dearsky/pico-fido
1
0
Fork 0
Code Issues 46 Pull Requests 1 Actions Packages Projects Releases 22 Wiki Activity

Added permissions support.

Browse Source 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos
2022-11-23 13:00:28 +01:00
parent 54c0769dbd
commit 04868f2d7b
7 changed files with 45 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/fido/cbor_make_credential.c
View File

@@ -215,10 +215,17 @@ int cbor_make_credential(const uint8_t *data, size_t len) {
int ret = verify(pinUvAuthProtocol, paut.data, clientDataHash.data, clientDataHash.len, pinUvAuthParam.data);
if (ret != CborNoError)
CBOR_ERROR(CTAP2_ERR_PIN_AUTH_INVALID);
if (!(paut.permissions & CTAP_PERMISSION_MC))
CBOR_ERROR(CTAP2_ERR_PIN_AUTH_INVALID);
if (paut.has_rp_id == true && memcmp(paut.rp_id_hash, rp_id_hash, 32) != 0)
CBOR_ERROR(CTAP2_ERR_PIN_AUTH_INVALID);
if (getUserVerifiedFlagValue() == false)
CBOR_ERROR(CTAP2_ERR_PIN_AUTH_INVALID);
flags |= FIDO2_AUT_FLAG_UV;
// Check pinUvAuthToken permissions. See 6.1.2.11
if (paut.has_rp_id == false) {
memcpy(paut.rp_id_hash, rp_id_hash, 32);
paut.has_rp_id = true;
}
}
for (int e = 0; e < excludeList_len; e++) { //12.1