 | 0 | rk->n_alloc); |
381 | 0 | return (FIDO_ERR_INTERNAL); |
382 | 0 | } |
383 | | |
384 | 524 | if ((r = cbor_parse_reply(reply, (size_t)reply_len, &rk->ptr[rk->n_rx], |
385 | 524 | credman_parse_rk)) != FIDO_OK) { |
386 | 379 | fido_log_debug("%s: credman_parse_rk", __func__); |
387 | 379 | return (r); |
388 | 379 | } |
389 | | |
390 | 145 | return (FIDO_OK); |
391 | 524 | } |
392 | | |
393 | | static int |
394 | | credman_get_rk_wait(fido_dev_t *dev, const char *rp_id, fido_credman_rk_t *rk, |
395 | | const char *pin, int *ms) |
396 | 1.12k | { |
397 | 1.12k | fido_blob_t rp_dgst; |
398 | 1.12k | uint8_t dgst[SHA256_DIGEST_LENGTH]; |
399 | 1.12k | int r; |
400 | | |
401 | 1.12k | if (SHA256((const unsigned char *)rp_id, strlen(rp_id), dgst) != dgst) { |
402 | 2 | fido_log_debug("%s: sha256", __func__); |
403 | 2 | return (FIDO_ERR_INTERNAL); |
404 | 2 | } |
405 | | |
406 | 1.12k | rp_dgst.ptr = dgst; |
407 | 1.12k | rp_dgst.len = sizeof(dgst); |
408 | | |
409 | 1.12k | if ((r = credman_tx(dev, CMD_RK_BEGIN, &rp_dgst, pin, rp_id, |
410 | 1.12k | FIDO_OPT_TRUE, ms)) != FIDO_OK || |
411 | 1.12k | (r = credman_rx_rk(dev, rk, ms)) != FIDO_OK) |
412 | 667 | return (r); |
413 | | |
414 | 602 | while (rk->n_rx < rk->n_alloc) { |
415 | 592 | if ((r = credman_tx(dev, CMD_RK_NEXT, NULL, NULL, NULL, |
416 | 592 | FIDO_OPT_FALSE, ms)) != FIDO_OK || |
417 | 592 | (r = credman_rx_next_rk(dev, rk, ms)) != FIDO_OK) |
418 | 447 | return (r); |
419 | 145 | rk->n_rx++; |
420 | 145 | } |
421 | | |
422 | 10 | return (FIDO_OK); |
423 | 457 | } |
424 | | |
425 | | int |
426 | | fido_credman_get_dev_rk(fido_dev_t *dev, const char *rp_id, |
427 | | fido_credman_rk_t *rk, const char *pin) |
428 | 1.12k | { |
429 | 1.12k | int ms = dev->timeout_ms; |
430 | | |
431 | 1.12k | return (credman_get_rk_wait(dev, rp_id, rk, pin, &ms)); |
432 | 1.12k | } |
433 | | |
434 | | static int |
435 | | credman_del_rk_wait(fido_dev_t *dev, const unsigned char *cred_id, |
436 | | size_t cred_id_len, const char *pin, int *ms) |
437 | 916 | { |
438 | 916 | fido_blob_t cred; |
439 | 916 | int r; |
440 | | |
441 | 916 | memset(&cred, 0, sizeof(cred)); |
442 | | |
443 | 916 | if (fido_blob_set(&cred, cred_id, cred_id_len) < 0) |
444 | 5 | return (FIDO_ERR_INVALID_ARGUMENT); |
445 | | |
446 | 911 | if ((r = credman_tx(dev, CMD_DELETE_CRED, &cred, pin, NULL, |
447 | 911 | FIDO_OPT_TRUE, ms)) != FIDO_OK || |
448 | 911 | (r = fido_rx_cbor_status(dev, ms)) != FIDO_OK) |
449 | 906 | goto fail; |
450 | | |
451 | 5 | r = FIDO_OK; |
452 | 911 | fail: |
453 | 911 | free(cred.ptr); |
454 | | |
455 | 911 | return (r); |
456 | 5 | } |
457 | | |
458 | | int |
459 | | fido_credman_del_dev_rk(fido_dev_t *dev, const unsigned char *cred_id, |
460 | | size_t cred_id_len, const char *pin) |
461 | 916 | { |
462 | 916 | int ms = dev->timeout_ms; |
463 | | |
464 | 916 | return (credman_del_rk_wait(dev, cred_id, cred_id_len, pin, &ms)); |
465 | 916 | } |
466 | | |
467 | | static int |
468 | | credman_parse_rp(const cbor_item_t *key, const cbor_item_t *val, void *arg) |
469 | 948 | { |
470 | 948 | struct fido_credman_single_rp *rp = arg; |
471 | | |
472 | 948 | if (cbor_isa_uint(key) == false || |
473 | 948 | cbor_int_get_width(key) != CBOR_INT_8) { |
474 | 155 | fido_log_debug("%s: cbor type", __func__); |
475 | 155 | return (0); /* ignore */ |
476 | 155 | } |
477 | | |
478 | 793 | switch (cbor_get_uint8(key)) { |
479 | 347 | case 3: |
480 | 347 | return (cbor_decode_rp_entity(val, &rp->rp_entity)); |
481 | 212 | case 4: |
482 | 212 | return (fido_blob_decode(val, &rp->rp_id_hash)); |
483 | 234 | default: |
484 | 234 | fido_log_debug("%s: cbor type", __func__); |
485 | 234 | return (0); /* ignore */ |
486 | 793 | } |
487 | 793 | } |
488 | | |
489 | | static void |
490 | | credman_reset_rp(fido_credman_rp_t *rp) |
491 | 745 | { |
492 | 3.81k | for (size_t i = 0; i < rp->n_alloc; i++) { |
493 | 3.06k | free(rp->ptr[i].rp_entity.id); |
494 | 3.06k | free(rp->ptr[i].rp_entity.name); |
495 | 3.06k | rp->ptr[i].rp_entity.id = NULL; |
496 | 3.06k | rp->ptr[i].rp_entity.name = NULL; |
497 | 3.06k | fido_blob_reset(&rp->ptr[i].rp_id_hash); |
498 | 3.06k | } |
499 | | |
500 | 745 | free(rp->ptr); |
501 | 745 | rp->ptr = NULL; |
502 | 745 | memset(rp, 0, sizeof(*rp)); |
503 | 745 | } |
504 | | |
505 | | static int |
506 | | credman_parse_rp_count(const cbor_item_t *key, const cbor_item_t *val, |
507 | | void *arg) |
508 | 911 | { |
509 | 911 | fido_credman_rp_t *rp = arg; |
510 | 911 | uint64_t n; |
511 | | |
512 | | /* totalRPs */ |
513 | 911 | if (cbor_isa_uint(key) == false || |
514 | 911 | cbor_int_get_width(key) != CBOR_INT_8 || |
515 | 911 | cbor_get_uint8(key) != 5) { |
516 | 699 | fido_log_debug("%s: cbor_type", __func__); |
517 | 699 | return (0); /* ignore */ |
518 | 699 | } |
519 | | |
520 | 212 | if (cbor_decode_uint64(val, &n) < 0 || n > SIZE_MAX) { |
521 | 1 | fido_log_debug("%s: cbor_decode_uint64", __func__); |
522 | 1 | return (-1); |
523 | 1 | } |
524 | | |
525 | 211 | if (credman_grow_array((void **)&rp->ptr, &rp->n_alloc, &rp->n_rx, |
526 | 211 | (size_t)n, sizeof(*rp->ptr)) < 0) { |
527 | 96 | fido_log_debug("%s: credman_grow_array", __func__); |
528 | 96 | return (-1); |
529 | 96 | } |
530 | | |
531 | 115 | return (0); |
532 | 211 | } |
533 | | |
534 | | static int |
535 | | credman_rx_rp(fido_dev_t *dev, fido_credman_rp_t *rp, int *ms) |
536 | 239 | { |
537 | 239 | unsigned char reply[FIDO_MAXMSG]; |
538 | 239 | int reply_len; |
539 | 239 | int r; |
540 | | |
541 | 239 | credman_reset_rp(rp); |
542 | | |
543 | 239 | if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply), |
544 | 239 | ms)) < 0) { |
545 | 1 | fido_log_debug("%s: fido_rx", __func__); |
546 | 1 | return (FIDO_ERR_RX); |
547 | 1 | } |
548 | | |
549 | | /* adjust as needed */ |
550 | 238 | if ((r = cbor_parse_reply(reply, (size_t)reply_len, rp, |
551 | 238 | credman_parse_rp_count)) != FIDO_OK) { |
552 | 117 | fido_log_debug("%s: credman_parse_rp_count", __func__); |
553 | 117 | return (r); |
554 | 117 | } |
555 | | |
556 | 121 | if (rp->n_alloc == 0) { |
557 | 7 | fido_log_debug("%s: n_alloc=0", __func__); |
558 | 7 | return (FIDO_OK); |
559 | 7 | } |
560 | | |
561 | | /* parse the first rp */ |
562 | 114 | if ((r = cbor_parse_reply(reply, (size_t)reply_len, &rp->ptr[0], |
563 | 114 | credman_parse_rp)) != FIDO_OK) { |
564 | 4 | fido_log_debug("%s: credman_parse_rp", __func__); |
565 | 4 | return (r); |
566 | 4 | } |
567 | | |
568 | 110 | rp->n_rx++; |
569 | | |
570 | 110 | return (FIDO_OK); |
571 | 114 | } |
572 | | |
573 | | static int |
574 | | credman_rx_next_rp(fido_dev_t *dev, fido_credman_rp_t *rp, int *ms) |
575 | 393 | { |
576 | 393 | unsigned char reply[FIDO_MAXMSG]; |
577 | 393 | int reply_len; |
578 | 393 | int r; |
579 | | |
580 | 393 | if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply), |
581 | 393 | ms)) < 0) { |
582 | 57 | fido_log_debug("%s: fido_rx", __func__); |
583 | 57 | return (FIDO_ERR_RX); |
584 | 57 | } |
585 | | |
586 | | /* sanity check */ |
587 | 336 | if (rp->n_rx >= rp->n_alloc) { |
588 | 0 | fido_log_debug("%s: n_rx=%zu, n_alloc=%zu", __func__, rp->n_rx, |
589 | 0 | rp->n_alloc); |
590 | 0 | return (FIDO_ERR_INTERNAL); |
591 | 0 | } |
592 | | |
593 | 336 | if ((r = cbor_parse_reply(reply, (size_t)reply_len, &rp->ptr[rp->n_rx], |
594 | 336 | credman_parse_rp)) != FIDO_OK) { |
595 | 43 | fido_log_debug("%s: credman_parse_rp", __func__); |
596 | 43 | return (r); |
597 | 43 | } |
598 | | |
599 | 293 | return (FIDO_OK); |
600 | 336 | } |
601 | | |
602 | | static int |
603 | | credman_get_rp_wait(fido_dev_t *dev, fido_credman_rp_t *rp, const char *pin, |
604 | | int *ms) |
605 | 506 | { |
606 | 506 | int r; |
607 | | |
608 | 506 | if ((r = credman_tx(dev, CMD_RP_BEGIN, NULL, pin, NULL, |
609 | 506 | FIDO_OPT_TRUE, ms)) != FIDO_OK || |
610 | 506 | (r = credman_rx_rp(dev, rp, ms)) != FIDO_OK) |
611 | 389 | return (r); |
612 | | |
613 | 410 | while (rp->n_rx < rp->n_alloc) { |
614 | 398 | if ((r = credman_tx(dev, CMD_RP_NEXT, NULL, NULL, NULL, |
615 | 398 | FIDO_OPT_FALSE, ms)) != FIDO_OK || |
616 | 398 | (r = credman_rx_next_rp(dev, rp, ms)) != FIDO_OK) |
617 | 105 | return (r); |
618 | 293 | rp->n_rx++; |
619 | 293 | } |
620 | | |
621 | 12 | return (FIDO_OK); |
622 | 117 | } |
623 | | |
624 | | int |
625 | | fido_credman_get_dev_rp(fido_dev_t *dev, fido_credman_rp_t *rp, const char *pin) |
626 | 506 | { |
627 | 506 | int ms = dev->timeout_ms; |
628 | | |
629 | 506 | return (credman_get_rp_wait(dev, rp, pin, &ms)); |
630 | 506 | } |
631 | | |
632 | | static int |
633 | | credman_set_dev_rk_wait(fido_dev_t *dev, fido_cred_t *cred, const char *pin, |
634 | | int *ms) |
635 | 934 | { |
636 | 934 | int r; |
637 | | |
638 | 934 | if ((r = credman_tx(dev, CMD_UPDATE_CRED, cred, pin, NULL, |
639 | 934 | FIDO_OPT_TRUE, ms)) != FIDO_OK || |
640 | 934 | (r = fido_rx_cbor_status(dev, ms)) != FIDO_OK) |
641 | 930 | return (r); |
642 | | |
643 | 4 | return (FIDO_OK); |
644 | 934 | } |
645 | | |
646 | | int |
647 | | fido_credman_set_dev_rk(fido_dev_t *dev, fido_cred_t *cred, const char *pin) |
648 | 934 | { |
649 | 934 | int ms = dev->timeout_ms; |
650 | | |
651 | 934 | return (credman_set_dev_rk_wait(dev, cred, pin, &ms)); |
652 | 934 | } |
653 | | |
654 | | fido_credman_rk_t * |
655 | | fido_credman_rk_new(void) |
656 | 1.12k | { |
657 | 1.12k | return (calloc(1, sizeof(fido_credman_rk_t))); |
658 | 1.12k | } |
659 | | |
660 | | void |
661 | | fido_credman_rk_free(fido_credman_rk_t **rk_p) |
662 | 1.12k | { |
663 | 1.12k | fido_credman_rk_t *rk; |
664 | | |
665 | 1.12k | if (rk_p == NULL || (rk = *rk_p) == NULL) |
666 | 0 | return; |
667 | | |
668 | 1.12k | credman_reset_rk(rk); |
669 | 1.12k | free(rk); |
670 | 1.12k | *rk_p = NULL; |
671 | 1.12k | } |
672 | | |
673 | | size_t |
674 | | fido_credman_rk_count(const fido_credman_rk_t *rk) |
675 | 3.36k | { |
676 | 3.36k | return (rk->n_rx); |
677 | 3.36k | } |
678 | | |
679 | | const fido_cred_t * |
680 | | fido_credman_rk(const fido_credman_rk_t *rk, size_t idx) |
681 | 1.72k | { |
682 | 1.72k | if (idx >= rk->n_alloc) |
683 | 517 | return (NULL); |
684 | | |
685 | 1.20k | return (&rk->ptr[idx]); |
686 | 1.72k | } |
687 | | |
688 | | fido_credman_metadata_t * |
689 | | fido_credman_metadata_new(void) |
690 | 379 | { |
691 | 379 | return (calloc(1, sizeof(fido_credman_metadata_t))); |
692 | 379 | } |
693 | | |
694 | | void |
695 | | fido_credman_metadata_free(fido_credman_metadata_t **metadata_p) |
696 | 377 | { |
697 | 377 | fido_credman_metadata_t *metadata; |
698 | | |
699 | 377 | if (metadata_p == NULL || (metadata = *metadata_p) == NULL) |
700 | 0 | return; |
701 | | |
702 | 377 | free(metadata); |
703 | 377 | *metadata_p = NULL; |
704 | 377 | } |
705 | | |
706 | | uint64_t |
707 | | fido_credman_rk_existing(const fido_credman_metadata_t *metadata) |
708 | 377 | { |
709 | 377 | return (metadata->rk_existing); |
710 | 377 | } |
711 | | |
712 | | uint64_t |
713 | | fido_credman_rk_remaining(const fido_credman_metadata_t *metadata) |
714 | 377 | { |
715 | 377 | return (metadata->rk_remaining); |
716 | 377 | } |
717 | | |
718 | | fido_credman_rp_t * |
719 | | fido_credman_rp_new(void) |
720 | 508 | { |
721 | 508 | return (calloc(1, sizeof(fido_credman_rp_t))); |
722 | 508 | } |
723 | | |
724 | | void |
725 | | fido_credman_rp_free(fido_credman_rp_t **rp_p) |
726 | 506 | { |
727 | 506 | fido_credman_rp_t *rp; |
728 | | |
729 | 506 | if (rp_p == NULL || (rp = *rp_p) == NULL) |
730 | 0 | return; |
731 | | |
732 | 506 | credman_reset_rp(rp); |
733 | 506 | free(rp); |
734 | 506 | *rp_p = NULL; |
735 | 506 | } |
736 | | |
737 | | size_t |
738 | | fido_credman_rp_count(const fido_credman_rp_t *rp) |
739 | 1.41k | { |
740 | 1.41k | return (rp->n_rx); |
741 | 1.41k | } |
742 | | |
743 | | const char * |
744 | | fido_credman_rp_id(const fido_credman_rp_t *rp, size_t idx) |
745 | 909 | { |
746 | 909 | if (idx >= rp->n_alloc) |
747 | 397 | return (NULL); |
748 | | |
749 | 512 | return (rp->ptr[idx].rp_entity.id); |
750 | 909 | } |
751 | | |
752 | | const char * |
753 | | fido_credman_rp_name(const fido_credman_rp_t *rp, size_t idx) |
754 | 909 | { |
755 | 909 | if (idx >= rp->n_alloc) |
756 | 397 | return (NULL); |
757 | | |
758 | 512 | return (rp->ptr[idx].rp_entity.name); |
759 | 909 | } |
760 | | |
761 | | size_t |
762 | | fido_credman_rp_id_hash_len(const fido_credman_rp_t *rp, size_t idx) |
763 | 909 | { |
764 | 909 | if (idx >= rp->n_alloc) |
765 | 397 | return (0); |
766 | | |
767 | 512 | return (rp->ptr[idx].rp_id_hash.len); |
768 | 909 | } |
769 | | |
770 | | const unsigned char * |
771 | | fido_credman_rp_id_hash_ptr(const fido_credman_rp_t *rp, size_t idx) |
772 | 909 | { |
773 | 909 | if (idx >= rp->n_alloc) |
774 | 397 | return (NULL); |
775 | | |
776 | 512 | return (rp->ptr[idx].rp_id_hash.ptr); |
777 | 909 | } |