Add rtc to credential.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
2026-01-24 01:14:46 +01:00
parent f2eef5b839
commit 3c20800839
3 changed files with 12 additions and 3 deletions
--- a/src/fido/cbor_get_assertion.c
+++ b/src/fido/cbor_get_assertion.c
@@ -428,7 +428,7 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) {
        if (!silent) {
            for (int i = 0; i < numberOfCredentials; i++) {
                for (int j = i + 1; j < numberOfCredentials; j++) {
-                    if (creds[j].creation > creds[i].creation) {
+                    if (creds[j].board_creation > creds[i].board_creation) {
                        Credential tmp = creds[j];
                        creds[j] = creds[i];
                        creds[i] = tmp;
--- a/src/fido/credential.c
+++ b/src/fido/credential.c
@@ -29,6 +29,7 @@
 #include "files.h"
 #include "otp.h"

+extern bool has_set_rtc();
 int credential_derive_chacha_key(uint8_t *outk, const uint8_t *);

 static int credential_silent_tag(const uint8_t *cred_id, size_t cred_id_len, const uint8_t *rp_id_hash, uint8_t *outk) {
@@ -148,6 +149,10 @@ int credential_create(CborCharString *rpId,
        }
        CBOR_CHECK(cbor_encoder_close_container(&mapEncoder, &mapEncoder2));
    }
+    if (has_set_rtc()) {
+        CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x0C));
+        CBOR_CHECK(cbor_encode_uint(&mapEncoder, (uint64_t) get_rtc_time()));
+    }
    CBOR_CHECK(cbor_encoder_close_container(&encoder, &mapEncoder));
    size_t rs = cbor_encoder_get_buffer_size(&encoder, cred_id);
    *cred_id_len = CRED_PROTO_LEN + CRED_IV_LEN + (uint16_t)rs + CRED_TAG_LEN + CRED_SILENT_TAG_LEN;
@@ -220,7 +225,7 @@ int credential_load(const uint8_t *cred_id, size_t cred_id_len, const uint8_t *r
                CBOR_FIELD_GET_TEXT(cred->userDisplayName, 1);
            }
            else if (val_u == 0x06) {
-                CBOR_FIELD_GET_UINT(cred->creation, 1);
+                CBOR_FIELD_GET_UINT(cred->board_creation, 1);
            }
            else if (val_u == 0x07) {
                cred->extensions.present = true;
@@ -255,6 +260,9 @@ int credential_load(const uint8_t *cred_id, size_t cred_id_len, const uint8_t *r
                }
                CBOR_PARSE_MAP_END(_f1, 2);
            }
+            else if (val_u == 0x0C) {
+                CBOR_FIELD_GET_UINT(cred->rtc_creation, 1);
+            }
            else {
                CBOR_ADVANCE(1);
            }
--- a/src/fido/credential.h
+++ b/src/fido/credential.h
@@ -43,7 +43,7 @@ typedef struct Credential {
    CborByteString userId;
    CborCharString userName;
    CborCharString userDisplayName;
-    uint64_t creation;
+    uint64_t board_creation;
    CredExtensions extensions;
    const bool *use_sign_count;
    int64_t alg;
@@ -51,6 +51,7 @@ typedef struct Credential {
    CborByteString id;
    CredOptions opts;
    bool present;
+    uint64_t rtc_creation;
 } Credential;

 #define CRED_PROT_UV_OPTIONAL               0x01