Coverage Report

Created: 2024-06-03 09:43

/libfido2/src/credman.c
Line
Count
Source (jump to first uncovered line)
1
/*
2
 * Copyright (c) 2019-2022 Yubico AB. All rights reserved.
3
 * Use of this source code is governed by a BSD-style
4
 * license that can be found in the LICENSE file.
5
 * SPDX-License-Identifier: BSD-2-Clause
6
 */
7
8
#include <openssl/sha.h>
9
10
#include "fido.h"
11
#include "fido/credman.h"
12
#include "fido/es256.h"
13
14
535
#define CMD_CRED_METADATA       0x01
15
600
#define CMD_RP_BEGIN            0x02
16
496
#define CMD_RP_NEXT             0x03
17
2.43k
#define CMD_RK_BEGIN            0x04
18
1.06k
#define CMD_RK_NEXT             0x05
19
3.05k
#define CMD_DELETE_CRED         0x06
20
3.15k
#define CMD_UPDATE_CRED         0x07
21
22
static int
23
credman_grow_array(void **ptr, size_t *n_alloc, const size_t *n_rx, size_t n,
24
    size_t size)
25
1.04k
{
26
1.04k
        void *new_ptr;
27
28
1.04k
#ifdef FIDO_FUZZ
29
1.04k
        if (n > UINT8_MAX) {
30
188
                fido_log_debug("%s: n > UINT8_MAX", __func__);
31
188
                return (-1);
32
188
        }
33
859
#endif
34
35
859
        if (n < *n_alloc)
36
0
                return (0);
37
38
        /* sanity check */
39
859
        if (*n_rx > 0 || *n_rx > *n_alloc || n < *n_alloc) {
40
0
                fido_log_debug("%s: n=%zu, n_rx=%zu, n_alloc=%zu", __func__, n,
41
0
                    *n_rx, *n_alloc);
42
0
                return (-1);
43
0
        }
44
45
859
        if ((new_ptr = recallocarray(*ptr, *n_alloc, n, size)) == NULL)
46
2
                return (-1);
47
48
857
        *ptr = new_ptr;
49
857
        *n_alloc = n;
50
51
857
        return (0);
52
859
}
53
54
static int
55
credman_prepare_hmac(uint8_t cmd, const void *body, cbor_item_t **param,
56
    fido_blob_t *hmac_data)
57
3.24k
{
58
3.24k
        cbor_item_t *param_cbor[3];
59
3.24k
        const fido_cred_t *cred;
60
3.24k
        size_t n;
61
3.24k
        int ok = -1;
62
63
3.24k
        memset(&param_cbor, 0, sizeof(param_cbor));
64
65
3.24k
        if (body == NULL)
66
627
                return (fido_blob_set(hmac_data, &cmd, sizeof(cmd)));
67
68
2.62k
        switch (cmd) {
69
1.08k
        case CMD_RK_BEGIN:
70
1.08k
                n = 1;
71
1.08k
                if ((param_cbor[0] = fido_blob_encode(body)) == NULL) {
72
2
                        fido_log_debug("%s: cbor encode", __func__);
73
2
                        goto fail;
74
2
                }
75
1.08k
                break;
76
1.08k
        case CMD_DELETE_CRED:
77
735
                n = 2;
78
735
                if ((param_cbor[1] = cbor_encode_pubkey(body)) == NULL) {
79
15
                        fido_log_debug("%s: cbor encode", __func__);
80
15
                        goto fail;
81
15
                }
82
720
                break;
83
797
        case CMD_UPDATE_CRED:
84
797
                n = 3;
85
797
                cred = body;
86
797
                param_cbor[1] = cbor_encode_pubkey(&cred->attcred.id);
87
797
                param_cbor[2] = cbor_encode_user_entity(&cred->user);
88
797
                if (param_cbor[1] == NULL || param_cbor[2] == NULL) {
89
25
                        fido_log_debug("%s: cbor encode", __func__);
90
25
                        goto fail;
91
25
                }
92
772
                break;
93
772
        default:
94
0
                fido_log_debug("%s: unknown cmd=0x%02x", __func__, cmd);
95
0
                return (-1);
96
2.62k
        }
97
98
2.57k
        if ((*param = cbor_flatten_vector(param_cbor, n)) == NULL) {
99
13
                fido_log_debug("%s: cbor_flatten_vector", __func__);
100
13
                goto fail;
101
13
        }
102
2.56k
        if (cbor_build_frame(cmd, param_cbor, n, hmac_data) < 0) {
103
23
                fido_log_debug("%s: cbor_build_frame", __func__);
104
23
                goto fail;
105
23
        }
106
107
2.54k
        ok = 0;
108
2.62k
fail:
109
2.62k
        cbor_vector_free(param_cbor, nitems(param_cbor));
110
111
2.62k
        return (ok);
112
2.54k
}
113
114
static uint8_t
115
credman_get_cmd(const fido_dev_t *dev)
116
8.72k
{
117
8.72k
        if (dev->flags & FIDO_DEV_CREDMAN)
118
10
                return (CTAP_CBOR_CRED_MGMT);
119
120
8.71k
        return (CTAP_CBOR_CRED_MGMT_PRE);
121
8.72k
}
122
123
static int
124
credman_tx(fido_dev_t *dev, uint8_t subcmd, const void *param, const char *pin,
125
    const char *rp_id, fido_opt_t uv, int *ms)
126
8.72k
{
127
8.72k
        fido_blob_t      f;
128
8.72k
        fido_blob_t     *ecdh = NULL;
129
8.72k
        fido_blob_t      hmac;
130
8.72k
        es256_pk_t      *pk = NULL;
131
8.72k
        cbor_item_t     *argv[4];
132
8.72k
        const uint8_t    cmd = credman_get_cmd(dev);
133
8.72k
        int              r = FIDO_ERR_INTERNAL;
134
135
8.72k
        memset(&f, 0, sizeof(f));
136
8.72k
        memset(&hmac, 0, sizeof(hmac));
137
8.72k
        memset(&argv, 0, sizeof(argv));
138
139
8.72k
        if (fido_dev_is_fido2(dev) == false) {
140
3.90k
                fido_log_debug("%s: fido_dev_is_fido2", __func__);
141
3.90k
                r = FIDO_ERR_INVALID_COMMAND;
142
3.90k
                goto fail;
143
3.90k
        }
144
145
        /* subCommand */
146
4.81k
        if ((argv[0] = cbor_build_uint8(subcmd)) == NULL) {
147
8
                fido_log_debug("%s: cbor encode", __func__);
148
8
                goto fail;
149
8
        }
150
151
        /* pinProtocol, pinAuth */
152
4.80k
        if (pin != NULL || uv == FIDO_OPT_TRUE) {
153
3.24k
                if (credman_prepare_hmac(subcmd, param, &argv[1], &hmac) < 0) {
154
79
                        fido_log_debug("%s: credman_prepare_hmac", __func__);
155
79
                        goto fail;
156
79
                }
157
3.16k
                if ((r = fido_do_ecdh(dev, &pk, &ecdh, ms)) != FIDO_OK) {
158
1.44k
                        fido_log_debug("%s: fido_do_ecdh", __func__);
159
1.44k
                        goto fail;
160
1.44k
                }
161
1.72k
                if ((r = cbor_add_uv_params(dev, cmd, &hmac, pk, ecdh, pin,
162
1.72k
                    rp_id, &argv[3], &argv[2], ms)) != FIDO_OK) {
163
417
                        fido_log_debug("%s: cbor_add_uv_params", __func__);
164
417
                        goto fail;
165
417
                }
166
1.72k
        }
167
168
        /* framing and transmission */
169
2.87k
        if (cbor_build_frame(cmd, argv, nitems(argv), &f) < 0 ||
170
2.87k
            fido_tx(dev, CTAP_CMD_CBOR, f.ptr, f.len, ms) < 0) {
171
68
                fido_log_debug("%s: fido_tx", __func__);
172
68
                r = FIDO_ERR_TX;
173
68
                goto fail;
174
68
        }
175
176
2.80k
        r = FIDO_OK;
177
8.72k
fail:
178
8.72k
        es256_pk_free(&pk);
179
8.72k
        fido_blob_free(&ecdh);
180
8.72k
        cbor_vector_free(argv, nitems(argv));
181
8.72k
        free(f.ptr);
182
8.72k
        free(hmac.ptr);
183
184
8.72k
        return (r);
185
2.80k
}
186
187
static int
188
credman_parse_metadata(const cbor_item_t *key, const cbor_item_t *val,
189
    void *arg)
190
59
{
191
59
        fido_credman_metadata_t *metadata = arg;
192
193
59
        if (cbor_isa_uint(key) == false ||
194
59
            cbor_int_get_width(key) != CBOR_INT_8) {
195
21
                fido_log_debug("%s: cbor type", __func__);
196
21
                return (0); /* ignore */
197
21
        }
198
199
38
        switch (cbor_get_uint8(key)) {
200
6
        case 1:
201
6
                return (cbor_decode_uint64(val, &metadata->rk_existing));
202
6
        case 2:
203
6
                return (cbor_decode_uint64(val, &metadata->rk_remaining));
204
26
        default:
205
26
                fido_log_debug("%s: cbor type", __func__);
206
26
                return (0); /* ignore */
207
38
        }
208
38
}
209
210
static int
211
credman_rx_metadata(fido_dev_t *dev, fido_credman_metadata_t *metadata, int *ms)
212
36
{
213
36
        unsigned char   *msg;
214
36
        int              msglen;
215
36
        int              r;
216
217
36
        memset(metadata, 0, sizeof(*metadata));
218
219
36
        if ((msg = malloc(FIDO_MAXMSG)) == NULL) {
220
1
                r = FIDO_ERR_INTERNAL;
221
1
                goto out;
222
1
        }
223
224
35
        if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
225
1
                fido_log_debug("%s: fido_rx", __func__);
226
1
                r = FIDO_ERR_RX;
227
1
                goto out;
228
1
        }
229
230
34
        if ((r = cbor_parse_reply(msg, (size_t)msglen, metadata,
231
34
            credman_parse_metadata)) != FIDO_OK) {
232
23
                fido_log_debug("%s: credman_parse_metadata", __func__);
233
23
                goto out;
234
23
        }
235
236
11
        r = FIDO_OK;
237
36
out:
238
36
        freezero(msg, FIDO_MAXMSG);
239
240
36
        return (r);
241
11
}
242
243
static int
244
credman_get_metadata_wait(fido_dev_t *dev, fido_credman_metadata_t *metadata,
245
    const char *pin, int *ms)
246
535
{
247
535
        int r;
248
249
535
        if ((r = credman_tx(dev, CMD_CRED_METADATA, NULL, pin, NULL,
250
535
            FIDO_OPT_TRUE, ms)) != FIDO_OK ||
251
535
            (r = credman_rx_metadata(dev, metadata, ms)) != FIDO_OK)
252
524
                return (r);
253
254
11
        return (FIDO_OK);
255
535
}
256
257
int
258
fido_credman_get_dev_metadata(fido_dev_t *dev, fido_credman_metadata_t *metadata,
259
    const char *pin)
260
535
{
261
535
        int ms = dev->timeout_ms;
262
263
535
        return (credman_get_metadata_wait(dev, metadata, pin, &ms));
264
535
}
265
266
static int
267
credman_parse_rk(const cbor_item_t *key, const cbor_item_t *val, void *arg)
268
5.55k
{
269
5.55k
        fido_cred_t     *cred = arg;
270
5.55k
        uint64_t         prot;
271
272
5.55k
        if (cbor_isa_uint(key) == false ||
273
5.55k
            cbor_int_get_width(key) != CBOR_INT_8) {
274
91
                fido_log_debug("%s: cbor type", __func__);
275
91
                return (0); /* ignore */
276
91
        }
277
278
5.46k
        switch (cbor_get_uint8(key)) {
279
1.26k
        case 6:
280
1.26k
                return (cbor_decode_user(val, &cred->user));
281
1.21k
        case 7:
282
1.21k
                return (cbor_decode_cred_id(val, &cred->attcred.id));
283
1.24k
        case 8:
284
1.24k
                if (cbor_decode_pubkey(val, &cred->attcred.type,
285
1.24k
                    &cred->attcred.pubkey) < 0)
286
440
                        return (-1);
287
804
                cred->type = cred->attcred.type; /* XXX */
288
804
                return (0);
289
670
        case 10:
290
670
                if (cbor_decode_uint64(val, &prot) < 0 || prot > INT_MAX ||
291
670
                    fido_cred_set_prot(cred, (int)prot) != FIDO_OK)
292
104
                        return (-1);
293
566
                return (0);
294
4
        case 11:
295
4
                return (fido_blob_decode(val, &cred->largeblob_key));
296
1.07k
        default:
297
1.07k
                fido_log_debug("%s: cbor type", __func__);
298
1.07k
                return (0); /* ignore */
299
5.46k
        }
300
5.46k
}
301
302
static void
303
credman_reset_rk(fido_credman_rk_t *rk)
304
2.23k
{
305
14.9k
        for (size_t i = 0; i < rk->n_alloc; i++) {
306
12.7k
                fido_cred_reset_tx(&rk->ptr[i]);
307
12.7k
                fido_cred_reset_rx(&rk->ptr[i]);
308
12.7k
        }
309
310
2.23k
        free(rk->ptr);
311
2.23k
        rk->ptr = NULL;
312
2.23k
        memset(rk, 0, sizeof(*rk));
313
2.23k
}
314
315
static int
316
credman_parse_rk_count(const cbor_item_t *key, const cbor_item_t *val,
317
    void *arg)
318
4.11k
{
319
4.11k
        fido_credman_rk_t *rk = arg;
320
4.11k
        uint64_t n;
321
322
        /* totalCredentials */
323
4.11k
        if (cbor_isa_uint(key) == false ||
324
4.11k
            cbor_int_get_width(key) != CBOR_INT_8 ||
325
4.11k
            cbor_get_uint8(key) != 9) {
326
3.27k
                fido_log_debug("%s: cbor_type", __func__);
327
3.27k
                return (0); /* ignore */
328
3.27k
        }
329
330
838
        if (cbor_decode_uint64(val, &n) < 0 || n > SIZE_MAX) {
331
1
                fido_log_debug("%s: cbor_decode_uint64", __func__);
332
1
                return (-1);
333
1
        }
334
335
837
        if (credman_grow_array((void **)&rk->ptr, &rk->n_alloc, &rk->n_rx,
336
837
            (size_t)n, sizeof(*rk->ptr)) < 0) {
337
102
                fido_log_debug("%s: credman_grow_array", __func__);
338
102
                return (-1);
339
102
        }
340
341
735
        return (0);
342
837
}
343
344
static int
345
credman_rx_rk(fido_dev_t *dev, fido_credman_rk_t *rk, int *ms)
346
888
{
347
888
        unsigned char   *msg;
348
888
        int              msglen;
349
888
        int              r;
350
351
888
        credman_reset_rk(rk);
352
353
888
        if ((msg = malloc(FIDO_MAXMSG)) == NULL) {
354
1
                r = FIDO_ERR_INTERNAL;
355
1
                goto out;
356
1
        }
357
358
887
        if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
359
9
                fido_log_debug("%s: fido_rx", __func__);
360
9
                r = FIDO_ERR_RX;
361
9
                goto out;
362
9
        }
363
364
        /* adjust as needed */
365
878
        if ((r = cbor_parse_reply(msg, (size_t)msglen, rk,
366
878
            credman_parse_rk_count)) != FIDO_OK) {
367
144
                fido_log_debug("%s: credman_parse_rk_count", __func__);
368
144
                goto out;
369
144
        }
370
371
734
        if (rk->n_alloc == 0) {
372
4
                fido_log_debug("%s: n_alloc=0", __func__);
373
4
                r = FIDO_OK;
374
4
                goto out;
375
4
        }
376
377
        /* parse the first rk */
378
730
        if ((r = cbor_parse_reply(msg, (size_t)msglen, &rk->ptr[0],
379
730
            credman_parse_rk)) != FIDO_OK) {
380
237
                fido_log_debug("%s: credman_parse_rk", __func__);
381
237
                goto out;
382
237
        }
383
493
        rk->n_rx = 1;
384
385
493
        r = FIDO_OK;
386
888
out:
387
888
        freezero(msg, FIDO_MAXMSG);
388
389
888
        return (r);
390
493
}
391
392
static int
393
credman_rx_next_rk(fido_dev_t *dev, fido_credman_rk_t *rk, int *ms)
394
1.05k
{
395
1.05k
        unsigned char   *msg;
396
1.05k
        int              msglen;
397
1.05k
        int              r;
398
399
1.05k
        if ((msg = malloc(FIDO_MAXMSG)) == NULL) {
400
2
                r = FIDO_ERR_INTERNAL;
401
2
                goto out;
402
2
        }
403
404
1.05k
        if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
405
78
                fido_log_debug("%s: fido_rx", __func__);
406
78
                r = FIDO_ERR_RX;
407
78
                goto out;
408
78
        }
409
410
        /* sanity check */
411
979
        if (rk->n_rx >= rk->n_alloc) {
412
0
                fido_log_debug("%s: n_rx=%zu, n_alloc=%zu", __func__, rk->n_rx,
413
0
                    rk->n_alloc);
414
0
                r = FIDO_ERR_INTERNAL;
415
0
                goto out;
416
0
        }
417
418
979
        if ((r = cbor_parse_reply(msg, (size_t)msglen, &rk->ptr[rk->n_rx],
419
979
            credman_parse_rk)) != FIDO_OK) {
420
396
                fido_log_debug("%s: credman_parse_rk", __func__);
421
396
                goto out;
422
396
        }
423
424
583
        r = FIDO_OK;
425
1.05k
out:
426
1.05k
        freezero(msg, FIDO_MAXMSG);
427
428
1.05k
        return (r);
429
583
}
430
431
static int
432
credman_get_rk_wait(fido_dev_t *dev, const char *rp_id, fido_credman_rk_t *rk,
433
    const char *pin, int *ms)
434
1.34k
{
435
1.34k
        fido_blob_t     rp_dgst;
436
1.34k
        uint8_t         dgst[SHA256_DIGEST_LENGTH];
437
1.34k
        int             r;
438
439
1.34k
        if (SHA256((const unsigned char *)rp_id, strlen(rp_id), dgst) != dgst) {
440
2
                fido_log_debug("%s: sha256", __func__);
441
2
                return (FIDO_ERR_INTERNAL);
442
2
        }
443
444
1.34k
        rp_dgst.ptr = dgst;
445
1.34k
        rp_dgst.len = sizeof(dgst);
446
447
1.34k
        if ((r = credman_tx(dev, CMD_RK_BEGIN, &rp_dgst, pin, rp_id,
448
1.34k
            FIDO_OPT_TRUE, ms)) != FIDO_OK ||
449
1.34k
            (r = credman_rx_rk(dev, rk, ms)) != FIDO_OK)
450
848
                return (r);
451
452
1.08k
        while (rk->n_rx < rk->n_alloc) {
453
1.06k
                if ((r = credman_tx(dev, CMD_RK_NEXT, NULL, NULL, NULL,
454
1.06k
                    FIDO_OPT_FALSE, ms)) != FIDO_OK ||
455
1.06k
                    (r = credman_rx_next_rk(dev, rk, ms)) != FIDO_OK)
456
485
                        return (r);
457
583
                rk->n_rx++;
458
583
        }
459
460
12
        return (FIDO_OK);
461
497
}
462
463
int
464
fido_credman_get_dev_rk(fido_dev_t *dev, const char *rp_id,
465
    fido_credman_rk_t *rk, const char *pin)
466
1.34k
{
467
1.34k
        int ms = dev->timeout_ms;
468
469
1.34k
        return (credman_get_rk_wait(dev, rp_id, rk, pin, &ms));
470
1.34k
}
471
472
static int
473
credman_del_rk_wait(fido_dev_t *dev, const unsigned char *cred_id,
474
    size_t cred_id_len, const char *pin, int *ms)
475
2.33k
{
476
2.33k
        fido_blob_t cred;
477
2.33k
        int r;
478
479
2.33k
        memset(&cred, 0, sizeof(cred));
480
481
2.33k
        if (fido_blob_set(&cred, cred_id, cred_id_len) < 0)
482
10
                return (FIDO_ERR_INVALID_ARGUMENT);
483
484
2.32k
        if ((r = credman_tx(dev, CMD_DELETE_CRED, &cred, pin, NULL,
485
2.32k
            FIDO_OPT_TRUE, ms)) != FIDO_OK ||
486
2.32k
            (r = fido_rx_cbor_status(dev, ms)) != FIDO_OK)
487
2.31k
                goto fail;
488
489
11
        r = FIDO_OK;
490
2.32k
fail:
491
2.32k
        free(cred.ptr);
492
493
2.32k
        return (r);
494
11
}
495
496
int
497
fido_credman_del_dev_rk(fido_dev_t *dev, const unsigned char *cred_id,
498
    size_t cred_id_len, const char *pin)
499
2.33k
{
500
2.33k
        int ms = dev->timeout_ms;
501
502
2.33k
        return (credman_del_rk_wait(dev, cred_id, cred_id_len, pin, &ms));
503
2.33k
}
504
505
static int
506
credman_parse_rp(const cbor_item_t *key, const cbor_item_t *val, void *arg)
507
1.14k
{
508
1.14k
        struct fido_credman_single_rp *rp = arg;
509
510
1.14k
        if (cbor_isa_uint(key) == false ||
511
1.14k
            cbor_int_get_width(key) != CBOR_INT_8) {
512
195
                fido_log_debug("%s: cbor type", __func__);
513
195
                return (0); /* ignore */
514
195
        }
515
516
954
        switch (cbor_get_uint8(key)) {
517
417
        case 3:
518
417
                return (cbor_decode_rp_entity(val, &rp->rp_entity));
519
263
        case 4:
520
263
                return (fido_blob_decode(val, &rp->rp_id_hash));
521
274
        default:
522
274
                fido_log_debug("%s: cbor type", __func__);
523
274
                return (0); /* ignore */
524
954
        }
525
954
}
526
527
static void
528
credman_reset_rp(fido_credman_rp_t *rp)
529
846
{
530
5.68k
        for (size_t i = 0; i < rp->n_alloc; i++) {
531
4.83k
                free(rp->ptr[i].rp_entity.id);
532
4.83k
                free(rp->ptr[i].rp_entity.name);
533
4.83k
                rp->ptr[i].rp_entity.id = NULL;
534
4.83k
                rp->ptr[i].rp_entity.name = NULL;
535
4.83k
                fido_blob_reset(&rp->ptr[i].rp_id_hash);
536
4.83k
        }
537
538
846
        free(rp->ptr);
539
846
        rp->ptr = NULL;
540
846
        memset(rp, 0, sizeof(*rp));
541
846
}
542
543
static int
544
credman_parse_rp_count(const cbor_item_t *key, const cbor_item_t *val,
545
    void *arg)
546
915
{
547
915
        fido_credman_rp_t *rp = arg;
548
915
        uint64_t n;
549
550
        /* totalRPs */
551
915
        if (cbor_isa_uint(key) == false ||
552
915
            cbor_int_get_width(key) != CBOR_INT_8 ||
553
915
            cbor_get_uint8(key) != 5) {
554
704
                fido_log_debug("%s: cbor_type", __func__);
555
704
                return (0); /* ignore */
556
704
        }
557
558
211
        if (cbor_decode_uint64(val, &n) < 0 || n > SIZE_MAX) {
559
1
                fido_log_debug("%s: cbor_decode_uint64", __func__);
560
1
                return (-1);
561
1
        }
562
563
210
        if (credman_grow_array((void **)&rp->ptr, &rp->n_alloc, &rp->n_rx,
564
210
            (size_t)n, sizeof(*rp->ptr)) < 0) {
565
88
                fido_log_debug("%s: credman_grow_array", __func__);
566
88
                return (-1);
567
88
        }
568
569
122
        return (0);
570
210
}
571
572
static int
573
credman_rx_rp(fido_dev_t *dev, fido_credman_rp_t *rp, int *ms)
574
246
{
575
246
        unsigned char   *msg;
576
246
        int              msglen;
577
246
        int              r;
578
579
246
        credman_reset_rp(rp);
580
581
246
        if ((msg = malloc(FIDO_MAXMSG)) == NULL) {
582
2
                r = FIDO_ERR_INTERNAL;
583
2
                goto out;
584
2
        }
585
586
244
        if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
587
4
                fido_log_debug("%s: fido_rx", __func__);
588
4
                r = FIDO_ERR_RX;
589
4
                goto out;
590
4
        }
591
592
        /* adjust as needed */
593
240
        if ((r = cbor_parse_reply(msg, (size_t)msglen, rp,
594
240
            credman_parse_rp_count)) != FIDO_OK) {
595
111
                fido_log_debug("%s: credman_parse_rp_count", __func__);
596
111
                goto out;
597
111
        }
598
599
129
        if (rp->n_alloc == 0) {
600
9
                fido_log_debug("%s: n_alloc=0", __func__);
601
9
                r = FIDO_OK;
602
9
                goto out;
603
9
        }
604
605
        /* parse the first rp */
606
120
        if ((r = cbor_parse_reply(msg, (size_t)msglen, &rp->ptr[0],
607
120
            credman_parse_rp)) != FIDO_OK) {
608
7
                fido_log_debug("%s: credman_parse_rp", __func__);
609
7
                goto out;
610
7
        }
611
113
        rp->n_rx = 1;
612
613
113
        r = FIDO_OK;
614
246
out:
615
246
        freezero(msg, FIDO_MAXMSG);
616
617
246
        return (r);
618
113
}
619
620
static int
621
credman_rx_next_rp(fido_dev_t *dev, fido_credman_rp_t *rp, int *ms)
622
485
{
623
485
        unsigned char   *msg;
624
485
        int              msglen;
625
485
        int              r;
626
627
485
        if ((msg = malloc(FIDO_MAXMSG)) == NULL) {
628
1
                r = FIDO_ERR_INTERNAL;
629
1
                goto out;
630
1
        }
631
632
484
        if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
633
60
                fido_log_debug("%s: fido_rx", __func__);
634
60
                r = FIDO_ERR_RX;
635
60
                goto out;
636
60
        }
637
638
        /* sanity check */
639
424
        if (rp->n_rx >= rp->n_alloc) {
640
0
                fido_log_debug("%s: n_rx=%zu, n_alloc=%zu", __func__, rp->n_rx,
641
0
                    rp->n_alloc);
642
0
                r = FIDO_ERR_INTERNAL;
643
0
                goto out;
644
0
        }
645
646
424
        if ((r = cbor_parse_reply(msg, (size_t)msglen, &rp->ptr[rp->n_rx],
647
424
            credman_parse_rp)) != FIDO_OK) {
648
33
                fido_log_debug("%s: credman_parse_rp", __func__);
649
33
                goto out;
650
33
        }
651
652
391
        r = FIDO_OK;
653
485
out:
654
485
        freezero(msg, FIDO_MAXMSG);
655
656
485
        return (r);
657
391
}
658
659
static int
660
credman_get_rp_wait(fido_dev_t *dev, fido_credman_rp_t *rp, const char *pin,
661
    int *ms)
662
600
{
663
600
        int r;
664
665
600
        if ((r = credman_tx(dev, CMD_RP_BEGIN, NULL, pin, NULL,
666
600
            FIDO_OPT_TRUE, ms)) != FIDO_OK ||
667
600
            (r = credman_rx_rp(dev, rp, ms)) != FIDO_OK)
668
478
                return (r);
669
670
513
        while (rp->n_rx < rp->n_alloc) {
671
496
                if ((r = credman_tx(dev, CMD_RP_NEXT, NULL, NULL, NULL,
672
496
                    FIDO_OPT_FALSE, ms)) != FIDO_OK ||
673
496
                    (r = credman_rx_next_rp(dev, rp, ms)) != FIDO_OK)
674
105
                        return (r);
675
391
                rp->n_rx++;
676
391
        }
677
678
17
        return (FIDO_OK);
679
122
}
680
681
int
682
fido_credman_get_dev_rp(fido_dev_t *dev, fido_credman_rp_t *rp, const char *pin)
683
600
{
684
600
        int ms = dev->timeout_ms;
685
686
600
        return (credman_get_rp_wait(dev, rp, pin, &ms));
687
600
}
688
689
static int
690
credman_set_dev_rk_wait(fido_dev_t *dev, fido_cred_t *cred, const char *pin,
691
    int *ms)
692
2.35k
{
693
2.35k
        int r;
694
695
2.35k
        if ((r = credman_tx(dev, CMD_UPDATE_CRED, cred, pin, NULL,
696
2.35k
            FIDO_OPT_TRUE, ms)) != FIDO_OK ||
697
2.35k
            (r = fido_rx_cbor_status(dev, ms)) != FIDO_OK)
698
2.34k
                return (r);
699
700
8
        return (FIDO_OK);
701
2.35k
}
702
703
int
704
fido_credman_set_dev_rk(fido_dev_t *dev, fido_cred_t *cred, const char *pin)
705
2.35k
{
706
2.35k
        int ms = dev->timeout_ms;
707
708
2.35k
        return (credman_set_dev_rk_wait(dev, cred, pin, &ms));
709
2.35k
}
710
711
fido_credman_rk_t *
712
fido_credman_rk_new(void)
713
1.34k
{
714
1.34k
        return (calloc(1, sizeof(fido_credman_rk_t)));
715
1.34k
}
716
717
void
718
fido_credman_rk_free(fido_credman_rk_t **rk_p)
719
1.34k
{
720
1.34k
        fido_credman_rk_t *rk;
721
722
1.34k
        if (rk_p == NULL || (rk = *rk_p) == NULL)
723
0
                return;
724
725
1.34k
        credman_reset_rk(rk);
726
1.34k
        free(rk);
727
1.34k
        *rk_p = NULL;
728
1.34k
}
729
730
size_t
731
fido_credman_rk_count(const fido_credman_rk_t *rk)
732
4.39k
{
733
4.39k
        return (rk->n_rx);
734
4.39k
}
735
736
const fido_cred_t *
737
fido_credman_rk(const fido_credman_rk_t *rk, size_t idx)
738
2.42k
{
739
2.42k
        if (idx >= rk->n_alloc)
740
621
                return (NULL);
741
742
1.80k
        return (&rk->ptr[idx]);
743
2.42k
}
744
745
fido_credman_metadata_t *
746
fido_credman_metadata_new(void)
747
537
{
748
537
        return (calloc(1, sizeof(fido_credman_metadata_t)));
749
537
}
750
751
void
752
fido_credman_metadata_free(fido_credman_metadata_t **metadata_p)
753
535
{
754
535
        fido_credman_metadata_t *metadata;
755
756
535
        if (metadata_p == NULL || (metadata = *metadata_p) == NULL)
757
0
                return;
758
759
535
        free(metadata);
760
535
        *metadata_p = NULL;
761
535
}
762
763
uint64_t
764
fido_credman_rk_existing(const fido_credman_metadata_t *metadata)
765
535
{
766
535
        return (metadata->rk_existing);
767
535
}
768
769
uint64_t
770
fido_credman_rk_remaining(const fido_credman_metadata_t *metadata)
771
535
{
772
535
        return (metadata->rk_remaining);
773
535
}
774
775
fido_credman_rp_t *
776
fido_credman_rp_new(void)
777
601
{
778
601
        return (calloc(1, sizeof(fido_credman_rp_t)));
779
601
}
780
781
void
782
fido_credman_rp_free(fido_credman_rp_t **rp_p)
783
600
{
784
600
        fido_credman_rp_t *rp;
785
786
600
        if (rp_p == NULL || (rp = *rp_p) == NULL)
787
0
                return;
788
789
600
        credman_reset_rp(rp);
790
600
        free(rp);
791
600
        *rp_p = NULL;
792
600
}
793
794
size_t
795
fido_credman_rp_count(const fido_credman_rp_t *rp)
796
1.70k
{
797
1.70k
        return (rp->n_rx);
798
1.70k
}
799
800
const char *
801
fido_credman_rp_id(const fido_credman_rp_t *rp, size_t idx)
802
1.10k
{
803
1.10k
        if (idx >= rp->n_alloc)
804
487
                return (NULL);
805
806
617
        return (rp->ptr[idx].rp_entity.id);
807
1.10k
}
808
809
const char *
810
fido_credman_rp_name(const fido_credman_rp_t *rp, size_t idx)
811
1.10k
{
812
1.10k
        if (idx >= rp->n_alloc)
813
487
                return (NULL);
814
815
617
        return (rp->ptr[idx].rp_entity.name);
816
1.10k
}
817
818
size_t
819
fido_credman_rp_id_hash_len(const fido_credman_rp_t *rp, size_t idx)
820
1.10k
{
821
1.10k
        if (idx >= rp->n_alloc)
822
487
                return (0);
823
824
617
        return (rp->ptr[idx].rp_id_hash.len);
825
1.10k
}
826
827
const unsigned char *
828
fido_credman_rp_id_hash_ptr(const fido_credman_rp_t *rp, size_t idx)
829
1.10k
{
830
1.10k
        if (idx >= rp->n_alloc)
831
487
                return (NULL);
832
833
617
        return (rp->ptr[idx].rp_id_hash.ptr);
834
1.10k
}