Line | Count | Source |
1 | | /* |
2 | | * Copyright (c) 2019-2022 Yubico AB. All rights reserved. |
3 | | * Use of this source code is governed by a BSD-style |
4 | | * license that can be found in the LICENSE file. |
5 | | * SPDX-License-Identifier: BSD-2-Clause |
6 | | */ |
7 | | |
8 | | #include <openssl/sha.h> |
9 | | |
10 | | #include "fido.h" |
11 | | #include "fido/credman.h" |
12 | | #include "fido/es256.h" |
13 | | |
14 | 1.54k | #define CMD_CRED_METADATA 0x01 |
15 | 1.67k | #define CMD_RP_BEGIN 0x02 |
16 | 1.20k | #define CMD_RP_NEXT 0x03 |
17 | 6.46k | #define CMD_RK_BEGIN 0x04 |
18 | 3.09k | #define CMD_RK_NEXT 0x05 |
19 | 8.49k | #define CMD_DELETE_CRED 0x06 |
20 | 8.72k | #define CMD_UPDATE_CRED 0x07 |
21 | | |
22 | | static int |
23 | | credman_grow_array(void **ptr, size_t *n_alloc, const size_t *n_rx, size_t n, |
24 | | size_t size) |
25 | 2.78k | { |
26 | 2.78k | void *new_ptr; |
27 | | |
28 | 2.78k | #ifdef FIDO_FUZZ |
29 | 2.78k | if (n > UINT8_MAX) { |
30 | 471 | fido_log_debug("%s: n > UINT8_MAX", __func__); |
31 | 471 | return (-1); |
32 | 471 | } |
33 | 2.31k | #endif |
34 | | |
35 | 2.31k | if (n < *n_alloc) |
36 | 0 | return (0); |
37 | | |
38 | | /* sanity check */ |
39 | 2.31k | if (*n_rx > 0 || *n_rx > *n_alloc || n < *n_alloc) { |
40 | 0 | fido_log_debug("%s: n=%zu, n_rx=%zu, n_alloc=%zu", __func__, n, |
41 | 0 | *n_rx, *n_alloc); |
42 | 0 | return (-1); |
43 | 0 | } |
44 | | |
45 | 2.31k | if ((new_ptr = recallocarray(*ptr, *n_alloc, n, size)) == NULL) |
46 | 7 | return (-1); |
47 | | |
48 | 2.30k | *ptr = new_ptr; |
49 | 2.30k | *n_alloc = n; |
50 | | |
51 | 2.30k | return (0); |
52 | 2.31k | } |
53 | | |
54 | | static int |
55 | | credman_prepare_hmac(uint8_t cmd, const void *body, cbor_item_t **param, |
56 | | fido_blob_t *hmac_data) |
57 | 9.52k | { |
58 | 9.52k | cbor_item_t *param_cbor[3]; |
59 | 9.52k | const fido_cred_t *cred; |
60 | 9.52k | size_t n; |
61 | 9.52k | int ok = -1; |
62 | | |
63 | 9.52k | memset(¶m_cbor, 0, sizeof(param_cbor)); |
64 | | |
65 | 9.52k | if (body == NULL) |
66 | 1.75k | return (fido_blob_set(hmac_data, &cmd, sizeof(cmd))); |
67 | | |
68 | 7.77k | switch (cmd) { |
69 | 2.90k | case CMD_RK_BEGIN: |
70 | 2.90k | n = 1; |
71 | 2.90k | if ((param_cbor[0] = fido_blob_encode(body)) == NULL) { |
72 | 7 | fido_log_debug("%s: cbor encode", __func__); |
73 | 7 | goto fail; |
74 | 7 | } |
75 | 2.90k | break; |
76 | 2.90k | case CMD_DELETE_CRED: |
77 | 2.40k | n = 2; |
78 | 2.40k | if ((param_cbor[1] = cbor_encode_pubkey(body)) == NULL) { |
79 | 31 | fido_log_debug("%s: cbor encode", __func__); |
80 | 31 | goto fail; |
81 | 31 | } |
82 | 2.37k | break; |
83 | 2.46k | case CMD_UPDATE_CRED: |
84 | 2.46k | n = 3; |
85 | 2.46k | cred = body; |
86 | 2.46k | param_cbor[1] = cbor_encode_pubkey(&cred->attcred.id); |
87 | 2.46k | param_cbor[2] = cbor_encode_user_entity(&cred->user); |
88 | 2.46k | if (param_cbor[1] == NULL || param_cbor[2] == NULL) { |
89 | 62 | fido_log_debug("%s: cbor encode", __func__); |
90 | 62 | goto fail; |
91 | 62 | } |
92 | 2.40k | break; |
93 | 2.40k | default: |
94 | 0 | fido_log_debug("%s: unknown cmd=0x%02x", __func__, cmd); |
95 | 0 | return (-1); |
96 | 7.77k | } |
97 | | |
98 | 7.67k | if ((*param = cbor_flatten_vector(param_cbor, n)) == NULL) { |
99 | 55 | fido_log_debug("%s: cbor_flatten_vector", __func__); |
100 | 55 | goto fail; |
101 | 55 | } |
102 | 7.62k | if (cbor_build_frame(cmd, param_cbor, n, hmac_data) < 0) { |
103 | 69 | fido_log_debug("%s: cbor_build_frame", __func__); |
104 | 69 | goto fail; |
105 | 69 | } |
106 | | |
107 | 7.55k | ok = 0; |
108 | 7.77k | fail: |
109 | 7.77k | cbor_vector_free(param_cbor, nitems(param_cbor)); |
110 | | |
111 | 7.77k | return (ok); |
112 | 7.55k | } |
113 | | |
114 | | static uint8_t |
115 | | credman_get_cmd(const fido_dev_t *dev) |
116 | 23.4k | { |
117 | 23.4k | if (dev->flags & FIDO_DEV_CREDMAN) |
118 | 48 | return (CTAP_CBOR_CRED_MGMT); |
119 | | |
120 | 23.3k | return (CTAP_CBOR_CRED_MGMT_PRE); |
121 | 23.4k | } |
122 | | |
123 | | static int |
124 | | credman_tx(fido_dev_t *dev, uint8_t subcmd, const void *param, const char *pin, |
125 | | const char *rp_id, fido_opt_t uv, int *ms) |
126 | 23.4k | { |
127 | 23.4k | fido_blob_t f; |
128 | 23.4k | fido_blob_t *ecdh = NULL; |
129 | 23.4k | fido_blob_t hmac; |
130 | 23.4k | es256_pk_t *pk = NULL; |
131 | 23.4k | cbor_item_t *argv[4]; |
132 | 23.4k | const uint8_t cmd = credman_get_cmd(dev); |
133 | 23.4k | int r = FIDO_ERR_INTERNAL; |
134 | | |
135 | 23.4k | memset(&f, 0, sizeof(f)); |
136 | 23.4k | memset(&hmac, 0, sizeof(hmac)); |
137 | 23.4k | memset(&argv, 0, sizeof(argv)); |
138 | | |
139 | 23.4k | if (fido_dev_is_fido2(dev) == false) { |
140 | 9.55k | fido_log_debug("%s: fido_dev_is_fido2", __func__); |
141 | 9.55k | r = FIDO_ERR_INVALID_COMMAND; |
142 | 9.55k | goto fail; |
143 | 9.55k | } |
144 | | |
145 | | /* subCommand */ |
146 | 13.8k | if ((argv[0] = cbor_build_uint8(subcmd)) == NULL) { |
147 | 48 | fido_log_debug("%s: cbor encode", __func__); |
148 | 48 | goto fail; |
149 | 48 | } |
150 | | |
151 | | /* pinProtocol, pinAuth */ |
152 | 13.8k | if (pin != NULL || uv == FIDO_OPT_TRUE) { |
153 | 9.52k | if (credman_prepare_hmac(subcmd, param, &argv[1], &hmac) < 0) { |
154 | 226 | fido_log_debug("%s: credman_prepare_hmac", __func__); |
155 | 226 | goto fail; |
156 | 226 | } |
157 | 9.30k | if ((r = fido_do_ecdh(dev, &pk, &ecdh, ms)) != FIDO_OK) { |
158 | 4.17k | fido_log_debug("%s: fido_do_ecdh", __func__); |
159 | 4.17k | goto fail; |
160 | 4.17k | } |
161 | 5.12k | if ((r = cbor_add_uv_params(dev, cmd, &hmac, pk, ecdh, pin, |
162 | 5.12k | rp_id, &argv[3], &argv[2], ms)) != FIDO_OK) { |
163 | 1.62k | fido_log_debug("%s: cbor_add_uv_params", __func__); |
164 | 1.62k | goto fail; |
165 | 1.62k | } |
166 | 5.12k | } |
167 | | |
168 | | /* framing and transmission */ |
169 | 7.79k | if (cbor_build_frame(cmd, argv, nitems(argv), &f) < 0 || |
170 | 7.79k | fido_tx(dev, CTAP_CMD_CBOR, f.ptr, f.len, ms) < 0) { |
171 | 208 | fido_log_debug("%s: fido_tx", __func__); |
172 | 208 | r = FIDO_ERR_TX; |
173 | 208 | goto fail; |
174 | 208 | } |
175 | | |
176 | 7.58k | r = FIDO_OK; |
177 | 23.4k | fail: |
178 | 23.4k | es256_pk_free(&pk); |
179 | 23.4k | fido_blob_free(&ecdh); |
180 | 23.4k | cbor_vector_free(argv, nitems(argv)); |
181 | 23.4k | free(f.ptr); |
182 | 23.4k | free(hmac.ptr); |
183 | | |
184 | 23.4k | return (r); |
185 | 7.58k | } |
186 | | |
187 | | static int |
188 | | credman_parse_metadata(const cbor_item_t *key, const cbor_item_t *val, |
189 | | void *arg) |
190 | 215 | { |
191 | 215 | fido_credman_metadata_t *metadata = arg; |
192 | | |
193 | 215 | if (cbor_isa_uint(key) == false || |
194 | 215 | cbor_int_get_width(key) != CBOR_INT_8) { |
195 | 84 | fido_log_debug("%s: cbor type", __func__); |
196 | 84 | return (0); /* ignore */ |
197 | 84 | } |
198 | | |
199 | 131 | switch (cbor_get_uint8(key)) { |
200 | 16 | case 1: |
201 | 16 | return (cbor_decode_uint64(val, &metadata->rk_existing)); |
202 | 16 | case 2: |
203 | 16 | return (cbor_decode_uint64(val, &metadata->rk_remaining)); |
204 | 99 | default: |
205 | 99 | fido_log_debug("%s: cbor type", __func__); |
206 | 99 | return (0); /* ignore */ |
207 | 131 | } |
208 | 131 | } |
209 | | |
210 | | static int |
211 | | credman_rx_metadata(fido_dev_t *dev, fido_credman_metadata_t *metadata, int *ms) |
212 | 107 | { |
213 | 107 | unsigned char *msg; |
214 | 107 | int msglen; |
215 | 107 | int r; |
216 | | |
217 | 107 | memset(metadata, 0, sizeof(*metadata)); |
218 | | |
219 | 107 | if ((msg = malloc(FIDO_MAXMSG)) == NULL) { |
220 | 3 | r = FIDO_ERR_INTERNAL; |
221 | 3 | goto out; |
222 | 3 | } |
223 | | |
224 | 104 | if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) { |
225 | 4 | fido_log_debug("%s: fido_rx", __func__); |
226 | 4 | r = FIDO_ERR_RX; |
227 | 4 | goto out; |
228 | 4 | } |
229 | | |
230 | 100 | if ((r = cbor_parse_reply(msg, (size_t)msglen, metadata, |
231 | 100 | credman_parse_metadata)) != FIDO_OK) { |
232 | 62 | fido_log_debug("%s: credman_parse_metadata", __func__); |
233 | 62 | goto out; |
234 | 62 | } |
235 | | |
236 | 38 | r = FIDO_OK; |
237 | 107 | out: |
238 | 107 | freezero(msg, FIDO_MAXMSG); |
239 | | |
240 | 107 | return (r); |
241 | 38 | } |
242 | | |
243 | | static int |
244 | | credman_get_metadata_wait(fido_dev_t *dev, fido_credman_metadata_t *metadata, |
245 | | const char *pin, int *ms) |
246 | 1.54k | { |
247 | 1.54k | int r; |
248 | | |
249 | 1.54k | if ((r = credman_tx(dev, CMD_CRED_METADATA, NULL, pin, NULL, |
250 | 1.54k | FIDO_OPT_TRUE, ms)) != FIDO_OK || |
251 | 1.54k | (r = credman_rx_metadata(dev, metadata, ms)) != FIDO_OK) |
252 | 1.50k | return (r); |
253 | | |
254 | 38 | return (FIDO_OK); |
255 | 1.54k | } |
256 | | |
257 | | int |
258 | | fido_credman_get_dev_metadata(fido_dev_t *dev, fido_credman_metadata_t *metadata, |
259 | | const char *pin) |
260 | 1.54k | { |
261 | 1.54k | int ms = dev->timeout_ms; |
262 | | |
263 | 1.54k | return (credman_get_metadata_wait(dev, metadata, pin, &ms)); |
264 | 1.54k | } |
265 | | |
266 | | static int |
267 | | credman_parse_rk(const cbor_item_t *key, const cbor_item_t *val, void *arg) |
268 | 14.7k | { |
269 | 14.7k | fido_cred_t *cred = arg; |
270 | 14.7k | uint64_t prot; |
271 | | |
272 | 14.7k | if (cbor_isa_uint(key) == false || |
273 | 14.7k | cbor_int_get_width(key) != CBOR_INT_8) { |
274 | 322 | fido_log_debug("%s: cbor type", __func__); |
275 | 322 | return (0); /* ignore */ |
276 | 322 | } |
277 | | |
278 | 14.4k | switch (cbor_get_uint8(key)) { |
279 | 3.24k | case 6: |
280 | 3.24k | return (cbor_decode_user(val, &cred->user)); |
281 | 3.12k | case 7: |
282 | 3.12k | return (cbor_decode_cred_id(val, &cred->attcred.id)); |
283 | 3.19k | case 8: |
284 | 3.19k | if (cbor_decode_pubkey(val, &cred->attcred.type, |
285 | 3.19k | &cred->attcred.pubkey) < 0) |
286 | 1.08k | return (-1); |
287 | 2.11k | cred->type = cred->attcred.type; /* XXX */ |
288 | 2.11k | return (0); |
289 | 1.78k | case 10: |
290 | 1.78k | if (cbor_decode_uint64(val, &prot) < 0 || prot > INT_MAX || |
291 | 1.78k | fido_cred_set_prot(cred, (int)prot) != FIDO_OK) |
292 | 307 | return (-1); |
293 | 1.47k | return (0); |
294 | 12 | case 11: |
295 | 12 | return (fido_blob_decode(val, &cred->largeblob_key)); |
296 | 3.09k | default: |
297 | 3.09k | fido_log_debug("%s: cbor type", __func__); |
298 | 3.09k | return (0); /* ignore */ |
299 | 14.4k | } |
300 | 14.4k | } |
301 | | |
302 | | static void |
303 | | credman_reset_rk(fido_credman_rk_t *rk) |
304 | 5.84k | { |
305 | 44.0k | for (size_t i = 0; i < rk->n_alloc; i++) { |
306 | 38.2k | fido_cred_reset_tx(&rk->ptr[i]); |
307 | 38.2k | fido_cred_reset_rx(&rk->ptr[i]); |
308 | 38.2k | } |
309 | | |
310 | 5.84k | free(rk->ptr); |
311 | 5.84k | rk->ptr = NULL; |
312 | 5.84k | memset(rk, 0, sizeof(*rk)); |
313 | 5.84k | } |
314 | | |
315 | | static int |
316 | | credman_parse_rk_count(const cbor_item_t *key, const cbor_item_t *val, |
317 | | void *arg) |
318 | 10.7k | { |
319 | 10.7k | fido_credman_rk_t *rk = arg; |
320 | 10.7k | uint64_t n; |
321 | | |
322 | | /* totalCredentials */ |
323 | 10.7k | if (cbor_isa_uint(key) == false || |
324 | 10.7k | cbor_int_get_width(key) != CBOR_INT_8 || |
325 | 10.7k | cbor_get_uint8(key) != 9) { |
326 | 8.55k | fido_log_debug("%s: cbor_type", __func__); |
327 | 8.55k | return (0); /* ignore */ |
328 | 8.55k | } |
329 | | |
330 | 2.16k | if (cbor_decode_uint64(val, &n) < 0 || n > SIZE_MAX) { |
331 | 3 | fido_log_debug("%s: cbor_decode_uint64", __func__); |
332 | 3 | return (-1); |
333 | 3 | } |
334 | | |
335 | 2.16k | if (credman_grow_array((void **)&rk->ptr, &rk->n_alloc, &rk->n_rx, |
336 | 2.16k | (size_t)n, sizeof(*rk->ptr)) < 0) { |
337 | 233 | fido_log_debug("%s: credman_grow_array", __func__); |
338 | 233 | return (-1); |
339 | 233 | } |
340 | | |
341 | 1.93k | return (0); |
342 | 2.16k | } |
343 | | |
344 | | static int |
345 | | credman_rx_rk(fido_dev_t *dev, fido_credman_rk_t *rk, int *ms) |
346 | 2.28k | { |
347 | 2.28k | unsigned char *msg; |
348 | 2.28k | int msglen; |
349 | 2.28k | int r; |
350 | | |
351 | 2.28k | credman_reset_rk(rk); |
352 | | |
353 | 2.28k | if ((msg = malloc(FIDO_MAXMSG)) == NULL) { |
354 | 2 | r = FIDO_ERR_INTERNAL; |
355 | 2 | goto out; |
356 | 2 | } |
357 | | |
358 | 2.28k | if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) { |
359 | 12 | fido_log_debug("%s: fido_rx", __func__); |
360 | 12 | r = FIDO_ERR_RX; |
361 | 12 | goto out; |
362 | 12 | } |
363 | | |
364 | | /* adjust as needed */ |
365 | 2.26k | if ((r = cbor_parse_reply(msg, (size_t)msglen, rk, |
366 | 2.26k | credman_parse_rk_count)) != FIDO_OK) { |
367 | 332 | fido_log_debug("%s: credman_parse_rk_count", __func__); |
368 | 332 | goto out; |
369 | 332 | } |
370 | | |
371 | 1.93k | if (rk->n_alloc == 0) { |
372 | 13 | fido_log_debug("%s: n_alloc=0", __func__); |
373 | 13 | r = FIDO_OK; |
374 | 13 | goto out; |
375 | 13 | } |
376 | | |
377 | | /* parse the first rk */ |
378 | 1.92k | if ((r = cbor_parse_reply(msg, (size_t)msglen, &rk->ptr[0], |
379 | 1.92k | credman_parse_rk)) != FIDO_OK) { |
380 | 678 | fido_log_debug("%s: credman_parse_rk", __func__); |
381 | 678 | goto out; |
382 | 678 | } |
383 | 1.24k | rk->n_rx = 1; |
384 | | |
385 | 1.24k | r = FIDO_OK; |
386 | 2.28k | out: |
387 | 2.28k | freezero(msg, FIDO_MAXMSG); |
388 | | |
389 | 2.28k | return (r); |
390 | 1.24k | } |
391 | | |
392 | | static int |
393 | | credman_rx_next_rk(fido_dev_t *dev, fido_credman_rk_t *rk, int *ms) |
394 | 3.06k | { |
395 | 3.06k | unsigned char *msg; |
396 | 3.06k | int msglen; |
397 | 3.06k | int r; |
398 | | |
399 | 3.06k | if ((msg = malloc(FIDO_MAXMSG)) == NULL) { |
400 | 5 | r = FIDO_ERR_INTERNAL; |
401 | 5 | goto out; |
402 | 5 | } |
403 | | |
404 | 3.05k | if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) { |
405 | 243 | fido_log_debug("%s: fido_rx", __func__); |
406 | 243 | r = FIDO_ERR_RX; |
407 | 243 | goto out; |
408 | 243 | } |
409 | | |
410 | | /* sanity check */ |
411 | 2.81k | if (rk->n_rx >= rk->n_alloc) { |
412 | 0 | fido_log_debug("%s: n_rx=%zu, n_alloc=%zu", __func__, rk->n_rx, |
413 | 0 | rk->n_alloc); |
414 | 0 | r = FIDO_ERR_INTERNAL; |
415 | 0 | goto out; |
416 | 0 | } |
417 | | |
418 | 2.81k | if ((r = cbor_parse_reply(msg, (size_t)msglen, &rk->ptr[rk->n_rx], |
419 | 2.81k | credman_parse_rk)) != FIDO_OK) { |
420 | 939 | fido_log_debug("%s: credman_parse_rk", __func__); |
421 | 939 | goto out; |
422 | 939 | } |
423 | | |
424 | 1.87k | r = FIDO_OK; |
425 | 3.06k | out: |
426 | 3.06k | freezero(msg, FIDO_MAXMSG); |
427 | | |
428 | 3.06k | return (r); |
429 | 1.87k | } |
430 | | |
431 | | static int |
432 | | credman_get_rk_wait(fido_dev_t *dev, const char *rp_id, fido_credman_rk_t *rk, |
433 | | const char *pin, int *ms) |
434 | 3.56k | { |
435 | 3.56k | fido_blob_t rp_dgst; |
436 | 3.56k | uint8_t dgst[SHA256_DIGEST_LENGTH]; |
437 | 3.56k | int r; |
438 | | |
439 | 3.56k | if (SHA256((const unsigned char *)rp_id, strlen(rp_id), dgst) != dgst) { |
440 | 7 | fido_log_debug("%s: sha256", __func__); |
441 | 7 | return (FIDO_ERR_INTERNAL); |
442 | 7 | } |
443 | | |
444 | 3.55k | rp_dgst.ptr = dgst; |
445 | 3.55k | rp_dgst.len = sizeof(dgst); |
446 | | |
447 | 3.55k | if ((r = credman_tx(dev, CMD_RK_BEGIN, &rp_dgst, pin, rp_id, |
448 | 3.55k | FIDO_OPT_TRUE, ms)) != FIDO_OK || |
449 | 3.55k | (r = credman_rx_rk(dev, rk, ms)) != FIDO_OK) |
450 | 2.29k | return (r); |
451 | | |
452 | 3.13k | while (rk->n_rx < rk->n_alloc) { |
453 | 3.09k | if ((r = credman_tx(dev, CMD_RK_NEXT, NULL, NULL, NULL, |
454 | 3.09k | FIDO_OPT_FALSE, ms)) != FIDO_OK || |
455 | 3.09k | (r = credman_rx_next_rk(dev, rk, ms)) != FIDO_OK) |
456 | 1.21k | return (r); |
457 | 1.87k | rk->n_rx++; |
458 | 1.87k | } |
459 | | |
460 | 39 | return (FIDO_OK); |
461 | 1.25k | } |
462 | | |
463 | | int |
464 | | fido_credman_get_dev_rk(fido_dev_t *dev, const char *rp_id, |
465 | | fido_credman_rk_t *rk, const char *pin) |
466 | 3.56k | { |
467 | 3.56k | int ms = dev->timeout_ms; |
468 | | |
469 | 3.56k | return (credman_get_rk_wait(dev, rp_id, rk, pin, &ms)); |
470 | 3.56k | } |
471 | | |
472 | | static int |
473 | | credman_del_rk_wait(fido_dev_t *dev, const unsigned char *cred_id, |
474 | | size_t cred_id_len, const char *pin, int *ms) |
475 | 6.11k | { |
476 | 6.11k | fido_blob_t cred; |
477 | 6.11k | int r; |
478 | | |
479 | 6.11k | memset(&cred, 0, sizeof(cred)); |
480 | | |
481 | 6.11k | if (fido_blob_set(&cred, cred_id, cred_id_len) < 0) |
482 | 26 | return (FIDO_ERR_INVALID_ARGUMENT); |
483 | | |
484 | 6.09k | if ((r = credman_tx(dev, CMD_DELETE_CRED, &cred, pin, NULL, |
485 | 6.09k | FIDO_OPT_TRUE, ms)) != FIDO_OK || |
486 | 6.09k | (r = fido_rx_cbor_status(dev, ms)) != FIDO_OK) |
487 | 6.07k | goto fail; |
488 | | |
489 | 18 | r = FIDO_OK; |
490 | 6.09k | fail: |
491 | 6.09k | free(cred.ptr); |
492 | | |
493 | 6.09k | return (r); |
494 | 18 | } |
495 | | |
496 | | int |
497 | | fido_credman_del_dev_rk(fido_dev_t *dev, const unsigned char *cred_id, |
498 | | size_t cred_id_len, const char *pin) |
499 | 6.11k | { |
500 | 6.11k | int ms = dev->timeout_ms; |
501 | | |
502 | 6.11k | return (credman_del_rk_wait(dev, cred_id, cred_id_len, pin, &ms)); |
503 | 6.11k | } |
504 | | |
505 | | static int |
506 | | credman_parse_rp(const cbor_item_t *key, const cbor_item_t *val, void *arg) |
507 | 2.89k | { |
508 | 2.89k | struct fido_credman_single_rp *rp = arg; |
509 | | |
510 | 2.89k | if (cbor_isa_uint(key) == false || |
511 | 2.89k | cbor_int_get_width(key) != CBOR_INT_8) { |
512 | 472 | fido_log_debug("%s: cbor type", __func__); |
513 | 472 | return (0); /* ignore */ |
514 | 472 | } |
515 | | |
516 | 2.42k | switch (cbor_get_uint8(key)) { |
517 | 1.02k | case 3: |
518 | 1.02k | return (cbor_decode_rp_entity(val, &rp->rp_entity)); |
519 | 652 | case 4: |
520 | 652 | return (fido_blob_decode(val, &rp->rp_id_hash)); |
521 | 747 | default: |
522 | 747 | fido_log_debug("%s: cbor type", __func__); |
523 | 747 | return (0); /* ignore */ |
524 | 2.42k | } |
525 | 2.42k | } |
526 | | |
527 | | static void |
528 | | credman_reset_rp(fido_credman_rp_t *rp) |
529 | 2.37k | { |
530 | 14.9k | for (size_t i = 0; i < rp->n_alloc; i++) { |
531 | 12.5k | free(rp->ptr[i].rp_entity.id); |
532 | 12.5k | free(rp->ptr[i].rp_entity.name); |
533 | 12.5k | rp->ptr[i].rp_entity.id = NULL; |
534 | 12.5k | rp->ptr[i].rp_entity.name = NULL; |
535 | 12.5k | fido_blob_reset(&rp->ptr[i].rp_id_hash); |
536 | 12.5k | } |
537 | | |
538 | 2.37k | free(rp->ptr); |
539 | 2.37k | rp->ptr = NULL; |
540 | 2.37k | memset(rp, 0, sizeof(*rp)); |
541 | 2.37k | } |
542 | | |
543 | | static int |
544 | | credman_parse_rp_count(const cbor_item_t *key, const cbor_item_t *val, |
545 | | void *arg) |
546 | 2.56k | { |
547 | 2.56k | fido_credman_rp_t *rp = arg; |
548 | 2.56k | uint64_t n; |
549 | | |
550 | | /* totalRPs */ |
551 | 2.56k | if (cbor_isa_uint(key) == false || |
552 | 2.56k | cbor_int_get_width(key) != CBOR_INT_8 || |
553 | 2.56k | cbor_get_uint8(key) != 5) { |
554 | 1.94k | fido_log_debug("%s: cbor_type", __func__); |
555 | 1.94k | return (0); /* ignore */ |
556 | 1.94k | } |
557 | | |
558 | 621 | if (cbor_decode_uint64(val, &n) < 0 || n > SIZE_MAX) { |
559 | 3 | fido_log_debug("%s: cbor_decode_uint64", __func__); |
560 | 3 | return (-1); |
561 | 3 | } |
562 | | |
563 | 618 | if (credman_grow_array((void **)&rp->ptr, &rp->n_alloc, &rp->n_rx, |
564 | 618 | (size_t)n, sizeof(*rp->ptr)) < 0) { |
565 | 245 | fido_log_debug("%s: credman_grow_array", __func__); |
566 | 245 | return (-1); |
567 | 245 | } |
568 | | |
569 | 373 | return (0); |
570 | 618 | } |
571 | | |
572 | | static int |
573 | | credman_rx_rp(fido_dev_t *dev, fido_credman_rp_t *rp, int *ms) |
574 | 699 | { |
575 | 699 | unsigned char *msg; |
576 | 699 | int msglen; |
577 | 699 | int r; |
578 | | |
579 | 699 | credman_reset_rp(rp); |
580 | | |
581 | 699 | if ((msg = malloc(FIDO_MAXMSG)) == NULL) { |
582 | 3 | r = FIDO_ERR_INTERNAL; |
583 | 3 | goto out; |
584 | 3 | } |
585 | | |
586 | 696 | if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) { |
587 | 14 | fido_log_debug("%s: fido_rx", __func__); |
588 | 14 | r = FIDO_ERR_RX; |
589 | 14 | goto out; |
590 | 14 | } |
591 | | |
592 | | /* adjust as needed */ |
593 | 682 | if ((r = cbor_parse_reply(msg, (size_t)msglen, rp, |
594 | 682 | credman_parse_rp_count)) != FIDO_OK) { |
595 | 287 | fido_log_debug("%s: credman_parse_rp_count", __func__); |
596 | 287 | goto out; |
597 | 287 | } |
598 | | |
599 | 395 | if (rp->n_alloc == 0) { |
600 | 31 | fido_log_debug("%s: n_alloc=0", __func__); |
601 | 31 | r = FIDO_OK; |
602 | 31 | goto out; |
603 | 31 | } |
604 | | |
605 | | /* parse the first rp */ |
606 | 364 | if ((r = cbor_parse_reply(msg, (size_t)msglen, &rp->ptr[0], |
607 | 364 | credman_parse_rp)) != FIDO_OK) { |
608 | 20 | fido_log_debug("%s: credman_parse_rp", __func__); |
609 | 20 | goto out; |
610 | 20 | } |
611 | 344 | rp->n_rx = 1; |
612 | | |
613 | 344 | r = FIDO_OK; |
614 | 699 | out: |
615 | 699 | freezero(msg, FIDO_MAXMSG); |
616 | | |
617 | 699 | return (r); |
618 | 344 | } |
619 | | |
620 | | static int |
621 | | credman_rx_next_rp(fido_dev_t *dev, fido_credman_rp_t *rp, int *ms) |
622 | 1.18k | { |
623 | 1.18k | unsigned char *msg; |
624 | 1.18k | int msglen; |
625 | 1.18k | int r; |
626 | | |
627 | 1.18k | if ((msg = malloc(FIDO_MAXMSG)) == NULL) { |
628 | 4 | r = FIDO_ERR_INTERNAL; |
629 | 4 | goto out; |
630 | 4 | } |
631 | | |
632 | 1.18k | if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) { |
633 | 151 | fido_log_debug("%s: fido_rx", __func__); |
634 | 151 | r = FIDO_ERR_RX; |
635 | 151 | goto out; |
636 | 151 | } |
637 | | |
638 | | /* sanity check */ |
639 | 1.03k | if (rp->n_rx >= rp->n_alloc) { |
640 | 0 | fido_log_debug("%s: n_rx=%zu, n_alloc=%zu", __func__, rp->n_rx, |
641 | 0 | rp->n_alloc); |
642 | 0 | r = FIDO_ERR_INTERNAL; |
643 | 0 | goto out; |
644 | 0 | } |
645 | | |
646 | 1.03k | if ((r = cbor_parse_reply(msg, (size_t)msglen, &rp->ptr[rp->n_rx], |
647 | 1.03k | credman_parse_rp)) != FIDO_OK) { |
648 | 144 | fido_log_debug("%s: credman_parse_rp", __func__); |
649 | 144 | goto out; |
650 | 144 | } |
651 | | |
652 | 887 | r = FIDO_OK; |
653 | 1.18k | out: |
654 | 1.18k | freezero(msg, FIDO_MAXMSG); |
655 | | |
656 | 1.18k | return (r); |
657 | 887 | } |
658 | | |
659 | | static int |
660 | | credman_get_rp_wait(fido_dev_t *dev, fido_credman_rp_t *rp, const char *pin, |
661 | | int *ms) |
662 | 1.67k | { |
663 | 1.67k | int r; |
664 | | |
665 | 1.67k | if ((r = credman_tx(dev, CMD_RP_BEGIN, NULL, pin, NULL, |
666 | 1.67k | FIDO_OPT_TRUE, ms)) != FIDO_OK || |
667 | 1.67k | (r = credman_rx_rp(dev, rp, ms)) != FIDO_OK) |
668 | 1.29k | return (r); |
669 | | |
670 | 1.26k | while (rp->n_rx < rp->n_alloc) { |
671 | 1.20k | if ((r = credman_tx(dev, CMD_RP_NEXT, NULL, NULL, NULL, |
672 | 1.20k | FIDO_OPT_FALSE, ms)) != FIDO_OK || |
673 | 1.20k | (r = credman_rx_next_rp(dev, rp, ms)) != FIDO_OK) |
674 | 321 | return (r); |
675 | 887 | rp->n_rx++; |
676 | 887 | } |
677 | | |
678 | 54 | return (FIDO_OK); |
679 | 375 | } |
680 | | |
681 | | int |
682 | | fido_credman_get_dev_rp(fido_dev_t *dev, fido_credman_rp_t *rp, const char *pin) |
683 | 1.67k | { |
684 | 1.67k | int ms = dev->timeout_ms; |
685 | | |
686 | 1.67k | return (credman_get_rp_wait(dev, rp, pin, &ms)); |
687 | 1.67k | } |
688 | | |
689 | | static int |
690 | | credman_set_dev_rk_wait(fido_dev_t *dev, fido_cred_t *cred, const char *pin, |
691 | | int *ms) |
692 | 6.25k | { |
693 | 6.25k | int r; |
694 | | |
695 | 6.25k | if ((r = credman_tx(dev, CMD_UPDATE_CRED, cred, pin, NULL, |
696 | 6.25k | FIDO_OPT_TRUE, ms)) != FIDO_OK || |
697 | 6.25k | (r = fido_rx_cbor_status(dev, ms)) != FIDO_OK) |
698 | 6.23k | return (r); |
699 | | |
700 | 21 | return (FIDO_OK); |
701 | 6.25k | } |
702 | | |
703 | | int |
704 | | fido_credman_set_dev_rk(fido_dev_t *dev, fido_cred_t *cred, const char *pin) |
705 | 6.25k | { |
706 | 6.25k | int ms = dev->timeout_ms; |
707 | | |
708 | 6.25k | return (credman_set_dev_rk_wait(dev, cred, pin, &ms)); |
709 | 6.25k | } |
710 | | |
711 | | fido_credman_rk_t * |
712 | | fido_credman_rk_new(void) |
713 | 3.56k | { |
714 | 3.56k | return (calloc(1, sizeof(fido_credman_rk_t))); |
715 | 3.56k | } |
716 | | |
717 | | void |
718 | | fido_credman_rk_free(fido_credman_rk_t **rk_p) |
719 | 3.56k | { |
720 | 3.56k | fido_credman_rk_t *rk; |
721 | | |
722 | 3.56k | if (rk_p == NULL || (rk = *rk_p) == NULL) |
723 | 0 | return; |
724 | | |
725 | 3.56k | credman_reset_rk(rk); |
726 | 3.56k | free(rk); |
727 | 3.56k | *rk_p = NULL; |
728 | 3.56k | } |
729 | | |
730 | | size_t |
731 | | fido_credman_rk_count(const fido_credman_rk_t *rk) |
732 | 11.9k | { |
733 | 11.9k | return (rk->n_rx); |
734 | 11.9k | } |
735 | | |
736 | | const fido_cred_t * |
737 | | fido_credman_rk(const fido_credman_rk_t *rk, size_t idx) |
738 | 6.68k | { |
739 | 6.68k | if (idx >= rk->n_alloc) |
740 | 1.65k | return (NULL); |
741 | | |
742 | 5.02k | return (&rk->ptr[idx]); |
743 | 6.68k | } |
744 | | |
745 | | fido_credman_metadata_t * |
746 | | fido_credman_metadata_new(void) |
747 | 1.54k | { |
748 | 1.54k | return (calloc(1, sizeof(fido_credman_metadata_t))); |
749 | 1.54k | } |
750 | | |
751 | | void |
752 | | fido_credman_metadata_free(fido_credman_metadata_t **metadata_p) |
753 | 1.54k | { |
754 | 1.54k | fido_credman_metadata_t *metadata; |
755 | | |
756 | 1.54k | if (metadata_p == NULL || (metadata = *metadata_p) == NULL) |
757 | 0 | return; |
758 | | |
759 | 1.54k | free(metadata); |
760 | 1.54k | *metadata_p = NULL; |
761 | 1.54k | } |
762 | | |
763 | | uint64_t |
764 | | fido_credman_rk_existing(const fido_credman_metadata_t *metadata) |
765 | 1.54k | { |
766 | 1.54k | return (metadata->rk_existing); |
767 | 1.54k | } |
768 | | |
769 | | uint64_t |
770 | | fido_credman_rk_remaining(const fido_credman_metadata_t *metadata) |
771 | 1.54k | { |
772 | 1.54k | return (metadata->rk_remaining); |
773 | 1.54k | } |
774 | | |
775 | | fido_credman_rp_t * |
776 | | fido_credman_rp_new(void) |
777 | 1.68k | { |
778 | 1.68k | return (calloc(1, sizeof(fido_credman_rp_t))); |
779 | 1.68k | } |
780 | | |
781 | | void |
782 | | fido_credman_rp_free(fido_credman_rp_t **rp_p) |
783 | 1.67k | { |
784 | 1.67k | fido_credman_rp_t *rp; |
785 | | |
786 | 1.67k | if (rp_p == NULL || (rp = *rp_p) == NULL) |
787 | 0 | return; |
788 | | |
789 | 1.67k | credman_reset_rp(rp); |
790 | 1.67k | free(rp); |
791 | 1.67k | *rp_p = NULL; |
792 | 1.67k | } |
793 | | |
794 | | size_t |
795 | | fido_credman_rp_count(const fido_credman_rp_t *rp) |
796 | 4.57k | { |
797 | 4.57k | return (rp->n_rx); |
798 | 4.57k | } |
799 | | |
800 | | const char * |
801 | | fido_credman_rp_id(const fido_credman_rp_t *rp, size_t idx) |
802 | 2.90k | { |
803 | 2.90k | if (idx >= rp->n_alloc) |
804 | 1.32k | return (NULL); |
805 | | |
806 | 1.57k | return (rp->ptr[idx].rp_entity.id); |
807 | 2.90k | } |
808 | | |
809 | | const char * |
810 | | fido_credman_rp_name(const fido_credman_rp_t *rp, size_t idx) |
811 | 2.90k | { |
812 | 2.90k | if (idx >= rp->n_alloc) |
813 | 1.32k | return (NULL); |
814 | | |
815 | 1.57k | return (rp->ptr[idx].rp_entity.name); |
816 | 2.90k | } |
817 | | |
818 | | size_t |
819 | | fido_credman_rp_id_hash_len(const fido_credman_rp_t *rp, size_t idx) |
820 | 2.90k | { |
821 | 2.90k | if (idx >= rp->n_alloc) |
822 | 1.32k | return (0); |
823 | | |
824 | 1.57k | return (rp->ptr[idx].rp_id_hash.len); |
825 | 2.90k | } |
826 | | |
827 | | const unsigned char * |
828 | | fido_credman_rp_id_hash_ptr(const fido_credman_rp_t *rp, size_t idx) |
829 | 2.90k | { |
830 | 2.90k | if (idx >= rp->n_alloc) |
831 | 1.32k | return (NULL); |
832 | | |
833 | 1.57k | return (rp->ptr[idx].rp_id_hash.ptr); |
834 | 2.90k | } |