dearsky/pico-fido
1
0
Fork 0
Code Issues 46 Pull Requests 1 Actions Packages Projects Releases 22 Wiki Activity

Add rtc to credential.

Browse Source 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos
2026-01-24 01:14:46 +01:00
parent f2eef5b839
commit 3c20800839
3 changed files with 12 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/fido/cbor_get_assertion.c
View File

@@ -428,7 +428,7 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) {
if (!silent) { if (!silent) {
for (int i = 0; i < numberOfCredentials; i++) { for (int i = 0; i < numberOfCredentials; i++) {
for (int j = i + 1; j < numberOfCredentials; j++) { for (int j = i + 1; j < numberOfCredentials; j++) {
if (creds[j].creation > creds[i].creation) { if (creds[j].board_creation > creds[i].board_creation) {
Credential tmp = creds[j]; Credential tmp = creds[j];
creds[j] = creds[i]; creds[j] = creds[i];
creds[i] = tmp; creds[i] = tmp;

10
src/fido/credential.c
View File

@@ -29,6 +29,7 @@
#include "files.h" #include "files.h"
#include "otp.h" #include "otp.h"
extern bool has_set_rtc();
int credential_derive_chacha_key(uint8_t *outk, const uint8_t *); int credential_derive_chacha_key(uint8_t *outk, const uint8_t *);
static int credential_silent_tag(const uint8_t *cred_id, size_t cred_id_len, const uint8_t *rp_id_hash, uint8_t *outk) { static int credential_silent_tag(const uint8_t *cred_id, size_t cred_id_len, const uint8_t *rp_id_hash, uint8_t *outk) {
@@ -148,6 +149,10 @@ int credential_create(CborCharString *rpId,
} }
CBOR_CHECK(cbor_encoder_close_container(&mapEncoder, &mapEncoder2)); CBOR_CHECK(cbor_encoder_close_container(&mapEncoder, &mapEncoder2));
} }
if (has_set_rtc()) {
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x0C));
CBOR_CHECK(cbor_encode_uint(&mapEncoder, (uint64_t) get_rtc_time()));
}
CBOR_CHECK(cbor_encoder_close_container(&encoder, &mapEncoder)); CBOR_CHECK(cbor_encoder_close_container(&encoder, &mapEncoder));
size_t rs = cbor_encoder_get_buffer_size(&encoder, cred_id); size_t rs = cbor_encoder_get_buffer_size(&encoder, cred_id);
*cred_id_len = CRED_PROTO_LEN + CRED_IV_LEN + (uint16_t)rs + CRED_TAG_LEN + CRED_SILENT_TAG_LEN; *cred_id_len = CRED_PROTO_LEN + CRED_IV_LEN + (uint16_t)rs + CRED_TAG_LEN + CRED_SILENT_TAG_LEN;
@@ -220,7 +225,7 @@ int credential_load(const uint8_t *cred_id, size_t cred_id_len, const uint8_t *r
CBOR_FIELD_GET_TEXT(cred->userDisplayName, 1); CBOR_FIELD_GET_TEXT(cred->userDisplayName, 1);
} }
else if (val_u == 0x06) { else if (val_u == 0x06) {
CBOR_FIELD_GET_UINT(cred->creation, 1); CBOR_FIELD_GET_UINT(cred->board_creation, 1);
} }
else if (val_u == 0x07) { else if (val_u == 0x07) {
cred->extensions.present = true; cred->extensions.present = true;
@@ -255,6 +260,9 @@ int credential_load(const uint8_t *cred_id, size_t cred_id_len, const uint8_t *r
} }
CBOR_PARSE_MAP_END(_f1, 2); CBOR_PARSE_MAP_END(_f1, 2);
} }
else if (val_u == 0x0C) {
CBOR_FIELD_GET_UINT(cred->rtc_creation, 1);
}
else { else {
CBOR_ADVANCE(1); CBOR_ADVANCE(1);
} }

3
src/fido/credential.h
View File

@@ -43,7 +43,7 @@ typedef struct Credential {
CborByteString userId; CborByteString userId;
CborCharString userName; CborCharString userName;
CborCharString userDisplayName; CborCharString userDisplayName;
uint64_t creation; uint64_t board_creation;
CredExtensions extensions; CredExtensions extensions;
const bool *use_sign_count; const bool *use_sign_count;
int64_t alg; int64_t alg;
@@ -51,6 +51,7 @@ typedef struct Credential {
CborByteString id; CborByteString id;
CredOptions opts; CredOptions opts;
bool present; bool present;
uint64_t rtc_creation;
} Credential; } Credential;
#define CRED_PROT_UV_OPTIONAL 0x01 #define CRED_PROT_UV_OPTIONAL 0x01