dearsky/pico-fido
1
0
Fork 0
Code Issues 46 Pull Requests 1 Actions Packages Projects Releases 22 Wiki Activity

Moving AUT UNLOCK to Vendor command instead of using VendorConfig.

Browse Source 
To do this a MSE command is added, to manage a secure environment. It performs a ephemeral ECDH exchange to derive a shared secret that will be used by vendor commands to convey ciphered data.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos
2022-10-30 00:47:50 +02:00
parent 9a8f4c0f4d
commit 4577e4430c
5 changed files with 288 additions and 282 deletions
Download Patch File Download Diff File Expand all files Collapse all files

183
src/fido/cbor_config.c
View File

@@ -29,9 +29,6 @@
#include "mbedtls/chachapoly.h"
#include "mbedtls/hkdf.h"
static mbedtls_ecdh_context hkey;
static bool hkey_init = false;
extern uint8_t keydev_dec[32];
extern bool has_keydev_dec;
@@ -40,10 +37,9 @@ int cbor_config(const uint8_t *data, size_t len) {
CborValue map;
CborError error = CborNoError;
uint64_t subcommand = 0, pinUvAuthProtocol = 0, vendorCommandId = 0;
int64_t kty = 0, alg = 0, crv = 0;
CborByteString pinUvAuthParam = {0}, vendorAutCt = {0}, kax = {0}, kay = {0};
CborByteString pinUvAuthParam = {0}, vendorAutCt = {0};
size_t resp_size = 0;
CborEncoder encoder, mapEncoder, mapEncoder2;
CborEncoder encoder, mapEncoder;
CBOR_CHECK(cbor_parser_init(data, len, 0, &parser, &map));
uint64_t val_c = 1;
@@ -67,30 +63,6 @@ int cbor_config(const uint8_t *data, size_t len) {
CBOR_FIELD_GET_UINT(vendorCommandId, 2);
}
else if (subpara == 0x02) {
int64_t key = 0;
CBOR_PARSE_MAP_START(_f2, 3) {
CBOR_FIELD_GET_INT(key, 3);
if (key == 1) {
CBOR_FIELD_GET_INT(kty, 3);
}
else if (key == 3) {
CBOR_FIELD_GET_INT(alg, 3);
}
else if (key == -1) {
CBOR_FIELD_GET_INT(crv, 3);
}
else if (key == -2) {
CBOR_FIELD_GET_BYTES(kax, 3);
}
else if (key == -3) {
CBOR_FIELD_GET_BYTES(kay, 3);
}
else
CBOR_ADVANCE(3);
}
CBOR_PARSE_MAP_END(_f2, 3);
}
else if (subpara == 0x03) {
CBOR_FIELD_GET_BYTES(vendorAutCt, 2);
}
}
@@ -109,135 +81,48 @@ int cbor_config(const uint8_t *data, size_t len) {
cbor_encoder_init(&encoder, ctap_resp->init.data + 1, CTAP_MAX_PACKET_SIZE, 0);
if (subcommand == 0xff) {
if (vendorCommandId == CTAP_CONFIG_KEY_AGREEMENT) {
if (hkey_init == true)
mbedtls_ecdh_free(&hkey);
if (vendorCommandId == CTAP_CONFIG_AUT_DISABLE) {
if (!file_has_data(ef_keydev_enc))
CBOR_ERROR(CTAP2_ERR_NOT_ALLOWED);
if (has_keydev_dec == false)
CBOR_ERROR(CTAP2_ERR_PIN_AUTH_INVALID);
flash_write_data_to_file(ef_keydev, keydev_dec, sizeof(keydev_dec));
mbedtls_platform_zeroize(keydev_dec, sizeof(keydev_dec));
flash_write_data_to_file(ef_keydev_enc, NULL, 0); // Set ef to 0 bytes
low_flash_available();
}
else if (vendorCommandId == CTAP_CONFIG_AUT_ENABLE) {
if (!file_has_data(ef_keydev))
CBOR_ERROR(CTAP2_ERR_NOT_ALLOWED);
if (mse.init == false)
CBOR_ERROR(CTAP2_ERR_NOT_ALLOWED);
mbedtls_ecdh_init(&hkey);
mbedtls_ecdh_setup(&hkey, MBEDTLS_ECP_DP_SECP256R1);
int ret = mbedtls_ecdh_gen_public(&hkey.ctx.mbed_ecdh.grp, &hkey.ctx.mbed_ecdh.d, &hkey.ctx.mbed_ecdh.Q, random_gen, NULL);
mbedtls_mpi_lset(&hkey.ctx.mbed_ecdh.Qp.Z, 1);
mbedtls_chachapoly_context chatx;
int ret = mse_decrypt_ct(vendorAutCt.data, vendorAutCt.len);
if (ret != 0) {
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
}
hkey_init = true;
CBOR_CHECK(cbor_encoder_create_map(&encoder, &mapEncoder, 1));
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x01));
CBOR_CHECK(cbor_encoder_create_map(&mapEncoder, &mapEncoder2, 5));
CBOR_CHECK(cbor_encode_uint(&mapEncoder2, 1));
CBOR_CHECK(cbor_encode_uint(&mapEncoder2, 2));
CBOR_CHECK(cbor_encode_uint(&mapEncoder2, 3));
CBOR_CHECK(cbor_encode_negative_int(&mapEncoder2, -FIDO2_ALG_ECDH_ES_HKDF_256));
CBOR_CHECK(cbor_encode_negative_int(&mapEncoder2, 1));
CBOR_CHECK(cbor_encode_uint(&mapEncoder2, FIDO2_CURVE_P256));
CBOR_CHECK(cbor_encode_negative_int(&mapEncoder2, 2));
uint8_t pkey[32];
mbedtls_mpi_write_binary(&hkey.ctx.mbed_ecdh.Q.X, pkey, 32);
CBOR_CHECK(cbor_encode_byte_string(&mapEncoder2, pkey, 32));
CBOR_CHECK(cbor_encode_negative_int(&mapEncoder2, 3));
mbedtls_mpi_write_binary(&hkey.ctx.mbed_ecdh.Q.Y, pkey, 32);
CBOR_CHECK(cbor_encode_byte_string(&mapEncoder2, pkey, 32));
CBOR_CHECK(cbor_encoder_close_container(&mapEncoder, &mapEncoder2));
}
else if (vendorCommandId == CTAP_CONFIG_AUT || vendorCommandId == CTAP_CONFIG_UNLOCK) {
if (vendorCommandId == CTAP_CONFIG_AUT && (kax.present == false || kay.present == false || vendorAutCt.present == false || alg == 0)) { // Disable
if (!file_has_data(ef_keydev_enc))
CBOR_ERROR(CTAP2_ERR_NOT_ALLOWED);
if (has_keydev_dec == false)
CBOR_ERROR(CTAP2_ERR_PIN_AUTH_INVALID);
flash_write_data_to_file(ef_keydev, keydev_dec, sizeof(keydev_dec));
mbedtls_platform_zeroize(keydev_dec, sizeof(keydev_dec));
flash_write_data_to_file(ef_keydev_enc, NULL, 0); // Set ef to 0 bytes
low_flash_available();
uint8_t key_dev_enc[12+32+16];
random_gen(NULL, key_dev_enc, 12);
mbedtls_chachapoly_init(&chatx);
mbedtls_chachapoly_setkey(&chatx, vendorAutCt.data);
ret = mbedtls_chachapoly_encrypt_and_tag(&chatx, file_get_size(ef_keydev), key_dev_enc, NULL, 0, file_get_data(ef_keydev), key_dev_enc + 12, key_dev_enc + 12 + file_get_size(ef_keydev));
mbedtls_chachapoly_free(&chatx);
if (ret != 0){
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
}
else { // Enable
if (vendorCommandId == CTAP_CONFIG_AUT && !file_has_data(ef_keydev))
CBOR_ERROR(CTAP2_ERR_NOT_ALLOWED);
if (kax.present == false || kay.present == false || alg == 0)
CBOR_ERROR(CTAP2_ERR_MISSING_PARAMETER);
if (mbedtls_mpi_read_binary(&hkey.ctx.mbed_ecdh.Qp.X, kax.data, kax.len) != 0) {
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
}
if (mbedtls_mpi_read_binary(&hkey.ctx.mbed_ecdh.Qp.Y, kay.data, kay.len) != 0) {
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
}
mbedtls_mpi z;
mbedtls_mpi_init(&z);
int ret = mbedtls_ecdh_compute_shared(&hkey.ctx.mbed_ecdh.grp, &z, &hkey.ctx.mbed_ecdh.Qp, &hkey.ctx.mbed_ecdh.d, random_gen, NULL);
if (ret != 0) {
mbedtls_mpi_free(&z);
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
}
uint8_t buf[32], Qpt[65];
size_t olen = 0;
ret = mbedtls_ecp_point_write_binary(&hkey.ctx.mbed_ecdh.grp, &hkey.ctx.mbed_ecdh.Qp, MBEDTLS_ECP_PF_UNCOMPRESSED, &olen, Qpt, sizeof(Qpt));
if (ret != 0) {
mbedtls_mpi_free(&z);
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
}
ret = mbedtls_mpi_write_binary(&z, buf, sizeof(buf));
mbedtls_mpi_free(&z);
if (ret != 0) {
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
}
uint8_t key_enc[12+32];
ret = mbedtls_hkdf(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), NULL, 0, buf, sizeof(buf), Qpt, 65, key_enc, 12+32);
if (ret != 0){
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
}
mbedtls_chachapoly_context chatx;
mbedtls_chachapoly_init(&chatx);
mbedtls_chachapoly_setkey(&chatx, key_enc + 12);
ret = mbedtls_chachapoly_auth_decrypt(&chatx, vendorAutCt.len - 16, key_enc, Qpt, 65, vendorAutCt.data + vendorAutCt.len - 16, vendorAutCt.data, vendorAutCt.data);
mbedtls_chachapoly_free(&chatx);
mbedtls_ecdh_free(&hkey);
hkey_init = false;
if (ret != 0) {
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
}
if (vendorCommandId == CTAP_CONFIG_AUT) {
uint8_t key_dev_enc[12+32+16];
random_gen(NULL, key_dev_enc, 12);
mbedtls_chachapoly_init(&chatx);
mbedtls_chachapoly_setkey(&chatx, vendorAutCt.data);
ret = mbedtls_chachapoly_encrypt_and_tag(&chatx, file_get_size(ef_keydev), key_dev_enc, NULL, 0, file_get_data(ef_keydev), key_dev_enc + 12, key_dev_enc + 12 + file_get_size(ef_keydev));
mbedtls_chachapoly_free(&chatx);
if (ret != 0){
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
}
flash_write_data_to_file(ef_keydev_enc, key_dev_enc, sizeof(key_dev_enc));
mbedtls_platform_zeroize(key_dev_enc, sizeof(key_dev_enc));
flash_write_data_to_file(ef_keydev, key_dev_enc, file_get_size(ef_keydev)); // Overwrite ef with 0
flash_write_data_to_file(ef_keydev, NULL, 0); // Set ef to 0 bytes
low_flash_available();
}
else if (vendorCommandId == CTAP_CONFIG_UNLOCK) {
if (!file_has_data(ef_keydev_enc))
CBOR_ERROR(CTAP2_ERR_INTEGRITY_FAILURE);
uint8_t *keyenc = file_get_data(ef_keydev_enc);
size_t keyenc_len = file_get_size(ef_keydev_enc);
mbedtls_chachapoly_init(&chatx);
mbedtls_chachapoly_setkey(&chatx, vendorAutCt.data);
ret = mbedtls_chachapoly_auth_decrypt(&chatx, sizeof(keydev_dec), keyenc, NULL, 0, keyenc + keyenc_len - 16, keyenc + 12, keydev_dec);
mbedtls_chachapoly_free(&chatx);
if (ret != 0){
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
}
has_keydev_dec = true;
}
}
goto err; //No return
flash_write_data_to_file(ef_keydev_enc, key_dev_enc, sizeof(key_dev_enc));
mbedtls_platform_zeroize(key_dev_enc, sizeof(key_dev_enc));
flash_write_data_to_file(ef_keydev, key_dev_enc, file_get_size(ef_keydev)); // Overwrite ef with 0
flash_write_data_to_file(ef_keydev, NULL, 0); // Set ef to 0 bytes
low_flash_available();
}
else {
CBOR_ERROR(CTAP2_ERR_INVALID_SUBCOMMAND);
}
goto err;
}
else
CBOR_ERROR(CTAP2_ERR_UNSUPPORTED_OPTION);
@@ -247,8 +132,6 @@ int cbor_config(const uint8_t *data, size_t len) {
err:
CBOR_FREE_BYTE_STRING(pinUvAuthParam);
CBOR_FREE_BYTE_STRING(vendorAutCt);
CBOR_FREE_BYTE_STRING(kax);
CBOR_FREE_BYTE_STRING(kay);
if (error != CborNoError) {
if (error == CborErrorImproperValue)

7
src/fido/cbor_get_info.c
View File

@@ -80,10 +80,9 @@ int cbor_get_info() {
CBOR_CHECK(cbor_encode_uint(&mapEncoder, PICO_FIDO_VERSION)); // firmwareVersion
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x15));
CBOR_CHECK(cbor_encoder_create_array(&mapEncoder, &arrayEncoder, 3));
CBOR_CHECK(cbor_encode_uint(&arrayEncoder, CTAP_CONFIG_AUT));
CBOR_CHECK(cbor_encode_uint(&arrayEncoder, CTAP_CONFIG_KEY_AGREEMENT));
CBOR_CHECK(cbor_encode_uint(&arrayEncoder, CTAP_CONFIG_UNLOCK));
CBOR_CHECK(cbor_encoder_create_array(&mapEncoder, &arrayEncoder, 2));
CBOR_CHECK(cbor_encode_uint(&arrayEncoder, CTAP_CONFIG_AUT_ENABLE));
CBOR_CHECK(cbor_encode_uint(&arrayEncoder, CTAP_CONFIG_AUT_DISABLE));
CBOR_CHECK(cbor_encoder_close_container(&mapEncoder, &arrayEncoder));
CBOR_CHECK(cbor_encoder_close_container(&encoder, &mapEncoder));

148
src/fido/cbor_vendor.c
View File

@@ -15,23 +15,41 @@
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "common.h"
#include "ctap2_cbor.h"
#include "fido.h"
#include "ctap.h"
#include "files.h"
#include "apdu.h"
#include "hsm.h"
#include "random.h"
#include "mbedtls/ecdh.h"
#include "mbedtls/chachapoly.h"
#include "mbedtls/hkdf.h"
extern uint8_t keydev_dec[32];
extern bool has_keydev_dec;
mse_t mse = {.init = false};
int mse_decrypt_ct(uint8_t *data, size_t len) {
mbedtls_chachapoly_context chatx;
mbedtls_chachapoly_init(&chatx);
mbedtls_chachapoly_setkey(&chatx, mse.key_enc + 12);
int ret = mbedtls_chachapoly_auth_decrypt(&chatx, len - 16, mse.key_enc, mse.Qpt, 65, data + len - 16, data, data);
mbedtls_chachapoly_free(&chatx);
return ret;
}
int cbor_vendor_generic(uint8_t cmd, const uint8_t *data, size_t len) {
CborParser parser;
CborValue map;
CborError error = CborNoError;
CborByteString pinUvAuthParam = {0}, vendorParam = {0};
CborByteString pinUvAuthParam = {0}, vendorParam = {0}, kax = {0}, kay = {0};
size_t resp_size = 0;
uint64_t vendorCmd = 0, pinUvAuthProtocol = 0;
CborEncoder encoder, mapEncoder;
int64_t kty = 0, alg = 0, crv = 0;
CborEncoder encoder, mapEncoder, mapEncoder2;
CBOR_CHECK(cbor_parser_init(data, len, 0, &parser, &map));
uint64_t val_c = 1;
@@ -53,6 +71,30 @@ int cbor_vendor_generic(uint8_t cmd, const uint8_t *data, size_t len) {
if (subpara == 0x01) {
CBOR_FIELD_GET_BYTES(vendorParam, 2);
}
else if (subpara == 0x02) {
int64_t key = 0;
CBOR_PARSE_MAP_START(_f2, 3) {
CBOR_FIELD_GET_INT(key, 3);
if (key == 1) {
CBOR_FIELD_GET_INT(kty, 3);
}
else if (key == 3) {
CBOR_FIELD_GET_INT(alg, 3);
}
else if (key == -1) {
CBOR_FIELD_GET_INT(crv, 3);
}
else if (key == -2) {
CBOR_FIELD_GET_BYTES(kax, 3);
}
else if (key == -3) {
CBOR_FIELD_GET_BYTES(kay, 3);
}
else
CBOR_ADVANCE(3);
}
CBOR_PARSE_MAP_END(_f2, 3);
}
else
CBOR_ADVANCE(2);
}
@@ -94,6 +136,106 @@ int cbor_vendor_generic(uint8_t cmd, const uint8_t *data, size_t len) {
CBOR_ERROR(CTAP2_ERR_INVALID_SUBCOMMAND);
}
}
else if (cmd == CTAP_VENDOR_MSE) {
if (vendorCmd == 0x01) { // KeyAgreement
if (kax.present == false || kay.present == false || alg == 0)
CBOR_ERROR(CTAP2_ERR_MISSING_PARAMETER);
mbedtls_ecdh_context hkey;
mbedtls_ecdh_init(&hkey);
mbedtls_ecdh_setup(&hkey, MBEDTLS_ECP_DP_SECP256R1);
int ret = mbedtls_ecdh_gen_public(&hkey.ctx.mbed_ecdh.grp, &hkey.ctx.mbed_ecdh.d, &hkey.ctx.mbed_ecdh.Q, random_gen, NULL);
mbedtls_mpi_lset(&hkey.ctx.mbed_ecdh.Qp.Z, 1);
if (ret != 0) {
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
}
if (mbedtls_mpi_read_binary(&hkey.ctx.mbed_ecdh.Qp.X, kax.data, kax.len) != 0) {
mbedtls_ecdh_free(&hkey);
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
}
if (mbedtls_mpi_read_binary(&hkey.ctx.mbed_ecdh.Qp.Y, kay.data, kay.len) != 0) {
mbedtls_ecdh_free(&hkey);
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
}
mbedtls_mpi z;
mbedtls_mpi_init(&z);
ret = mbedtls_ecdh_compute_shared(&hkey.ctx.mbed_ecdh.grp, &z, &hkey.ctx.mbed_ecdh.Qp, &hkey.ctx.mbed_ecdh.d, random_gen, NULL);
if (ret != 0) {
mbedtls_mpi_free(&z);
mbedtls_ecdh_free(&hkey);
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
}
uint8_t buf[32];
size_t olen = 0;
ret = mbedtls_ecp_point_write_binary(&hkey.ctx.mbed_ecdh.grp, &hkey.ctx.mbed_ecdh.Qp, MBEDTLS_ECP_PF_UNCOMPRESSED, &olen, mse.Qpt, sizeof(mse.Qpt));
if (ret != 0) {
mbedtls_mpi_free(&z);
mbedtls_ecdh_free(&hkey);
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
}
ret = mbedtls_mpi_write_binary(&z, buf, sizeof(buf));
mbedtls_mpi_free(&z);
if (ret != 0) {
mbedtls_ecdh_free(&hkey);
mbedtls_platform_zeroize(buf, sizeof(buf));
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
}
ret = mbedtls_hkdf(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), NULL, 0, buf, sizeof(buf), mse.Qpt, sizeof(mse.Qpt), mse.key_enc, sizeof(mse.key_enc));
if (ret != 0){
mbedtls_ecdh_free(&hkey);
mbedtls_platform_zeroize(buf, sizeof(buf));
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
}
mbedtls_platform_zeroize(buf, sizeof(buf));
mse.init = true;
CBOR_CHECK(cbor_encoder_create_map(&encoder, &mapEncoder, 1));
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x01));
CBOR_CHECK(cbor_encoder_create_map(&mapEncoder, &mapEncoder2, 5));
CBOR_CHECK(cbor_encode_uint(&mapEncoder2, 1));
CBOR_CHECK(cbor_encode_uint(&mapEncoder2, 2));
CBOR_CHECK(cbor_encode_uint(&mapEncoder2, 3));
CBOR_CHECK(cbor_encode_negative_int(&mapEncoder2, -FIDO2_ALG_ECDH_ES_HKDF_256));
CBOR_CHECK(cbor_encode_negative_int(&mapEncoder2, 1));
CBOR_CHECK(cbor_encode_uint(&mapEncoder2, FIDO2_CURVE_P256));
CBOR_CHECK(cbor_encode_negative_int(&mapEncoder2, 2));
uint8_t pkey[32];
mbedtls_mpi_write_binary(&hkey.ctx.mbed_ecdh.Q.X, pkey, 32);
CBOR_CHECK(cbor_encode_byte_string(&mapEncoder2, pkey, 32));
CBOR_CHECK(cbor_encode_negative_int(&mapEncoder2, 3));
mbedtls_mpi_write_binary(&hkey.ctx.mbed_ecdh.Q.Y, pkey, 32);
CBOR_CHECK(cbor_encode_byte_string(&mapEncoder2, pkey, 32));
CBOR_CHECK(cbor_encoder_close_container(&mapEncoder, &mapEncoder2));
mbedtls_ecdh_free(&hkey);
}
}
else if (cmd == CTAP_VENDOR_UNLOCK) {
if (mse.init == false)
CBOR_ERROR(CTAP2_ERR_NOT_ALLOWED);
mbedtls_chachapoly_context chatx;
int ret = mse_decrypt_ct(vendorParam.data, vendorParam.len);
if (ret != 0) {
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
}
if (!file_has_data(ef_keydev_enc))
CBOR_ERROR(CTAP2_ERR_INTEGRITY_FAILURE);
uint8_t *keyenc = file_get_data(ef_keydev_enc);
size_t keyenc_len = file_get_size(ef_keydev_enc);
mbedtls_chachapoly_init(&chatx);
mbedtls_chachapoly_setkey(&chatx, vendorParam.data);
ret = mbedtls_chachapoly_auth_decrypt(&chatx, sizeof(keydev_dec), keyenc, NULL, 0, keyenc + keyenc_len - 16, keyenc + 12, keydev_dec);
mbedtls_chachapoly_free(&chatx);
if (ret != 0){
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
}
has_keydev_dec = true;
goto err;
}
else
CBOR_ERROR(CTAP2_ERR_UNSUPPORTED_OPTION);
CBOR_CHECK(cbor_encoder_close_container(&encoder, &mapEncoder));
@@ -115,7 +257,7 @@ int cbor_vendor_generic(uint8_t cmd, const uint8_t *data, size_t len) {
int cbor_vendor(const uint8_t *data, size_t len) {
if (len == 0)
return CTAP1_ERR_INVALID_LEN;
if (data[0] == CTAP_VENDOR_BACKUP)
if (data[0] >= CTAP_VENDOR_BACKUP)
return cbor_vendor_generic(data[0], data + 1, len - 1);
return CTAP2_ERR_INVALID_CBOR;
}

18
src/fido/ctap.h
View File

@@ -116,13 +116,23 @@ typedef struct {
#define CTAP_SELECTION 0x0B
#define CTAP_CONFIG 0x0D
#define CTAP_CONFIG_AUT 0x03e43f56b34285e2
#define CTAP_CONFIG_KEY_AGREEMENT 0x1831a40f04a25ed9
#define CTAP_CONFIG_UNLOCK 0x54365966c9a74770
#define CTAP_CONFIG_AUT_ENABLE 0x03e43f56b34285e2
#define CTAP_CONFIG_AUT_DISABLE 0x1831a40f04a25ed9
#define CTAP_VENDOR_CBOR (CTAPHID_VENDOR_FIRST + 1)
#define CTAP_VENDOR_BACKUP 0x01
#define CTAP_VENDOR_BACKUP 0x01
#define CTAP_VENDOR_MSE 0x02
#define CTAP_VENDOR_UNLOCK 0x03
typedef struct mse {
uint8_t Qpt[65];
uint8_t key_enc[12 + 32];
bool init;
} mse_t;
extern mse_t mse;
extern int mse_decrypt_ct(uint8_t *, size_t);
// Command status responses