Coverage Report

Created: 2020-09-01 07:05

/libfido2/src/cred.c
Line
Count
Source (jump to first uncovered line)
1
/*
2
 * Copyright (c) 2018 Yubico AB. All rights reserved.
3
 * Use of this source code is governed by a BSD-style
4
 * license that can be found in the LICENSE file.
5
 */
6
7
#include <openssl/ec.h>
8
#include <openssl/evp.h>
9
#include <openssl/sha.h>
10
#include <openssl/x509.h>
11
12
#include <string.h>
13
#include "fido.h"
14
#include "fido/es256.h"
15
16
static int
17
parse_makecred_reply(const cbor_item_t *key, const cbor_item_t *val, void *arg)
18
884
{
19
884
        fido_cred_t *cred = arg;
20
884
21
884
        if (cbor_isa_uint(key) == false ||
22
884
            cbor_int_get_width(key) != CBOR_INT_8) {
23
14
                fido_log_debug("%s: cbor type", __func__);
24
14
                return (0); /* ignore */
25
14
        }
26
870
27
870
        switch (cbor_get_uint8(key)) {
28
360
        case 1: /* fmt */
29
360
                return (cbor_decode_fmt(val, &cred->fmt));
30
326
        case 2: /* authdata */
31
326
                return (cbor_decode_cred_authdata(val, cred->type,
32
326
                    &cred->authdata_cbor, &cred->authdata, &cred->attcred,
33
326
                    &cred->authdata_ext));
34
173
        case 3: /* attestation statement */
35
173
                return (cbor_decode_attstmt(val, &cred->attstmt));
36
11
        default: /* ignore */
37
11
                fido_log_debug("%s: cbor type", __func__);
38
11
                return (0);
39
870
        }
40
870
}
41
42
static int
43
fido_dev_make_cred_tx(fido_dev_t *dev, fido_cred_t *cred, const char *pin)
44
832
{
45
832
        fido_blob_t      f;
46
832
        fido_blob_t     *ecdh = NULL;
47
832
        es256_pk_t      *pk = NULL;
48
832
        cbor_item_t     *argv[9];
49
832
        int              r;
50
832
51
832
        memset(&f, 0, sizeof(f));
52
832
        memset(argv, 0, sizeof(argv));
53
832
54
832
        if (cred->cdh.ptr == NULL || cred->type == 0) {
55
2
                fido_log_debug("%s: cdh=%p, type=%d", __func__,
56
2
                    (void *)cred->cdh.ptr, cred->type);
57
2
                r = FIDO_ERR_INVALID_ARGUMENT;
58
2
                goto fail;
59
2
        }
60
830
61
830
        if ((argv[0] = fido_blob_encode(&cred->cdh)) == NULL ||
62
830
            (argv[1] = cbor_encode_rp_entity(&cred->rp)) == NULL ||
63
830
            (argv[2] = cbor_encode_user_entity(&cred->user)) == NULL ||
64
830
            (argv[3] = cbor_encode_pubkey_param(cred->type)) == NULL) {
65
30
                fido_log_debug("%s: cbor encode", __func__);
66
30
                r = FIDO_ERR_INTERNAL;
67
30
                goto fail;
68
30
        }
69
800
70
800
        /* excluded credentials */
71
800
        if (cred->excl.len)
72
571
                if ((argv[4] = cbor_encode_pubkey_list(&cred->excl)) == NULL) {
73
38
                        fido_log_debug("%s: cbor_encode_pubkey_list", __func__);
74
38
                        r = FIDO_ERR_INTERNAL;
75
38
                        goto fail;
76
38
                }
77
762
78
762
        /* extensions */
79
762
        if (cred->ext.mask)
80
371
                if ((argv[5] = cbor_encode_extensions(&cred->ext)) == NULL) {
81
5
                        fido_log_debug("%s: cbor_encode_extensions", __func__);
82
5
                        r = FIDO_ERR_INTERNAL;
83
5
                        goto fail;
84
5
                }
85
757
86
757
        /* options */
87
757
        if (cred->rk != FIDO_OPT_OMIT || cred->uv != FIDO_OPT_OMIT)
88
471
                if ((argv[6] = cbor_encode_options(cred->rk,
89
471
                    cred->uv)) == NULL) {
90
3
                        fido_log_debug("%s: cbor_encode_options", __func__);
91
3
                        r = FIDO_ERR_INTERNAL;
92
3
                        goto fail;
93
3
                }
94
754
95
754
        /* pin authentication */
96
754
        if (pin) {
97
657
                if ((r = fido_do_ecdh(dev, &pk, &ecdh)) != FIDO_OK) {
98
184
                        fido_log_debug("%s: fido_do_ecdh", __func__);
99
184
                        goto fail;
100
184
                }
101
473
                if ((r = cbor_add_pin_params(dev, &cred->cdh, pk, ecdh, pin,
102
473
                    &argv[7], &argv[8])) != FIDO_OK) {
103
86
                        fido_log_debug("%s: cbor_add_pin_params", __func__);
104
86
                        goto fail;
105
86
                }
106
484
        }
107
484
108
484
        /* framing and transmission */
109
484
        if (cbor_build_frame(CTAP_CBOR_MAKECRED, argv, nitems(argv), &f) < 0 ||
110
484
            fido_tx(dev, CTAP_CMD_CBOR, f.ptr, f.len) < 0) {
111
69
                fido_log_debug("%s: fido_tx", __func__);
112
69
                r = FIDO_ERR_TX;
113
69
                goto fail;
114
69
        }
115
415
116
415
        r = FIDO_OK;
117
832
fail:
118
832
        es256_pk_free(&pk);
119
832
        fido_blob_free(&ecdh);
120
832
        cbor_vector_free(argv, nitems(argv));
121
832
        free(f.ptr);
122
832
123
832
        return (r);
124
415
}
125
126
static int
127
fido_dev_make_cred_rx(fido_dev_t *dev, fido_cred_t *cred, int ms)
128
415
{
129
415
        unsigned char   reply[FIDO_MAXMSG];
130
415
        int             reply_len;
131
415
        int             r;
132
415
133
415
        fido_cred_reset_rx(cred);
134
415
135
415
        if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply),
136
415
            ms)) < 0) {
137
36
                fido_log_debug("%s: fido_rx", __func__);
138
36
                return (FIDO_ERR_RX);
139
36
        }
140
379
141
379
        if ((r = cbor_parse_reply(reply, (size_t)reply_len, cred,
142
379
            parse_makecred_reply)) != FIDO_OK) {
143
246
                fido_log_debug("%s: parse_makecred_reply", __func__);
144
246
                return (r);
145
246
        }
146
133
147
133
        if (cred->fmt == NULL || fido_blob_is_empty(&cred->authdata_cbor) ||
148
133
            fido_blob_is_empty(&cred->attcred.id) ||
149
133
            fido_blob_is_empty(&cred->attstmt.sig)) {
150
28
                fido_cred_reset_rx(cred);
151
28
                return (FIDO_ERR_INVALID_CBOR);
152
28
        }
153
105
154
105
        return (FIDO_OK);
155
105
}
156
157
static int
158
fido_dev_make_cred_wait(fido_dev_t *dev, fido_cred_t *cred, const char *pin, int ms)
159
832
{
160
832
        int  r;
161
832
162
832
        if ((r = fido_dev_make_cred_tx(dev, cred, pin)) != FIDO_OK ||
163
832
            (r = fido_dev_make_cred_rx(dev, cred, ms)) != FIDO_OK)
164
832
                return (r);
165
105
166
105
        return (FIDO_OK);
167
105
}
168
169
int
170
fido_dev_make_cred(fido_dev_t *dev, fido_cred_t *cred, const char *pin)
171
1.56k
{
172
1.56k
        if (fido_dev_is_fido2(dev) == false) {
173
737
                if (pin != NULL || cred->rk == FIDO_OPT_TRUE ||
174
737
                    cred->ext.mask != 0)
175
386
                        return (FIDO_ERR_UNSUPPORTED_OPTION);
176
351
                return (u2f_register(dev, cred, -1));
177
351
        }
178
832
179
832
        return (fido_dev_make_cred_wait(dev, cred, pin, -1));
180
832
}
181
182
static int
183
check_extensions(const fido_cred_ext_t *authdata_ext, const fido_cred_ext_t *ext)
184
88
{
185
88
        return (timingsafe_bcmp(authdata_ext, ext, sizeof(*authdata_ext)));
186
88
}
187
188
int
189
fido_check_rp_id(const char *id, const unsigned char *obtained_hash)
190
474
{
191
474
        unsigned char expected_hash[SHA256_DIGEST_LENGTH];
192
474
193
474
        explicit_bzero(expected_hash, sizeof(expected_hash));
194
474
195
474
        if (SHA256((const unsigned char *)id, strlen(id),
196
474
            expected_hash) != expected_hash) {
197
6
                fido_log_debug("%s: sha256", __func__);
198
6
                return (-1);
199
6
        }
200
468
201
468
        return (timingsafe_bcmp(expected_hash, obtained_hash,
202
468
            SHA256_DIGEST_LENGTH));
203
468
}
204
205
static int
206
get_signed_hash_u2f(fido_blob_t *dgst, const unsigned char *rp_id,
207
    size_t rp_id_len, const fido_blob_t *clientdata, const fido_blob_t *id,
208
    const es256_pk_t *pk)
209
27
{
210
27
        const uint8_t           zero = 0;
211
27
        const uint8_t           four = 4; /* uncompressed point */
212
27
        SHA256_CTX              ctx;
213
27
214
27
        if (dgst->len != SHA256_DIGEST_LENGTH || SHA256_Init(&ctx) == 0 ||
215
27
            SHA256_Update(&ctx, &zero, sizeof(zero)) == 0 ||
216
27
            SHA256_Update(&ctx, rp_id, rp_id_len) == 0 ||
217
27
            SHA256_Update(&ctx, clientdata->ptr, clientdata->len) == 0 ||
218
27
            SHA256_Update(&ctx, id->ptr, id->len) == 0 ||
219
27
            SHA256_Update(&ctx, &four, sizeof(four)) == 0 ||
220
27
            SHA256_Update(&ctx, pk->x, sizeof(pk->x)) == 0 ||
221
27
            SHA256_Update(&ctx, pk->y, sizeof(pk->y)) == 0 ||
222
27
            SHA256_Final(dgst->ptr, &ctx) == 0) {
223
10
                fido_log_debug("%s: sha256", __func__);
224
10
                return (-1);
225
10
        }
226
17
227
17
        return (0);
228
17
}
229
230
static int
231
verify_sig(const fido_blob_t *dgst, const fido_blob_t *x5c,
232
    const fido_blob_t *sig)
233
26
{
234
26
        BIO             *rawcert = NULL;
235
26
        X509            *cert = NULL;
236
26
        EVP_PKEY        *pkey = NULL;
237
26
        EC_KEY          *ec;
238
26
        int              ok = -1;
239
26
240
26
        /* openssl needs ints */
241
26
        if (dgst->len > INT_MAX || x5c->len > INT_MAX || sig->len > INT_MAX) {
242
0
                fido_log_debug("%s: dgst->len=%zu, x5c->len=%zu, sig->len=%zu",
243
0
                    __func__, dgst->len, x5c->len, sig->len);
244
0
                return (-1);
245
0
        }
246
26
247
26
        /* fetch key from x509 */
248
26
        if ((rawcert = BIO_new_mem_buf(x5c->ptr, (int)x5c->len)) == NULL ||
249
26
            (cert = d2i_X509_bio(rawcert, NULL)) == NULL ||
250
26
            (pkey = X509_get_pubkey(cert)) == NULL ||
251
26
            (ec = EVP_PKEY_get0_EC_KEY(pkey)) == NULL) {
252
8
                fido_log_debug("%s: x509 key", __func__);
253
8
                goto fail;
254
8
        }
255
18
256
18
        if (ECDSA_verify(0, dgst->ptr, (int)dgst->len, sig->ptr,
257
18
            (int)sig->len, ec) != 1) {
258
18
                fido_log_debug("%s: ECDSA_verify", __func__);
259
18
                goto fail;
260
18
        }
261
0
262
0
        ok = 0;
263
26
fail:
264
26
        if (rawcert != NULL)
265
26
                BIO_free(rawcert);
266
26
        if (cert != NULL)
267
26
                X509_free(cert);
268
26
        if (pkey != NULL)
269
26
                EVP_PKEY_free(pkey);
270
26
271
26
        return (ok);
272
0
}
273
274
int
275
fido_cred_verify(const fido_cred_t *cred)
276
1.68k
{
277
1.68k
        unsigned char   buf[SHA256_DIGEST_LENGTH];
278
1.68k
        fido_blob_t     dgst;
279
1.68k
        int             r;
280
1.68k
281
1.68k
        dgst.ptr = buf;
282
1.68k
        dgst.len = sizeof(buf);
283
1.68k
284
1.68k
        /* do we have everything we need? */
285
1.68k
        if (cred->cdh.ptr == NULL || cred->authdata_cbor.ptr == NULL ||
286
1.68k
            cred->attstmt.x5c.ptr == NULL || cred->attstmt.sig.ptr == NULL ||
287
1.68k
            cred->fmt == NULL || cred->attcred.id.ptr == NULL ||
288
1.68k
            cred->rp.id == NULL) {
289
1.60k
                fido_log_debug("%s: cdh=%p, authdata=%p, x5c=%p, sig=%p, "
290
1.60k
                    "fmt=%p id=%p, rp.id=%s", __func__, (void *)cred->cdh.ptr,
291
1.60k
                    (void *)cred->authdata_cbor.ptr,
292
1.60k
                    (void *)cred->attstmt.x5c.ptr,
293
1.60k
                    (void *)cred->attstmt.sig.ptr, (void *)cred->fmt,
294
1.60k
                    (void *)cred->attcred.id.ptr, cred->rp.id);
295
1.60k
                r = FIDO_ERR_INVALID_ARGUMENT;
296
1.60k
                goto out;
297
1.60k
        }
298
82
299
82
        if (fido_check_rp_id(cred->rp.id, cred->authdata.rp_id_hash) != 0) {
300
39
                fido_log_debug("%s: fido_check_rp_id", __func__);
301
39
                r = FIDO_ERR_INVALID_PARAM;
302
39
                goto out;
303
39
        }
304
43
305
43
        if (fido_check_flags(cred->authdata.flags, FIDO_OPT_TRUE,
306
43
            cred->uv) < 0) {
307
1
                fido_log_debug("%s: fido_check_flags", __func__);
308
1
                r = FIDO_ERR_INVALID_PARAM;
309
1
                goto out;
310
1
        }
311
42
312
42
        if (check_extensions(&cred->authdata_ext, &cred->ext) != 0) {
313
4
                fido_log_debug("%s: check_extensions", __func__);
314
4
                r = FIDO_ERR_INVALID_PARAM;
315
4
                goto out;
316
4
        }
317
38
318
38
        if (!strcmp(cred->fmt, "packed")) {
319
12
                if (fido_get_signed_hash(COSE_ES256, &dgst, &cred->cdh,
320
12
                    &cred->authdata_cbor) < 0) {
321
3
                        fido_log_debug("%s: fido_get_signed_hash", __func__);
322
3
                        r = FIDO_ERR_INTERNAL;
323
3
                        goto out;
324
3
                }
325
26
        } else {
326
26
                if (get_signed_hash_u2f(&dgst, cred->authdata.rp_id_hash,
327
26
                    sizeof(cred->authdata.rp_id_hash), &cred->cdh,
328
26
                    &cred->attcred.id, &cred->attcred.pubkey.es256) < 0) {
329
9
                        fido_log_debug("%s: get_signed_hash_u2f", __func__);
330
9
                        r = FIDO_ERR_INTERNAL;
331
9
                        goto out;
332
9
                }
333
26
        }
334
26
335
26
        if (verify_sig(&dgst, &cred->attstmt.x5c, &cred->attstmt.sig) < 0) {
336
26
                fido_log_debug("%s: verify_sig", __func__);
337
26
                r = FIDO_ERR_INVALID_SIG;
338
26
                goto out;
339
26
        }
340
0
341
0
        r = FIDO_OK;
342
1.68k
out:
343
1.68k
        explicit_bzero(buf, sizeof(buf));
344
1.68k
345
1.68k
        return (r);
346
0
}
347
348
int
349
fido_cred_verify_self(const fido_cred_t *cred)
350
1.68k
{
351
1.68k
        unsigned char   buf[1024]; /* XXX */
352
1.68k
        fido_blob_t     dgst;
353
1.68k
        int             ok = -1;
354
1.68k
        int             r;
355
1.68k
356
1.68k
        dgst.ptr = buf;
357
1.68k
        dgst.len = sizeof(buf);
358
1.68k
359
1.68k
        /* do we have everything we need? */
360
1.68k
        if (cred->cdh.ptr == NULL || cred->authdata_cbor.ptr == NULL ||
361
1.68k
            cred->attstmt.x5c.ptr != NULL || cred->attstmt.sig.ptr == NULL ||
362
1.68k
            cred->fmt == NULL || cred->attcred.id.ptr == NULL ||
363
1.68k
            cred->rp.id == NULL) {
364
1.62k
                fido_log_debug("%s: cdh=%p, authdata=%p, x5c=%p, sig=%p, "
365
1.62k
                    "fmt=%p id=%p, rp.id=%s", __func__, (void *)cred->cdh.ptr,
366
1.62k
                    (void *)cred->authdata_cbor.ptr,
367
1.62k
                    (void *)cred->attstmt.x5c.ptr,
368
1.62k
                    (void *)cred->attstmt.sig.ptr, (void *)cred->fmt,
369
1.62k
                    (void *)cred->attcred.id.ptr, cred->rp.id);
370
1.62k
                r = FIDO_ERR_INVALID_ARGUMENT;
371
1.62k
                goto out;
372
1.62k
        }
373
61
374
61
        if (fido_check_rp_id(cred->rp.id, cred->authdata.rp_id_hash) != 0) {
375
14
                fido_log_debug("%s: fido_check_rp_id", __func__);
376
14
                r = FIDO_ERR_INVALID_PARAM;
377
14
                goto out;
378
14
        }
379
47
380
47
        if (fido_check_flags(cred->authdata.flags, FIDO_OPT_TRUE,
381
47
            cred->uv) < 0) {
382
1
                fido_log_debug("%s: fido_check_flags", __func__);
383
1
                r = FIDO_ERR_INVALID_PARAM;
384
1
                goto out;
385
1
        }
386
46
387
46
        if (check_extensions(&cred->authdata_ext, &cred->ext) != 0) {
388
1
                fido_log_debug("%s: check_extensions", __func__);
389
1
                r = FIDO_ERR_INVALID_PARAM;
390
1
                goto out;
391
1
        }
392
45
393
45
        if (!strcmp(cred->fmt, "packed")) {
394
44
                if (fido_get_signed_hash(cred->attcred.type, &dgst, &cred->cdh,
395
44
                    &cred->authdata_cbor) < 0) {
396
2
                        fido_log_debug("%s: fido_get_signed_hash", __func__);
397
2
                        r = FIDO_ERR_INTERNAL;
398
2
                        goto out;
399
2
                }
400
1
        } else {
401
1
                if (get_signed_hash_u2f(&dgst, cred->authdata.rp_id_hash,
402
1
                    sizeof(cred->authdata.rp_id_hash), &cred->cdh,
403
1
                    &cred->attcred.id, &cred->attcred.pubkey.es256) < 0) {
404
1
                        fido_log_debug("%s: get_signed_hash_u2f", __func__);
405
1
                        r = FIDO_ERR_INTERNAL;
406
1
                        goto out;
407
1
                }
408
42
        }
409
42
410
42
        switch (cred->attcred.type) {
411
10
        case COSE_ES256:
412
10
                ok = fido_verify_sig_es256(&dgst, &cred->attcred.pubkey.es256,
413
10
                    &cred->attstmt.sig);
414
10
                break;
415
16
        case COSE_RS256:
416
16
                ok = fido_verify_sig_rs256(&dgst, &cred->attcred.pubkey.rs256,
417
16
                    &cred->attstmt.sig);
418
16
                break;
419
16
        case COSE_EDDSA:
420
16
                ok = fido_verify_sig_eddsa(&dgst, &cred->attcred.pubkey.eddsa,
421
16
                    &cred->attstmt.sig);
422
16
                break;
423
0
        default:
424
0
                fido_log_debug("%s: unsupported cose_alg %d", __func__,
425
0
                    cred->attcred.type);
426
0
                r = FIDO_ERR_UNSUPPORTED_OPTION;
427
0
                goto out;
428
42
        }
429
42
430
42
        if (ok < 0)
431
42
                r = FIDO_ERR_INVALID_SIG;
432
42
        else
433
42
                r = FIDO_OK;
434
42
435
1.68k
out:
436
1.68k
        explicit_bzero(buf, sizeof(buf));
437
1.68k
438
1.68k
        return (r);
439
42
}
440
441
fido_cred_t *
442
fido_cred_new(void)
443
3.43k
{
444
3.43k
        return (calloc(1, sizeof(fido_cred_t)));
445
3.43k
}
446
447
static void
448
fido_cred_clean_authdata(fido_cred_t *cred)
449
22.2k
{
450
22.2k
        free(cred->authdata_cbor.ptr);
451
22.2k
        free(cred->attcred.id.ptr);
452
22.2k
453
22.2k
        memset(&cred->authdata_ext, 0, sizeof(cred->authdata_ext));
454
22.2k
        memset(&cred->authdata_cbor, 0, sizeof(cred->authdata_cbor));
455
22.2k
        memset(&cred->authdata, 0, sizeof(cred->authdata));
456
22.2k
        memset(&cred->attcred, 0, sizeof(cred->attcred));
457
22.2k
}
458
459
void
460
fido_cred_reset_tx(fido_cred_t *cred)
461
9.38k
{
462
9.38k
        free(cred->cdh.ptr);
463
9.38k
        free(cred->rp.id);
464
9.38k
        free(cred->rp.name);
465
9.38k
        free(cred->user.id.ptr);
466
9.38k
        free(cred->user.icon);
467
9.38k
        free(cred->user.name);
468
9.38k
        free(cred->user.display_name);
469
9.38k
        fido_free_blob_array(&cred->excl);
470
9.38k
471
9.38k
        memset(&cred->cdh, 0, sizeof(cred->cdh));
472
9.38k
        memset(&cred->rp, 0, sizeof(cred->rp));
473
9.38k
        memset(&cred->user, 0, sizeof(cred->user));
474
9.38k
        memset(&cred->excl, 0, sizeof(cred->excl));
475
9.38k
        memset(&cred->ext, 0, sizeof(cred->ext));
476
9.38k
477
9.38k
        cred->type = 0;
478
9.38k
        cred->rk = FIDO_OPT_OMIT;
479
9.38k
        cred->uv = FIDO_OPT_OMIT;
480
9.38k
}
481
482
static void
483
fido_cred_clean_x509(fido_cred_t *cred)
484
13.2k
{
485
13.2k
        free(cred->attstmt.x5c.ptr);
486
13.2k
        cred->attstmt.x5c.ptr = NULL;
487
13.2k
        cred->attstmt.x5c.len = 0;
488
13.2k
}
489
490
static void
491
fido_cred_clean_sig(fido_cred_t *cred)
492
13.2k
{
493
13.2k
        free(cred->attstmt.sig.ptr);
494
13.2k
        cred->attstmt.sig.ptr = NULL;
495
13.2k
        cred->attstmt.sig.len = 0;
496
13.2k
}
497
498
void
499
fido_cred_reset_rx(fido_cred_t *cred)
500
9.82k
{
501
9.82k
        free(cred->fmt);
502
9.82k
        cred->fmt = NULL;
503
9.82k
504
9.82k
        fido_cred_clean_authdata(cred);
505
9.82k
        fido_cred_clean_x509(cred);
506
9.82k
        fido_cred_clean_sig(cred);
507
9.82k
}
508
509
void
510
fido_cred_free(fido_cred_t **cred_p)
511
3.39k
{
512
3.39k
        fido_cred_t *cred;
513
3.39k
514
3.39k
        if (cred_p == NULL || (cred = *cred_p) == NULL)
515
3.39k
                return;
516
3.39k
517
3.39k
        fido_cred_reset_tx(cred);
518
3.39k
        fido_cred_reset_rx(cred);
519
3.39k
520
3.39k
        free(cred);
521
3.39k
522
3.39k
        *cred_p = NULL;
523
3.39k
}
524
525
int
526
fido_cred_set_authdata(fido_cred_t *cred, const unsigned char *ptr, size_t len)
527
3.40k
{
528
3.40k
        cbor_item_t             *item = NULL;
529
3.40k
        struct cbor_load_result  cbor;
530
3.40k
        int                      r;
531
3.40k
532
3.40k
        fido_cred_clean_authdata(cred);
533
3.40k
534
3.40k
        if (ptr == NULL || len == 0) {
535
2.72k
                r = FIDO_ERR_INVALID_ARGUMENT;
536
2.72k
                goto fail;
537
2.72k
        }
538
674
539
674
        if ((item = cbor_load(ptr, len, &cbor)) == NULL) {
540
14
                fido_log_debug("%s: cbor_load", __func__);
541
14
                r = FIDO_ERR_INVALID_ARGUMENT;
542
14
                goto fail;
543
14
        }
544
660
545
660
        if (cbor_decode_cred_authdata(item, cred->type, &cred->authdata_cbor,
546
660
            &cred->authdata, &cred->attcred, &cred->authdata_ext) < 0) {
547
255
                fido_log_debug("%s: cbor_decode_cred_authdata", __func__);
548
255
                r = FIDO_ERR_INVALID_ARGUMENT;
549
255
                goto fail;
550
255
        }
551
405
552
405
        r = FIDO_OK;
553
3.40k
fail:
554
3.40k
        if (item != NULL)
555
3.40k
                cbor_decref(&item);
556
3.40k
557
3.40k
        if (r != FIDO_OK)
558
3.40k
                fido_cred_clean_authdata(cred);
559
3.40k
560
3.40k
        return (r);
561
405
562
405
}
563
564
int
565
fido_cred_set_authdata_raw(fido_cred_t *cred, const unsigned char *ptr,
566
    size_t len)
567
2.99k
{
568
2.99k
        cbor_item_t             *item = NULL;
569
2.99k
        int                      r;
570
2.99k
571
2.99k
        fido_cred_clean_authdata(cred);
572
2.99k
573
2.99k
        if (ptr == NULL || len == 0) {
574
2.72k
                r = FIDO_ERR_INVALID_ARGUMENT;
575
2.72k
                goto fail;
576
2.72k
        }
577
267
578
267
        if ((item = cbor_build_bytestring(ptr, len)) == NULL) {
579
4
                fido_log_debug("%s: cbor_build_bytestring", __func__);
580
4
                r = FIDO_ERR_INTERNAL;
581
4
                goto fail;
582
4
        }
583
263
584
263
        if (cbor_decode_cred_authdata(item, cred->type, &cred->authdata_cbor,
585
263
            &cred->authdata, &cred->attcred, &cred->authdata_ext) < 0) {
586
263
                fido_log_debug("%s: cbor_decode_cred_authdata", __func__);
587
263
                r = FIDO_ERR_INVALID_ARGUMENT;
588
263
                goto fail;
589
263
        }
590
0
591
0
        r = FIDO_OK;
592
2.99k
fail:
593
2.99k
        if (item != NULL)
594
2.99k
                cbor_decref(&item);
595
2.99k
596
2.99k
        if (r != FIDO_OK)
597
2.99k
                fido_cred_clean_authdata(cred);
598
2.99k
599
2.99k
        return (r);
600
0
601
0
}
602
603
int
604
fido_cred_set_x509(fido_cred_t *cred, const unsigned char *ptr, size_t len)
605
3.40k
{
606
3.40k
        unsigned char *x509;
607
3.40k
608
3.40k
        fido_cred_clean_x509(cred);
609
3.40k
610
3.40k
        if (ptr == NULL || len == 0)
611
3.17k
                return (FIDO_ERR_INVALID_ARGUMENT);
612
228
        if ((x509 = malloc(len)) == NULL)
613
228
                return (FIDO_ERR_INTERNAL);
614
220
615
220
        memcpy(x509, ptr, len);
616
220
        cred->attstmt.x5c.ptr = x509;
617
220
        cred->attstmt.x5c.len = len;
618
220
619
220
        return (FIDO_OK);
620
220
}
621
622
int
623
fido_cred_set_sig(fido_cred_t *cred, const unsigned char *ptr, size_t len)
624
3.39k
{
625
3.39k
        unsigned char *sig;
626
3.39k
627
3.39k
        fido_cred_clean_sig(cred);
628
3.39k
629
3.39k
        if (ptr == NULL || len == 0)
630
3.05k
                return (FIDO_ERR_INVALID_ARGUMENT);
631
346
        if ((sig = malloc(len)) == NULL)
632
346
                return (FIDO_ERR_INTERNAL);
633
341
634
341
        memcpy(sig, ptr, len);
635
341
        cred->attstmt.sig.ptr = sig;
636
341
        cred->attstmt.sig.len = len;
637
341
638
341
        return (FIDO_OK);
639
341
}
640
641
int
642
fido_cred_exclude(fido_cred_t *cred, const unsigned char *id_ptr, size_t id_len)
643
71.3k
{
644
71.3k
        fido_blob_t id_blob;
645
71.3k
        fido_blob_t *list_ptr;
646
71.3k
647
71.3k
        memset(&id_blob, 0, sizeof(id_blob));
648
71.3k
649
71.3k
        if (fido_blob_set(&id_blob, id_ptr, id_len) < 0)
650
236
                return (FIDO_ERR_INVALID_ARGUMENT);
651
71.1k
652
71.1k
        if (cred->excl.len == SIZE_MAX) {
653
0
                free(id_blob.ptr);
654
0
                return (FIDO_ERR_INVALID_ARGUMENT);
655
0
        }
656
71.1k
657
71.1k
        if ((list_ptr = recallocarray(cred->excl.ptr, cred->excl.len,
658
71.1k
            cred->excl.len + 1, sizeof(fido_blob_t))) == NULL) {
659
228
                free(id_blob.ptr);
660
228
                return (FIDO_ERR_INTERNAL);
661
228
        }
662
70.8k
663
70.8k
        list_ptr[cred->excl.len++] = id_blob;
664
70.8k
        cred->excl.ptr = list_ptr;
665
70.8k
666
70.8k
        return (FIDO_OK);
667
70.8k
}
668
669
int
670
fido_cred_set_clientdata_hash(fido_cred_t *cred, const unsigned char *hash,
671
    size_t hash_len)
672
4.82k
{
673
4.82k
        if (fido_blob_set(&cred->cdh, hash, hash_len) < 0)
674
168
                return (FIDO_ERR_INVALID_ARGUMENT);
675
4.65k
676
4.65k
        return (FIDO_OK);
677
4.65k
}
678
679
int
680
fido_cred_set_rp(fido_cred_t *cred, const char *id, const char *name)
681
4.82k
{
682
4.82k
        fido_rp_t *rp = &cred->rp;
683
4.82k
684
4.82k
        if (rp->id != NULL) {
685
1.54k
                free(rp->id);
686
1.54k
                rp->id = NULL;
687
1.54k
        }
688
4.82k
        if (rp->name != NULL) {
689
1.54k
                free(rp->name);
690
1.54k
                rp->name = NULL;
691
1.54k
        }
692
4.82k
693
4.82k
        if (id != NULL && (rp->id = strdup(id)) == NULL)
694
4.82k
                goto fail;
695
4.80k
        if (name != NULL && (rp->name = strdup(name)) == NULL)
696
4.80k
                goto fail;
697
4.76k
698
4.76k
        return (FIDO_OK);
699
54
fail:
700
54
        free(rp->id);
701
54
        free(rp->name);
702
54
        rp->id = NULL;
703
54
        rp->name = NULL;
704
54
705
54
        return (FIDO_ERR_INTERNAL);
706
4.76k
}
707
708
int
709
fido_cred_set_user(fido_cred_t *cred, const unsigned char *user_id,
710
    size_t user_id_len, const char *name, const char *display_name,
711
    const char *icon)
712
3.13k
{
713
3.13k
        fido_user_t *up = &cred->user;
714
3.13k
715
3.13k
        if (up->id.ptr != NULL) {
716
1.52k
                free(up->id.ptr);
717
1.52k
                up->id.ptr = NULL;
718
1.52k
                up->id.len = 0;
719
1.52k
        }
720
3.13k
        if (up->name != NULL) {
721
1.52k
                free(up->name);
722
1.52k
                up->name = NULL;
723
1.52k
        }
724
3.13k
        if (up->display_name != NULL) {
725
1.52k
                free(up->display_name);
726
1.52k
                up->display_name = NULL;
727
1.52k
        }
728
3.13k
        if (up->icon != NULL) {
729
1.52k
                free(up->icon);
730
1.52k
                up->icon = NULL;
731
1.52k
        }
732
3.13k
733
3.13k
        if (user_id != NULL) {
734
3.13k
                if ((up->id.ptr = malloc(user_id_len)) == NULL)
735
3.13k
                        goto fail;
736
3.12k
                memcpy(up->id.ptr, user_id, user_id_len);
737
3.12k
                up->id.len = user_id_len;
738
3.12k
        }
739
3.13k
        if (name != NULL && (up->name = strdup(name)) == NULL)
740
3.12k
                goto fail;
741
3.09k
        if (display_name != NULL &&
742
3.09k
            (up->display_name = strdup(display_name)) == NULL)
743
3.09k
                goto fail;
744
3.07k
        if (icon != NULL && (up->icon = strdup(icon)) == NULL)
745
3.07k
                goto fail;
746
3.06k
747
3.06k
        return (FIDO_OK);
748
76
fail:
749
76
        free(up->id.ptr);
750
76
        free(up->name);
751
76
        free(up->display_name);
752
76
        free(up->icon);
753
76
754
76
        up->id.ptr = NULL;
755
76
        up->id.len = 0;
756
76
        up->name = NULL;
757
76
        up->display_name = NULL;
758
76
        up->icon = NULL;
759
76
760
76
        return (FIDO_ERR_INTERNAL);
761
3.06k
}
762
763
int
764
fido_cred_set_extensions(fido_cred_t *cred, int ext)
765
3.25k
{
766
3.25k
        if (ext == 0)
767
227
                cred->ext.mask = 0;
768
3.02k
        else {
769
3.02k
                if (ext != FIDO_EXT_HMAC_SECRET &&
770
3.02k
                    ext != FIDO_EXT_CRED_PROTECT)
771
3.02k
                        return (FIDO_ERR_INVALID_ARGUMENT);
772
27
                cred->ext.mask |= ext;
773
27
        }
774
3.25k
775
3.25k
        return (FIDO_OK);
776
3.25k
}
777
778
int
779
fido_cred_set_options(fido_cred_t *cred, bool rk, bool uv)
780
0
{
781
0
        cred->rk = rk ? FIDO_OPT_TRUE : FIDO_OPT_FALSE;
782
0
        cred->uv = uv ? FIDO_OPT_TRUE : FIDO_OPT_FALSE;
783
0
784
0
        return (FIDO_OK);
785
0
}
786
787
int
788
fido_cred_set_rk(fido_cred_t *cred, fido_opt_t rk)
789
1.15k
{
790
1.15k
        cred->rk = rk;
791
1.15k
792
1.15k
        return (FIDO_OK);
793
1.15k
}
794
795
int
796
fido_cred_set_uv(fido_cred_t *cred, fido_opt_t uv)
797
1.10k
{
798
1.10k
        cred->uv = uv;
799
1.10k
800
1.10k
        return (FIDO_OK);
801
1.10k
}
802
803
int
804
fido_cred_set_prot(fido_cred_t *cred, int prot)
805
3.76k
{
806
3.76k
        if (prot == 0) {
807
1.94k
                cred->ext.mask &= ~FIDO_EXT_CRED_PROTECT;
808
1.94k
                cred->ext.prot = 0;
809
1.94k
        } else {
810
1.82k
                if (prot != FIDO_CRED_PROT_UV_OPTIONAL &&
811
1.82k
                    prot != FIDO_CRED_PROT_UV_OPTIONAL_WITH_ID &&
812
1.82k
                    prot != FIDO_CRED_PROT_UV_REQUIRED)
813
1.82k
                        return (FIDO_ERR_INVALID_ARGUMENT);
814
1.76k
815
1.76k
                cred->ext.mask |= FIDO_EXT_CRED_PROTECT;
816
1.76k
                cred->ext.prot = prot;
817
1.76k
        }
818
3.76k
819
3.76k
        return (FIDO_OK);
820
3.76k
}
821
822
int
823
fido_cred_set_fmt(fido_cred_t *cred, const char *fmt)
824
359
{
825
359
        free(cred->fmt);
826
359
        cred->fmt = NULL;
827
359
828
359
        if (fmt == NULL)
829
359
                return (FIDO_ERR_INVALID_ARGUMENT);
830
359
831
359
        if (strcmp(fmt, "packed") && strcmp(fmt, "fido-u2f"))
832
0
                return (FIDO_ERR_INVALID_ARGUMENT);
833
359
834
359
        if ((cred->fmt = strdup(fmt)) == NULL)
835
359
                return (FIDO_ERR_INTERNAL);
836
356
837
356
        return (FIDO_OK);
838
356
}
839
840
int
841
fido_cred_set_type(fido_cred_t *cred, int cose_alg)
842
4.82k
{
843
4.82k
        if ((cose_alg != COSE_ES256 && cose_alg != COSE_RS256 &&
844
4.82k
            cose_alg != COSE_EDDSA) || cred->type != 0)
845
1.56k
                return (FIDO_ERR_INVALID_ARGUMENT);
846
3.25k
847
3.25k
        cred->type = cose_alg;
848
3.25k
849
3.25k
        return (FIDO_OK);
850
3.25k
}
851
852
int
853
fido_cred_type(const fido_cred_t *cred)
854
2.82k
{
855
2.82k
        return (cred->type);
856
2.82k
}
857
858
uint8_t
859
fido_cred_flags(const fido_cred_t *cred)
860
1.68k
{
861
1.68k
        return (cred->authdata.flags);
862
1.68k
}
863
864
const unsigned char *
865
fido_cred_clientdata_hash_ptr(const fido_cred_t *cred)
866
1.71k
{
867
1.71k
        return (cred->cdh.ptr);
868
1.71k
}
869
870
size_t
871
fido_cred_clientdata_hash_len(const fido_cred_t *cred)
872
1.71k
{
873
1.71k
        return (cred->cdh.len);
874
1.71k
}
875
876
const unsigned char *
877
fido_cred_x5c_ptr(const fido_cred_t *cred)
878
1.71k
{
879
1.71k
        return (cred->attstmt.x5c.ptr);
880
1.71k
}
881
882
size_t
883
fido_cred_x5c_len(const fido_cred_t *cred)
884
1.71k
{
885
1.71k
        return (cred->attstmt.x5c.len);
886
1.71k
}
887
888
const unsigned char *
889
fido_cred_sig_ptr(const fido_cred_t *cred)
890
1.71k
{
891
1.71k
        return (cred->attstmt.sig.ptr);
892
1.71k
}
893
894
size_t
895
fido_cred_sig_len(const fido_cred_t *cred)
896
1.71k
{
897
1.71k
        return (cred->attstmt.sig.len);
898
1.71k
}
899
900
const unsigned char *
901
fido_cred_authdata_ptr(const fido_cred_t *cred)
902
1.71k
{
903
1.71k
        return (cred->authdata_cbor.ptr);
904
1.71k
}
905
906
size_t
907
fido_cred_authdata_len(const fido_cred_t *cred)
908
1.71k
{
909
1.71k
        return (cred->authdata_cbor.len);
910
1.71k
}
911
912
const unsigned char *
913
fido_cred_pubkey_ptr(const fido_cred_t *cred)
914
2.82k
{
915
2.82k
        const void *ptr;
916
2.82k
917
2.82k
        switch (cred->attcred.type) {
918
676
        case COSE_ES256:
919
676
                ptr = &cred->attcred.pubkey.es256;
920
676
                break;
921
21
        case COSE_RS256:
922
21
                ptr = &cred->attcred.pubkey.rs256;
923
21
                break;
924
86
        case COSE_EDDSA:
925
86
                ptr = &cred->attcred.pubkey.eddsa;
926
86
                break;
927
2.04k
        default:
928
2.04k
                ptr = NULL;
929
2.04k
                break;
930
2.82k
        }
931
2.82k
932
2.82k
        return (ptr);
933
2.82k
}
934
935
size_t
936
fido_cred_pubkey_len(const fido_cred_t *cred)
937
2.82k
{
938
2.82k
        size_t len;
939
2.82k
940
2.82k
        switch (cred->attcred.type) {
941
676
        case COSE_ES256:
942
676
                len = sizeof(cred->attcred.pubkey.es256);
943
676
                break;
944
21
        case COSE_RS256:
945
21
                len = sizeof(cred->attcred.pubkey.rs256);
946
21
                break;
947
86
        case COSE_EDDSA:
948
86
                len = sizeof(cred->attcred.pubkey.eddsa);
949
86
                break;
950
2.04k
        default:
951
2.04k
                len = 0;
952
2.04k
                break;
953
2.82k
        }
954
2.82k
955
2.82k
        return (len);
956
2.82k
}
957
958
const unsigned char *
959
fido_cred_id_ptr(const fido_cred_t *cred)
960
2.82k
{
961
2.82k
        return (cred->attcred.id.ptr);
962
2.82k
}
963
964
size_t
965
fido_cred_id_len(const fido_cred_t *cred)
966
2.82k
{
967
2.82k
        return (cred->attcred.id.len);
968
2.82k
}
969
970
const unsigned char *
971
fido_cred_aaguid_ptr(const fido_cred_t *cred)
972
1.68k
{
973
1.68k
        return (cred->attcred.aaguid);
974
1.68k
}
975
976
size_t
977
fido_cred_aaguid_len(const fido_cred_t *cred)
978
1.68k
{
979
1.68k
        return (sizeof(cred->attcred.aaguid));
980
1.68k
}
981
982
int
983
fido_cred_prot(const fido_cred_t *cred)
984
2.85k
{
985
2.85k
        return (cred->ext.prot);
986
2.85k
}
987
988
const char *
989
fido_cred_fmt(const fido_cred_t *cred)
990
1.71k
{
991
1.71k
        return (cred->fmt);
992
1.71k
}
993
994
const char *
995
fido_cred_rp_id(const fido_cred_t *cred)
996
1.71k
{
997
1.71k
        return (cred->rp.id);
998
1.71k
}
999
1000
const char *
1001
fido_cred_rp_name(const fido_cred_t *cred)
1002
1.71k
{
1003
1.71k
        return (cred->rp.name);
1004
1.71k
}
1005
1006
const char *
1007
fido_cred_user_name(const fido_cred_t *cred)
1008
5.65k
{
1009
5.65k
        return (cred->user.name);
1010
5.65k
}
1011
1012
const char *
1013
fido_cred_display_name(const fido_cred_t *cred)
1014
5.65k
{
1015
5.65k
        return (cred->user.display_name);
1016
5.65k
}
1017
1018
const unsigned char *
1019
fido_cred_user_id_ptr(const fido_cred_t *cred)
1020
2.82k
{
1021
2.82k
        return (cred->user.id.ptr);
1022
2.82k
}
1023
1024
size_t
1025
fido_cred_user_id_len(const fido_cred_t *cred)
1026
2.82k
{
1027
2.82k
        return (cred->user.id.len);
1028
2.82k
}