From 7a4be766bc4e0d90b31340dcb0675a9995eec026 Mon Sep 17 00:00:00 2001
From: Pol Henarejos <pol.henarejos@cttc.es>
Date: Tue, 27 Sep 2022 22:10:31 +0200
Subject: [PATCH] Comparing appId with bogus apps.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
---
 src/fido/cmd_register.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/fido/cmd_register.c b/src/fido/cmd_register.c
index 664adee..dd1fed1 100644
--- a/src/fido/cmd_register.c
+++ b/src/fido/cmd_register.c
@@ -23,6 +23,10 @@
 #include "random.h"
 #include "files.h"
 
+const uint8_t *bogus_firefox = (const uint8_t *)"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
+const uint8_t *bogus_chrome = (const uint8_t *)"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA";
+
+extern int ctap_error(uint8_t error);
 int cmd_register() {
     CTAP_REGISTER_REQ *req = (CTAP_REGISTER_REQ *)apdu.data;
     CTAP_REGISTER_RESP *resp = (CTAP_REGISTER_RESP *)res_APDU;
@@ -34,6 +38,8 @@ int cmd_register() {
         return SW_WRONG_LENGTH();
     if (wait_button_pressed() == true)
         return SW_CONDITIONS_NOT_SATISFIED();
+    if (memcmp(req->appId, bogus_firefox, CTAP_APPID_SIZE) == 0 || memcmp(req->appId, bogus_chrome, CTAP_APPID_SIZE) == 0)
+        return ctap_error(CTAP1_ERR_CHANNEL_BUSY);
     mbedtls_ecdsa_context key;
     mbedtls_ecdsa_init(&key);
     int ret = derive_key(req->appId, true, resp->keyHandleCertSig, MBEDTLS_ECP_DP_SECP256R1, &key);