diff --git a/src/fido/cbor_get_assertion.c b/src/fido/cbor_get_assertion.c index 5514c6e..7619884 100644 --- a/src/fido/cbor_get_assertion.c +++ b/src/fido/cbor_get_assertion.c @@ -193,6 +193,7 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) { } CBOR_FIELD_KEY_TEXT_VAL_BOOL(2, "credBlob", credBlob); CBOR_FIELD_KEY_TEXT_VAL_BOOL(2, "largeBlobKey", extensions.largeBlobKey); + CBOR_FIELD_KEY_TEXT_VAL_BOOL(2, "thirdPartyPayment", extensions.thirdPartyPayment); CBOR_ADVANCE(2); } CBOR_PARSE_MAP_END(_f1, 2); @@ -460,6 +461,9 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) { if (credBlob == ptrue) { l++; } + if (extensions.thirdPartyPayment != NULL) { + l++; + } CBOR_CHECK(cbor_encoder_create_map(&encoder, &mapEncoder, l)); if (credBlob == ptrue) { CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder, "credBlob")); @@ -538,6 +542,15 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) { encrypt(hmacSecretPinUvAuthProtocol, sharedSecret, out1, salt_enc.len - poff, hmac_res); CBOR_CHECK(cbor_encode_byte_string(&mapEncoder, hmac_res, salt_enc.len)); } + if (extensions.thirdPartyPayment != NULL) { + CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder, "thirdPartyPayment")); + if (selcred->extensions.thirdPartyPayment == ptrue) { + CBOR_CHECK(cbor_encode_boolean(&mapEncoder, true)); + } + else { + CBOR_CHECK(cbor_encode_boolean(&mapEncoder, false)); + } + } CBOR_CHECK(cbor_encoder_close_container(&encoder, &mapEncoder)); ext_len = cbor_encoder_get_buffer_size(&encoder, ext); diff --git a/src/fido/cbor_make_credential.c b/src/fido/cbor_make_credential.c index 4ffc8bd..987f768 100644 --- a/src/fido/cbor_make_credential.c +++ b/src/fido/cbor_make_credential.c @@ -124,6 +124,7 @@ int cbor_make_credential(const uint8_t *data, size_t len) { CBOR_FIELD_KEY_TEXT_VAL_BOOL(2, "minPinLength", extensions.minPinLength); CBOR_FIELD_KEY_TEXT_VAL_BYTES(2, "credBlob", extensions.credBlob); CBOR_FIELD_KEY_TEXT_VAL_BOOL(2, "largeBlobKey", extensions.largeBlobKey); + CBOR_FIELD_KEY_TEXT_VAL_BOOL(2, "thirdPartyPayment", extensions.thirdPartyPayment); CBOR_ADVANCE(2); } CBOR_PARSE_MAP_END(_f1, 2); diff --git a/src/fido/credential.c b/src/fido/credential.c index bae5fb5..aba002c 100644 --- a/src/fido/credential.c +++ b/src/fido/credential.c @@ -98,6 +98,10 @@ int credential_create(CborCharString *rpId, CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder2, "largeBlobKey")); CBOR_CHECK(cbor_encode_boolean(&mapEncoder2, true)); } + if (extensions->thirdPartyPayment == ptrue) { + CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder2, "thirdPartyPayment")); + CBOR_CHECK(cbor_encode_boolean(&mapEncoder2, true)); + } CBOR_CHECK(cbor_encoder_close_container(&mapEncoder, &mapEncoder2)); } CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x08)); @@ -201,6 +205,7 @@ int credential_load(const uint8_t *cred_id, CBOR_FIELD_KEY_TEXT_VAL_UINT(2, "credProtect", cred->extensions.credProtect); CBOR_FIELD_KEY_TEXT_VAL_BYTES(2, "credBlob", cred->extensions.credBlob); CBOR_FIELD_KEY_TEXT_VAL_BOOL(2, "largeBlobKey", cred->extensions.largeBlobKey); + CBOR_FIELD_KEY_TEXT_VAL_BOOL(2, "thirdPartyPayment", cred->extensions.thirdPartyPayment); CBOR_ADVANCE(2); } CBOR_PARSE_MAP_END(_f1, 2); diff --git a/src/fido/credential.h b/src/fido/credential.h index f883050..313077b 100644 --- a/src/fido/credential.h +++ b/src/fido/credential.h @@ -33,6 +33,7 @@ typedef struct CredExtensions { const bool *minPinLength; CborByteString credBlob; const bool *largeBlobKey; + const bool *thirdPartyPayment; bool present; } CredExtensions;