Compare commits
42 Commits
v6.4-eddsa
...
v6.6
| Author | SHA1 | Date | |
|---|---|---|---|
|
cfe1321d62 | ||
|
|
2cbea57c86 | ||
|
|
b6bf2e6c66 | ||
|
|
3212f95915 | ||
|
|
21b12a7bff | ||
|
|
c8dbc213a0 | ||
|
|
0a2ee6523f | ||
|
|
c3ea413592 | ||
|
|
64f371e6e5 | ||
|
|
fdd4afb993 | ||
|
|
fef46dc1c5 | ||
|
|
23a45ac297 | ||
|
|
b152ff15a8 | ||
|
|
751fcf0538 | ||
|
|
4e4c28a479 | ||
|
|
23b60beb2e | ||
|
|
37d7d7faeb | ||
|
|
49c0179ccf | ||
|
|
eacb8a040c | ||
|
|
cb99b8f401 | ||
|
|
94f8d5f65f | ||
|
|
38d332f450 | ||
|
|
c67f5e3a1f | ||
|
|
bfb8a4cb20 | ||
|
|
0f5a24c9b6 | ||
|
|
dd207bd031 | ||
|
|
6069cf949b | ||
|
|
297c34914b | ||
|
|
529a12e7a3 | ||
|
|
bdbdd92be8 | ||
|
|
3807e23914 | ||
|
|
ce7d3ea72f | ||
|
|
eb857df3e1 | ||
|
|
2842944d90 | ||
|
|
7be92f5331 | ||
|
|
403b26b60a | ||
|
|
b91ece8ec3 | ||
|
|
d54bc1b0f3 | ||
|
|
e2dbbe2cc3 | ||
|
|
8aa9d1c5a3 | ||
|
|
2d2814cefc | ||
|
|
89a9d013f0 |
2
.github/workflows/nightly.yml
vendored
2
.github/workflows/nightly.yml
vendored
@@ -24,7 +24,7 @@ jobs:
|
||||
PICO_SDK_PATH: ../pico-sdk
|
||||
run: |
|
||||
./workflows/autobuild.sh pico
|
||||
./build_pico_fido.sh
|
||||
./build_pico_fido.sh --no-eddsa
|
||||
./workflows/autobuild.sh esp32
|
||||
- name: Update nightly release
|
||||
uses: pyTooling/Actions/releaser@main
|
||||
|
||||
@@ -1,23 +1,47 @@
|
||||
#!/bin/bash
|
||||
|
||||
VERSION_MAJOR="6"
|
||||
VERSION_MINOR="4-eddsa1"
|
||||
VERSION_MINOR="6"
|
||||
NO_EDDSA=0
|
||||
SUFFIX="${VERSION_MAJOR}.${VERSION_MINOR}"
|
||||
#if ! [[ -z "${GITHUB_SHA}" ]]; then
|
||||
# SUFFIX="${SUFFIX}.${GITHUB_SHA}"
|
||||
#fi
|
||||
|
||||
rm -rf release/*
|
||||
if [[ $1 == "--no-eddsa" ]]; then
|
||||
NO_EDDSA=1
|
||||
echo "Skipping EDDSA build"
|
||||
fi
|
||||
|
||||
mkdir -p build_release
|
||||
mkdir -p release
|
||||
mkdir -p release_eddsa
|
||||
rm -rf -- release/*
|
||||
if [[ $NO_EDDSA -eq 0 ]]; then
|
||||
rm -rf -- release_eddsa/*
|
||||
fi
|
||||
cd build_release
|
||||
|
||||
PICO_SDK_PATH="${PICO_SDK_PATH:-../../pico-sdk}"
|
||||
board_dir=${PICO_SDK_PATH}/src/boards/include/boards
|
||||
for board in "$board_dir"/*
|
||||
do
|
||||
board_name="$(basename -- $board .h)"
|
||||
rm -rf *
|
||||
PICO_SDK_PATH="${PICO_SDK_PATH}" cmake .. -DPICO_BOARD=$board_name
|
||||
board_name="$(basename -- "$board" .h)"
|
||||
rm -rf -- ./*
|
||||
PICO_SDK_PATH="${PICO_SDK_PATH}" cmake .. -DPICO_BOARD=$board_name -DSECURE_BOOT_PKEY=../../ec_private_key.pem
|
||||
make -j`nproc`
|
||||
mv pico_fido.uf2 ../release/pico_fido_$board_name-$SUFFIX.uf2
|
||||
done
|
||||
|
||||
# Build with EDDSA
|
||||
|
||||
if [[ $NO_EDDSA -eq 0 ]]; then
|
||||
for board in "$board_dir"/*
|
||||
do
|
||||
board_name="$(basename -- "$board" .h)"
|
||||
rm -rf -- ./*
|
||||
PICO_SDK_PATH="${PICO_SDK_PATH}" cmake .. -DPICO_BOARD=$board_name -DSECURE_BOOT_PKEY=../../ec_private_key.pem -DENABLE_EDDSA=1
|
||||
make -j`nproc`
|
||||
mv pico_fido.uf2 ../release/pico_fido_$board_name-$SUFFIX-eddsa1.uf2
|
||||
done
|
||||
fi
|
||||
|
||||
Submodule pico-keys-sdk updated: 4120a8c1a6...580b0acffa
@@ -117,7 +117,7 @@ void cbor_thread(void) {
|
||||
}
|
||||
apdu.sw = cbor_parse(cbor_cmd, cbor_data, cbor_len);
|
||||
if (apdu.sw == 0) {
|
||||
DEBUG_DATA(res_APDU + 1, res_APDU_size);
|
||||
DEBUG_DATA(res_APDU, res_APDU_size);
|
||||
}
|
||||
else {
|
||||
if (apdu.sw >= CTAP1_ERR_INVALID_CHANNEL) {
|
||||
@@ -210,9 +210,11 @@ CborError COSE_key(mbedtls_ecp_keypair *key, CborEncoder *mapEncoderParent,
|
||||
else if (key->grp.id == MBEDTLS_ECP_DP_CURVE25519) {
|
||||
alg = FIDO2_ALG_ECDH_ES_HKDF_256;
|
||||
}
|
||||
#ifdef MBEDTLS_EDDSA_C
|
||||
else if (key->grp.id == MBEDTLS_ECP_DP_ED25519) {
|
||||
alg = FIDO2_ALG_EDDSA;
|
||||
}
|
||||
#endif
|
||||
return COSE_key_params(crv, alg, &key->grp, &key->Q, mapEncoderParent, mapEncoder);
|
||||
}
|
||||
CborError COSE_key_shared(mbedtls_ecdh_context *key,
|
||||
|
||||
@@ -243,11 +243,11 @@ int cbor_cred_mgmt(const uint8_t *data, size_t len) {
|
||||
CBOR_ERROR(CTAP2_ERR_NOT_ALLOWED);
|
||||
}
|
||||
|
||||
mbedtls_ecdsa_context key;
|
||||
mbedtls_ecdsa_init(&key);
|
||||
mbedtls_ecp_keypair key;
|
||||
mbedtls_ecp_keypair_init(&key);
|
||||
if (fido_load_key((int)cred.curve, cred.id.data, &key) != 0) {
|
||||
credential_free(&cred);
|
||||
mbedtls_ecdsa_free(&key);
|
||||
mbedtls_ecp_keypair_free(&key);
|
||||
CBOR_ERROR(CTAP2_ERR_NOT_ALLOWED);
|
||||
}
|
||||
|
||||
@@ -335,7 +335,7 @@ int cbor_cred_mgmt(const uint8_t *data, size_t len) {
|
||||
CBOR_CHECK(cbor_encode_boolean(&mapEncoder, false));
|
||||
}
|
||||
credential_free(&cred);
|
||||
mbedtls_ecdsa_free(&key);
|
||||
mbedtls_ecp_keypair_free(&key);
|
||||
}
|
||||
else if (subcommand == 0x06) {
|
||||
if (credentialId.id.present == false) {
|
||||
|
||||
@@ -93,7 +93,7 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) {
|
||||
Credential creds[MAX_CREDENTIAL_COUNT_IN_LIST] = { 0 };
|
||||
size_t allowList_len = 0, creds_len = 0;
|
||||
uint8_t *aut_data = NULL;
|
||||
bool asserted = false, up = true, uv = false;
|
||||
bool asserted = false, up = false, uv = false;
|
||||
int64_t kty = 2, alg = 0, crv = 0;
|
||||
CborByteString kax = { 0 }, kay = { 0 }, salt_enc = { 0 }, salt_auth = { 0 };
|
||||
const bool *credBlob = NULL;
|
||||
@@ -235,6 +235,12 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) {
|
||||
if (options.uv == ptrue) { //4.3
|
||||
CBOR_ERROR(CTAP2_ERR_INVALID_OPTION);
|
||||
}
|
||||
if (options.uv == NULL || pinUvAuthParam.present == true) {
|
||||
uv = false;
|
||||
}
|
||||
else {
|
||||
uv = *options.uv;
|
||||
}
|
||||
//if (options.up != NULL) { //4.5
|
||||
// CBOR_ERROR(CTAP2_ERR_INVALID_OPTION);
|
||||
//}
|
||||
@@ -243,12 +249,12 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) {
|
||||
}
|
||||
//else if (options.up == NULL) //5.7
|
||||
//rup = ptrue;
|
||||
if (options.uv != NULL) {
|
||||
uv = *options.uv;
|
||||
}
|
||||
if (options.up != NULL) {
|
||||
up = *options.up;
|
||||
}
|
||||
else {
|
||||
up = true;
|
||||
}
|
||||
}
|
||||
|
||||
if (pinUvAuthParam.present == true) { //6.1
|
||||
@@ -294,6 +300,23 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) {
|
||||
}
|
||||
else {
|
||||
creds_len++;
|
||||
silent = false; // If we are able to load a credential, we are not silent
|
||||
// Even we provide allowList, we need to check if the credential is resident
|
||||
if (!resident) {
|
||||
for (int i = 0; i < MAX_RESIDENT_CREDENTIALS && creds_len < MAX_CREDENTIAL_COUNT_IN_LIST; i++) {
|
||||
file_t *ef = search_dynamic_file((uint16_t)(EF_CRED + i));
|
||||
if (!file_has_data(ef) || memcmp(file_get_data(ef), rp_id_hash, 32) != 0) {
|
||||
continue;
|
||||
}
|
||||
if (memcmp(file_get_data(ef) + 32, allowList[e].id.data, allowList[e].id.len) == 0) {
|
||||
resident = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (resident) {
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -309,6 +332,7 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) {
|
||||
}
|
||||
else {
|
||||
creds_len++;
|
||||
silent = false; // If we are able to load a credential, we are not silent
|
||||
}
|
||||
}
|
||||
resident = true;
|
||||
@@ -445,91 +469,93 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) {
|
||||
if (options.up == pfalse) {
|
||||
extensions.hmac_secret = NULL;
|
||||
}
|
||||
if (extensions.hmac_secret != NULL) {
|
||||
if (extensions.hmac_secret == ptrue) {
|
||||
l++;
|
||||
}
|
||||
if (credBlob == ptrue) {
|
||||
l++;
|
||||
}
|
||||
if (extensions.thirdPartyPayment != NULL) {
|
||||
if (extensions.thirdPartyPayment == ptrue) {
|
||||
l++;
|
||||
}
|
||||
CBOR_CHECK(cbor_encoder_create_map(&encoder, &mapEncoder, l));
|
||||
if (credBlob == ptrue) {
|
||||
CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder, "credBlob"));
|
||||
if (selcred->extensions.credBlob.present == true) {
|
||||
CBOR_CHECK(cbor_encode_byte_string(&mapEncoder, selcred->extensions.credBlob.data,
|
||||
selcred->extensions.credBlob.len));
|
||||
if (l > 0) {
|
||||
CBOR_CHECK(cbor_encoder_create_map(&encoder, &mapEncoder, l));
|
||||
if (credBlob == ptrue) {
|
||||
CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder, "credBlob"));
|
||||
if (selcred->extensions.credBlob.present == true) {
|
||||
CBOR_CHECK(cbor_encode_byte_string(&mapEncoder, selcred->extensions.credBlob.data,
|
||||
selcred->extensions.credBlob.len));
|
||||
}
|
||||
else {
|
||||
CBOR_CHECK(cbor_encode_byte_string(&mapEncoder, NULL, 0));
|
||||
}
|
||||
}
|
||||
else {
|
||||
CBOR_CHECK(cbor_encode_byte_string(&mapEncoder, NULL, 0));
|
||||
}
|
||||
}
|
||||
if (extensions.hmac_secret != NULL) {
|
||||
if (extensions.hmac_secret == ptrue) {
|
||||
|
||||
CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder, "hmac-secret"));
|
||||
CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder, "hmac-secret"));
|
||||
|
||||
uint8_t sharedSecret[64] = {0};
|
||||
mbedtls_ecp_point Qp;
|
||||
mbedtls_ecp_point_init(&Qp);
|
||||
mbedtls_mpi_lset(&Qp.Z, 1);
|
||||
if (mbedtls_mpi_read_binary(&Qp.X, kax.data, kax.len) != 0) {
|
||||
uint8_t sharedSecret[64] = {0};
|
||||
mbedtls_ecp_point Qp;
|
||||
mbedtls_ecp_point_init(&Qp);
|
||||
mbedtls_mpi_lset(&Qp.Z, 1);
|
||||
if (mbedtls_mpi_read_binary(&Qp.X, kax.data, kax.len) != 0) {
|
||||
mbedtls_ecp_point_free(&Qp);
|
||||
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
|
||||
}
|
||||
if (mbedtls_mpi_read_binary(&Qp.Y, kay.data, kay.len) != 0) {
|
||||
mbedtls_ecp_point_free(&Qp);
|
||||
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
|
||||
}
|
||||
ret = ecdh((uint8_t)hmacSecretPinUvAuthProtocol, &Qp, sharedSecret);
|
||||
mbedtls_ecp_point_free(&Qp);
|
||||
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
|
||||
if (ret != 0) {
|
||||
mbedtls_platform_zeroize(sharedSecret, sizeof(sharedSecret));
|
||||
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
|
||||
}
|
||||
if (verify((uint8_t)hmacSecretPinUvAuthProtocol, sharedSecret, salt_enc.data, (uint16_t)salt_enc.len, salt_auth.data) != 0) {
|
||||
mbedtls_platform_zeroize(sharedSecret, sizeof(sharedSecret));
|
||||
CBOR_ERROR(CTAP2_ERR_EXTENSION_FIRST);
|
||||
}
|
||||
uint8_t salt_dec[64] = {0}, poff = ((uint8_t)hmacSecretPinUvAuthProtocol - 1) * IV_SIZE;
|
||||
ret = decrypt((uint8_t)hmacSecretPinUvAuthProtocol, sharedSecret, salt_enc.data, (uint16_t)salt_enc.len, salt_dec);
|
||||
if (ret != 0) {
|
||||
mbedtls_platform_zeroize(sharedSecret, sizeof(sharedSecret));
|
||||
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
|
||||
}
|
||||
uint8_t cred_random[64] = {0}, *crd = NULL;
|
||||
ret = credential_derive_hmac_key(selcred->id.data, selcred->id.len, cred_random);
|
||||
if (ret != 0) {
|
||||
mbedtls_platform_zeroize(sharedSecret, sizeof(sharedSecret));
|
||||
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
|
||||
}
|
||||
if (flags & FIDO2_AUT_FLAG_UV) {
|
||||
crd = cred_random + 32;
|
||||
}
|
||||
else {
|
||||
crd = cred_random;
|
||||
}
|
||||
uint8_t out1[64] = {0}, hmac_res[80] = {0};
|
||||
mbedtls_md_hmac(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), crd, 32, salt_dec, 32, out1);
|
||||
if ((uint8_t)salt_enc.len == 64 + poff) {
|
||||
mbedtls_md_hmac(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), crd, 32, salt_dec + 32, 32, out1 + 32);
|
||||
}
|
||||
encrypt((uint8_t)hmacSecretPinUvAuthProtocol, sharedSecret, out1, (uint16_t)(salt_enc.len - poff), hmac_res);
|
||||
CBOR_CHECK(cbor_encode_byte_string(&mapEncoder, hmac_res, salt_enc.len));
|
||||
}
|
||||
if (mbedtls_mpi_read_binary(&Qp.Y, kay.data, kay.len) != 0) {
|
||||
mbedtls_ecp_point_free(&Qp);
|
||||
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
|
||||
if (extensions.thirdPartyPayment == ptrue) {
|
||||
CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder, "thirdPartyPayment"));
|
||||
if (selcred->extensions.thirdPartyPayment == ptrue) {
|
||||
CBOR_CHECK(cbor_encode_boolean(&mapEncoder, true));
|
||||
}
|
||||
else {
|
||||
CBOR_CHECK(cbor_encode_boolean(&mapEncoder, false));
|
||||
}
|
||||
}
|
||||
ret = ecdh((uint8_t)hmacSecretPinUvAuthProtocol, &Qp, sharedSecret);
|
||||
mbedtls_ecp_point_free(&Qp);
|
||||
if (ret != 0) {
|
||||
mbedtls_platform_zeroize(sharedSecret, sizeof(sharedSecret));
|
||||
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
|
||||
}
|
||||
if (verify((uint8_t)hmacSecretPinUvAuthProtocol, sharedSecret, salt_enc.data, (uint16_t)salt_enc.len, salt_auth.data) != 0) {
|
||||
mbedtls_platform_zeroize(sharedSecret, sizeof(sharedSecret));
|
||||
CBOR_ERROR(CTAP2_ERR_EXTENSION_FIRST);
|
||||
}
|
||||
uint8_t salt_dec[64] = {0}, poff = ((uint8_t)hmacSecretPinUvAuthProtocol - 1) * IV_SIZE;
|
||||
ret = decrypt((uint8_t)hmacSecretPinUvAuthProtocol, sharedSecret, salt_enc.data, (uint16_t)salt_enc.len, salt_dec);
|
||||
if (ret != 0) {
|
||||
mbedtls_platform_zeroize(sharedSecret, sizeof(sharedSecret));
|
||||
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
|
||||
}
|
||||
uint8_t cred_random[64] = {0}, *crd = NULL;
|
||||
ret = credential_derive_hmac_key(selcred->id.data, selcred->id.len, cred_random);
|
||||
if (ret != 0) {
|
||||
mbedtls_platform_zeroize(sharedSecret, sizeof(sharedSecret));
|
||||
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
|
||||
}
|
||||
if (flags & FIDO2_AUT_FLAG_UV) {
|
||||
crd = cred_random + 32;
|
||||
}
|
||||
else {
|
||||
crd = cred_random;
|
||||
}
|
||||
uint8_t out1[64] = {0}, hmac_res[80] = {0};
|
||||
mbedtls_md_hmac(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), crd, 32, salt_dec, 32, out1);
|
||||
if ((uint8_t)salt_enc.len == 64 + poff) {
|
||||
mbedtls_md_hmac(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), crd, 32, salt_dec + 32, 32, out1 + 32);
|
||||
}
|
||||
encrypt((uint8_t)hmacSecretPinUvAuthProtocol, sharedSecret, out1, (uint16_t)(salt_enc.len - poff), hmac_res);
|
||||
CBOR_CHECK(cbor_encode_byte_string(&mapEncoder, hmac_res, salt_enc.len));
|
||||
}
|
||||
if (extensions.thirdPartyPayment != NULL) {
|
||||
CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder, "thirdPartyPayment"));
|
||||
if (selcred->extensions.thirdPartyPayment == ptrue) {
|
||||
CBOR_CHECK(cbor_encode_boolean(&mapEncoder, true));
|
||||
}
|
||||
else {
|
||||
CBOR_CHECK(cbor_encode_boolean(&mapEncoder, false));
|
||||
}
|
||||
}
|
||||
|
||||
CBOR_CHECK(cbor_encoder_close_container(&encoder, &mapEncoder));
|
||||
ext_len = cbor_encoder_get_buffer_size(&encoder, ext);
|
||||
flags |= FIDO2_AUT_FLAG_ED;
|
||||
CBOR_CHECK(cbor_encoder_close_container(&encoder, &mapEncoder));
|
||||
ext_len = cbor_encoder_get_buffer_size(&encoder, ext);
|
||||
flags |= FIDO2_AUT_FLAG_ED;
|
||||
}
|
||||
}
|
||||
|
||||
uint32_t ctr = get_sign_counter();
|
||||
@@ -548,14 +574,14 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) {
|
||||
memcpy(pa, clientDataHash.data, clientDataHash.len);
|
||||
uint8_t hash[64] = {0}, sig[MBEDTLS_ECDSA_MAX_LEN] = {0};
|
||||
const mbedtls_md_info_t *md = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256);
|
||||
mbedtls_ecdsa_context ekey;
|
||||
mbedtls_ecdsa_init(&ekey);
|
||||
mbedtls_ecp_keypair ekey;
|
||||
mbedtls_ecp_keypair_init(&ekey);
|
||||
size_t olen = 0;
|
||||
if (selcred) {
|
||||
ret = fido_load_key((int)selcred->curve, selcred->id.data, &ekey);
|
||||
if (ret != 0) {
|
||||
if (derive_key(rp_id_hash, false, selcred->id.data, MBEDTLS_ECP_DP_SECP256R1, &ekey) != 0) {
|
||||
mbedtls_ecdsa_free(&ekey);
|
||||
mbedtls_ecp_keypair_free(&ekey);
|
||||
CBOR_ERROR(CTAP1_ERR_OTHER);
|
||||
}
|
||||
}
|
||||
@@ -565,17 +591,20 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) {
|
||||
else if (ekey.grp.id == MBEDTLS_ECP_DP_SECP521R1) {
|
||||
md = mbedtls_md_info_from_type(MBEDTLS_MD_SHA512);
|
||||
}
|
||||
#ifdef MBEDTLS_EDDSA_C
|
||||
else if (ekey.grp.id == MBEDTLS_ECP_DP_ED25519) {
|
||||
md = NULL;
|
||||
}
|
||||
|
||||
#endif
|
||||
if (md != NULL) {
|
||||
ret = mbedtls_md(md, aut_data, aut_data_len + clientDataHash.len, hash);
|
||||
ret = mbedtls_ecdsa_write_signature(&ekey, mbedtls_md_get_type(md), hash, mbedtls_md_get_size(md), sig, sizeof(sig), &olen, random_gen, NULL);
|
||||
}
|
||||
#ifdef MBEDTLS_EDDSA_C
|
||||
else {
|
||||
ret = mbedtls_eddsa_write_signature(&ekey, aut_data, aut_data_len + clientDataHash.len, sig, sizeof(sig), &olen, MBEDTLS_EDDSA_PURE, NULL, 0, random_gen, NULL);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
else {
|
||||
// Bogus signature
|
||||
@@ -591,7 +620,7 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) {
|
||||
if (selcred && selcred->opts.present == true && selcred->opts.rk == ptrue) {
|
||||
lfields++;
|
||||
}
|
||||
if (numberOfCredentials > 1 && next == false) {
|
||||
if (numberOfCredentials > 1 && next == false && (!resident || allowList_len <= 1)) {
|
||||
lfields++;
|
||||
}
|
||||
if (selcred && extensions.largeBlobKey == ptrue && selcred->extensions.largeBlobKey == ptrue) {
|
||||
@@ -645,7 +674,7 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) {
|
||||
}
|
||||
CBOR_CHECK(cbor_encoder_close_container(&mapEncoder, &mapEncoder2));
|
||||
}
|
||||
if (numberOfCredentials > 1 && next == false) {
|
||||
if (numberOfCredentials > 1 && next == false && (!resident || allowList_len <= 1)) {
|
||||
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x05));
|
||||
CBOR_CHECK(cbor_encode_uint(&mapEncoder, numberOfCredentials));
|
||||
}
|
||||
|
||||
@@ -50,11 +50,18 @@ int cbor_get_info() {
|
||||
CBOR_CHECK(cbor_encode_byte_string(&mapEncoder, aaguid, sizeof(aaguid)));
|
||||
|
||||
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x04));
|
||||
CBOR_CHECK(cbor_encoder_create_map(&mapEncoder, &arrayEncoder, 8));
|
||||
CBOR_CHECK(cbor_encoder_create_map(&mapEncoder, &arrayEncoder, 9));
|
||||
CBOR_CHECK(cbor_encode_text_stringz(&arrayEncoder, "ep"));
|
||||
CBOR_CHECK(cbor_encode_boolean(&arrayEncoder, get_opts() & FIDO2_OPT_EA));
|
||||
CBOR_CHECK(cbor_encode_text_stringz(&arrayEncoder, "rk"));
|
||||
CBOR_CHECK(cbor_encode_boolean(&arrayEncoder, true));
|
||||
CBOR_CHECK(cbor_encode_text_stringz(&arrayEncoder, "alwaysUv"));
|
||||
if (file_has_data(ef_pin) && (get_opts() & FIDO2_OPT_AUV || !getUserVerifiedFlagValue())) {
|
||||
CBOR_CHECK(cbor_encode_boolean(&arrayEncoder, true));
|
||||
}
|
||||
else {
|
||||
CBOR_CHECK(cbor_encode_boolean(&arrayEncoder, false));
|
||||
}
|
||||
CBOR_CHECK(cbor_encode_text_stringz(&arrayEncoder, "credMgmt"));
|
||||
CBOR_CHECK(cbor_encode_boolean(&arrayEncoder, true));
|
||||
CBOR_CHECK(cbor_encode_text_stringz(&arrayEncoder, "authnrCfg"));
|
||||
@@ -91,12 +98,31 @@ int cbor_get_info() {
|
||||
|
||||
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x0A));
|
||||
|
||||
CBOR_CHECK(cbor_encoder_create_array(&mapEncoder, &arrayEncoder, 5));
|
||||
uint8_t curves = 3;
|
||||
#ifdef MBEDTLS_EDDSA_C
|
||||
curves++;
|
||||
#endif
|
||||
#ifndef ENABLE_EMULATION
|
||||
if (phy_data.enabled_curves & PHY_CURVE_SECP256K1) {
|
||||
#endif
|
||||
curves++;
|
||||
#ifndef ENABLE_EMULATION
|
||||
}
|
||||
#endif
|
||||
CBOR_CHECK(cbor_encoder_create_array(&mapEncoder, &arrayEncoder, curves));
|
||||
CBOR_CHECK(COSE_public_key(FIDO2_ALG_ES256, &arrayEncoder, &mapEncoder2));
|
||||
#ifdef MBEDTLS_EDDSA_C
|
||||
CBOR_CHECK(COSE_public_key(FIDO2_ALG_EDDSA, &arrayEncoder, &mapEncoder2));
|
||||
#endif
|
||||
CBOR_CHECK(COSE_public_key(FIDO2_ALG_ES384, &arrayEncoder, &mapEncoder2));
|
||||
CBOR_CHECK(COSE_public_key(FIDO2_ALG_ES512, &arrayEncoder, &mapEncoder2));
|
||||
CBOR_CHECK(COSE_public_key(FIDO2_ALG_ES256K, &arrayEncoder, &mapEncoder2));
|
||||
#ifndef ENABLE_EMULATION
|
||||
if (phy_data.enabled_curves & PHY_CURVE_SECP256K1) {
|
||||
#endif
|
||||
CBOR_CHECK(COSE_public_key(FIDO2_ALG_ES256K, &arrayEncoder, &mapEncoder2));
|
||||
#ifndef ENABLE_EMULATION
|
||||
}
|
||||
#endif
|
||||
|
||||
CBOR_CHECK(cbor_encoder_close_container(&mapEncoder, &arrayEncoder));
|
||||
|
||||
|
||||
@@ -217,16 +217,22 @@ int cbor_make_credential(const uint8_t *data, size_t len) {
|
||||
curve = FIDO2_CURVE_P521;
|
||||
}
|
||||
}
|
||||
else if (pubKeyCredParams[i].alg == FIDO2_ALG_ES256K) {
|
||||
else if (pubKeyCredParams[i].alg == FIDO2_ALG_ES256K
|
||||
#ifndef ENABLE_EMULATION
|
||||
&& (phy_data.enabled_curves & PHY_CURVE_SECP256K1)
|
||||
#endif
|
||||
) {
|
||||
if (curve <= 0) {
|
||||
curve = FIDO2_CURVE_P256K1;
|
||||
}
|
||||
}
|
||||
}
|
||||
#ifdef MBEDTLS_EDDSA_C
|
||||
else if (pubKeyCredParams[i].alg == FIDO2_ALG_EDDSA) {
|
||||
if (curve <= 0) {
|
||||
curve = FIDO2_CURVE_ED25519;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
else if (pubKeyCredParams[i].alg <= FIDO2_ALG_RS256 && pubKeyCredParams[i].alg >= FIDO2_ALG_RS512) {
|
||||
// pass
|
||||
}
|
||||
@@ -342,13 +348,13 @@ int cbor_make_credential(const uint8_t *data, size_t len) {
|
||||
cbor_encoder_init(&encoder, ext, sizeof(ext), 0);
|
||||
int l = 0;
|
||||
uint8_t minPinLen = 0;
|
||||
if (extensions.hmac_secret != NULL) {
|
||||
if (extensions.hmac_secret == ptrue) {
|
||||
l++;
|
||||
}
|
||||
if (extensions.credProtect != 0) {
|
||||
l++;
|
||||
}
|
||||
if (extensions.minPinLength != NULL) {
|
||||
if (extensions.minPinLength == ptrue) {
|
||||
file_t *ef_minpin = search_by_fid(EF_MINPINLEN, NULL, SPECIFY_EF);
|
||||
if (file_has_data(ef_minpin)) {
|
||||
uint8_t *minpin_data = file_get_data(ef_minpin);
|
||||
@@ -366,29 +372,31 @@ int cbor_make_credential(const uint8_t *data, size_t len) {
|
||||
if (extensions.credBlob.present == true) {
|
||||
l++;
|
||||
}
|
||||
CBOR_CHECK(cbor_encoder_create_map(&encoder, &mapEncoder, l));
|
||||
if (extensions.credBlob.present == true) {
|
||||
CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder, "credBlob"));
|
||||
CBOR_CHECK(cbor_encode_boolean(&mapEncoder, extensions.credBlob.len < MAX_CREDBLOB_LENGTH));
|
||||
}
|
||||
if (extensions.credProtect != 0) {
|
||||
CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder, "credProtect"));
|
||||
CBOR_CHECK(cbor_encode_uint(&mapEncoder, extensions.credProtect));
|
||||
}
|
||||
if (extensions.hmac_secret != NULL) {
|
||||
if (l > 0) {
|
||||
CBOR_CHECK(cbor_encoder_create_map(&encoder, &mapEncoder, l));
|
||||
if (extensions.credBlob.present == true) {
|
||||
CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder, "credBlob"));
|
||||
CBOR_CHECK(cbor_encode_boolean(&mapEncoder, extensions.credBlob.len < MAX_CREDBLOB_LENGTH));
|
||||
}
|
||||
if (extensions.credProtect != 0) {
|
||||
CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder, "credProtect"));
|
||||
CBOR_CHECK(cbor_encode_uint(&mapEncoder, extensions.credProtect));
|
||||
}
|
||||
if (extensions.hmac_secret == ptrue) {
|
||||
|
||||
CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder, "hmac-secret"));
|
||||
CBOR_CHECK(cbor_encode_boolean(&mapEncoder, *extensions.hmac_secret));
|
||||
}
|
||||
if (minPinLen > 0) {
|
||||
CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder, "hmac-secret"));
|
||||
CBOR_CHECK(cbor_encode_boolean(&mapEncoder, true));
|
||||
}
|
||||
if (minPinLen > 0) {
|
||||
|
||||
CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder, "minPinLength"));
|
||||
CBOR_CHECK(cbor_encode_uint(&mapEncoder, minPinLen));
|
||||
}
|
||||
CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder, "minPinLength"));
|
||||
CBOR_CHECK(cbor_encode_uint(&mapEncoder, minPinLen));
|
||||
}
|
||||
|
||||
CBOR_CHECK(cbor_encoder_close_container(&encoder, &mapEncoder));
|
||||
ext_len = cbor_encoder_get_buffer_size(&encoder, ext);
|
||||
flags |= FIDO2_AUT_FLAG_ED;
|
||||
CBOR_CHECK(cbor_encoder_close_container(&encoder, &mapEncoder));
|
||||
ext_len = cbor_encoder_get_buffer_size(&encoder, ext);
|
||||
flags |= FIDO2_AUT_FLAG_ED;
|
||||
}
|
||||
}
|
||||
mbedtls_ecp_keypair ekey;
|
||||
mbedtls_ecp_keypair_init(&ekey);
|
||||
@@ -434,9 +442,11 @@ int cbor_make_credential(const uint8_t *data, size_t len) {
|
||||
else if (ekey.grp.id == MBEDTLS_ECP_DP_SECP521R1) {
|
||||
md = mbedtls_md_info_from_type(MBEDTLS_MD_SHA512);
|
||||
}
|
||||
#ifdef MBEDTLS_EDDSA_C
|
||||
else if (ekey.grp.id == MBEDTLS_ECP_DP_ED25519) {
|
||||
md = NULL;
|
||||
}
|
||||
#endif
|
||||
if (md != NULL) {
|
||||
ret = mbedtls_md(md, aut_data, aut_data_len + clientDataHash.len, hash);
|
||||
}
|
||||
@@ -457,9 +467,11 @@ int cbor_make_credential(const uint8_t *data, size_t len) {
|
||||
if (md != NULL) {
|
||||
ret = mbedtls_ecdsa_write_signature(&ekey, mbedtls_md_get_type(md), hash, mbedtls_md_get_size(md), sig, sizeof(sig), &olen, random_gen, NULL);
|
||||
}
|
||||
#ifdef MBEDTLS_EDDSA_C
|
||||
else {
|
||||
ret = mbedtls_eddsa_write_signature(&ekey, aut_data, aut_data_len + clientDataHash.len, sig, sizeof(sig), &olen, MBEDTLS_EDDSA_PURE, NULL, 0, random_gen, NULL);
|
||||
}
|
||||
#endif
|
||||
mbedtls_ecp_keypair_free(&ekey);
|
||||
if (ret != 0) {
|
||||
CBOR_ERROR(CTAP2_ERR_PROCESSING);
|
||||
@@ -492,7 +504,14 @@ int cbor_make_credential(const uint8_t *data, size_t len) {
|
||||
}
|
||||
|
||||
cbor_encoder_init(&encoder, ctap_resp->init.data + 1, CTAP_MAX_CBOR_PAYLOAD, 0);
|
||||
CBOR_CHECK(cbor_encoder_create_map(&encoder, &mapEncoder, extensions.largeBlobKey == ptrue && options.rk == ptrue ? 5 : 4));
|
||||
uint8_t lparams = 3;
|
||||
if (enterpriseAttestation == 2) {
|
||||
lparams++;
|
||||
}
|
||||
if (extensions.largeBlobKey == ptrue && options.rk == ptrue) {
|
||||
lparams++;
|
||||
}
|
||||
CBOR_CHECK(cbor_encoder_create_map(&encoder, &mapEncoder, lparams));
|
||||
|
||||
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x01));
|
||||
CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder, "packed"));
|
||||
@@ -521,8 +540,10 @@ int cbor_make_credential(const uint8_t *data, size_t len) {
|
||||
}
|
||||
CBOR_CHECK(cbor_encoder_close_container(&mapEncoder, &mapEncoder2));
|
||||
|
||||
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x04));
|
||||
CBOR_CHECK(cbor_encode_boolean(&mapEncoder, enterpriseAttestation == 2));
|
||||
if (enterpriseAttestation == 2) {
|
||||
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x04));
|
||||
CBOR_CHECK(cbor_encode_boolean(&mapEncoder, true));
|
||||
}
|
||||
|
||||
if (extensions.largeBlobKey == ptrue && options.rk == ptrue) {
|
||||
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x05));
|
||||
|
||||
@@ -38,8 +38,8 @@ int cmd_authenticate() {
|
||||
return SW_CONDITIONS_NOT_SATISFIED();
|
||||
}
|
||||
|
||||
mbedtls_ecdsa_context key;
|
||||
mbedtls_ecdsa_init(&key);
|
||||
mbedtls_ecp_keypair key;
|
||||
mbedtls_ecp_keypair_init(&key);
|
||||
int ret = 0;
|
||||
uint8_t *tmp_kh = (uint8_t *) calloc(1, req->keyHandleLen);
|
||||
memcpy(tmp_kh, req->keyHandle, req->keyHandleLen);
|
||||
@@ -49,18 +49,18 @@ int cmd_authenticate() {
|
||||
else {
|
||||
ret = derive_key(req->appId, false, req->keyHandle, MBEDTLS_ECP_DP_SECP256R1, &key);
|
||||
if (verify_key(req->appId, req->keyHandle, &key) != 0) {
|
||||
mbedtls_ecdsa_free(&key);
|
||||
mbedtls_ecp_keypair_free(&key);
|
||||
free(tmp_kh);
|
||||
return SW_INCORRECT_PARAMS();
|
||||
}
|
||||
}
|
||||
free(tmp_kh);
|
||||
if (ret != PICOKEY_OK) {
|
||||
mbedtls_ecdsa_free(&key);
|
||||
mbedtls_ecp_keypair_free(&key);
|
||||
return SW_EXEC_ERROR();
|
||||
}
|
||||
if (P1(apdu) == CTAP_AUTH_CHECK_ONLY) {
|
||||
mbedtls_ecdsa_free(&key);
|
||||
mbedtls_ecp_keypair_free(&key);
|
||||
return SW_CONDITIONS_NOT_SATISFIED();
|
||||
}
|
||||
resp->flags = 0;
|
||||
@@ -74,12 +74,12 @@ int cmd_authenticate() {
|
||||
memcpy(sig_base + CTAP_APPID_SIZE + 1 + 4, req->chal, CTAP_CHAL_SIZE);
|
||||
ret = mbedtls_md(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), sig_base, sizeof(sig_base), hash);
|
||||
if (ret != 0) {
|
||||
mbedtls_ecdsa_free(&key);
|
||||
mbedtls_ecp_keypair_free(&key);
|
||||
return SW_EXEC_ERROR();
|
||||
}
|
||||
size_t olen = 0;
|
||||
ret = mbedtls_ecdsa_write_signature(&key, MBEDTLS_MD_SHA256, hash, 32, (uint8_t *) resp->sig, CTAP_MAX_EC_SIG_SIZE, &olen, random_gen, NULL);
|
||||
mbedtls_ecdsa_free(&key);
|
||||
mbedtls_ecp_keypair_free(&key);
|
||||
if (ret != 0) {
|
||||
return SW_EXEC_ERROR();
|
||||
}
|
||||
|
||||
@@ -31,13 +31,20 @@
|
||||
|
||||
int credential_derive_chacha_key(uint8_t *outk, const uint8_t *);
|
||||
|
||||
static int credential_silent_tag(const uint8_t *cred_id, size_t cred_id_len, uint8_t *outk) {
|
||||
static int credential_silent_tag(const uint8_t *cred_id, size_t cred_id_len, const uint8_t *rp_id_hash, uint8_t *outk) {
|
||||
mbedtls_sha256_context ctx;
|
||||
mbedtls_sha256_init(&ctx);
|
||||
mbedtls_sha256_starts(&ctx, 0);
|
||||
if (otp_key_1) {
|
||||
memcpy(outk, otp_key_1, 32);
|
||||
mbedtls_sha256_update(&ctx, otp_key_1, 32);
|
||||
}
|
||||
else {
|
||||
mbedtls_sha256(pico_serial.id, PICO_UNIQUE_BOARD_ID_SIZE_BYTES, outk, 0);
|
||||
mbedtls_sha256_update(&ctx, pico_serial.id, sizeof(pico_serial.id));
|
||||
}
|
||||
mbedtls_sha256_update(&ctx, rp_id_hash, 32);
|
||||
mbedtls_sha256_finish(&ctx, outk);
|
||||
mbedtls_sha256_free(&ctx);
|
||||
|
||||
return mbedtls_md_hmac(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), outk, 32, cred_id, cred_id_len - CRED_SILENT_TAG_LEN, outk);
|
||||
}
|
||||
|
||||
@@ -70,7 +77,7 @@ int credential_verify(uint8_t *cred_id, size_t cred_id_len, const uint8_t *rp_id
|
||||
return -1;
|
||||
}
|
||||
uint8_t outk[32];
|
||||
ret = credential_silent_tag(cred_id, cred_id_len, outk);
|
||||
ret = credential_silent_tag(cred_id, cred_id_len, rp_id_hash, outk);
|
||||
ret = memcmp(outk, cred_id + cred_id_len - CRED_SILENT_TAG_LEN, CRED_SILENT_TAG_LEN);
|
||||
}
|
||||
return ret;
|
||||
@@ -161,7 +168,7 @@ int credential_create(CborCharString *rpId,
|
||||
}
|
||||
memcpy(cred_id, CRED_PROTO, CRED_PROTO_LEN);
|
||||
memcpy(cred_id + CRED_PROTO_LEN, iv, CRED_IV_LEN);
|
||||
credential_silent_tag(cred_id, *cred_id_len, cred_id + CRED_PROTO_LEN + CRED_IV_LEN + rs + CRED_TAG_LEN);
|
||||
credential_silent_tag(cred_id, *cred_id_len, rp_id_hash, cred_id + CRED_PROTO_LEN + CRED_IV_LEN + rs + CRED_TAG_LEN);
|
||||
|
||||
err:
|
||||
if (error != CborNoError) {
|
||||
|
||||
@@ -112,12 +112,14 @@ mbedtls_ecp_group_id fido_curve_to_mbedtls(int curve) {
|
||||
else if (curve == FIDO2_CURVE_X448) {
|
||||
return MBEDTLS_ECP_DP_CURVE448;
|
||||
}
|
||||
#ifdef MBEDTLS_EDDSA_C
|
||||
else if (curve == FIDO2_CURVE_ED25519) {
|
||||
return MBEDTLS_ECP_DP_ED25519;
|
||||
}
|
||||
else if (curve == FIDO2_CURVE_ED448) {
|
||||
return MBEDTLS_ECP_DP_ED448;
|
||||
}
|
||||
#endif
|
||||
return MBEDTLS_ECP_DP_NONE;
|
||||
}
|
||||
int mbedtls_curve_to_fido(mbedtls_ecp_group_id id) {
|
||||
@@ -139,12 +141,14 @@ int mbedtls_curve_to_fido(mbedtls_ecp_group_id id) {
|
||||
else if (id == MBEDTLS_ECP_DP_CURVE448) {
|
||||
return FIDO2_CURVE_X448;
|
||||
}
|
||||
#ifdef MBEDTLS_EDDSA_C
|
||||
else if (id == MBEDTLS_ECP_DP_ED25519) {
|
||||
return FIDO2_CURVE_ED25519;
|
||||
}
|
||||
else if (id == MBEDTLS_ECP_DP_ED448) {
|
||||
return FIDO2_CURVE_ED448;
|
||||
}
|
||||
#endif
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -292,9 +296,11 @@ int derive_key(const uint8_t *app_id, bool new_key, uint8_t *key_handle, int cur
|
||||
if (r != 0) {
|
||||
return r;
|
||||
}
|
||||
#ifdef MBEDTLS_EDDSA_C
|
||||
if (curve == MBEDTLS_ECP_DP_ED25519) {
|
||||
return mbedtls_ecp_point_edwards(&key->grp, &key->Q, &key->d, random_gen, NULL);
|
||||
}
|
||||
#endif
|
||||
return mbedtls_ecp_mul(&key->grp, &key->Q, &key->d, &key->grp.G, random_gen, NULL);
|
||||
}
|
||||
mbedtls_platform_zeroize(outk, sizeof(outk));
|
||||
|
||||
@@ -28,7 +28,9 @@
|
||||
#endif
|
||||
|
||||
#include "mbedtls/ecdsa.h"
|
||||
#ifdef MBEDTLS_EDDSA_C
|
||||
#include "mbedtls/eddsa.h"
|
||||
#endif
|
||||
#ifndef ENABLE_EMULATION
|
||||
#include "hid/ctap_hid.h"
|
||||
#else
|
||||
@@ -83,6 +85,7 @@ extern int ecdh(uint8_t protocol, const mbedtls_ecp_point *Q, uint8_t *sharedSec
|
||||
#define FIDO2_AUT_FLAG_ED 0x80
|
||||
|
||||
#define FIDO2_OPT_EA 0x01 // Enterprise Attestation
|
||||
#define FIDO2_OPT_AUV 0x02 // User Verification
|
||||
|
||||
#define MAX_PIN_RETRIES 8
|
||||
extern bool getUserPresentFlagValue();
|
||||
|
||||
@@ -97,8 +97,21 @@ int man_get_config() {
|
||||
if (!file_has_data(ef)) {
|
||||
res_APDU[res_APDU_size++] = TAG_USB_ENABLED;
|
||||
res_APDU[res_APDU_size++] = 2;
|
||||
res_APDU[res_APDU_size++] = CAP_FIDO2 >> 8;
|
||||
res_APDU[res_APDU_size++] = CAP_OTP | CAP_U2F | CAP_OATH;
|
||||
uint16_t caps = 0;
|
||||
if (cap_supported(CAP_FIDO2)) {
|
||||
caps |= CAP_FIDO2;
|
||||
}
|
||||
if (cap_supported(CAP_OTP)) {
|
||||
caps |= CAP_OTP;
|
||||
}
|
||||
if (cap_supported(CAP_U2F)) {
|
||||
caps |= CAP_U2F;
|
||||
}
|
||||
if (cap_supported(CAP_OATH)) {
|
||||
caps |= CAP_OATH;
|
||||
}
|
||||
res_APDU[res_APDU_size++] = caps >> 8;
|
||||
res_APDU[res_APDU_size++] = caps & 0xFF;
|
||||
res_APDU[res_APDU_size++] = TAG_DEVICE_FLAGS;
|
||||
res_APDU[res_APDU_size++] = 1;
|
||||
res_APDU[res_APDU_size++] = FLAG_EJECT;
|
||||
@@ -126,6 +139,15 @@ int cmd_write_config() {
|
||||
file_t *ef = file_new(EF_DEV_CONF);
|
||||
file_put_data(ef, apdu.data + 1, (uint16_t)(apdu.nc - 1));
|
||||
low_flash_available();
|
||||
#ifndef ENABLE_EMULATION
|
||||
if (cap_supported(CAP_OTP)) {
|
||||
phy_data.enabled_usb_itf |= PHY_USB_ITF_KB;
|
||||
}
|
||||
else {
|
||||
phy_data.enabled_usb_itf &= ~PHY_USB_ITF_KB;
|
||||
}
|
||||
phy_save();
|
||||
#endif
|
||||
return SW_OK();
|
||||
}
|
||||
|
||||
|
||||
@@ -586,6 +586,10 @@ int cmd_verify_hotp() {
|
||||
|
||||
int cmd_rename() {
|
||||
asn1_ctx_t ctxi, name = { 0 }, new_name = { 0 };
|
||||
|
||||
if (validated == false) {
|
||||
return SW_SECURITY_STATUS_NOT_SATISFIED();
|
||||
}
|
||||
if (apdu.data[0] != TAG_NAME) {
|
||||
return SW_WRONG_DATA();
|
||||
}
|
||||
@@ -598,6 +602,9 @@ int cmd_rename() {
|
||||
if (asn1_find_tag(&ctxi, TAG_NAME, &new_name) == false) {
|
||||
return SW_WRONG_DATA();
|
||||
}
|
||||
if (memcmp(name.data, new_name.data, name.len) == 0) {
|
||||
return SW_WRONG_DATA();
|
||||
}
|
||||
file_t *ef = find_oath_cred(name.data, name.len);
|
||||
if (file_has_data(ef) == false) {
|
||||
return SW_DATA_INVALID();
|
||||
@@ -608,13 +615,7 @@ int cmd_rename() {
|
||||
if (asn1_find_tag(&ctxi, TAG_NAME, &name) == false) {
|
||||
return SW_WRONG_DATA();
|
||||
}
|
||||
uint8_t *new_data;
|
||||
if (new_name.len > name.len) {
|
||||
new_data = (uint8_t *) calloc(1, file_get_size(ef) + new_name.len - name.len);
|
||||
}
|
||||
else {
|
||||
new_data = (uint8_t *) calloc(1, file_get_size(ef));
|
||||
}
|
||||
uint8_t *new_data = (uint8_t *) calloc(sizeof(uint8_t), fsize + new_name.len - name.len);
|
||||
memcpy(new_data, fdata, name.data - fdata);
|
||||
*(new_data + (name.data - fdata) - 1) = new_name.len;
|
||||
memcpy(new_data + (name.data - fdata), new_name.data, new_name.len);
|
||||
|
||||
165
src/fido/otp.c
165
src/fido/otp.c
@@ -336,6 +336,7 @@ int otp_unload() {
|
||||
return PICOKEY_OK;
|
||||
}
|
||||
|
||||
uint8_t status_byte = 0x0;
|
||||
uint16_t otp_status(bool is_otp) {
|
||||
if (scanned == false) {
|
||||
scan_all();
|
||||
@@ -349,12 +350,26 @@ uint16_t otp_status(bool is_otp) {
|
||||
res_APDU[res_APDU_size++] = PICO_FIDO_VERSION_MINOR;
|
||||
res_APDU[res_APDU_size++] = 0;
|
||||
res_APDU[res_APDU_size++] = config_seq;
|
||||
res_APDU[res_APDU_size++] = (CONFIG2_TOUCH | CONFIG1_TOUCH) |
|
||||
(file_has_data(search_dynamic_file(EF_OTP_SLOT1)) ? CONFIG1_VALID :
|
||||
0x00) |
|
||||
(file_has_data(search_dynamic_file(EF_OTP_SLOT2)) ? CONFIG2_VALID :
|
||||
0x00);
|
||||
uint8_t opts = 0;
|
||||
file_t *ef = search_dynamic_file(EF_OTP_SLOT1);
|
||||
if (file_has_data(ef)) {
|
||||
opts |= CONFIG1_VALID;
|
||||
otp_config_t *otp_config = (otp_config_t *) file_get_data(ef);
|
||||
if (!(otp_config->tkt_flags & CHAL_RESP) || otp_config->cfg_flags & CHAL_BTN_TRIG) {
|
||||
opts |= CONFIG1_TOUCH;
|
||||
}
|
||||
}
|
||||
ef = search_dynamic_file(EF_OTP_SLOT2);
|
||||
if (file_has_data(ef)) {
|
||||
opts |= CONFIG2_VALID;
|
||||
otp_config_t *otp_config = (otp_config_t *) file_get_data(ef);
|
||||
if (!(otp_config->tkt_flags & CHAL_RESP) || otp_config->cfg_flags & CHAL_BTN_TRIG) {
|
||||
opts |= CONFIG2_TOUCH;
|
||||
}
|
||||
}
|
||||
res_APDU[res_APDU_size++] = opts;
|
||||
res_APDU[res_APDU_size++] = 0;
|
||||
res_APDU[res_APDU_size++] = status_byte;
|
||||
if (is_otp) {
|
||||
res_APDU_size = 0;
|
||||
}
|
||||
@@ -402,7 +417,7 @@ int cmd_otp() {
|
||||
config_seq++;
|
||||
return otp_status(_is_otp);
|
||||
}
|
||||
else if (p1 == 0x04 || p1 == 0x05) {
|
||||
else if (p1 == 0x04 || p1 == 0x05) { // Update slot
|
||||
otp_config_t *odata = (otp_config_t *) apdu.data;
|
||||
if (odata->rfu[0] != 0 || odata->rfu[1] != 0 || check_crc(odata) == false) {
|
||||
return SW_WRONG_DATA();
|
||||
@@ -419,14 +434,20 @@ int cmd_otp() {
|
||||
(odata->ext_flags & EXTFLAG_UPDATE_MASK);
|
||||
odata->tkt_flags = (otpc->tkt_flags & ~TKTFLAG_UPDATE_MASK) |
|
||||
(odata->tkt_flags & TKTFLAG_UPDATE_MASK);
|
||||
odata->cfg_flags = (otpc->cfg_flags & ~CFGFLAG_UPDATE_MASK) |
|
||||
(odata->cfg_flags & CFGFLAG_UPDATE_MASK);
|
||||
if (!(otpc->tkt_flags & CHAL_RESP)) {
|
||||
odata->cfg_flags = (otpc->cfg_flags & ~CFGFLAG_UPDATE_MASK) |
|
||||
(odata->cfg_flags & CFGFLAG_UPDATE_MASK);
|
||||
}
|
||||
else {
|
||||
odata->cfg_flags = otpc->cfg_flags;
|
||||
}
|
||||
file_put_data(ef, apdu.data, otp_config_size);
|
||||
low_flash_available();
|
||||
config_seq++;
|
||||
}
|
||||
return otp_status(_is_otp);
|
||||
}
|
||||
else if (p1 == 0x06) {
|
||||
else if (p1 == 0x06) { // Swap slots
|
||||
uint8_t tmp[otp_config_size + 8];
|
||||
bool ef1_data = false;
|
||||
file_t *ef1 = file_new(EF_OTP_SLOT1);
|
||||
@@ -440,6 +461,8 @@ int cmd_otp() {
|
||||
}
|
||||
else {
|
||||
delete_file(ef1);
|
||||
// When a dynamic file is deleted, existing referenes are invalidated
|
||||
ef2 = file_new(EF_OTP_SLOT2);
|
||||
}
|
||||
if (ef1_data) {
|
||||
file_put_data(ef2, tmp, sizeof(tmp));
|
||||
@@ -448,30 +471,60 @@ int cmd_otp() {
|
||||
delete_file(ef2);
|
||||
}
|
||||
low_flash_available();
|
||||
config_seq++;
|
||||
return otp_status(_is_otp);
|
||||
}
|
||||
else if (p1 == 0x10) {
|
||||
memcpy(res_APDU, pico_serial.id, 4);
|
||||
res_APDU_size = 4;
|
||||
}
|
||||
else if (p1 == 0x13) {
|
||||
else if (p1 == 0x13) { // Get config
|
||||
man_get_config();
|
||||
}
|
||||
else if (p1 == 0x30 || p1 == 0x38 || p1 == 0x20 || p1 == 0x28) {
|
||||
else if (p1 == 0x30 || p1 == 0x38 || p1 == 0x20 || p1 == 0x28) { // Calculate OTP
|
||||
file_t *ef = search_dynamic_file(p1 == 0x30 || p1 == 0x20 ? EF_OTP_SLOT1 : EF_OTP_SLOT2);
|
||||
if (file_has_data(ef)) {
|
||||
otp_config_t *otp_config = (otp_config_t *) file_get_data(ef);
|
||||
if (!(otp_config->cfg_flags & CHAL_YUBICO && otp_config->tkt_flags & CHAL_RESP)) {
|
||||
if (!(otp_config->tkt_flags & CHAL_RESP)) {
|
||||
return SW_WRONG_DATA();
|
||||
}
|
||||
int ret = 0;
|
||||
#ifndef ENABLE_EMULATION
|
||||
uint8_t *rdata_bk = apdu.rdata;
|
||||
if (otp_config->cfg_flags & CHAL_BTN_TRIG) {
|
||||
status_byte = 0x20;
|
||||
otp_status(_is_otp);
|
||||
if (wait_button() == true) {
|
||||
status_byte = 0x00;
|
||||
otp_status(_is_otp);
|
||||
return SW_CONDITIONS_NOT_SATISFIED();
|
||||
}
|
||||
status_byte = 0x10;
|
||||
apdu.rdata = rdata_bk;
|
||||
}
|
||||
#endif
|
||||
if (p1 == 0x30 || p1 == 0x38) {
|
||||
mbedtls_md_hmac(mbedtls_md_info_from_type(MBEDTLS_MD_SHA1), otp_config->aes_key, KEY_SIZE, apdu.data, 8, res_APDU);
|
||||
if (!(otp_config->cfg_flags & CHAL_HMAC)) {
|
||||
return SW_WRONG_DATA();
|
||||
}
|
||||
uint8_t aes_key[KEY_SIZE + UID_SIZE];
|
||||
memcpy(aes_key, otp_config->aes_key, KEY_SIZE);
|
||||
memcpy(aes_key + KEY_SIZE, otp_config->uid, UID_SIZE);
|
||||
uint8_t chal_len = 64;
|
||||
if (otp_config->cfg_flags & HMAC_LT64) {
|
||||
while (chal_len > 0 && apdu.data[63] == apdu.data[chal_len - 1]) {
|
||||
chal_len--;
|
||||
}
|
||||
}
|
||||
mbedtls_md_hmac(mbedtls_md_info_from_type(MBEDTLS_MD_SHA1), aes_key, sizeof(aes_key), apdu.data, chal_len, res_APDU);
|
||||
if (ret == 0) {
|
||||
res_APDU_size = 20;
|
||||
}
|
||||
}
|
||||
else if (p1 == 0x20 || p1 == 0x28) {
|
||||
if (!(otp_config->cfg_flags & CHAL_YUBICO)) {
|
||||
return SW_WRONG_DATA();
|
||||
}
|
||||
uint8_t challenge[16];
|
||||
memcpy(challenge, apdu.data, 6);
|
||||
memcpy(challenge + 6, pico_serial_str, 10);
|
||||
@@ -484,6 +537,9 @@ int cmd_otp() {
|
||||
res_APDU_size = 16;
|
||||
}
|
||||
}
|
||||
if (ret == 0) {
|
||||
status_byte = 0x00;
|
||||
}
|
||||
}
|
||||
}
|
||||
return SW_OK();
|
||||
@@ -532,51 +588,45 @@ int otp_send_frame(uint8_t *frame, size_t frame_len) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
int otp_hid_set_report_cb(uint8_t itf,
|
||||
uint8_t report_id,
|
||||
hid_report_type_t report_type,
|
||||
uint8_t const *buffer,
|
||||
uint16_t bufsize)
|
||||
{
|
||||
if (itf == ITF_KEYBOARD) {
|
||||
if (report_type == 3) {
|
||||
DEBUG_PAYLOAD(buffer, bufsize);
|
||||
if (buffer[7] == 0xFF) { // reset
|
||||
*get_send_buffer_size(ITF_KEYBOARD) = 0;
|
||||
otp_curr_seq = otp_exp_seq = 0;
|
||||
memset(otp_frame_tx, 0, sizeof(otp_frame_tx));
|
||||
}
|
||||
else if (buffer[7] & 0x80) { // a frame
|
||||
uint8_t rseq = buffer[7] & 0x1F;
|
||||
if (rseq < 10) {
|
||||
if (rseq == 0) {
|
||||
memset(otp_frame_rx, 0, sizeof(otp_frame_rx));
|
||||
int otp_hid_set_report_cb(uint8_t itf, uint8_t report_id, hid_report_type_t report_type, uint8_t const *buffer, uint16_t bufsize) {
|
||||
if (report_type == 3) {
|
||||
DEBUG_PAYLOAD(buffer, bufsize);
|
||||
if (buffer[7] == 0xFF) { // reset
|
||||
*get_send_buffer_size(ITF_KEYBOARD) = 0;
|
||||
otp_curr_seq = otp_exp_seq = 0;
|
||||
memset(otp_frame_tx, 0, sizeof(otp_frame_tx));
|
||||
}
|
||||
else if (buffer[7] & 0x80) { // a frame
|
||||
uint8_t rseq = buffer[7] & 0x1F;
|
||||
if (rseq < 10) {
|
||||
if (rseq == 0) {
|
||||
memset(otp_frame_rx, 0, sizeof(otp_frame_rx));
|
||||
}
|
||||
memcpy(otp_frame_rx + rseq * 7, buffer, 7);
|
||||
if (rseq == 9) {
|
||||
DEBUG_DATA(otp_frame_rx, sizeof(otp_frame_rx));
|
||||
DEBUG_PAYLOAD(otp_frame_rx, sizeof(otp_frame_rx));
|
||||
uint16_t residual_crc = calculate_crc(otp_frame_rx, 64), rcrc = get_uint16_t_le(otp_frame_rx + 65);
|
||||
uint8_t slot_id = otp_frame_rx[64];
|
||||
if (residual_crc == rcrc) {
|
||||
uint8_t hdr[5];
|
||||
apdu.header = hdr;
|
||||
apdu.data = otp_frame_rx;
|
||||
apdu.nc = 64;
|
||||
apdu.rdata = otp_frame_tx;
|
||||
apdu.header[0] = 0;
|
||||
apdu.header[1] = 0x01;
|
||||
apdu.header[2] = slot_id;
|
||||
apdu.header[3] = 0;
|
||||
_is_otp = true;
|
||||
int ret = otp_process_apdu();
|
||||
if (ret == 0x9000 && res_APDU_size > 0) {
|
||||
otp_send_frame(apdu.rdata, apdu.rlen);
|
||||
}
|
||||
_is_otp = false;
|
||||
}
|
||||
memcpy(otp_frame_rx + rseq * 7, buffer, 7);
|
||||
if (rseq == 9) {
|
||||
DEBUG_DATA(otp_frame_rx, sizeof(otp_frame_rx));
|
||||
uint16_t residual_crc = calculate_crc(otp_frame_rx, 64), rcrc = get_uint16_t_le(otp_frame_rx + 65);
|
||||
uint8_t slot_id = otp_frame_rx[64];
|
||||
if (residual_crc == rcrc) {
|
||||
uint8_t hdr[5];
|
||||
apdu.header = hdr;
|
||||
apdu.data = otp_frame_rx;
|
||||
apdu.nc = 64;
|
||||
apdu.rdata = otp_frame_tx;
|
||||
apdu.header[0] = 0;
|
||||
apdu.header[1] = 0x01;
|
||||
apdu.header[2] = slot_id;
|
||||
apdu.header[3] = 0;
|
||||
_is_otp = true;
|
||||
int ret = otp_process_apdu();
|
||||
if (ret == 0x9000 && res_APDU_size > 0) {
|
||||
otp_send_frame(apdu.rdata, apdu.rlen);
|
||||
}
|
||||
_is_otp = false;
|
||||
}
|
||||
else {
|
||||
printf("[OTP] Bad CRC!\n");
|
||||
}
|
||||
else {
|
||||
printf("[OTP] Bad CRC!\n");
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -615,6 +665,7 @@ uint16_t otp_hid_get_report_cb(uint8_t itf,
|
||||
else {
|
||||
res_APDU = buffer;
|
||||
otp_status(true);
|
||||
DEBUG_DATA(buffer, 8);
|
||||
}
|
||||
|
||||
return reqlen;
|
||||
|
||||
@@ -18,7 +18,7 @@
|
||||
#ifndef __VERSION_H_
|
||||
#define __VERSION_H_
|
||||
|
||||
#define PICO_FIDO_VERSION 0x0604
|
||||
#define PICO_FIDO_VERSION 0x0606
|
||||
|
||||
#define PICO_FIDO_VERSION_MAJOR ((PICO_FIDO_VERSION >> 8) & 0xff)
|
||||
#define PICO_FIDO_VERSION_MINOR (PICO_FIDO_VERSION & 0xff)
|
||||
|
||||
@@ -3,5 +3,5 @@
|
||||
source tests/docker_env.sh
|
||||
#run_in_docker rm -rf CMakeFiles
|
||||
run_in_docker mkdir -p build_in_docker
|
||||
run_in_docker -w "$PWD/build_in_docker" cmake -DENABLE_EMULATION=1 ..
|
||||
run_in_docker -w "$PWD/build_in_docker" cmake -DENABLE_EMULATION=1 -DENABLE_EDDSA=1 ..
|
||||
run_in_docker -w "$PWD/build_in_docker" make -j ${NUM_PROC}
|
||||
|
||||
@@ -57,9 +57,8 @@ def test_with_allow_list_after_reset(device, MCRes_DC, GARes_DC):
|
||||
|
||||
device.reset()
|
||||
|
||||
with pytest.raises(CtapError) as e:
|
||||
ga_res = device.doGA(allow_list=allow_list)
|
||||
assert e.value.code == CtapError.ERR.NO_CREDENTIALS
|
||||
# It returns a silent authentication
|
||||
ga_res = device.doGA(allow_list=allow_list)
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -69,7 +69,7 @@ def test_minpin(SetMinPin, MCMinPin):
|
||||
|
||||
def test_minpin_bad_rpid(SetMinPinWrongRpid, MCMinPin):
|
||||
assert not MCMinPin.auth_data.extensions
|
||||
assert "minPinLength" not in MCMinPin.auth_data.extensions
|
||||
#assert "minPinLength" not in MCMinPin.auth_data.extensions
|
||||
|
||||
def test_setminpin(device, SetMinPin, MCMinPin):
|
||||
cfg = FidoConfig(device)
|
||||
|
||||
Reference in New Issue
Block a user