github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-14 18:48:13 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

remove spurious spaces & tabs at end of lines

Browse source
This commit is contained in:
Philippe Teuwen 2019-03-09 08:59:13 +01:00
commit 60f292b18e
249 changed files with 8481 additions and 8481 deletions
Download patch file Download diff file Expand all files Collapse all files

2
client/fido/additional_ca.c
View file

@ -5,7 +5,7 @@
// at your option, any later version. See the LICENSE.txt file for the text of
// the license.
//-----------------------------------------------------------------------------
// CA PEM certificates
// CA PEM certificates
//-----------------------------------------------------------------------------
//

4
client/fido/additional_ca.h
View file

@ -5,7 +5,7 @@
// at your option, any later version. See the LICENSE.txt file for the text of
// the license.
//-----------------------------------------------------------------------------
// CA PEM certificates
// CA PEM certificates
//-----------------------------------------------------------------------------
//
@ -14,7 +14,7 @@
#include <stddef.h>
// Concatenation of all CA certificates in PEM format if available
// Concatenation of all CA certificates in PEM format if available
extern const char additional_ca_pem[];
extern const size_t additional_ca_pem_len;

94
client/fido/cbortools.c
View file

@ -28,7 +28,7 @@ static CborError dumpelm(CborValue *it, bool *got_next, int nestingLevel) {
CborType type = cbor_value_get_type(it);
indent(nestingLevel);
switch (type) {
case CborMapType:
case CborMapType:
case CborArrayType: {
printf(type == CborArrayType ? "Array[" : "Map[");
break;
@ -67,14 +67,14 @@ static CborError dumpelm(CborValue *it, bool *got_next, int nestingLevel) {
case CborTagType: {
CborTag tag;
cbor_value_get_tag(it, &tag);
cbor_value_get_tag(it, &tag);
printf("Tag(%lld)", (long long)tag);
break;
}
case CborSimpleType: {
uint8_t type;
cbor_value_get_simple_type(it, &type);
cbor_value_get_simple_type(it, &type);
printf("simple(%u)", type);
break;
}
@ -118,7 +118,7 @@ static CborError dumpelm(CborValue *it, bool *got_next, int nestingLevel) {
printf("CborInvalidType!!!");
break;
}
return CborNoError;
}
@ -131,7 +131,7 @@ static CborError dumprecursive(uint8_t cmdCode, bool isResponse, CborValue *it,
bool got_next;
switch (type) {
case CborMapType:
case CborMapType:
case CborArrayType: {
// recursive type
CborValue recursed;
@ -189,7 +189,7 @@ int TinyCborInit(uint8_t *data, size_t length, CborValue *cb) {
CborError err = cbor_parser_init(data, length, 0, &parser, cb);
if (err)
return err;
return 0;
}
@ -199,20 +199,20 @@ int TinyCborPrintFIDOPackage(uint8_t cmdCode, bool isResponse, uint8_t *data, si
res = TinyCborInit(data, length, &cb);
if (res)
return res;
CborError err = dumprecursive(cmdCode, isResponse, &cb, false, 0);
if (err) {
fprintf(stderr,
#if __WORDSIZE == 64
#if __WORDSIZE == 64
"CBOR parsing failure at offset %" PRId64 " : %s\n",
#else
"CBOR parsing failure at offset %" PRId32 " : %s\n",
"CBOR parsing failure at offset %" PRId32 " : %s\n",
#endif
cb.ptr - data, cbor_error_string(err));
return 1;
}
}
return 0;
}
@ -220,15 +220,15 @@ int JsonObjElmCount(json_t *elm) {
int res = 0;
const char *key;
json_t *value;
if (!json_is_object(elm))
return 0;
json_object_foreach(elm, key, value) {
if (strlen(key) > 0 && key[0] != '.')
res++;
res++;
}
return res;
}
@ -237,7 +237,7 @@ int JsonToCbor(json_t *elm, CborEncoder *encoder) {
return 1;
int res;
// CBOR map == JSON object
if (json_is_object(elm)) {
CborEncoder map;
@ -246,17 +246,17 @@ int JsonToCbor(json_t *elm, CborEncoder *encoder) {
res = cbor_encoder_create_map(encoder, &map, JsonObjElmCount(elm));
cbor_check(res);
json_object_foreach(elm, key, value) {
if (strlen(key) > 0 && key[0] != '.') {
res = cbor_encode_text_stringz(&map, key);
res = cbor_encode_text_stringz(&map, key);
cbor_check(res);
// RECURSION!
JsonToCbor(value, &map);
}
}
res = cbor_encoder_close_container(encoder, &map);
cbor_check(res);
}
@ -266,15 +266,15 @@ int JsonToCbor(json_t *elm, CborEncoder *encoder) {
size_t index;
json_t *value;
CborEncoder array;
res = cbor_encoder_create_array(encoder, &array, json_array_size(elm));
cbor_check(res);
json_array_foreach(elm, index, value) {
// RECURSION!
JsonToCbor(value, &array);
}
res = cbor_encoder_close_container(encoder, &array);
cbor_check(res);
}
@ -304,15 +304,15 @@ int JsonToCbor(json_t *elm, CborEncoder *encoder) {
return 100;
res = cbor_encode_byte_string(encoder, data, datalen);
cbor_check(res);
cbor_check(res);
} else {
res = cbor_encode_text_stringz(encoder, val);
cbor_check(res);
}
}
return 0;
}
@ -324,7 +324,7 @@ int CborMapGetKeyById(CborParser *parser, CborValue *map, uint8_t *data, size_t
if (cbor_value_get_type(&cb) != CborMapType)
return 1;
err = cbor_value_enter_container(&cb, map);
cbor_check(err);
@ -335,10 +335,10 @@ int CborMapGetKeyById(CborParser *parser, CborValue *map, uint8_t *data, size_t
return 1;
cbor_value_get_int64(map, &indx);
err = cbor_value_advance(map);
cbor_check(err);
if (indx == key)
return 0;
@ -361,17 +361,17 @@ CborError CborGetArrayBinStringValueEx(CborValue *elm, uint8_t *data, size_t max
CborValue array;
if (datalen)
*datalen = 0;
size_t slen = maxdatalen;
size_t totallen = 0;
CborError res = cbor_value_enter_container(elm, &array);
cbor_check(res);
while (!cbor_value_at_end(&array)) {
res = cbor_value_copy_byte_string(&array, &data[totallen], &slen, &array);
cbor_check(res);
totallen += slen;
if (delimeter) {
memcpy(&data[totallen], delimeter, delimeterlen);
@ -386,13 +386,13 @@ CborError CborGetArrayBinStringValueEx(CborValue *elm, uint8_t *data, size_t max
if (datalen)
*datalen = totallen;
return CborNoError;
return CborNoError;
};
CborError CborGetBinStringValue(CborValue *elm, uint8_t *data, size_t maxdatalen, size_t *datalen) {
if (datalen)
*datalen = 0;
size_t slen = maxdatalen;
CborError res = cbor_value_copy_byte_string(elm, data, &slen, elm);
@ -401,24 +401,24 @@ CborError CborGetBinStringValue(CborValue *elm, uint8_t *data, size_t maxdatalen
if (datalen)
*datalen = slen;
return CborNoError;
return CborNoError;
};
CborError CborGetArrayStringValue(CborValue *elm, char *data, size_t maxdatalen, size_t *datalen, char *delimeter) {
CborValue array;
if (datalen)
*datalen = 0;
size_t slen = maxdatalen;
size_t totallen = 0;
CborError res = cbor_value_enter_container(elm, &array);
cbor_check(res);
while (!cbor_value_at_end(&array)) {
res = cbor_value_copy_text_string(&array, &data[totallen], &slen, &array);
cbor_check(res);
totallen += slen;
if (delimeter) {
strcat(data, delimeter);
@ -434,13 +434,13 @@ CborError CborGetArrayStringValue(CborValue *elm, char *data, size_t maxdatalen,
if (datalen)
*datalen = totallen;
return CborNoError;
return CborNoError;
};
CborError CborGetStringValue(CborValue *elm, char *data, size_t maxdatalen, size_t *datalen) {
if (datalen)
*datalen = 0;
size_t slen = maxdatalen;
CborError res = cbor_value_copy_text_string(elm, data, &slen, elm);
@ -449,13 +449,13 @@ CborError CborGetStringValue(CborValue *elm, char *data, size_t maxdatalen, size
if (datalen)
*datalen = slen;
return CborNoError;
return CborNoError;
};
CborError CborGetStringValueBuf(CborValue *elm) {
static char stringBuf[2048];
memset(stringBuf, 0x00, sizeof(stringBuf));
return CborGetStringValue(elm, stringBuf, sizeof(stringBuf), NULL);
};
@ -465,10 +465,10 @@ int CBOREncodeElm(json_t *root, char *rootElmId, CborEncoder *encoder) {
elm = json_path_get(root, rootElmId);
else
elm = json_object_get(root, rootElmId);
if (!elm)
return 1;
int res = JsonToCbor(elm, encoder);
return res;
@ -479,11 +479,11 @@ CborError CBOREncodeClientDataHash(json_t *root, CborEncoder *encoder) {
size_t jlen;
JsonLoadBufAsHex(root, "$.ClientDataHash", buf, sizeof(buf), &jlen);
// fill with 0x00 if not found
if (!jlen)
jlen = 32;
int res = cbor_encode_byte_string(encoder, buf, jlen);
cbor_check(res);

24
client/fido/cose.c
View file

@ -22,13 +22,13 @@ typedef struct {
char *Name;
char *Description;
} COSEValueNameDesc_t;
typedef struct {
int Value;
char *Type;
char *Name;
char *Description;
} COSEValueTypeNameDesc_t;
} COSEValueTypeNameDesc_t;
// kty - Key Type Values
COSEValueNameDesc_t COSEKeyTypeValueDesc[] = {
@ -141,7 +141,7 @@ COSEValueNameDesc_t *GetCOSEAlgElm(int id) {
return &COSEAlg[i];
return NULL;
}
const char *GetCOSEAlgName(int id) {
COSEValueNameDesc_t *elm = GetCOSEAlgElm(id);
if (elm)
@ -164,11 +164,11 @@ int COSEGetECDSAKey(uint8_t *data, size_t datalen, bool verbose, uint8_t *public
if(verbose)
PrintAndLog("----------- CBOR decode ----------------");
// kty
int res = CborMapGetKeyById(&parser, &map, data, datalen, 1);
if(!res) {
cbor_value_get_int64(&map, &i64);
cbor_value_get_int64(&map, &i64);
if(verbose)
PrintAndLog("kty [%lld] %s", (long long)i64, GetCOSEktyDescription(i64));
if (i64 != 2)
@ -178,26 +178,26 @@ int COSEGetECDSAKey(uint8_t *data, size_t datalen, bool verbose, uint8_t *public
// algorithm
res = CborMapGetKeyById(&parser, &map, data, datalen, 3);
if(!res) {
cbor_value_get_int64(&map, &i64);
cbor_value_get_int64(&map, &i64);
if(verbose)
PrintAndLog("algorithm [%lld] %s", (long long)i64, GetCOSEAlgDescription(i64));
if (i64 != -7)
PrintAndLog("ERROR: algorithm must be -7.");
}
// curve
res = CborMapGetKeyById(&parser, &map, data, datalen, -1);
if(!res) {
cbor_value_get_int64(&map, &i64);
cbor_value_get_int64(&map, &i64);
if(verbose)
PrintAndLog("curve [%lld] %s", (long long)i64, GetCOSECurveDescription(i64));
if (i64 != 1)
PrintAndLog("ERROR: curve must be 1.");
}
// plain key
public_key[0] = 0x04;
// x - coordinate
res = CborMapGetKeyById(&parser, &map, data, datalen, -2);
if(!res) {
@ -229,10 +229,10 @@ int COSEGetECDSAKey(uint8_t *data, size_t datalen, bool verbose, uint8_t *public
if(verbose)
PrintAndLog("d - private key [%d]: %s", len, sprint_hex(private_key, len));
}
if(verbose)
PrintAndLog("----------- CBOR decode ----------------");
return 0;
}

154
client/fido/fidocore.c
View file

@ -101,7 +101,7 @@ fido2Desc_t fido2CmdGetInfoRespDesc[] = {
{fido2CmdMakeCredential, ptQuery, 0x07, "options"},
{fido2CmdMakeCredential, ptQuery, 0x08, "pinAuth"},
{fido2CmdMakeCredential, ptQuery, 0x09, "pinProtocol"},
{fido2CmdGetAssertion, ptResponse, 0x01, "credential"},
{fido2CmdGetAssertion, ptResponse, 0x02, "authData"},
{fido2CmdGetAssertion, ptResponse, 0x03, "signature"},
@ -115,12 +115,12 @@ fido2Desc_t fido2CmdGetInfoRespDesc[] = {
{fido2CmdGetAssertion, ptQuery, 0x05, "options"},
{fido2CmdGetAssertion, ptQuery, 0x06, "pinAuth"},
{fido2CmdGetAssertion, ptQuery, 0x07, "pinProtocol"},
{fido2CmdGetNextAssertion, ptResponse, 0x01, "credential"},
{fido2CmdGetNextAssertion, ptResponse, 0x02, "authData"},
{fido2CmdGetNextAssertion, ptResponse, 0x03, "signature"},
{fido2CmdGetNextAssertion, ptResponse, 0x04, "publicKeyCredentialUserEntity"},
{fido2CmdGetInfo, ptResponse, 0x01, "versions"},
{fido2CmdGetInfo, ptResponse, 0x02, "extensions"},
{fido2CmdGetInfo, ptResponse, 0x03, "aaguid"},
@ -140,7 +140,7 @@ fido2Desc_t fido2CmdGetInfoRespDesc[] = {
{fido2CmdClientPIN, ptQuery, 0x06, "pinHashEnc"},
{fido2CmdClientPIN, ptQuery, 0x07, "getKeyAgreement"},
{fido2CmdClientPIN, ptQuery, 0x08, "getRetries"},
{fido2COSEKey, ptResponse, 0x01, "kty"},
{fido2COSEKey, ptResponse, 0x03, "alg"},
{fido2COSEKey, ptResponse, -1, "crv"},
@ -153,7 +153,7 @@ char *fido2GetCmdErrorDescription(uint8_t errorCode) {
for (int i = 0; i < sizeof(fido2Errors) / sizeof(fido2Error_t); i++)
if (fido2Errors[i].ErrorCode == errorCode)
return fido2Errors[i].Description;
return fido2Errors[0].Description;
}
@ -169,7 +169,7 @@ char *fido2GetCmdMemberDescription(uint8_t cmdCode, bool isResponse, int memberN
int FIDOSelect(bool ActivateField, bool LeaveFieldON, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw) {
uint8_t data[] = {0xA0, 0x00, 0x00, 0x06, 0x47, 0x2F, 0x00, 0x01};
return EMVSelect(ECC_CONTACTLESS, ActivateField, LeaveFieldON, data, sizeof(data), Result, MaxResultLen, ResultLen, sw, NULL);
}
@ -183,9 +183,9 @@ int FIDOExchange(sAPDU apdu, uint8_t *Result, size_t MaxResultLen, size_t *Resul
res = EMVExchange(ECC_CONTACTLESS, true, (sAPDU){0x00, 0xC0, 0x00, 0x00, 0x00, NULL}, &Result[oldlen], MaxResultLen - oldlen, ResultLen, sw, NULL);
if (res == 5) // apdu result (sw) not a 0x9000
res = 0;
*ResultLen += oldlen;
if (*ResultLen > MaxResultLen)
if (*ResultLen > MaxResultLen)
return 100;
}
return res;
@ -220,7 +220,7 @@ int FIDO2GetAssertion(uint8_t *params, uint8_t paramslen, uint8_t *Result, size_
int FIDOCheckDERAndGetKey(uint8_t *der, size_t derLen, bool verbose, uint8_t *publicKey, size_t publicKeyMaxLen) {
int res;
// load CA's
mbedtls_x509_crt cacert;
mbedtls_x509_crt_init(&cacert);
@ -228,9 +228,9 @@ int FIDOCheckDERAndGetKey(uint8_t *der, size_t derLen, bool verbose, uint8_t *pu
if (res < 0) {
PrintAndLog("ERROR: CA parse certificate returned -0x%x - %s", -res, ecdsa_get_error(res));
}
if (verbose)
if (verbose)
PrintAndLog("CA load OK. %d skipped", res);
// load DER certificate from authenticator's data
mbedtls_x509_crt cert;
mbedtls_x509_crt_init(&cert);
@ -238,14 +238,14 @@ int FIDOCheckDERAndGetKey(uint8_t *der, size_t derLen, bool verbose, uint8_t *pu
if (res) {
PrintAndLog("ERROR: DER parse returned 0x%x - %s", (res<0)?-res:res, ecdsa_get_error(res));
}
// get certificate info
char linfo[300] = {0};
if (verbose) {
mbedtls_x509_crt_info(linfo, sizeof(linfo), " ", &cert);
PrintAndLog("DER certificate info:\n%s", linfo);
}
// verify certificate
uint32_t verifyflags = 0;
res = mbedtls_x509_crt_verify(&cert, &cacert, NULL, NULL, &verifyflags, NULL, NULL);
@ -254,13 +254,13 @@ int FIDOCheckDERAndGetKey(uint8_t *der, size_t derLen, bool verbose, uint8_t *pu
} else {
PrintAndLog("Certificate OK.\n");
}
if (verbose) {
memset(linfo, 0x00, sizeof(linfo));
mbedtls_x509_crt_verify_info(linfo, sizeof(linfo), " ", verifyflags);
PrintAndLog("Verification info:\n%s", linfo);
}
// get public key
res = ecdsa_public_key_from_pk(&cert.pk, publicKey, publicKeyMaxLen);
if (res) {
@ -275,7 +275,7 @@ int FIDOCheckDERAndGetKey(uint8_t *der, size_t derLen, bool verbose, uint8_t *pu
mbedtls_x509_crt_free(&cert);
mbedtls_x509_crt_free(&cacert);
return 0;
}
@ -291,7 +291,7 @@ int FIDO2CreateMakeCredentionalReq(json_t *root, uint8_t *data, size_t maxdatale
int res;
CborEncoder encoder;
CborEncoder map;
cbor_encoder_init(&encoder, data, maxdatalen, 0);
// create main map
@ -334,31 +334,31 @@ int FIDO2CreateMakeCredentionalReq(json_t *root, uint8_t *data, size_t maxdatale
}
res = cbor_encoder_close_container(&encoder, &map);
fido_check(res);
size_t len = cbor_encoder_get_buffer_size(&encoder, data);
if (datalen)
*datalen = len;
return 0;
}
bool CheckrpIdHash(json_t *json, uint8_t *hash) {
char hashval[300] = {0};
uint8_t hash2[32] = {0};
JsonLoadStr(json, "$.RelyingPartyEntity.id", hashval);
int res = sha256hash((uint8_t *)hashval, strlen(hashval), hash2);
if (res)
return false;
return !memcmp(hash, hash2, 32);
}
// check ANSI X9.62 format ECDSA signature (on P-256)
int FIDO2CheckSignature(json_t *root, uint8_t *publickey, uint8_t *sign, size_t signLen, uint8_t *authData, size_t authDataLen, bool verbose) {
int res;
uint8_t rval[300] = {0};
uint8_t sval[300] = {0};
uint8_t rval[300] = {0};
uint8_t sval[300] = {0};
res = ecdsa_asn1_get_signature(sign, signLen, rval, sval);
if (!res) {
if (verbose) {
@ -372,12 +372,12 @@ int FIDO2CheckSignature(json_t *root, uint8_t *publickey, uint8_t *sign, size_t
if (res || clientDataHashLen != 32) {
PrintAndLog("ERROR: Can't get clientDataHash from json!");
return 2;
}
}
uint8_t xbuf[4096] = {0};
size_t xbuflen = 0;
res = FillBuffer(xbuf, sizeof(xbuf), &xbuflen,
authData, authDataLen, // rpIdHash[32] + flags[1] + signCount[4]
authData, authDataLen, // rpIdHash[32] + flags[1] + signCount[4]
clientDataHash, 32, // Hash of the serialized client data. "$.ClientDataHash" from json
NULL, 0);
//PrintAndLog("--xbuf(%d)[%d]: %s", res, xbuflen, sprint_hex(xbuf, xbuflen));
@ -391,12 +391,12 @@ int FIDO2CheckSignature(json_t *root, uint8_t *publickey, uint8_t *sign, size_t
return res;
} else {
PrintAndLog("Signature is OK.");
}
}
} else {
PrintAndLog("Invalid signature. res=%d.", res);
return res;
}
return 0;
}
@ -407,37 +407,37 @@ int FIDO2MakeCredentionalParseRes(json_t *root, uint8_t *data, size_t dataLen, b
char *buf;
uint8_t *ubuf;
size_t n;
// fmt
res = CborMapGetKeyById(&parser, &map, data, dataLen, 1);
if (res)
return res;
res = cbor_value_dup_text_string(&map, &buf, &n, &map);
cbor_check(res);
PrintAndLog("format: %s", buf);
free(buf);
// authData
uint8_t authData[400] = {0};
uint8_t authData[400] = {0};
size_t authDataLen = 0;
res = CborMapGetKeyById(&parser, &map, data, dataLen, 2);
if (res)
return res;
res = cbor_value_dup_byte_string(&map, &ubuf, &n, &map);
cbor_check(res);
authDataLen = n;
memcpy(authData, ubuf, authDataLen);
memcpy(authData, ubuf, authDataLen);
if (verbose2) {
PrintAndLog("authData[%d]: %s", n, sprint_hex_inrow(authData, authDataLen));
} else {
PrintAndLog("authData[%d]: %s...", n, sprint_hex(authData, MIN(authDataLen, 16)));
}
PrintAndLog("RP ID Hash: %s", sprint_hex(ubuf, 32));
// check RP ID Hash
if (CheckrpIdHash(root, ubuf)) {
PrintAndLog("rpIdHash OK.");
@ -460,17 +460,17 @@ int FIDO2MakeCredentionalParseRes(json_t *root, uint8_t *data, size_t dataLen, b
uint32_t cntr = (uint32_t)bytes_to_num(&ubuf[33], 4);
PrintAndLog("Counter: %d", cntr);
JsonSaveInt(root, "$.AppData.Counter", cntr);
// attestation data
PrintAndLog("AAGUID: %s", sprint_hex(&ubuf[37], 16));
JsonSaveBufAsHexCompact(root, "$.AppData.AAGUID", &ubuf[37], 16);
// Credential ID
uint8_t cridlen = (uint16_t)bytes_to_num(&ubuf[53], 2);
PrintAndLog("Credential id[%d]: %s", cridlen, sprint_hex_inrow(&ubuf[55], cridlen));
JsonSaveInt(root, "$.AppData.CredentialIdLen", cridlen);
JsonSaveBufAsHexCompact(root, "$.AppData.CredentialId", &ubuf[55], cridlen);
//Credentional public key (COSE_KEY)
uint8_t coseKey[65] = {0};
uint16_t cplen = n - 55 - cridlen;
@ -480,14 +480,14 @@ int FIDO2MakeCredentionalParseRes(json_t *root, uint8_t *data, size_t dataLen, b
PrintAndLog("Credentional public key (COSE_KEY)[%d]: %s...", cplen, sprint_hex(&ubuf[55 + cridlen], MIN(cplen, 16)));
}
JsonSaveBufAsHexCompact(root, "$.AppData.COSE_KEY", &ubuf[55 + cridlen], cplen);
if (showCBOR) {
PrintAndLog("COSE structure:");
PrintAndLog("---------------- CBOR ------------------");
TinyCborPrintFIDOPackage(fido2COSEKey, true, &ubuf[55 + cridlen], cplen);
TinyCborPrintFIDOPackage(fido2COSEKey, true, &ubuf[55 + cridlen], cplen);
PrintAndLog("---------------- CBOR ------------------");
}
res = COSEGetECDSAKey(&ubuf[55 + cridlen], cplen, verbose, coseKey);
if (res) {
PrintAndLog("ERROR: Can't get COSE_KEY.");
@ -497,27 +497,27 @@ int FIDO2MakeCredentionalParseRes(json_t *root, uint8_t *data, size_t dataLen, b
}
free(ubuf);
// attStmt - we are check only as DER certificate
int64_t alg = 0;
uint8_t sign[128] = {0};
size_t signLen = 0;
uint8_t der[4097] = {0};
size_t derLen = 0;
res = CborMapGetKeyById(&parser, &map, data, dataLen, 3);
if (res)
return res;
res = cbor_value_enter_container(&map, &mapsmt);
cbor_check(res);
while (!cbor_value_at_end(&mapsmt)) {
char key[100] = {0};
res = CborGetStringValue(&mapsmt, key, sizeof(key), &n);
cbor_check(res);
if (!strcmp(key, "alg")) {
cbor_value_get_int64(&mapsmt, &alg);
cbor_value_get_int64(&mapsmt, &alg);
PrintAndLog("Alg [%lld] %s", (long long)alg, GetCOSEAlgDescription(alg));
res = cbor_value_advance_fixed(&mapsmt);
cbor_check(res);
@ -544,11 +544,11 @@ int FIDO2MakeCredentionalParseRes(json_t *root, uint8_t *data, size_t dataLen, b
PrintAndLog("DER [%d]: %s...", derLen, sprint_hex(der, MIN(derLen, 16)));
}
JsonSaveBufAsHexCompact(root, "$.AppData.DER", der, derLen);
}
}
}
res = cbor_value_leave_container(&map, &mapsmt);
cbor_check(res);
uint8_t public_key[65] = {0};
// print DER certificate in TLV view
@ -562,7 +562,7 @@ int FIDO2MakeCredentionalParseRes(json_t *root, uint8_t *data, size_t dataLen, b
// check ANSI X9.62 format ECDSA signature (on P-256)
FIDO2CheckSignature(root, public_key, sign, signLen, authData, authDataLen, verbose);
return 0;
}
@ -575,7 +575,7 @@ int FIDO2CreateGetAssertionReq(json_t *root, uint8_t *data, size_t maxdatalen, s
int res;
CborEncoder encoder;
CborEncoder map, array, mapint;
cbor_encoder_init(&encoder, data, maxdatalen, 0);
// create main map
@ -605,15 +605,15 @@ int FIDO2CreateGetAssertionReq(json_t *root, uint8_t *data, size_t maxdatalen, s
fido_check_if(res) {
res = cbor_encode_text_stringz(&mapint, "type");
fido_check(res);
res = cbor_encode_text_stringz(&mapint, "public-key");
fido_check(res);
fido_check(res);
res = cbor_encode_text_stringz(&mapint, "id");
fido_check(res);
fido_check(res);
res = CBOREncodeElm(root, "$.AppData.CredentialId", &mapint);
fido_check(res);
fido_check(res);
}
res = cbor_encoder_close_container(&array, &mapint);
fido_check(res);
@ -632,11 +632,11 @@ int FIDO2CreateGetAssertionReq(json_t *root, uint8_t *data, size_t maxdatalen, s
}
res = cbor_encoder_close_container(&encoder, &map);
fido_check(res);
size_t len = cbor_encoder_get_buffer_size(&encoder, data);
if (datalen)
*datalen = len;
return 0;
}
@ -646,7 +646,7 @@ int FIDO2GetAssertionParseRes(json_t *root, uint8_t *data, size_t dataLen, bool
int res;
uint8_t *ubuf;
size_t n;
// credential
res = CborMapGetKeyById(&parser, &map, data, dataLen, 1);
if (res)
@ -654,7 +654,7 @@ int FIDO2GetAssertionParseRes(json_t *root, uint8_t *data, size_t dataLen, bool
res = cbor_value_enter_container(&map, &mapint);
cbor_check(res);
while (!cbor_value_at_end(&mapint)) {
char key[100] = {0};
res = CborGetStringValue(&mapint, key, sizeof(key), &n);
@ -676,27 +676,27 @@ int FIDO2GetAssertionParseRes(json_t *root, uint8_t *data, size_t dataLen, bool
}
res = cbor_value_leave_container(&map, &mapint);
cbor_check(res);
// authData
uint8_t authData[400] = {0};
uint8_t authData[400] = {0};
size_t authDataLen = 0;
res = CborMapGetKeyById(&parser, &map, data, dataLen, 2);
if (res)
return res;
res = cbor_value_dup_byte_string(&map, &ubuf, &n, &map);
cbor_check(res);
authDataLen = n;
memcpy(authData, ubuf, authDataLen);
memcpy(authData, ubuf, authDataLen);
if (verbose2) {
PrintAndLog("authData[%d]: %s", n, sprint_hex_inrow(authData, authDataLen));
} else {
PrintAndLog("authData[%d]: %s...", n, sprint_hex(authData, MIN(authDataLen, 16)));
}
PrintAndLog("RP ID Hash: %s", sprint_hex(ubuf, 32));
// check RP ID Hash
if (CheckrpIdHash(root, ubuf)) {
PrintAndLog("rpIdHash OK.");
@ -719,17 +719,17 @@ int FIDO2GetAssertionParseRes(json_t *root, uint8_t *data, size_t dataLen, bool
uint32_t cntr = (uint32_t)bytes_to_num(&ubuf[33], 4);
PrintAndLog("Counter: %d", cntr);
JsonSaveInt(root, "$.AppData.Counter", cntr);
free(ubuf);
// publicKeyCredentialUserEntity
res = CborMapGetKeyById(&parser, &map, data, dataLen, 4);
if (res) {
if (res) {
PrintAndLog("UserEntity n/a");
} else {
res = cbor_value_enter_container(&map, &mapint);
cbor_check(res);
while (!cbor_value_at_end(&mapint)) {
char key[100] = {0};
res = CborGetStringValue(&mapint, key, sizeof(key), &n);
@ -747,7 +747,7 @@ int FIDO2GetAssertionParseRes(json_t *root, uint8_t *data, size_t dataLen, bool
res = CborGetBinStringValue(&mapint, cid, sizeof(cid), &n);
cbor_check(res);
PrintAndLog("UserEntity id [%d]: %s", n, sprint_hex(cid, n));
// check
uint8_t idbuf[100] = {0};
size_t idbuflen;
@ -764,15 +764,15 @@ int FIDO2GetAssertionParseRes(json_t *root, uint8_t *data, size_t dataLen, bool
res = cbor_value_leave_container(&map, &mapint);
cbor_check(res);
}
// signature
res = CborMapGetKeyById(&parser, &map, data, dataLen, 3);
if (res)
return res;
res = cbor_value_dup_byte_string(&map, &ubuf, &n, &map);
cbor_check(res);
uint8_t *sign = ubuf;
size_t signLen = n;
@ -787,7 +787,7 @@ int FIDO2GetAssertionParseRes(json_t *root, uint8_t *data, size_t dataLen, bool
uint8_t PublicKey[65] = {0};
size_t PublicKeyLen = 0;
JsonLoadBufAsHex(root, "$.AppData.COSEPublicKey", PublicKey, 65, &PublicKeyLen);
// check ANSI X9.62 format ECDSA signature (on P-256)
FIDO2CheckSignature(root, PublicKey, sign, signLen, authData, authDataLen, verbose);
@ -799,9 +799,9 @@ int FIDO2GetAssertionParseRes(json_t *root, uint8_t *data, size_t dataLen, bool
PrintAndLog("numberOfCredentials: 1 by default");
} else {
int64_t numberOfCredentials = 0;
cbor_value_get_int64(&map, &numberOfCredentials);
cbor_value_get_int64(&map, &numberOfCredentials);
PrintAndLog("numberOfCredentials: %lld", (long long)numberOfCredentials);
}
return 0;
}

2
client/fido/fidocore.h
View file

@ -25,7 +25,7 @@ typedef enum {
fido2CmdClientPIN = 0x06,
fido2CmdReset = 0x07,
fido2CmdGetNextAssertion = 0x08,
// another data
fido2COSEKey = 0xF0
} fido2Commands;