Coverage Report

Created: 2020-03-07 10:10

/libfido2/src/cred.c
Line
Count
Source (jump to first uncovered line)
1
/*
2
 * Copyright (c) 2018 Yubico AB. All rights reserved.
3
 * Use of this source code is governed by a BSD-style
4
 * license that can be found in the LICENSE file.
5
 */
6
7
#include <openssl/ec.h>
8
#include <openssl/evp.h>
9
#include <openssl/sha.h>
10
#include <openssl/x509.h>
11
12
#include <string.h>
13
#include "fido.h"
14
#include "fido/es256.h"
15
16
static int
17
parse_makecred_reply(const cbor_item_t *key, const cbor_item_t *val, void *arg)
18
1.46k
{
19
1.46k
        fido_cred_t *cred = arg;
20
1.46k
21
1.46k
        if (cbor_isa_uint(key) == false ||
22
1.46k
            cbor_int_get_width(key) != CBOR_INT_8) {
23
16
                fido_log_debug("%s: cbor type", __func__);
24
16
                return (0); /* ignore */
25
16
        }
26
1.45k
27
1.45k
        switch (cbor_get_uint8(key)) {
28
1.45k
        case 1: /* fmt */
29
665
                return (cbor_decode_fmt(val, &cred->fmt));
30
1.45k
        case 2: /* authdata */
31
604
                return (cbor_decode_cred_authdata(val, cred->type,
32
604
                    &cred->authdata_cbor, &cred->authdata, &cred->attcred,
33
604
                    &cred->authdata_ext));
34
1.45k
        case 3: /* attestation statement */
35
175
                return (cbor_decode_attstmt(val, &cred->attstmt));
36
1.45k
        default: /* ignore */
37
6
                fido_log_debug("%s: cbor type", __func__);
38
6
                return (0);
39
1.45k
        }
40
1.45k
}
41
42
static int
43
fido_dev_make_cred_tx(fido_dev_t *dev, fido_cred_t *cred, const char *pin)
44
1.73k
{
45
1.73k
        fido_blob_t      f;
46
1.73k
        fido_blob_t     *ecdh = NULL;
47
1.73k
        es256_pk_t      *pk = NULL;
48
1.73k
        cbor_item_t     *argv[9];
49
1.73k
        int              r;
50
1.73k
51
1.73k
        memset(&f, 0, sizeof(f));
52
1.73k
        memset(argv, 0, sizeof(argv));
53
1.73k
54
1.73k
        if (cred->cdh.ptr == NULL || cred->type == 0) {
55
1
                fido_log_debug("%s: cdh=%p, type=%d", __func__,
56
1
                    (void *)cred->cdh.ptr, cred->type);
57
1
                r = FIDO_ERR_INVALID_ARGUMENT;
58
1
                goto fail;
59
1
        }
60
1.73k
61
1.73k
        if ((argv[0] = fido_blob_encode(&cred->cdh)) == NULL ||
62
1.73k
            (argv[1] = cbor_encode_rp_entity(&cred->rp)) == NULL ||
63
1.73k
            (argv[2] = cbor_encode_user_entity(&cred->user)) == NULL ||
64
1.73k
            (argv[3] = cbor_encode_pubkey_param(cred->type)) == NULL) {
65
23
                fido_log_debug("%s: cbor encode", __func__);
66
23
                r = FIDO_ERR_INTERNAL;
67
23
                goto fail;
68
23
        }
69
1.70k
70
1.70k
        /* excluded credentials */
71
1.70k
        if (cred->excl.len)
72
1.19k
                if ((argv[4] = cbor_encode_pubkey_list(&cred->excl)) == NULL) {
73
51
                        fido_log_debug("%s: cbor_encode_pubkey_list", __func__);
74
51
                        r = FIDO_ERR_INTERNAL;
75
51
                        goto fail;
76
51
                }
77
1.65k
78
1.65k
        /* extensions */
79
1.65k
        if (cred->ext.mask)
80
609
                if ((argv[5] = cbor_encode_extensions(&cred->ext)) == NULL) {
81
1
                        fido_log_debug("%s: cbor_encode_extensions", __func__);
82
1
                        r = FIDO_ERR_INTERNAL;
83
1
                        goto fail;
84
1
                }
85
1.65k
86
1.65k
        /* options */
87
1.65k
        if (cred->rk != FIDO_OPT_OMIT || cred->uv != FIDO_OPT_OMIT)
88
1.08k
                if ((argv[6] = cbor_encode_options(cred->rk,
89
1.08k
                    cred->uv)) == NULL) {
90
3
                        fido_log_debug("%s: cbor_encode_options", __func__);
91
3
                        r = FIDO_ERR_INTERNAL;
92
3
                        goto fail;
93
3
                }
94
1.65k
95
1.65k
        /* pin authentication */
96
1.65k
        if (pin) {
97
1.65k
                if ((r = fido_do_ecdh(dev, &pk, &ecdh)) != FIDO_OK) {
98
537
                        fido_log_debug("%s: fido_do_ecdh", __func__);
99
537
                        goto fail;
100
537
                }
101
1.11k
                if ((r = cbor_add_pin_params(dev, &cred->cdh, pk, ecdh, pin,
102
1.11k
                    &argv[7], &argv[8])) != FIDO_OK) {
103
83
                        fido_log_debug("%s: cbor_add_pin_params", __func__);
104
83
                        goto fail;
105
83
                }
106
1.03k
        }
107
1.03k
108
1.03k
        /* framing and transmission */
109
1.03k
        if (cbor_build_frame(CTAP_CBOR_MAKECRED, argv, nitems(argv), &f) < 0 ||
110
1.03k
            fido_tx(dev, CTAP_CMD_CBOR, f.ptr, f.len) < 0) {
111
127
                fido_log_debug("%s: fido_tx", __func__);
112
127
                r = FIDO_ERR_TX;
113
127
                goto fail;
114
127
        }
115
907
116
907
        r = FIDO_OK;
117
1.73k
fail:
118
1.73k
        es256_pk_free(&pk);
119
1.73k
        fido_blob_free(&ecdh);
120
1.73k
        cbor_vector_free(argv, nitems(argv));
121
1.73k
        free(f.ptr);
122
1.73k
123
1.73k
        return (r);
124
907
}
125
126
static int
127
fido_dev_make_cred_rx(fido_dev_t *dev, fido_cred_t *cred, int ms)
128
907
{
129
907
        unsigned char   reply[FIDO_MAXMSG];
130
907
        int             reply_len;
131
907
        int             r;
132
907
133
907
        fido_cred_reset_rx(cred);
134
907
135
907
        if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply),
136
907
            ms)) < 0) {
137
90
                fido_log_debug("%s: fido_rx", __func__);
138
90
                return (FIDO_ERR_RX);
139
90
        }
140
817
141
817
        if ((r = cbor_parse_reply(reply, (size_t)reply_len, cred,
142
817
            parse_makecred_reply)) != FIDO_OK) {
143
676
                fido_log_debug("%s: parse_makecred_reply", __func__);
144
676
                return (r);
145
676
        }
146
141
147
141
        if (cred->fmt == NULL || fido_blob_is_empty(&cred->authdata_cbor) ||
148
141
            fido_blob_is_empty(&cred->attcred.id) ||
149
141
            fido_blob_is_empty(&cred->attstmt.sig)) {
150
31
                fido_cred_reset_rx(cred);
151
31
                return (FIDO_ERR_INVALID_CBOR);
152
31
        }
153
110
154
110
        return (FIDO_OK);
155
110
}
156
157
static int
158
fido_dev_make_cred_wait(fido_dev_t *dev, fido_cred_t *cred, const char *pin, int ms)
159
1.73k
{
160
1.73k
        int  r;
161
1.73k
162
1.73k
        if ((r = fido_dev_make_cred_tx(dev, cred, pin)) != FIDO_OK ||
163
1.73k
            (r = fido_dev_make_cred_rx(dev, cred, ms)) != FIDO_OK)
164
1.73k
                return (r);
165
110
166
110
        return (FIDO_OK);
167
110
}
168
169
int
170
fido_dev_make_cred(fido_dev_t *dev, fido_cred_t *cred, const char *pin)
171
3.74k
{
172
3.74k
        if (fido_dev_is_fido2(dev) == false) {
173
2.01k
                if (pin != NULL || cred->rk == FIDO_OPT_TRUE ||
174
2.01k
                    cred->ext.mask != 0)
175
1.13k
                        return (FIDO_ERR_UNSUPPORTED_OPTION);
176
877
                return (u2f_register(dev, cred, -1));
177
877
        }
178
1.73k
179
1.73k
        return (fido_dev_make_cred_wait(dev, cred, pin, -1));
180
1.73k
}
181
182
static int
183
check_extensions(const fido_cred_ext_t *authdata_ext, const fido_cred_ext_t *ext)
184
371
{
185
371
        return (timingsafe_bcmp(authdata_ext, ext, sizeof(*authdata_ext)));
186
371
}
187
188
int
189
fido_check_rp_id(const char *id, const unsigned char *obtained_hash)
190
1.40k
{
191
1.40k
        unsigned char expected_hash[SHA256_DIGEST_LENGTH];
192
1.40k
193
1.40k
        explicit_bzero(expected_hash, sizeof(expected_hash));
194
1.40k
195
1.40k
        if (SHA256((const unsigned char *)id, strlen(id),
196
1.40k
            expected_hash) != expected_hash) {
197
4
                fido_log_debug("%s: sha256", __func__);
198
4
                return (-1);
199
4
        }
200
1.39k
201
1.39k
        return (timingsafe_bcmp(expected_hash, obtained_hash,
202
1.39k
            SHA256_DIGEST_LENGTH));
203
1.39k
}
204
205
static int
206
get_signed_hash_u2f(fido_blob_t *dgst, const unsigned char *rp_id,
207
    size_t rp_id_len, const fido_blob_t *clientdata, const fido_blob_t *id,
208
    const es256_pk_t *pk)
209
333
{
210
333
        const uint8_t           zero = 0;
211
333
        const uint8_t           four = 4; /* uncompressed point */
212
333
        SHA256_CTX              ctx;
213
333
214
333
        if (dgst->len != SHA256_DIGEST_LENGTH || SHA256_Init(&ctx) == 0 ||
215
333
            SHA256_Update(&ctx, &zero, sizeof(zero)) == 0 ||
216
333
            SHA256_Update(&ctx, rp_id, rp_id_len) == 0 ||
217
333
            SHA256_Update(&ctx, clientdata->ptr, clientdata->len) == 0 ||
218
333
            SHA256_Update(&ctx, id->ptr, id->len) == 0 ||
219
333
            SHA256_Update(&ctx, &four, sizeof(four)) == 0 ||
220
333
            SHA256_Update(&ctx, pk->x, sizeof(pk->x)) == 0 ||
221
333
            SHA256_Update(&ctx, pk->y, sizeof(pk->y)) == 0 ||
222
333
            SHA256_Final(dgst->ptr, &ctx) == 0) {
223
13
                fido_log_debug("%s: sha256", __func__);
224
13
                return (-1);
225
13
        }
226
320
227
320
        return (0);
228
320
}
229
230
static int
231
verify_sig(const fido_blob_t *dgst, const fido_blob_t *x5c,
232
    const fido_blob_t *sig)
233
354
{
234
354
        BIO             *rawcert = NULL;
235
354
        X509            *cert = NULL;
236
354
        EVP_PKEY        *pkey = NULL;
237
354
        EC_KEY          *ec;
238
354
        int              ok = -1;
239
354
240
354
        /* openssl needs ints */
241
354
        if (dgst->len > INT_MAX || x5c->len > INT_MAX || sig->len > INT_MAX) {
242
0
                fido_log_debug("%s: dgst->len=%zu, x5c->len=%zu, sig->len=%zu",
243
0
                    __func__, dgst->len, x5c->len, sig->len);
244
0
                return (-1);
245
0
        }
246
354
247
354
        /* fetch key from x509 */
248
354
        if ((rawcert = BIO_new_mem_buf(x5c->ptr, (int)x5c->len)) == NULL ||
249
354
            (cert = d2i_X509_bio(rawcert, NULL)) == NULL ||
250
354
            (pkey = X509_get_pubkey(cert)) == NULL ||
251
354
            (ec = EVP_PKEY_get0_EC_KEY(pkey)) == NULL) {
252
88
                fido_log_debug("%s: x509 key", __func__);
253
88
                goto fail;
254
88
        }
255
266
256
266
        if (ECDSA_verify(0, dgst->ptr, (int)dgst->len, sig->ptr,
257
266
            (int)sig->len, ec) != 1) {
258
266
                fido_log_debug("%s: ECDSA_verify", __func__);
259
266
                goto fail;
260
266
        }
261
0
262
0
        ok = 0;
263
354
fail:
264
354
        if (rawcert != NULL)
265
354
                BIO_free(rawcert);
266
354
        if (cert != NULL)
267
354
                X509_free(cert);
268
354
        if (pkey != NULL)
269
354
                EVP_PKEY_free(pkey);
270
354
271
354
        return (ok);
272
0
}
273
274
int
275
fido_cred_verify(const fido_cred_t *cred)
276
3.82k
{
277
3.82k
        unsigned char   buf[SHA256_DIGEST_LENGTH];
278
3.82k
        fido_blob_t     dgst;
279
3.82k
        int             r;
280
3.82k
281
3.82k
        dgst.ptr = buf;
282
3.82k
        dgst.len = sizeof(buf);
283
3.82k
284
3.82k
        /* do we have everything we need? */
285
3.82k
        if (cred->cdh.ptr == NULL || cred->authdata_cbor.ptr == NULL ||
286
3.82k
            cred->attstmt.x5c.ptr == NULL || cred->attstmt.sig.ptr == NULL ||
287
3.82k
            cred->fmt == NULL || cred->attcred.id.ptr == NULL ||
288
3.82k
            cred->rp.id == NULL) {
289
3.42k
                fido_log_debug("%s: cdh=%p, authdata=%p, x5c=%p, sig=%p, "
290
3.42k
                    "fmt=%p id=%p, rp.id=%s", __func__, (void *)cred->cdh.ptr,
291
3.42k
                    (void *)cred->authdata_cbor.ptr,
292
3.42k
                    (void *)cred->attstmt.x5c.ptr,
293
3.42k
                    (void *)cred->attstmt.sig.ptr, (void *)cred->fmt,
294
3.42k
                    (void *)cred->attcred.id.ptr, cred->rp.id);
295
3.42k
                r = FIDO_ERR_INVALID_ARGUMENT;
296
3.42k
                goto out;
297
3.42k
        }
298
405
299
405
        if (fido_check_rp_id(cred->rp.id, cred->authdata.rp_id_hash) != 0) {
300
37
                fido_log_debug("%s: fido_check_rp_id", __func__);
301
37
                r = FIDO_ERR_INVALID_PARAM;
302
37
                goto out;
303
37
        }
304
368
305
368
        if (fido_check_flags(cred->authdata.flags, FIDO_OPT_TRUE,
306
368
            cred->uv) < 0) {
307
0
                fido_log_debug("%s: fido_check_flags", __func__);
308
0
                r = FIDO_ERR_INVALID_PARAM;
309
0
                goto out;
310
0
        }
311
368
312
368
        if (check_extensions(&cred->authdata_ext, &cred->ext) != 0) {
313
2
                fido_log_debug("%s: check_extensions", __func__);
314
2
                r = FIDO_ERR_INVALID_PARAM;
315
2
                goto out;
316
2
        }
317
366
318
366
        if (!strcmp(cred->fmt, "packed")) {
319
34
                if (fido_get_signed_hash(COSE_ES256, &dgst, &cred->cdh,
320
34
                    &cred->authdata_cbor) < 0) {
321
0
                        fido_log_debug("%s: fido_get_signed_hash", __func__);
322
0
                        r = FIDO_ERR_INTERNAL;
323
0
                        goto out;
324
0
                }
325
332
        } else {
326
332
                if (get_signed_hash_u2f(&dgst, cred->authdata.rp_id_hash,
327
332
                    sizeof(cred->authdata.rp_id_hash), &cred->cdh,
328
332
                    &cred->attcred.id, &cred->attcred.pubkey.es256) < 0) {
329
12
                        fido_log_debug("%s: get_signed_hash_u2f", __func__);
330
12
                        r = FIDO_ERR_INTERNAL;
331
12
                        goto out;
332
12
                }
333
354
        }
334
354
335
354
        if (verify_sig(&dgst, &cred->attstmt.x5c, &cred->attstmt.sig) < 0) {
336
354
                fido_log_debug("%s: verify_sig", __func__);
337
354
                r = FIDO_ERR_INVALID_SIG;
338
354
                goto out;
339
354
        }
340
0
341
0
        r = FIDO_OK;
342
3.82k
out:
343
3.82k
        explicit_bzero(buf, sizeof(buf));
344
3.82k
345
3.82k
        return (r);
346
0
}
347
348
int
349
fido_cred_verify_self(const fido_cred_t *cred)
350
3.82k
{
351
3.82k
        unsigned char   buf[1024]; /* XXX */
352
3.82k
        fido_blob_t     dgst;
353
3.82k
        int             ok = -1;
354
3.82k
        int             r;
355
3.82k
356
3.82k
        dgst.ptr = buf;
357
3.82k
        dgst.len = sizeof(buf);
358
3.82k
359
3.82k
        /* do we have everything we need? */
360
3.82k
        if (cred->cdh.ptr == NULL || cred->authdata_cbor.ptr == NULL ||
361
3.82k
            cred->attstmt.x5c.ptr != NULL || cred->attstmt.sig.ptr == NULL ||
362
3.82k
            cred->fmt == NULL || cred->attcred.id.ptr == NULL ||
363
3.82k
            cred->rp.id == NULL) {
364
3.78k
                fido_log_debug("%s: cdh=%p, authdata=%p, x5c=%p, sig=%p, "
365
3.78k
                    "fmt=%p id=%p, rp.id=%s", __func__, (void *)cred->cdh.ptr,
366
3.78k
                    (void *)cred->authdata_cbor.ptr,
367
3.78k
                    (void *)cred->attstmt.x5c.ptr,
368
3.78k
                    (void *)cred->attstmt.sig.ptr, (void *)cred->fmt,
369
3.78k
                    (void *)cred->attcred.id.ptr, cred->rp.id);
370
3.78k
                r = FIDO_ERR_INVALID_ARGUMENT;
371
3.78k
                goto out;
372
3.78k
        }
373
42
374
42
        if (fido_check_rp_id(cred->rp.id, cred->authdata.rp_id_hash) != 0) {
375
39
                fido_log_debug("%s: fido_check_rp_id", __func__);
376
39
                r = FIDO_ERR_INVALID_PARAM;
377
39
                goto out;
378
39
        }
379
3
380
3
        if (fido_check_flags(cred->authdata.flags, FIDO_OPT_TRUE,
381
3
            cred->uv) < 0) {
382
0
                fido_log_debug("%s: fido_check_flags", __func__);
383
0
                r = FIDO_ERR_INVALID_PARAM;
384
0
                goto out;
385
0
        }
386
3
387
3
        if (check_extensions(&cred->authdata_ext, &cred->ext) != 0) {
388
0
                fido_log_debug("%s: check_extensions", __func__);
389
0
                r = FIDO_ERR_INVALID_PARAM;
390
0
                goto out;
391
0
        }
392
3
393
3
        if (!strcmp(cred->fmt, "packed")) {
394
2
                if (fido_get_signed_hash(cred->attcred.type, &dgst, &cred->cdh,
395
2
                    &cred->authdata_cbor) < 0) {
396
0
                        fido_log_debug("%s: fido_get_signed_hash", __func__);
397
0
                        r = FIDO_ERR_INTERNAL;
398
0
                        goto out;
399
0
                }
400
1
        } else {
401
1
                if (get_signed_hash_u2f(&dgst, cred->authdata.rp_id_hash,
402
1
                    sizeof(cred->authdata.rp_id_hash), &cred->cdh,
403
1
                    &cred->attcred.id, &cred->attcred.pubkey.es256) < 0) {
404
1
                        fido_log_debug("%s: get_signed_hash_u2f", __func__);
405
1
                        r = FIDO_ERR_INTERNAL;
406
1
                        goto out;
407
1
                }
408
2
        }
409
2
410
2
        switch (cred->attcred.type) {
411
2
        case COSE_ES256:
412
2
                ok = fido_verify_sig_es256(&dgst, &cred->attcred.pubkey.es256,
413
2
                    &cred->attstmt.sig);
414
2
                break;
415
2
        case COSE_RS256:
416
0
                ok = fido_verify_sig_rs256(&dgst, &cred->attcred.pubkey.rs256,
417
0
                    &cred->attstmt.sig);
418
0
                break;
419
2
        case COSE_EDDSA:
420
0
                ok = fido_verify_sig_eddsa(&dgst, &cred->attcred.pubkey.eddsa,
421
0
                    &cred->attstmt.sig);
422
0
                break;
423
2
        default:
424
0
                fido_log_debug("%s: unsupported cose_alg %d", __func__,
425
0
                    cred->attcred.type);
426
0
                r = FIDO_ERR_UNSUPPORTED_OPTION;
427
0
                goto out;
428
2
        }
429
2
430
2
        if (ok < 0)
431
2
                r = FIDO_ERR_INVALID_SIG;
432
2
        else
433
2
                r = FIDO_OK;
434
2
435
3.82k
out:
436
3.82k
        explicit_bzero(buf, sizeof(buf));
437
3.82k
438
3.82k
        return (r);
439
2
}
440
441
fido_cred_t *
442
fido_cred_new(void)
443
7.69k
{
444
7.69k
        return (calloc(1, sizeof(fido_cred_t)));
445
7.69k
}
446
447
static void
448
fido_cred_clean_authdata(fido_cred_t *cred)
449
25.5k
{
450
25.5k
        free(cred->authdata_cbor.ptr);
451
25.5k
        free(cred->attcred.id.ptr);
452
25.5k
453
25.5k
        memset(&cred->authdata_ext, 0, sizeof(cred->authdata_ext));
454
25.5k
        memset(&cred->authdata_cbor, 0, sizeof(cred->authdata_cbor));
455
25.5k
        memset(&cred->authdata, 0, sizeof(cred->authdata));
456
25.5k
        memset(&cred->attcred, 0, sizeof(cred->attcred));
457
25.5k
}
458
459
void
460
fido_cred_reset_tx(fido_cred_t *cred)
461
10.4k
{
462
10.4k
        free(cred->cdh.ptr);
463
10.4k
        free(cred->rp.id);
464
10.4k
        free(cred->rp.name);
465
10.4k
        free(cred->user.id.ptr);
466
10.4k
        free(cred->user.icon);
467
10.4k
        free(cred->user.name);
468
10.4k
        free(cred->user.display_name);
469
10.4k
        fido_free_blob_array(&cred->excl);
470
10.4k
471
10.4k
        memset(&cred->cdh, 0, sizeof(cred->cdh));
472
10.4k
        memset(&cred->rp, 0, sizeof(cred->rp));
473
10.4k
        memset(&cred->user, 0, sizeof(cred->user));
474
10.4k
        memset(&cred->excl, 0, sizeof(cred->excl));
475
10.4k
        memset(&cred->ext, 0, sizeof(cred->ext));
476
10.4k
477
10.4k
        cred->type = 0;
478
10.4k
        cred->rk = FIDO_OPT_OMIT;
479
10.4k
        cred->uv = FIDO_OPT_OMIT;
480
10.4k
}
481
482
static void
483
fido_cred_clean_x509(fido_cred_t *cred)
484
15.5k
{
485
15.5k
        free(cred->attstmt.x5c.ptr);
486
15.5k
        cred->attstmt.x5c.ptr = NULL;
487
15.5k
        cred->attstmt.x5c.len = 0;
488
15.5k
}
489
490
static void
491
fido_cred_clean_sig(fido_cred_t *cred)
492
15.5k
{
493
15.5k
        free(cred->attstmt.sig.ptr);
494
15.5k
        cred->attstmt.sig.ptr = NULL;
495
15.5k
        cred->attstmt.sig.len = 0;
496
15.5k
}
497
498
void
499
fido_cred_reset_rx(fido_cred_t *cred)
500
11.3k
{
501
11.3k
        free(cred->fmt);
502
11.3k
        cred->fmt = NULL;
503
11.3k
504
11.3k
        fido_cred_clean_authdata(cred);
505
11.3k
        fido_cred_clean_x509(cred);
506
11.3k
        fido_cred_clean_sig(cred);
507
11.3k
}
508
509
void
510
fido_cred_free(fido_cred_t **cred_p)
511
7.67k
{
512
7.67k
        fido_cred_t *cred;
513
7.67k
514
7.67k
        if (cred_p == NULL || (cred = *cred_p) == NULL)
515
7.67k
                return;
516
7.67k
517
7.67k
        fido_cred_reset_tx(cred);
518
7.67k
        fido_cred_reset_rx(cred);
519
7.67k
520
7.67k
        free(cred);
521
7.67k
522
7.67k
        *cred_p = NULL;
523
7.67k
}
524
525
int
526
fido_cred_set_authdata(fido_cred_t *cred, const unsigned char *ptr, size_t len)
527
4.19k
{
528
4.19k
        cbor_item_t             *item = NULL;
529
4.19k
        struct cbor_load_result  cbor;
530
4.19k
        int                      r;
531
4.19k
532
4.19k
        fido_cred_clean_authdata(cred);
533
4.19k
534
4.19k
        if (ptr == NULL || len == 0) {
535
2.90k
                r = FIDO_ERR_INVALID_ARGUMENT;
536
2.90k
                goto fail;
537
2.90k
        }
538
1.28k
539
1.28k
        if ((item = cbor_load(ptr, len, &cbor)) == NULL) {
540
6
                fido_log_debug("%s: cbor_load", __func__);
541
6
                r = FIDO_ERR_INVALID_ARGUMENT;
542
6
                goto fail;
543
6
        }
544
1.28k
545
1.28k
        if (cbor_decode_cred_authdata(item, cred->type, &cred->authdata_cbor,
546
1.28k
            &cred->authdata, &cred->attcred, &cred->authdata_ext) < 0) {
547
428
                fido_log_debug("%s: cbor_decode_cred_authdata", __func__);
548
428
                r = FIDO_ERR_INVALID_ARGUMENT;
549
428
                goto fail;
550
428
        }
551
852
552
852
        r = FIDO_OK;
553
4.19k
fail:
554
4.19k
        if (item != NULL)
555
4.19k
                cbor_decref(&item);
556
4.19k
557
4.19k
        if (r != FIDO_OK)
558
4.19k
                fido_cred_clean_authdata(cred);
559
4.19k
560
4.19k
        return (r);
561
852
562
852
}
563
564
int
565
fido_cred_set_authdata_raw(fido_cred_t *cred, const unsigned char *ptr,
566
    size_t len)
567
3.33k
{
568
3.33k
        cbor_item_t             *item = NULL;
569
3.33k
        int                      r;
570
3.33k
571
3.33k
        fido_cred_clean_authdata(cred);
572
3.33k
573
3.33k
        if (ptr == NULL || len == 0) {
574
2.90k
                r = FIDO_ERR_INVALID_ARGUMENT;
575
2.90k
                goto fail;
576
2.90k
        }
577
428
578
428
        if ((item = cbor_build_bytestring(ptr, len)) == NULL) {
579
1
                fido_log_debug("%s: cbor_build_bytestring", __func__);
580
1
                r = FIDO_ERR_INTERNAL;
581
1
                goto fail;
582
1
        }
583
427
584
427
        if (cbor_decode_cred_authdata(item, cred->type, &cred->authdata_cbor,
585
427
            &cred->authdata, &cred->attcred, &cred->authdata_ext) < 0) {
586
427
                fido_log_debug("%s: cbor_decode_cred_authdata", __func__);
587
427
                r = FIDO_ERR_INVALID_ARGUMENT;
588
427
                goto fail;
589
427
        }
590
0
591
0
        r = FIDO_OK;
592
3.33k
fail:
593
3.33k
        if (item != NULL)
594
3.33k
                cbor_decref(&item);
595
3.33k
596
3.33k
        if (r != FIDO_OK)
597
3.33k
                fido_cred_clean_authdata(cred);
598
3.33k
599
3.33k
        return (r);
600
0
601
0
}
602
603
int
604
fido_cred_set_x509(fido_cred_t *cred, const unsigned char *ptr, size_t len)
605
4.18k
{
606
4.18k
        unsigned char *x509;
607
4.18k
608
4.18k
        fido_cred_clean_x509(cred);
609
4.18k
610
4.18k
        if (ptr == NULL || len == 0)
611
3.39k
                return (FIDO_ERR_INVALID_ARGUMENT);
612
788
        if ((x509 = malloc(len)) == NULL)
613
788
                return (FIDO_ERR_INTERNAL);
614
786
615
786
        memcpy(x509, ptr, len);
616
786
        cred->attstmt.x5c.ptr = x509;
617
786
        cred->attstmt.x5c.len = len;
618
786
619
786
        return (FIDO_OK);
620
786
}
621
622
int
623
fido_cred_set_sig(fido_cred_t *cred, const unsigned char *ptr, size_t len)
624
4.18k
{
625
4.18k
        unsigned char *sig;
626
4.18k
627
4.18k
        fido_cred_clean_sig(cred);
628
4.18k
629
4.18k
        if (ptr == NULL || len == 0)
630
3.35k
                return (FIDO_ERR_INVALID_ARGUMENT);
631
825
        if ((sig = malloc(len)) == NULL)
632
825
                return (FIDO_ERR_INTERNAL);
633
821
634
821
        memcpy(sig, ptr, len);
635
821
        cred->attstmt.sig.ptr = sig;
636
821
        cred->attstmt.sig.len = len;
637
821
638
821
        return (FIDO_OK);
639
821
}
640
641
int
642
fido_cred_exclude(fido_cred_t *cred, const unsigned char *id_ptr, size_t id_len)
643
147k
{
644
147k
        fido_blob_t id_blob;
645
147k
        fido_blob_t *list_ptr;
646
147k
647
147k
        memset(&id_blob, 0, sizeof(id_blob));
648
147k
649
147k
        if (fido_blob_set(&id_blob, id_ptr, id_len) < 0)
650
685
                return (FIDO_ERR_INVALID_ARGUMENT);
651
146k
652
146k
        if (cred->excl.len == SIZE_MAX) {
653
0
                free(id_blob.ptr);
654
0
                return (FIDO_ERR_INVALID_ARGUMENT);
655
0
        }
656
146k
657
146k
        if ((list_ptr = recallocarray(cred->excl.ptr, cred->excl.len,
658
146k
            cred->excl.len + 1, sizeof(fido_blob_t))) == NULL) {
659
376
                free(id_blob.ptr);
660
376
                return (FIDO_ERR_INTERNAL);
661
376
        }
662
146k
663
146k
        list_ptr[cred->excl.len++] = id_blob;
664
146k
        cred->excl.ptr = list_ptr;
665
146k
666
146k
        return (FIDO_OK);
667
146k
}
668
669
int
670
fido_cred_set_clientdata_hash(fido_cred_t *cred, const unsigned char *hash,
671
    size_t hash_len)
672
7.57k
{
673
7.57k
        if (fido_blob_set(&cred->cdh, hash, hash_len) < 0)
674
114
                return (FIDO_ERR_INVALID_ARGUMENT);
675
7.45k
676
7.45k
        return (FIDO_OK);
677
7.45k
}
678
679
int
680
fido_cred_set_rp(fido_cred_t *cred, const char *id, const char *name)
681
7.57k
{
682
7.57k
        fido_rp_t *rp = &cred->rp;
683
7.57k
684
7.57k
        if (rp->id != NULL) {
685
0
                free(rp->id);
686
0
                rp->id = NULL;
687
0
        }
688
7.57k
        if (rp->name != NULL) {
689
0
                free(rp->name);
690
0
                rp->name = NULL;
691
0
        }
692
7.57k
693
7.57k
        if (id != NULL && (rp->id = strdup(id)) == NULL)
694
7.57k
                goto fail;
695
7.54k
        if (name != NULL && (rp->name = strdup(name)) == NULL)
696
7.54k
                goto fail;
697
7.52k
698
7.52k
        return (FIDO_OK);
699
43
fail:
700
43
        free(rp->id);
701
43
        free(rp->name);
702
43
        rp->id = NULL;
703
43
        rp->name = NULL;
704
43
705
43
        return (FIDO_ERR_INTERNAL);
706
7.52k
}
707
708
int
709
fido_cred_set_user(fido_cred_t *cred, const unsigned char *user_id,
710
    size_t user_id_len, const char *name, const char *display_name,
711
    const char *icon)
712
3.74k
{
713
3.74k
        fido_user_t *up = &cred->user;
714
3.74k
715
3.74k
        if (up->id.ptr != NULL) {
716
0
                free(up->id.ptr);
717
0
                up->id.ptr = NULL;
718
0
                up->id.len = 0;
719
0
        }
720
3.74k
        if (up->name != NULL) {
721
0
                free(up->name);
722
0
                up->name = NULL;
723
0
        }
724
3.74k
        if (up->display_name != NULL) {
725
0
                free(up->display_name);
726
0
                up->display_name = NULL;
727
0
        }
728
3.74k
        if (up->icon != NULL) {
729
0
                free(up->icon);
730
0
                up->icon = NULL;
731
0
        }
732
3.74k
733
3.74k
        if (user_id != NULL) {
734
3.74k
                if ((up->id.ptr = malloc(user_id_len)) == NULL)
735
3.74k
                        goto fail;
736
3.73k
                memcpy(up->id.ptr, user_id, user_id_len);
737
3.73k
                up->id.len = user_id_len;
738
3.73k
        }
739
3.74k
        if (name != NULL && (up->name = strdup(name)) == NULL)
740
3.73k
                goto fail;
741
3.72k
        if (display_name != NULL &&
742
3.72k
            (up->display_name = strdup(display_name)) == NULL)
743
3.72k
                goto fail;
744
3.72k
        if (icon != NULL && (up->icon = strdup(icon)) == NULL)
745
3.72k
                goto fail;
746
3.72k
747
3.72k
        return (FIDO_OK);
748
22
fail:
749
22
        free(up->id.ptr);
750
22
        free(up->name);
751
22
        free(up->display_name);
752
22
        free(up->icon);
753
22
754
22
        up->id.ptr = NULL;
755
22
        up->id.len = 0;
756
22
        up->name = NULL;
757
22
        up->display_name = NULL;
758
22
        up->icon = NULL;
759
22
760
22
        return (FIDO_ERR_INTERNAL);
761
3.72k
}
762
763
int
764
fido_cred_set_extensions(fido_cred_t *cred, int ext)
765
7.57k
{
766
7.57k
        if (ext == 0)
767
429
                cred->ext.mask = 0;
768
7.14k
        else {
769
7.14k
                if (ext != FIDO_EXT_HMAC_SECRET &&
770
7.14k
                    ext != FIDO_EXT_CRED_PROTECT)
771
7.14k
                        return (FIDO_ERR_INVALID_ARGUMENT);
772
118
                cred->ext.mask |= ext;
773
118
        }
774
7.57k
775
7.57k
        return (FIDO_OK);
776
7.57k
}
777
778
int
779
fido_cred_set_options(fido_cred_t *cred, bool rk, bool uv)
780
0
{
781
0
        cred->rk = rk ? FIDO_OPT_TRUE : FIDO_OPT_FALSE;
782
0
        cred->uv = uv ? FIDO_OPT_TRUE : FIDO_OPT_FALSE;
783
0
784
0
        return (FIDO_OK);
785
0
}
786
787
int
788
fido_cred_set_rk(fido_cred_t *cred, fido_opt_t rk)
789
2.58k
{
790
2.58k
        cred->rk = rk;
791
2.58k
792
2.58k
        return (FIDO_OK);
793
2.58k
}
794
795
int
796
fido_cred_set_uv(fido_cred_t *cred, fido_opt_t uv)
797
2.45k
{
798
2.45k
        cred->uv = uv;
799
2.45k
800
2.45k
        return (FIDO_OK);
801
2.45k
}
802
803
int
804
fido_cred_set_prot(fido_cred_t *cred, int prot)
805
7.57k
{
806
7.57k
        if (prot == 0) {
807
5.38k
                cred->ext.mask &= ~FIDO_EXT_CRED_PROTECT;
808
5.38k
                cred->ext.prot = 0;
809
5.38k
        } else {
810
2.18k
                if (prot != FIDO_CRED_PROT_UV_OPTIONAL &&
811
2.18k
                    prot != FIDO_CRED_PROT_UV_OPTIONAL_WITH_ID &&
812
2.18k
                    prot != FIDO_CRED_PROT_UV_REQUIRED)
813
2.18k
                        return (FIDO_ERR_INVALID_ARGUMENT);
814
2.18k
815
2.18k
                cred->ext.mask |= FIDO_EXT_CRED_PROTECT;
816
2.18k
                cred->ext.prot = prot;
817
2.18k
        }
818
7.57k
819
7.57k
        return (FIDO_OK);
820
7.57k
}
821
822
int
823
fido_cred_set_fmt(fido_cred_t *cred, const char *fmt)
824
1.30k
{
825
1.30k
        free(cred->fmt);
826
1.30k
        cred->fmt = NULL;
827
1.30k
828
1.30k
        if (fmt == NULL)
829
1.30k
                return (FIDO_ERR_INVALID_ARGUMENT);
830
1.30k
831
1.30k
        if (strcmp(fmt, "packed") && strcmp(fmt, "fido-u2f"))
832
0
                return (FIDO_ERR_INVALID_ARGUMENT);
833
1.30k
834
1.30k
        if ((cred->fmt = strdup(fmt)) == NULL)
835
1.30k
                return (FIDO_ERR_INTERNAL);
836
1.29k
837
1.29k
        return (FIDO_OK);
838
1.29k
}
839
840
int
841
fido_cred_set_type(fido_cred_t *cred, int cose_alg)
842
7.57k
{
843
7.57k
        if ((cose_alg != COSE_ES256 && cose_alg != COSE_RS256 &&
844
7.57k
            cose_alg != COSE_EDDSA) || cred->type != 0)
845
0
                return (FIDO_ERR_INVALID_ARGUMENT);
846
7.57k
847
7.57k
        cred->type = cose_alg;
848
7.57k
849
7.57k
        return (FIDO_OK);
850
7.57k
}
851
852
int
853
fido_cred_type(const fido_cred_t *cred)
854
4.75k
{
855
4.75k
        return (cred->type);
856
4.75k
}
857
858
uint8_t
859
fido_cred_flags(const fido_cred_t *cred)
860
3.82k
{
861
3.82k
        return (cred->authdata.flags);
862
3.82k
}
863
864
const unsigned char *
865
fido_cred_clientdata_hash_ptr(const fido_cred_t *cred)
866
3.84k
{
867
3.84k
        return (cred->cdh.ptr);
868
3.84k
}
869
870
size_t
871
fido_cred_clientdata_hash_len(const fido_cred_t *cred)
872
3.84k
{
873
3.84k
        return (cred->cdh.len);
874
3.84k
}
875
876
const unsigned char *
877
fido_cred_x5c_ptr(const fido_cred_t *cred)
878
3.84k
{
879
3.84k
        return (cred->attstmt.x5c.ptr);
880
3.84k
}
881
882
size_t
883
fido_cred_x5c_len(const fido_cred_t *cred)
884
3.84k
{
885
3.84k
        return (cred->attstmt.x5c.len);
886
3.84k
}
887
888
const unsigned char *
889
fido_cred_sig_ptr(const fido_cred_t *cred)
890
3.84k
{
891
3.84k
        return (cred->attstmt.sig.ptr);
892
3.84k
}
893
894
size_t
895
fido_cred_sig_len(const fido_cred_t *cred)
896
3.84k
{
897
3.84k
        return (cred->attstmt.sig.len);
898
3.84k
}
899
900
const unsigned char *
901
fido_cred_authdata_ptr(const fido_cred_t *cred)
902
3.84k
{
903
3.84k
        return (cred->authdata_cbor.ptr);
904
3.84k
}
905
906
size_t
907
fido_cred_authdata_len(const fido_cred_t *cred)
908
3.84k
{
909
3.84k
        return (cred->authdata_cbor.len);
910
3.84k
}
911
912
const unsigned char *
913
fido_cred_pubkey_ptr(const fido_cred_t *cred)
914
4.75k
{
915
4.75k
        const void *ptr;
916
4.75k
917
4.75k
        switch (cred->attcred.type) {
918
4.75k
        case COSE_ES256:
919
859
                ptr = &cred->attcred.pubkey.es256;
920
859
                break;
921
4.75k
        case COSE_RS256:
922
0
                ptr = &cred->attcred.pubkey.rs256;
923
0
                break;
924
4.75k
        case COSE_EDDSA:
925
175
                ptr = &cred->attcred.pubkey.eddsa;
926
175
                break;
927
4.75k
        default:
928
3.72k
                ptr = NULL;
929
3.72k
                break;
930
4.75k
        }
931
4.75k
932
4.75k
        return (ptr);
933
4.75k
}
934
935
size_t
936
fido_cred_pubkey_len(const fido_cred_t *cred)
937
4.75k
{
938
4.75k
        size_t len;
939
4.75k
940
4.75k
        switch (cred->attcred.type) {
941
4.75k
        case COSE_ES256:
942
859
                len = sizeof(cred->attcred.pubkey.es256);
943
859
                break;
944
4.75k
        case COSE_RS256:
945
0
                len = sizeof(cred->attcred.pubkey.rs256);
946
0
                break;
947
4.75k
        case COSE_EDDSA:
948
175
                len = sizeof(cred->attcred.pubkey.eddsa);
949
175
                break;
950
4.75k
        default:
951
3.72k
                len = 0;
952
3.72k
                break;
953
4.75k
        }
954
4.75k
955
4.75k
        return (len);
956
4.75k
}
957
958
const unsigned char *
959
fido_cred_id_ptr(const fido_cred_t *cred)
960
4.75k
{
961
4.75k
        return (cred->attcred.id.ptr);
962
4.75k
}
963
964
size_t
965
fido_cred_id_len(const fido_cred_t *cred)
966
4.75k
{
967
4.75k
        return (cred->attcred.id.len);
968
4.75k
}
969
970
int
971
fido_cred_prot(const fido_cred_t *cred)
972
3.84k
{
973
3.84k
        return (cred->ext.prot);
974
3.84k
}
975
976
const char *
977
fido_cred_fmt(const fido_cred_t *cred)
978
3.84k
{
979
3.84k
        return (cred->fmt);
980
3.84k
}
981
982
const char *
983
fido_cred_rp_id(const fido_cred_t *cred)
984
3.84k
{
985
3.84k
        return (cred->rp.id);
986
3.84k
}
987
988
const char *
989
fido_cred_rp_name(const fido_cred_t *cred)
990
3.84k
{
991
3.84k
        return (cred->rp.name);
992
3.84k
}
993
994
const char *
995
fido_cred_user_name(const fido_cred_t *cred)
996
9.50k
{
997
9.50k
        return (cred->user.name);
998
9.50k
}
999
1000
const char *
1001
fido_cred_display_name(const fido_cred_t *cred)
1002
9.50k
{
1003
9.50k
        return (cred->user.display_name);
1004
9.50k
}
1005
1006
const unsigned char *
1007
fido_cred_user_id_ptr(const fido_cred_t *cred)
1008
4.75k
{
1009
4.75k
        return (cred->user.id.ptr);
1010
4.75k
}
1011
1012
size_t
1013
fido_cred_user_id_len(const fido_cred_t *cred)
1014
4.75k
{
1015
4.75k
        return (cred->user.id.len);
1016
4.75k
}