Coverage Report

Created: 2024-06-03 09:43

/libfido2/src/cbor.c
Line
Count
Source (jump to first uncovered line)
1
/*
2
 * Copyright (c) 2018-2022 Yubico AB. All rights reserved.
3
 * Use of this source code is governed by a BSD-style
4
 * license that can be found in the LICENSE file.
5
 * SPDX-License-Identifier: BSD-2-Clause
6
 */
7
8
#include <openssl/hmac.h>
9
#include <openssl/sha.h>
10
#include "fido.h"
11
12
static int
13
check_key_type(cbor_item_t *item)
14
539k
{
15
539k
        if (item->type == CBOR_TYPE_UINT || item->type == CBOR_TYPE_NEGINT ||
16
539k
            item->type == CBOR_TYPE_STRING)
17
539k
                return (0);
18
19
549
        fido_log_debug("%s: invalid type: %d", __func__, item->type);
20
21
549
        return (-1);
22
539k
}
23
24
/*
25
 * Validate CTAP2 canonical CBOR encoding rules for maps.
26
 */
27
static int
28
ctap_check_cbor(cbor_item_t *prev, cbor_item_t *curr)
29
269k
{
30
269k
        size_t  curr_len;
31
269k
        size_t  prev_len;
32
33
269k
        if (check_key_type(prev) < 0 || check_key_type(curr) < 0)
34
549
                return (-1);
35
36
269k
        if (prev->type != curr->type) {
37
19.2k
                if (prev->type < curr->type)
38
18.5k
                        return (0);
39
689
                fido_log_debug("%s: unsorted types", __func__);
40
689
                return (-1);
41
19.2k
        }
42
43
250k
        if (curr->type == CBOR_TYPE_UINT || curr->type == CBOR_TYPE_NEGINT) {
44
163k
                if (cbor_int_get_width(curr) >= cbor_int_get_width(prev) &&
45
163k
                    cbor_get_int(curr) > cbor_get_int(prev))
46
162k
                        return (0);
47
163k
        } else {
48
86.3k
                curr_len = cbor_string_length(curr);
49
86.3k
                prev_len = cbor_string_length(prev);
50
51
86.3k
                if (curr_len > prev_len || (curr_len == prev_len &&
52
22.6k
                    memcmp(cbor_string_handle(prev), cbor_string_handle(curr),
53
22.5k
                    curr_len) < 0))
54
86.0k
                        return (0);
55
86.3k
        }
56
57
1.32k
        fido_log_debug("%s: invalid cbor", __func__);
58
59
1.32k
        return (-1);
60
250k
}
61
62
int
63
cbor_map_iter(const cbor_item_t *item, void *arg, int(*f)(const cbor_item_t *,
64
    const cbor_item_t *, void *))
65
91.8k
{
66
91.8k
        struct cbor_pair        *v;
67
91.8k
        size_t                   n;
68
69
91.8k
        if ((v = cbor_map_handle(item)) == NULL) {
70
347
                fido_log_debug("%s: cbor_map_handle", __func__);
71
347
                return (-1);
72
347
        }
73
74
91.5k
        n = cbor_map_size(item);
75
76
443k
        for (size_t i = 0; i < n; i++) {
77
360k
                if (v[i].key == NULL || v[i].value == NULL) {
78
0
                        fido_log_debug("%s: key=%p, value=%p for i=%zu",
79
0
                            __func__, (void *)v[i].key, (void *)v[i].value, i);
80
0
                        return (-1);
81
0
                }
82
360k
                if (i && ctap_check_cbor(v[i - 1].key, v[i].key) < 0) {
83
2.56k
                        fido_log_debug("%s: ctap_check_cbor", __func__);
84
2.56k
                        return (-1);
85
2.56k
                }
86
357k
                if (f(v[i].key, v[i].value, arg) < 0) {
87
6.15k
                        fido_log_debug("%s: iterator < 0 on i=%zu", __func__,
88
6.15k
                            i);
89
6.15k
                        return (-1);
90
6.15k
                }
91
357k
        }
92
93
82.8k
        return (0);
94
91.5k
}
95
96
int
97
cbor_array_iter(const cbor_item_t *item, void *arg, int(*f)(const cbor_item_t *,
98
    void *))
99
49.5k
{
100
49.5k
        cbor_item_t     **v;
101
49.5k
        size_t            n;
102
103
49.5k
        if ((v = cbor_array_handle(item)) == NULL) {
104
30
                fido_log_debug("%s: cbor_array_handle", __func__);
105
30
                return (-1);
106
30
        }
107
108
49.5k
        n = cbor_array_size(item);
109
110
146k
        for (size_t i = 0; i < n; i++)
111
98.2k
                if (v[i] == NULL || f(v[i], arg) < 0) {
112
1.02k
                        fido_log_debug("%s: iterator < 0 on i=%zu,%p",
113
1.02k
                            __func__, i, (void *)v[i]);
114
1.02k
                        return (-1);
115
1.02k
                }
116
117
48.5k
        return (0);
118
49.5k
}
119
120
int
121
cbor_parse_reply(const unsigned char *blob, size_t blob_len, void *arg,
122
    int(*parser)(const cbor_item_t *, const cbor_item_t *, void *))
123
46.8k
{
124
46.8k
        cbor_item_t             *item = NULL;
125
46.8k
        struct cbor_load_result  cbor;
126
46.8k
        int                      r;
127
128
46.8k
        if (blob_len < 1) {
129
6.56k
                fido_log_debug("%s: blob_len=%zu", __func__, blob_len);
130
6.56k
                r = FIDO_ERR_RX;
131
6.56k
                goto fail;
132
6.56k
        }
133
134
40.3k
        if (blob[0] != FIDO_OK) {
135
1.75k
                fido_log_debug("%s: blob[0]=0x%02x", __func__, blob[0]);
136
1.75k
                r = blob[0];
137
1.75k
                goto fail;
138
1.75k
        }
139
140
38.5k
        if ((item = cbor_load(blob + 1, blob_len - 1, &cbor)) == NULL) {
141
4.10k
                fido_log_debug("%s: cbor_load", __func__);
142
4.10k
                r = FIDO_ERR_RX_NOT_CBOR;
143
4.10k
                goto fail;
144
4.10k
        }
145
146
34.4k
        if (cbor_isa_map(item) == false ||
147
34.4k
            cbor_map_is_definite(item) == false) {
148
670
                fido_log_debug("%s: cbor type", __func__);
149
670
                r = FIDO_ERR_RX_INVALID_CBOR;
150
670
                goto fail;
151
670
        }
152
153
33.7k
        if (cbor_map_iter(item, arg, parser) < 0) {
154
5.61k
                fido_log_debug("%s: cbor_map_iter", __func__);
155
5.61k
                r = FIDO_ERR_RX_INVALID_CBOR;
156
5.61k
                goto fail;
157
5.61k
        }
158
159
28.1k
        r = FIDO_OK;
160
46.8k
fail:
161
46.8k
        if (item != NULL)
162
34.4k
                cbor_decref(&item);
163
164
46.8k
        return (r);
165
28.1k
}
166
167
void
168
cbor_vector_free(cbor_item_t **item, size_t len)
169
59.7k
{
170
282k
        for (size_t i = 0; i < len; i++)
171
222k
                if (item[i] != NULL)
172
108k
                        cbor_decref(&item[i]);
173
59.7k
}
174
175
int
176
cbor_bytestring_copy(const cbor_item_t *item, unsigned char **buf, size_t *len)
177
25.6k
{
178
25.6k
        if (*buf != NULL || *len != 0) {
179
1
                fido_log_debug("%s: dup", __func__);
180
1
                return (-1);
181
1
        }
182
183
25.6k
        if (cbor_isa_bytestring(item) == false ||
184
25.6k
            cbor_bytestring_is_definite(item) == false) {
185
89
                fido_log_debug("%s: cbor type", __func__);
186
89
                return (-1);
187
89
        }
188
189
25.5k
        *len = cbor_bytestring_length(item);
190
25.5k
        if ((*buf = malloc(*len)) == NULL) {
191
109
                *len = 0;
192
109
                return (-1);
193
109
        }
194
195
25.4k
        memcpy(*buf, cbor_bytestring_handle(item), *len);
196
197
25.4k
        return (0);
198
25.5k
}
199
200
int
201
cbor_string_copy(const cbor_item_t *item, char **str)
202
198k
{
203
198k
        size_t len;
204
205
198k
        if (*str != NULL) {
206
1
                fido_log_debug("%s: dup", __func__);
207
1
                return (-1);
208
1
        }
209
210
198k
        if (cbor_isa_string(item) == false ||
211
198k
            cbor_string_is_definite(item) == false) {
212
1.16k
                fido_log_debug("%s: cbor type", __func__);
213
1.16k
                return (-1);
214
1.16k
        }
215
216
197k
        if ((len = cbor_string_length(item)) == SIZE_MAX ||
217
197k
            (*str = malloc(len + 1)) == NULL)
218
493
                return (-1);
219
220
197k
        memcpy(*str, cbor_string_handle(item), len);
221
197k
        (*str)[len] = '\0';
222
223
197k
        return (0);
224
197k
}
225
226
int
227
cbor_add_bytestring(cbor_item_t *item, const char *key,
228
    const unsigned char *value, size_t value_len)
229
60.0k
{
230
60.0k
        struct cbor_pair pair;
231
60.0k
        int ok = -1;
232
233
60.0k
        memset(&pair, 0, sizeof(pair));
234
235
60.0k
        if ((pair.key = cbor_build_string(key)) == NULL ||
236
60.0k
            (pair.value = cbor_build_bytestring(value, value_len)) == NULL) {
237
52
                fido_log_debug("%s: cbor_build", __func__);
238
52
                goto fail;
239
52
        }
240
241
60.0k
        if (!cbor_map_add(item, pair)) {
242
31
                fido_log_debug("%s: cbor_map_add", __func__);
243
31
                goto fail;
244
31
        }
245
246
59.9k
        ok = 0;
247
60.0k
fail:
248
60.0k
        if (pair.key)
249
60.0k
                cbor_decref(&pair.key);
250
60.0k
        if (pair.value)
251
60.0k
                cbor_decref(&pair.value);
252
253
60.0k
        return (ok);
254
59.9k
}
255
256
int
257
cbor_add_string(cbor_item_t *item, const char *key, const char *value)
258
68.9k
{
259
68.9k
        struct cbor_pair pair;
260
68.9k
        int ok = -1;
261
262
68.9k
        memset(&pair, 0, sizeof(pair));
263
264
68.9k
        if ((pair.key = cbor_build_string(key)) == NULL ||
265
68.9k
            (pair.value = cbor_build_string(value)) == NULL) {
266
88
                fido_log_debug("%s: cbor_build", __func__);
267
88
                goto fail;
268
88
        }
269
270
68.8k
        if (!cbor_map_add(item, pair)) {
271
31
                fido_log_debug("%s: cbor_map_add", __func__);
272
31
                goto fail;
273
31
        }
274
275
68.8k
        ok = 0;
276
68.9k
fail:
277
68.9k
        if (pair.key)
278
68.9k
                cbor_decref(&pair.key);
279
68.9k
        if (pair.value)
280
68.8k
                cbor_decref(&pair.value);
281
282
68.9k
        return (ok);
283
68.8k
}
284
285
int
286
cbor_add_bool(cbor_item_t *item, const char *key, fido_opt_t value)
287
2.55k
{
288
2.55k
        struct cbor_pair pair;
289
2.55k
        int ok = -1;
290
291
2.55k
        memset(&pair, 0, sizeof(pair));
292
293
2.55k
        if ((pair.key = cbor_build_string(key)) == NULL ||
294
2.55k
            (pair.value = cbor_build_bool(value == FIDO_OPT_TRUE)) == NULL) {
295
8
                fido_log_debug("%s: cbor_build", __func__);
296
8
                goto fail;
297
8
        }
298
299
2.54k
        if (!cbor_map_add(item, pair)) {
300
5
                fido_log_debug("%s: cbor_map_add", __func__);
301
5
                goto fail;
302
5
        }
303
304
2.54k
        ok = 0;
305
2.55k
fail:
306
2.55k
        if (pair.key)
307
2.55k
                cbor_decref(&pair.key);
308
2.55k
        if (pair.value)
309
2.54k
                cbor_decref(&pair.value);
310
311
2.55k
        return (ok);
312
2.54k
}
313
314
static int
315
cbor_add_uint8(cbor_item_t *item, const char *key, uint8_t value)
316
707
{
317
707
        struct cbor_pair pair;
318
707
        int ok = -1;
319
320
707
        memset(&pair, 0, sizeof(pair));
321
322
707
        if ((pair.key = cbor_build_string(key)) == NULL ||
323
707
            (pair.value = cbor_build_uint8(value)) == NULL) {
324
4
                fido_log_debug("%s: cbor_build", __func__);
325
4
                goto fail;
326
4
        }
327
328
703
        if (!cbor_map_add(item, pair)) {
329
2
                fido_log_debug("%s: cbor_map_add", __func__);
330
2
                goto fail;
331
2
        }
332
333
701
        ok = 0;
334
707
fail:
335
707
        if (pair.key)
336
704
                cbor_decref(&pair.key);
337
707
        if (pair.value)
338
703
                cbor_decref(&pair.value);
339
340
707
        return (ok);
341
701
}
342
343
static int
344
cbor_add_arg(cbor_item_t *item, uint8_t n, cbor_item_t *arg)
345
134k
{
346
134k
        struct cbor_pair pair;
347
134k
        int ok = -1;
348
349
134k
        memset(&pair, 0, sizeof(pair));
350
351
134k
        if (arg == NULL)
352
45.9k
                return (0); /* empty argument */
353
354
88.8k
        if ((pair.key = cbor_build_uint8(n)) == NULL) {
355
174
                fido_log_debug("%s: cbor_build", __func__);
356
174
                goto fail;
357
174
        }
358
359
88.7k
        pair.value = arg;
360
361
88.7k
        if (!cbor_map_add(item, pair)) {
362
176
                fido_log_debug("%s: cbor_map_add", __func__);
363
176
                goto fail;
364
176
        }
365
366
88.5k
        ok = 0;
367
88.8k
fail:
368
88.8k
        if (pair.key)
369
88.7k
                cbor_decref(&pair.key);
370
371
88.8k
        return (ok);
372
88.5k
}
373
374
cbor_item_t *
375
cbor_flatten_vector(cbor_item_t *argv[], size_t argc)
376
39.2k
{
377
39.2k
        cbor_item_t     *map;
378
39.2k
        uint8_t          i;
379
380
39.2k
        if (argc > UINT8_MAX - 1)
381
0
                return (NULL);
382
383
39.2k
        if ((map = cbor_new_definite_map(argc)) == NULL)
384
77
                return (NULL);
385
386
173k
        for (i = 0; i < argc; i++)
387
134k
                if (cbor_add_arg(map, (uint8_t)(i + 1), argv[i]) < 0)
388
350
                        break;
389
390
39.1k
        if (i != argc) {
391
350
                cbor_decref(&map);
392
350
                map = NULL;
393
350
        }
394
395
39.1k
        return (map);
396
39.2k
}
397
398
int
399
cbor_build_frame(uint8_t cmd, cbor_item_t *argv[], size_t argc, fido_blob_t *f)
400
28.7k
{
401
28.7k
        cbor_item_t     *flat = NULL;
402
28.7k
        unsigned char   *cbor = NULL;
403
28.7k
        size_t           cbor_len;
404
28.7k
        size_t           cbor_alloc_len;
405
28.7k
        int              ok = -1;
406
407
28.7k
        if ((flat = cbor_flatten_vector(argv, argc)) == NULL)
408
311
                goto fail;
409
410
28.4k
        cbor_len = cbor_serialize_alloc(flat, &cbor, &cbor_alloc_len);
411
28.4k
        if (cbor_len == 0 || cbor_len == SIZE_MAX) {
412
72
                fido_log_debug("%s: cbor_len=%zu", __func__, cbor_len);
413
72
                goto fail;
414
72
        }
415
416
28.3k
        if ((f->ptr = malloc(cbor_len + 1)) == NULL)
417
49
                goto fail;
418
419
28.3k
        f->len = cbor_len + 1;
420
28.3k
        f->ptr[0] = cmd;
421
28.3k
        memcpy(f->ptr + 1, cbor, f->len - 1);
422
423
28.3k
        ok = 0;
424
28.7k
fail:
425
28.7k
        if (flat != NULL)
426
28.4k
                cbor_decref(&flat);
427
428
28.7k
        free(cbor);
429
430
28.7k
        return (ok);
431
28.3k
}
432
433
cbor_item_t *
434
cbor_encode_rp_entity(const fido_rp_t *rp)
435
2.12k
{
436
2.12k
        cbor_item_t *item = NULL;
437
438
2.12k
        if ((item = cbor_new_definite_map(2)) == NULL)
439
5
                return (NULL);
440
441
2.12k
        if ((rp->id && cbor_add_string(item, "id", rp->id) < 0) ||
442
2.12k
            (rp->name && cbor_add_string(item, "name", rp->name) < 0)) {
443
18
                cbor_decref(&item);
444
18
                return (NULL);
445
18
        }
446
447
2.10k
        return (item);
448
2.12k
}
449
450
cbor_item_t *
451
cbor_encode_user_entity(const fido_user_t *user)
452
2.90k
{
453
2.90k
        cbor_item_t             *item = NULL;
454
2.90k
        const fido_blob_t       *id = &user->id;
455
2.90k
        const char              *display = user->display_name;
456
457
2.90k
        if ((item = cbor_new_definite_map(4)) == NULL)
458
8
                return (NULL);
459
460
2.89k
        if ((id->ptr && cbor_add_bytestring(item, "id", id->ptr, id->len) < 0) ||
461
2.89k
            (user->icon && cbor_add_string(item, "icon", user->icon) < 0) ||
462
2.89k
            (user->name && cbor_add_string(item, "name", user->name) < 0) ||
463
2.89k
            (display && cbor_add_string(item, "displayName", display) < 0)) {
464
54
                cbor_decref(&item);
465
54
                return (NULL);
466
54
        }
467
468
2.84k
        return (item);
469
2.89k
}
470
471
cbor_item_t *
472
cbor_encode_pubkey_param(int cose_alg)
473
2.06k
{
474
2.06k
        cbor_item_t             *item = NULL;
475
2.06k
        cbor_item_t             *body = NULL;
476
2.06k
        struct cbor_pair         alg;
477
2.06k
        int                      ok = -1;
478
479
2.06k
        memset(&alg, 0, sizeof(alg));
480
481
2.06k
        if ((item = cbor_new_definite_array(1)) == NULL ||
482
2.06k
            (body = cbor_new_definite_map(2)) == NULL ||
483
2.06k
            cose_alg > -1 || cose_alg < INT16_MIN)
484
8
                goto fail;
485
486
2.05k
        alg.key = cbor_build_string("alg");
487
488
2.05k
        if (-cose_alg - 1 > UINT8_MAX)
489
409
                alg.value = cbor_build_negint16((uint16_t)(-cose_alg - 1));
490
1.64k
        else
491
1.64k
                alg.value = cbor_build_negint8((uint8_t)(-cose_alg - 1));
492
493
2.05k
        if (alg.key == NULL || alg.value == NULL) {
494
14
                fido_log_debug("%s: cbor_build", __func__);
495
14
                goto fail;
496
14
        }
497
498
2.04k
        if (cbor_map_add(body, alg) == false ||
499
2.04k
            cbor_add_string(body, "type", "public-key") < 0 ||
500
2.04k
            cbor_array_push(item, body) == false)
501
27
                goto fail;
502
503
2.01k
        ok  = 0;
504
2.06k
fail:
505
2.06k
        if (ok < 0) {
506
49
                if (item != NULL) {
507
46
                        cbor_decref(&item);
508
46
                        item = NULL;
509
46
                }
510
49
        }
511
512
2.06k
        if (body != NULL)
513
2.05k
                cbor_decref(&body);
514
2.06k
        if (alg.key != NULL)
515
2.05k
                cbor_decref(&alg.key);
516
2.06k
        if (alg.value != NULL)
517
2.04k
                cbor_decref(&alg.value);
518
519
2.06k
        return (item);
520
2.01k
}
521
522
cbor_item_t *
523
cbor_encode_pubkey(const fido_blob_t *pubkey)
524
56.7k
{
525
56.7k
        cbor_item_t *cbor_key = NULL;
526
527
56.7k
        if ((cbor_key = cbor_new_definite_map(2)) == NULL ||
528
56.7k
            cbor_add_bytestring(cbor_key, "id", pubkey->ptr, pubkey->len) < 0 ||
529
56.7k
            cbor_add_string(cbor_key, "type", "public-key") < 0) {
530
139
                if (cbor_key)
531
115
                        cbor_decref(&cbor_key);
532
139
                return (NULL);
533
139
        }
534
535
56.5k
        return (cbor_key);
536
56.7k
}
537
538
cbor_item_t *
539
cbor_encode_pubkey_list(const fido_blob_array_t *list)
540
1.64k
{
541
1.64k
        cbor_item_t     *array = NULL;
542
1.64k
        cbor_item_t     *key = NULL;
543
544
1.64k
        if ((array = cbor_new_definite_array(list->len)) == NULL)
545
3
                goto fail;
546
547
56.7k
        for (size_t i = 0; i < list->len; i++) {
548
55.2k
                if ((key = cbor_encode_pubkey(&list->ptr[i])) == NULL ||
549
55.2k
                    cbor_array_push(array, key) == false)
550
127
                        goto fail;
551
55.0k
                cbor_decref(&key);
552
55.0k
        }
553
554
1.51k
        return (array);
555
130
fail:
556
130
        if (key != NULL)
557
18
                cbor_decref(&key);
558
130
        if (array != NULL)
559
127
                cbor_decref(&array);
560
561
130
        return (NULL);
562
1.64k
}
563
564
cbor_item_t *
565
cbor_encode_str_array(const fido_str_array_t *a)
566
1.73k
{
567
1.73k
        cbor_item_t     *array = NULL;
568
1.73k
        cbor_item_t     *entry = NULL;
569
570
1.73k
        if ((array = cbor_new_definite_array(a->len)) == NULL)
571
5
                goto fail;
572
573
45.0k
        for (size_t i = 0; i < a->len; i++) {
574
43.6k
                if ((entry = cbor_build_string(a->ptr[i])) == NULL ||
575
43.6k
                    cbor_array_push(array, entry) == false)
576
241
                        goto fail;
577
43.3k
                cbor_decref(&entry);
578
43.3k
        }
579
580
1.48k
        return (array);
581
246
fail:
582
246
        if (entry != NULL)
583
101
                cbor_decref(&entry);
584
246
        if (array != NULL)
585
241
                cbor_decref(&array);
586
587
246
        return (NULL);
588
1.72k
}
589
590
static int
591
cbor_encode_largeblob_key_ext(cbor_item_t *map)
592
641
{
593
641
        if (map == NULL ||
594
641
            cbor_add_bool(map, "largeBlobKey", FIDO_OPT_TRUE) < 0)
595
3
                return (-1);
596
597
638
        return (0);
598
641
}
599
600
cbor_item_t *
601
cbor_encode_cred_ext(const fido_cred_ext_t *ext, const fido_blob_t *blob)
602
1.19k
{
603
1.19k
        cbor_item_t *item = NULL;
604
1.19k
        size_t size = 0;
605
606
1.19k
        if (ext->mask & FIDO_EXT_CRED_BLOB)
607
476
                size++;
608
1.19k
        if (ext->mask & FIDO_EXT_HMAC_SECRET)
609
538
                size++;
610
1.19k
        if (ext->mask & FIDO_EXT_CRED_PROTECT)
611
712
                size++;
612
1.19k
        if (ext->mask & FIDO_EXT_LARGEBLOB_KEY)
613
452
                size++;
614
1.19k
        if (ext->mask & FIDO_EXT_MINPINLEN)
615
343
                size++;
616
617
1.19k
        if (size == 0 || (item = cbor_new_definite_map(size)) == NULL)
618
3
                return (NULL);
619
620
1.18k
        if (ext->mask & FIDO_EXT_CRED_BLOB) {
621
473
                if (cbor_add_bytestring(item, "credBlob", blob->ptr,
622
473
                    blob->len) < 0) {
623
2
                        cbor_decref(&item);
624
2
                        return (NULL);
625
2
                }
626
473
        }
627
1.18k
        if (ext->mask & FIDO_EXT_CRED_PROTECT) {
628
707
                if (ext->prot < 0 || ext->prot > UINT8_MAX ||
629
707
                    cbor_add_uint8(item, "credProtect",
630
707
                    (uint8_t)ext->prot) < 0) {
631
6
                        cbor_decref(&item);
632
6
                        return (NULL);
633
6
                }
634
707
        }
635
1.18k
        if (ext->mask & FIDO_EXT_HMAC_SECRET) {
636
533
                if (cbor_add_bool(item, "hmac-secret", FIDO_OPT_TRUE) < 0) {
637
1
                        cbor_decref(&item);
638
1
                        return (NULL);
639
1
                }
640
533
        }
641
1.18k
        if (ext->mask & FIDO_EXT_LARGEBLOB_KEY) {
642
445
                if (cbor_encode_largeblob_key_ext(item) < 0) {
643
2
                        cbor_decref(&item);
644
2
                        return (NULL);
645
2
                }
646
445
        }
647
1.17k
        if (ext->mask & FIDO_EXT_MINPINLEN) {
648
334
                if (cbor_add_bool(item, "minPinLength", FIDO_OPT_TRUE) < 0) {
649
2
                        cbor_decref(&item);
650
2
                        return (NULL);
651
2
                }
652
334
        }
653
654
1.17k
        return (item);
655
1.17k
}
656
657
cbor_item_t *
658
cbor_encode_cred_opt(fido_opt_t rk, fido_opt_t uv)
659
400
{
660
400
        cbor_item_t *item = NULL;
661
662
400
        if ((item = cbor_new_definite_map(2)) == NULL)
663
1
                return (NULL);
664
399
        if ((rk != FIDO_OPT_OMIT && cbor_add_bool(item, "rk", rk) < 0) ||
665
399
            (uv != FIDO_OPT_OMIT && cbor_add_bool(item, "uv", uv) < 0)) {
666
3
                cbor_decref(&item);
667
3
                return (NULL);
668
3
        }
669
670
396
        return (item);
671
399
}
672
673
cbor_item_t *
674
cbor_encode_assert_opt(fido_opt_t up, fido_opt_t uv)
675
277
{
676
277
        cbor_item_t *item = NULL;
677
678
277
        if ((item = cbor_new_definite_map(2)) == NULL)
679
2
                return (NULL);
680
275
        if ((up != FIDO_OPT_OMIT && cbor_add_bool(item, "up", up) < 0) ||
681
275
            (uv != FIDO_OPT_OMIT && cbor_add_bool(item, "uv", uv) < 0)) {
682
3
                cbor_decref(&item);
683
3
                return (NULL);
684
3
        }
685
686
272
        return (item);
687
275
}
688
689
cbor_item_t *
690
cbor_encode_pin_auth(const fido_dev_t *dev, const fido_blob_t *secret,
691
    const fido_blob_t *data)
692
3.37k
{
693
3.37k
        const EVP_MD    *md = NULL;
694
3.37k
        unsigned char    dgst[SHA256_DIGEST_LENGTH];
695
3.37k
        unsigned int     dgst_len;
696
3.37k
        size_t           outlen;
697
3.37k
        uint8_t          prot;
698
3.37k
        fido_blob_t      key;
699
700
3.37k
        key.ptr = secret->ptr;
701
3.37k
        key.len = secret->len;
702
703
3.37k
        if ((prot = fido_dev_get_pin_protocol(dev)) == 0) {
704
0
                fido_log_debug("%s: fido_dev_get_pin_protocol", __func__);
705
0
                return (NULL);
706
0
        }
707
708
        /* select hmac portion of the shared secret */
709
3.37k
        if (prot == CTAP_PIN_PROTOCOL2 && key.len > 32)
710
37
                key.len = 32;
711
712
3.37k
        if ((md = EVP_sha256()) == NULL || HMAC(md, key.ptr,
713
3.34k
            (int)key.len, data->ptr, data->len, dgst,
714
3.34k
            &dgst_len) == NULL || dgst_len != SHA256_DIGEST_LENGTH)
715
44
                return (NULL);
716
717
3.32k
        outlen = (prot == CTAP_PIN_PROTOCOL1) ? 16 : dgst_len;
718
719
3.32k
        return (cbor_build_bytestring(dgst, outlen));
720
3.37k
}
721
722
cbor_item_t *
723
cbor_encode_pin_opt(const fido_dev_t *dev)
724
21.4k
{
725
21.4k
        uint8_t     prot;
726
727
21.4k
        if ((prot = fido_dev_get_pin_protocol(dev)) == 0) {
728
5.81k
                fido_log_debug("%s: fido_dev_get_pin_protocol", __func__);
729
5.81k
                return (NULL);
730
5.81k
        }
731
732
15.6k
        return (cbor_build_uint8(prot));
733
21.4k
}
734
735
cbor_item_t *
736
cbor_encode_change_pin_auth(const fido_dev_t *dev, const fido_blob_t *secret,
737
    const fido_blob_t *new_pin_enc, const fido_blob_t *pin_hash_enc)
738
44
{
739
44
        unsigned char    dgst[SHA256_DIGEST_LENGTH];
740
44
        unsigned int     dgst_len;
741
44
        cbor_item_t     *item = NULL;
742
44
        const EVP_MD    *md = NULL;
743
44
        HMAC_CTX        *ctx = NULL;
744
44
        fido_blob_t      key;
745
44
        uint8_t          prot;
746
44
        size_t           outlen;
747
748
44
        key.ptr = secret->ptr;
749
44
        key.len = secret->len;
750
751
44
        if ((prot = fido_dev_get_pin_protocol(dev)) == 0) {
752
0
                fido_log_debug("%s: fido_dev_get_pin_protocol", __func__);
753
0
                goto fail;
754
0
        }
755
756
44
        if (prot == CTAP_PIN_PROTOCOL2 && key.len > 32)
757
25
                key.len = 32;
758
759
44
        if ((ctx = HMAC_CTX_new()) == NULL ||
760
44
            (md = EVP_sha256())  == NULL ||
761
44
            HMAC_Init_ex(ctx, key.ptr, (int)key.len, md, NULL) == 0 ||
762
44
            HMAC_Update(ctx, new_pin_enc->ptr, new_pin_enc->len) == 0 ||
763
44
            HMAC_Update(ctx, pin_hash_enc->ptr, pin_hash_enc->len) == 0 ||
764
44
            HMAC_Final(ctx, dgst, &dgst_len) == 0 ||
765
44
            dgst_len != SHA256_DIGEST_LENGTH) {
766
9
                fido_log_debug("%s: HMAC", __func__);
767
9
                goto fail;
768
9
        }
769
770
35
        outlen = (prot == CTAP_PIN_PROTOCOL1) ? 16 : dgst_len;
771
772
35
        if ((item = cbor_build_bytestring(dgst, outlen)) == NULL) {
773
2
                fido_log_debug("%s: cbor_build_bytestring", __func__);
774
2
                goto fail;
775
2
        }
776
777
44
fail:
778
44
        HMAC_CTX_free(ctx);
779
780
44
        return (item);
781
35
}
782
783
static int
784
cbor_encode_hmac_secret_param(const fido_dev_t *dev, cbor_item_t *item,
785
    const fido_blob_t *ecdh, const es256_pk_t *pk, const fido_blob_t *salt)
786
103
{
787
103
        cbor_item_t             *param = NULL;
788
103
        cbor_item_t             *argv[4];
789
103
        struct cbor_pair         pair;
790
103
        fido_blob_t             *enc = NULL;
791
103
        uint8_t                  prot;
792
103
        int                      r;
793
794
103
        memset(argv, 0, sizeof(argv));
795
103
        memset(&pair, 0, sizeof(pair));
796
797
103
        if (item == NULL || ecdh == NULL || pk == NULL || salt->ptr == NULL) {
798
21
                fido_log_debug("%s: ecdh=%p, pk=%p, salt->ptr=%p", __func__,
799
21
                    (const void *)ecdh, (const void *)pk,
800
21
                    (const void *)salt->ptr);
801
21
                r = FIDO_ERR_INTERNAL;
802
21
                goto fail;
803
21
        }
804
805
82
        if (salt->len != 32 && salt->len != 64) {
806
0
                fido_log_debug("%s: salt->len=%zu", __func__, salt->len);
807
0
                r = FIDO_ERR_INTERNAL;
808
0
                goto fail;
809
0
        }
810
811
82
        if ((enc = fido_blob_new()) == NULL ||
812
82
            aes256_cbc_enc(dev, ecdh, salt, enc) < 0) {
813
3
                fido_log_debug("%s: aes256_cbc_enc", __func__);
814
3
                r = FIDO_ERR_INTERNAL;
815
3
                goto fail;
816
3
        }
817
818
79
        if ((prot = fido_dev_get_pin_protocol(dev)) == 0) {
819
0
                fido_log_debug("%s: fido_dev_get_pin_protocol", __func__);
820
0
                r = FIDO_ERR_INTERNAL;
821
0
                goto fail;
822
0
        }
823
824
        /* XXX not pin, but salt */
825
79
        if ((argv[0] = es256_pk_encode(pk, 1)) == NULL ||
826
79
            (argv[1] = fido_blob_encode(enc)) == NULL ||
827
79
            (argv[2] = cbor_encode_pin_auth(dev, ecdh, enc)) == NULL ||
828
79
            (prot != 1 && (argv[3] = cbor_build_uint8(prot)) == NULL)) {
829
6
                fido_log_debug("%s: cbor encode", __func__);
830
6
                r = FIDO_ERR_INTERNAL;
831
6
                goto fail;
832
6
        }
833
834
73
        if ((param = cbor_flatten_vector(argv, nitems(argv))) == NULL) {
835
1
                fido_log_debug("%s: cbor_flatten_vector", __func__);
836
1
                r = FIDO_ERR_INTERNAL;
837
1
                goto fail;
838
1
        }
839
840
72
        if ((pair.key = cbor_build_string("hmac-secret")) == NULL) {
841
1
                fido_log_debug("%s: cbor_build", __func__);
842
1
                r = FIDO_ERR_INTERNAL;
843
1
                goto fail;
844
1
        }
845
846
71
        pair.value = param;
847
848
71
        if (!cbor_map_add(item, pair)) {
849
2
                fido_log_debug("%s: cbor_map_add", __func__);
850
2
                r = FIDO_ERR_INTERNAL;
851
2
                goto fail;
852
2
        }
853
854
69
        r = FIDO_OK;
855
856
103
fail:
857
103
        cbor_vector_free(argv, nitems(argv));
858
859
103
        if (param != NULL)
860
72
                cbor_decref(&param);
861
103
        if (pair.key != NULL)
862
71
                cbor_decref(&pair.key);
863
864
103
        fido_blob_free(&enc);
865
866
103
        return (r);
867
69
}
868
869
cbor_item_t *
870
cbor_encode_assert_ext(fido_dev_t *dev, const fido_assert_ext_t *ext,
871
    const fido_blob_t *ecdh, const es256_pk_t *pk)
872
424
{
873
424
        cbor_item_t *item = NULL;
874
424
        size_t size = 0;
875
876
424
        if (ext->mask & FIDO_EXT_CRED_BLOB)
877
272
                size++;
878
424
        if (ext->mask & FIDO_EXT_HMAC_SECRET)
879
103
                size++;
880
424
        if (ext->mask & FIDO_EXT_LARGEBLOB_KEY)
881
217
                size++;
882
424
        if (size == 0 || (item = cbor_new_definite_map(size)) == NULL)
883
2
                return (NULL);
884
885
422
        if (ext->mask & FIDO_EXT_CRED_BLOB) {
886
270
                if (cbor_add_bool(item, "credBlob", FIDO_OPT_TRUE) < 0) {
887
1
                        cbor_decref(&item);
888
1
                        return (NULL);
889
1
                }
890
270
        }
891
421
        if (ext->mask & FIDO_EXT_HMAC_SECRET) {
892
103
                if (cbor_encode_hmac_secret_param(dev, item, ecdh, pk,
893
103
                    &ext->hmac_salt) < 0) {
894
34
                        cbor_decref(&item);
895
34
                        return (NULL);
896
34
                }
897
103
        }
898
387
        if (ext->mask & FIDO_EXT_LARGEBLOB_KEY) {
899
196
                if (cbor_encode_largeblob_key_ext(item) < 0) {
900
1
                        cbor_decref(&item);
901
1
                        return (NULL);
902
1
                }
903
196
        }
904
905
386
        return (item);
906
387
}
907
908
int
909
cbor_decode_fmt(const cbor_item_t *item, char **fmt)
910
2.56k
{
911
2.56k
        char    *type = NULL;
912
913
2.56k
        if (cbor_string_copy(item, &type) < 0) {
914
10
                fido_log_debug("%s: cbor_string_copy", __func__);
915
10
                return (-1);
916
10
        }
917
918
2.55k
        if (strcmp(type, "packed") && strcmp(type, "fido-u2f") &&
919
2.55k
            strcmp(type, "none") && strcmp(type, "tpm")) {
920
50
                fido_log_debug("%s: type=%s", __func__, type);
921
50
                free(type);
922
50
                return (-1);
923
50
        }
924
925
2.50k
        *fmt = type;
926
927
2.50k
        return (0);
928
2.55k
}
929
930
struct cose_key {
931
        int kty;
932
        int alg;
933
        int crv;
934
};
935
936
static int
937
find_cose_alg(const cbor_item_t *key, const cbor_item_t *val, void *arg)
938
24.1k
{
939
24.1k
        struct cose_key *cose_key = arg;
940
941
24.1k
        if (cbor_isa_uint(key) == true &&
942
24.1k
            cbor_int_get_width(key) == CBOR_INT_8) {
943
10.3k
                switch (cbor_get_uint8(key)) {
944
5.14k
                case 1:
945
5.14k
                        if (cbor_isa_uint(val) == false ||
946
5.14k
                            cbor_get_int(val) > INT_MAX || cose_key->kty != 0) {
947
52
                                fido_log_debug("%s: kty", __func__);
948
52
                                return (-1);
949
52
                        }
950
951
5.09k
                        cose_key->kty = (int)cbor_get_int(val);
952
953
5.09k
                        break;
954
5.10k
                case 3:
955
5.10k
                        if (cbor_isa_negint(val) == false ||
956
5.10k
                            cbor_get_int(val) > INT_MAX || cose_key->alg != 0) {
957
72
                                fido_log_debug("%s: alg", __func__);
958
72
                                return (-1);
959
72
                        }
960
961
5.03k
                        cose_key->alg = -(int)cbor_get_int(val) - 1;
962
963
5.03k
                        break;
964
10.3k
                }
965
13.7k
        } else if (cbor_isa_negint(key) == true &&
966
13.7k
            cbor_int_get_width(key) == CBOR_INT_8) {
967
13.4k
                if (cbor_get_uint8(key) == 0) {
968
                        /* get crv if not rsa, otherwise ignore */
969
4.80k
                        if (cbor_isa_uint(val) == true &&
970
4.80k
                            cbor_get_int(val) <= INT_MAX &&
971
4.80k
                            cose_key->crv == 0)
972
4.61k
                                cose_key->crv = (int)cbor_get_int(val);
973
4.80k
                }
974
13.4k
        }
975
976
24.0k
        return (0);
977
24.1k
}
978
979
static int
980
get_cose_alg(const cbor_item_t *item, int *cose_alg)
981
5.29k
{
982
5.29k
        struct cose_key cose_key;
983
984
5.29k
        memset(&cose_key, 0, sizeof(cose_key));
985
986
5.29k
        *cose_alg = 0;
987
988
5.29k
        if (cbor_isa_map(item) == false ||
989
5.29k
            cbor_map_is_definite(item) == false ||
990
5.29k
            cbor_map_iter(item, &cose_key, find_cose_alg) < 0) {
991
360
                fido_log_debug("%s: cbor type", __func__);
992
360
                return (-1);
993
360
        }
994
995
4.93k
        switch (cose_key.alg) {
996
3.75k
        case COSE_ES256:
997
3.75k
                if (cose_key.kty != COSE_KTY_EC2 ||
998
3.75k
                    cose_key.crv != COSE_P256) {
999
86
                        fido_log_debug("%s: invalid kty/crv", __func__);
1000
86
                        return (-1);
1001
86
                }
1002
3.66k
                break;
1003
3.66k
        case COSE_ES384:
1004
241
                if (cose_key.kty != COSE_KTY_EC2 ||
1005
241
                    cose_key.crv != COSE_P384) {
1006
8
                        fido_log_debug("%s: invalid kty/crv", __func__);
1007
8
                        return (-1);
1008
8
                }
1009
233
                break;
1010
648
        case COSE_EDDSA:
1011
648
                if (cose_key.kty != COSE_KTY_OKP ||
1012
648
                    cose_key.crv != COSE_ED25519) {
1013
107
                        fido_log_debug("%s: invalid kty/crv", __func__);
1014
107
                        return (-1);
1015
107
                }
1016
541
                break;
1017
541
        case COSE_RS256:
1018
191
                if (cose_key.kty != COSE_KTY_RSA) {
1019
3
                        fido_log_debug("%s: invalid kty/crv", __func__);
1020
3
                        return (-1);
1021
3
                }
1022
188
                break;
1023
188
        default:
1024
95
                fido_log_debug("%s: unknown alg %d", __func__, cose_key.alg);
1025
1026
95
                return (-1);
1027
4.93k
        }
1028
1029
4.63k
        *cose_alg = cose_key.alg;
1030
1031
4.63k
        return (0);
1032
4.93k
}
1033
1034
int
1035
cbor_decode_pubkey(const cbor_item_t *item, int *type, void *key)
1036
5.29k
{
1037
5.29k
        if (get_cose_alg(item, type) < 0) {
1038
659
                fido_log_debug("%s: get_cose_alg", __func__);
1039
659
                return (-1);
1040
659
        }
1041
1042
4.63k
        switch (*type) {
1043
3.66k
        case COSE_ES256:
1044
3.66k
                if (es256_pk_decode(item, key) < 0) {
1045
57
                        fido_log_debug("%s: es256_pk_decode", __func__);
1046
57
                        return (-1);
1047
57
                }
1048
3.61k
                break;
1049
3.61k
        case COSE_ES384:
1050
233
                if (es384_pk_decode(item, key) < 0) {
1051
14
                        fido_log_debug("%s: es384_pk_decode", __func__);
1052
14
                        return (-1);
1053
14
                }
1054
219
                break;
1055
219
        case COSE_RS256:
1056
188
                if (rs256_pk_decode(item, key) < 0) {
1057
21
                        fido_log_debug("%s: rs256_pk_decode", __func__);
1058
21
                        return (-1);
1059
21
                }
1060
167
                break;
1061
541
        case COSE_EDDSA:
1062
541
                if (eddsa_pk_decode(item, key) < 0) {
1063
16
                        fido_log_debug("%s: eddsa_pk_decode", __func__);
1064
16
                        return (-1);
1065
16
                }
1066
525
                break;
1067
525
        default:
1068
0
                fido_log_debug("%s: invalid cose_alg %d", __func__, *type);
1069
0
                return (-1);
1070
4.63k
        }
1071
1072
4.52k
        return (0);
1073
4.63k
}
1074
1075
static int
1076
decode_attcred(const unsigned char **buf, size_t *len, int cose_alg,
1077
    fido_attcred_t *attcred)
1078
4.28k
{
1079
4.28k
        cbor_item_t             *item = NULL;
1080
4.28k
        struct cbor_load_result  cbor;
1081
4.28k
        uint16_t                 id_len;
1082
4.28k
        int                      ok = -1;
1083
1084
4.28k
        fido_log_xxd(*buf, *len, "%s", __func__);
1085
1086
4.28k
        if (fido_buf_read(buf, len, &attcred->aaguid,
1087
4.28k
            sizeof(attcred->aaguid)) < 0) {
1088
5
                fido_log_debug("%s: fido_buf_read aaguid", __func__);
1089
5
                return (-1);
1090
5
        }
1091
1092
4.28k
        if (fido_buf_read(buf, len, &id_len, sizeof(id_len)) < 0) {
1093
2
                fido_log_debug("%s: fido_buf_read id_len", __func__);
1094
2
                return (-1);
1095
2
        }
1096
1097
4.28k
        attcred->id.len = (size_t)be16toh(id_len);
1098
4.28k
        if ((attcred->id.ptr = malloc(attcred->id.len)) == NULL)
1099
8
                return (-1);
1100
1101
4.27k
        fido_log_debug("%s: attcred->id.len=%zu", __func__, attcred->id.len);
1102
1103
4.27k
        if (fido_buf_read(buf, len, attcred->id.ptr, attcred->id.len) < 0) {
1104
98
                fido_log_debug("%s: fido_buf_read id", __func__);
1105
98
                return (-1);
1106
98
        }
1107
1108
4.17k
        if ((item = cbor_load(*buf, *len, &cbor)) == NULL) {
1109
129
                fido_log_debug("%s: cbor_load", __func__);
1110
129
                goto fail;
1111
129
        }
1112
1113
4.04k
        if (cbor_decode_pubkey(item, &attcred->type, &attcred->pubkey) < 0) {
1114
327
                fido_log_debug("%s: cbor_decode_pubkey", __func__);
1115
327
                goto fail;
1116
327
        }
1117
1118
3.71k
        if (attcred->type != cose_alg) {
1119
800
                fido_log_debug("%s: cose_alg mismatch (%d != %d)", __func__,
1120
800
                    attcred->type, cose_alg);
1121
800
                goto fail;
1122
800
        }
1123
1124
2.91k
        *buf += cbor.read;
1125
2.91k
        *len -= cbor.read;
1126
1127
2.91k
        ok = 0;
1128
4.17k
fail:
1129
4.17k
        if (item != NULL)
1130
4.04k
                cbor_decref(&item);
1131
1132
4.17k
        return (ok);
1133
2.91k
}
1134
1135
static int
1136
decode_attobj(const cbor_item_t *key, const cbor_item_t *val, void *arg)
1137
4.67k
{
1138
4.67k
        fido_cred_t *cred = arg;
1139
4.67k
        char *name = NULL;
1140
4.67k
        int ok = -1;
1141
1142
4.67k
        if (cbor_string_copy(key, &name) < 0) {
1143
34
                fido_log_debug("%s: cbor type", __func__);
1144
34
                ok = 0; /* ignore */
1145
34
                goto fail;
1146
34
        }
1147
1148
4.64k
        if (!strcmp(name, "fmt")) {
1149
1.61k
                if (cbor_decode_fmt(val, &cred->fmt) < 0) {
1150
27
                        fido_log_debug("%s: cbor_decode_fmt", __func__);
1151
27
                        goto fail;
1152
27
                }
1153
3.02k
        } else if (!strcmp(name, "attStmt")) {
1154
1.58k
                if (cbor_decode_attstmt(val, &cred->attstmt) < 0) {
1155
49
                        fido_log_debug("%s: cbor_decode_attstmt", __func__);
1156
49
                        goto fail;
1157
49
                }
1158
1.58k
        } else if (!strcmp(name, "authData")) {
1159
1.40k
                if (fido_blob_decode(val, &cred->authdata_raw) < 0) {
1160
4
                        fido_log_debug("%s: fido_blob_decode", __func__);
1161
4
                        goto fail;
1162
4
                }
1163
1.39k
                if (cbor_decode_cred_authdata(val, cred->type,
1164
1.39k
                    &cred->authdata_cbor, &cred->authdata, &cred->attcred,
1165
1.39k
                    &cred->authdata_ext) < 0) {
1166
1.17k
                        fido_log_debug("%s: cbor_decode_cred_authdata",
1167
1.17k
                            __func__);
1168
1.17k
                        goto fail;
1169
1.17k
                }
1170
1.39k
        }
1171
1172
3.38k
        ok = 0;
1173
4.67k
fail:
1174
4.67k
        free(name);
1175
1176
4.67k
        return (ok);
1177
3.38k
}
1178
1179
/* XXX introduce fido_attobj_t? */
1180
int
1181
cbor_decode_attobj(const cbor_item_t *item, fido_cred_t *cred)
1182
1.65k
{
1183
1.65k
        if (cbor_isa_map(item) == false ||
1184
1.65k
            cbor_map_is_definite(item) == false ||
1185
1.65k
            cbor_map_iter(item, cred, decode_attobj) < 0) {
1186
1.40k
                fido_log_debug("%s: cbor type", __func__);
1187
1.40k
                return (-1);
1188
1.40k
        }
1189
1190
247
        return (0);
1191
1.65k
}
1192
1193
static int
1194
decode_cred_extension(const cbor_item_t *key, const cbor_item_t *val, void *arg)
1195
146
{
1196
146
        fido_cred_ext_t *authdata_ext = arg;
1197
146
        char            *type = NULL;
1198
146
        int              ok = -1;
1199
1200
146
        if (cbor_string_copy(key, &type) < 0) {
1201
23
                fido_log_debug("%s: cbor type", __func__);
1202
23
                ok = 0; /* ignore */
1203
23
                goto out;
1204
23
        }
1205
1206
123
        if (strcmp(type, "hmac-secret") == 0) {
1207
34
                if (cbor_decode_bool(val, NULL) < 0) {
1208
9
                        fido_log_debug("%s: cbor_decode_bool", __func__);
1209
9
                        goto out;
1210
9
                }
1211
25
                if (cbor_ctrl_value(val) == CBOR_CTRL_TRUE)
1212
16
                        authdata_ext->mask |= FIDO_EXT_HMAC_SECRET;
1213
89
        } else if (strcmp(type, "credProtect") == 0) {
1214
39
                if (cbor_isa_uint(val) == false ||
1215
39
                    cbor_int_get_width(val) != CBOR_INT_8) {
1216
8
                        fido_log_debug("%s: cbor type", __func__);
1217
8
                        goto out;
1218
8
                }
1219
31
                authdata_ext->mask |= FIDO_EXT_CRED_PROTECT;
1220
31
                authdata_ext->prot = cbor_get_uint8(val);
1221
50
        } else if (strcmp(type, "credBlob") == 0) {
1222
14
                if (cbor_decode_bool(val, NULL) < 0) {
1223
2
                        fido_log_debug("%s: cbor_decode_bool", __func__);
1224
2
                        goto out;
1225
2
                }
1226
12
                if (cbor_ctrl_value(val) == CBOR_CTRL_TRUE)
1227
6
                        authdata_ext->mask |= FIDO_EXT_CRED_BLOB;
1228
36
        } else if (strcmp(type, "minPinLength") == 0) {
1229
24
                if (cbor_isa_uint(val) == false ||
1230
24
                    cbor_int_get_width(val) != CBOR_INT_8) {
1231
15
                        fido_log_debug("%s: cbor type", __func__);
1232
15
                        goto out;
1233
15
                }
1234
9
                authdata_ext->mask |= FIDO_EXT_MINPINLEN;
1235
9
                authdata_ext->minpinlen = cbor_get_uint8(val);
1236
9
        }
1237
1238
89
        ok = 0;
1239
146
out:
1240
146
        free(type);
1241
1242
146
        return (ok);
1243
89
}
1244
1245
static int
1246
decode_cred_extensions(const unsigned char **buf, size_t *len,
1247
    fido_cred_ext_t *authdata_ext)
1248
142
{
1249
142
        cbor_item_t             *item = NULL;
1250
142
        struct cbor_load_result  cbor;
1251
142
        int                      ok = -1;
1252
1253
142
        memset(authdata_ext, 0, sizeof(*authdata_ext));
1254
1255
142
        fido_log_xxd(*buf, *len, "%s", __func__);
1256
1257
142
        if ((item = cbor_load(*buf, *len, &cbor)) == NULL) {
1258
19
                fido_log_debug("%s: cbor_load", __func__);
1259
19
                goto fail;
1260
19
        }
1261
1262
123
        if (cbor_isa_map(item) == false ||
1263
123
            cbor_map_is_definite(item) == false ||
1264
123
            cbor_map_iter(item, authdata_ext, decode_cred_extension) < 0) {
1265
41
                fido_log_debug("%s: cbor type", __func__);
1266
41
                goto fail;
1267
41
        }
1268
1269
82
        *buf += cbor.read;
1270
82
        *len -= cbor.read;
1271
1272
82
        ok = 0;
1273
142
fail:
1274
142
        if (item != NULL)
1275
123
                cbor_decref(&item);
1276
1277
142
        return (ok);
1278
82
}
1279
1280
static int
1281
decode_assert_extension(const cbor_item_t *key, const cbor_item_t *val,
1282
    void *arg)
1283
454
{
1284
454
        fido_assert_extattr_t   *authdata_ext = arg;
1285
454
        char                    *type = NULL;
1286
454
        int                      ok = -1;
1287
1288
454
        if (cbor_string_copy(key, &type) < 0) {
1289
47
                fido_log_debug("%s: cbor type", __func__);
1290
47
                ok = 0; /* ignore */
1291
47
                goto out;
1292
47
        }
1293
1294
407
        if (strcmp(type, "hmac-secret") == 0) {
1295
238
                if (fido_blob_decode(val, &authdata_ext->hmac_secret_enc) < 0) {
1296
12
                        fido_log_debug("%s: fido_blob_decode", __func__);
1297
12
                        goto out;
1298
12
                }
1299
226
                authdata_ext->mask |= FIDO_EXT_HMAC_SECRET;
1300
226
        } else if (strcmp(type, "credBlob") == 0) {
1301
109
                if (fido_blob_decode(val, &authdata_ext->blob) < 0) {
1302
1
                        fido_log_debug("%s: fido_blob_decode", __func__);
1303
1
                        goto out;
1304
1
                }
1305
108
                authdata_ext->mask |= FIDO_EXT_CRED_BLOB;
1306
108
        }
1307
1308
394
        ok = 0;
1309
454
out:
1310
454
        free(type);
1311
1312
454
        return (ok);
1313
394
}
1314
1315
static int
1316
decode_assert_extensions(const unsigned char **buf, size_t *len,
1317
    fido_assert_extattr_t *authdata_ext)
1318
871
{
1319
871
        cbor_item_t             *item = NULL;
1320
871
        struct cbor_load_result  cbor;
1321
871
        int                      ok = -1;
1322
1323
871
        fido_log_xxd(*buf, *len, "%s", __func__);
1324
1325
871
        if ((item = cbor_load(*buf, *len, &cbor)) == NULL) {
1326
207
                fido_log_debug("%s: cbor_load", __func__);
1327
207
                goto fail;
1328
207
        }
1329
1330
664
        if (cbor_isa_map(item) == false ||
1331
664
            cbor_map_is_definite(item) == false ||
1332
664
            cbor_map_iter(item, authdata_ext, decode_assert_extension) < 0) {
1333
251
                fido_log_debug("%s: cbor type", __func__);
1334
251
                goto fail;
1335
251
        }
1336
1337
413
        *buf += cbor.read;
1338
413
        *len -= cbor.read;
1339
1340
413
        ok = 0;
1341
871
fail:
1342
871
        if (item != NULL)
1343
664
                cbor_decref(&item);
1344
1345
871
        return (ok);
1346
413
}
1347
1348
int
1349
cbor_decode_cred_authdata(const cbor_item_t *item, int cose_alg,
1350
    fido_blob_t *authdata_cbor, fido_authdata_t *authdata,
1351
    fido_attcred_t *attcred, fido_cred_ext_t *authdata_ext)
1352
4.38k
{
1353
4.38k
        const unsigned char     *buf = NULL;
1354
4.38k
        size_t                   len;
1355
4.38k
        size_t                   alloc_len;
1356
1357
4.38k
        if (cbor_isa_bytestring(item) == false ||
1358
4.38k
            cbor_bytestring_is_definite(item) == false) {
1359
0
                fido_log_debug("%s: cbor type", __func__);
1360
0
                return (-1);
1361
0
        }
1362
1363
4.38k
        if (authdata_cbor->ptr != NULL ||
1364
4.38k
            (authdata_cbor->len = cbor_serialize_alloc(item,
1365
4.38k
            &authdata_cbor->ptr, &alloc_len)) == 0) {
1366
69
                fido_log_debug("%s: cbor_serialize_alloc", __func__);
1367
69
                return (-1);
1368
69
        }
1369
1370
4.31k
        buf = cbor_bytestring_handle(item);
1371
4.31k
        len = cbor_bytestring_length(item);
1372
4.31k
        fido_log_xxd(buf, len, "%s", __func__);
1373
1374
4.31k
        if (fido_buf_read(&buf, &len, authdata, sizeof(*authdata)) < 0) {
1375
14
                fido_log_debug("%s: fido_buf_read", __func__);
1376
14
                return (-1);
1377
14
        }
1378
1379
4.29k
        authdata->sigcount = be32toh(authdata->sigcount);
1380
1381
4.29k
        if (attcred != NULL) {
1382
4.29k
                if ((authdata->flags & CTAP_AUTHDATA_ATT_CRED) == 0 ||
1383
4.29k
                    decode_attcred(&buf, &len, cose_alg, attcred) < 0)
1384
1.38k
                        return (-1);
1385
4.29k
        }
1386
1387
2.91k
        if (authdata_ext != NULL) {
1388
2.91k
                if ((authdata->flags & CTAP_AUTHDATA_EXT_DATA) != 0 &&
1389
2.91k
                    decode_cred_extensions(&buf, &len, authdata_ext) < 0)
1390
60
                        return (-1);
1391
2.91k
        }
1392
1393
        /* XXX we should probably ensure that len == 0 at this point */
1394
1395
2.85k
        return (FIDO_OK);
1396
2.91k
}
1397
1398
int
1399
cbor_decode_assert_authdata(const cbor_item_t *item, fido_blob_t *authdata_cbor,
1400
    fido_authdata_t *authdata, fido_assert_extattr_t *authdata_ext)
1401
3.77k
{
1402
3.77k
        const unsigned char     *buf = NULL;
1403
3.77k
        size_t                   len;
1404
3.77k
        size_t                   alloc_len;
1405
1406
3.77k
        if (cbor_isa_bytestring(item) == false ||
1407
3.77k
            cbor_bytestring_is_definite(item) == false) {
1408
0
                fido_log_debug("%s: cbor type", __func__);
1409
0
                return (-1);
1410
0
        }
1411
1412
3.77k
        if (authdata_cbor->ptr != NULL ||
1413
3.77k
            (authdata_cbor->len = cbor_serialize_alloc(item,
1414
3.77k
            &authdata_cbor->ptr, &alloc_len)) == 0) {
1415
23
                fido_log_debug("%s: cbor_serialize_alloc", __func__);
1416
23
                return (-1);
1417
23
        }
1418
1419
3.75k
        buf = cbor_bytestring_handle(item);
1420
3.75k
        len = cbor_bytestring_length(item);
1421
1422
3.75k
        fido_log_debug("%s: buf=%p, len=%zu", __func__, (const void *)buf, len);
1423
1424
3.75k
        if (fido_buf_read(&buf, &len, authdata, sizeof(*authdata)) < 0) {
1425
6
                fido_log_debug("%s: fido_buf_read", __func__);
1426
6
                return (-1);
1427
6
        }
1428
1429
3.74k
        authdata->sigcount = be32toh(authdata->sigcount);
1430
1431
3.74k
        if ((authdata->flags & CTAP_AUTHDATA_EXT_DATA) != 0) {
1432
871
                if (decode_assert_extensions(&buf, &len, authdata_ext) < 0) {
1433
458
                        fido_log_debug("%s: decode_assert_extensions",
1434
458
                            __func__);
1435
458
                        return (-1);
1436
458
                }
1437
871
        }
1438
1439
        /* XXX we should probably ensure that len == 0 at this point */
1440
1441
3.28k
        return (FIDO_OK);
1442
3.74k
}
1443
1444
static int
1445
decode_x5c(const cbor_item_t *item, void *arg)
1446
3.24k
{
1447
3.24k
        fido_blob_array_t *x5c = arg;
1448
3.24k
        fido_blob_t *list_ptr = NULL;
1449
3.24k
        fido_blob_t x5c_blob;
1450
1451
3.24k
        memset(&x5c_blob, 0, sizeof(x5c_blob));
1452
1453
3.24k
        if (fido_blob_decode(item, &x5c_blob) < 0) {
1454
24
                fido_log_debug("%s: fido_blob_decode", __func__);
1455
24
                return (-1);
1456
24
        }
1457
1458
3.21k
        if (x5c->len == SIZE_MAX) {
1459
0
                fido_blob_reset(&x5c_blob);
1460
0
                return (-1);
1461
0
        }
1462
1463
3.21k
        if ((list_ptr = recallocarray(x5c->ptr, x5c->len,
1464
3.21k
            x5c->len + 1, sizeof(x5c_blob))) == NULL) {
1465
9
                fido_blob_reset(&x5c_blob);
1466
9
                return (-1);
1467
9
        }
1468
1469
3.21k
        list_ptr[x5c->len++] = x5c_blob;
1470
3.21k
        x5c->ptr = list_ptr;
1471
1472
3.21k
        return (0);
1473
3.21k
}
1474
1475
static int
1476
decode_x5c_array(const cbor_item_t *item, fido_blob_array_t *arr)
1477
3.07k
{
1478
3.07k
        if (arr->len) {
1479
0
                fido_log_debug("%s: dup", __func__);
1480
0
                return (-1);
1481
0
        }
1482
3.07k
        if (cbor_isa_array(item) == false ||
1483
3.07k
            cbor_array_is_definite(item) == false) {
1484
6
                fido_log_debug("%s: cbor", __func__);
1485
6
                return (-1);
1486
6
        }
1487
3.06k
        return (cbor_array_iter(item, arr, decode_x5c));
1488
3.07k
}
1489
1490
static int
1491
decode_attstmt_entry(const cbor_item_t *key, const cbor_item_t *val, void *arg)
1492
14.0k
{
1493
14.0k
        fido_attstmt_t  *attstmt = arg;
1494
14.0k
        char            *name = NULL;
1495
14.0k
        int              ok = -1;
1496
1497
14.0k
        if (cbor_string_copy(key, &name) < 0) {
1498
227
                fido_log_debug("%s: cbor type", __func__);
1499
227
                ok = 0; /* ignore */
1500
227
                goto out;
1501
227
        }
1502
1503
13.8k
        if (!strcmp(name, "alg")) {
1504
4.02k
                if (cbor_isa_negint(val) == false ||
1505
4.02k
                    cbor_get_int(val) > UINT16_MAX) {
1506
28
                        fido_log_debug("%s: alg", __func__);
1507
28
                        goto out;
1508
28
                }
1509
3.99k
                attstmt->alg = -(int)cbor_get_int(val) - 1;
1510
3.99k
                if (attstmt->alg != COSE_ES256 && attstmt->alg != COSE_ES384 &&
1511
3.99k
                    attstmt->alg != COSE_RS256 && attstmt->alg != COSE_EDDSA &&
1512
3.99k
                    attstmt->alg != COSE_RS1) {
1513
37
                        fido_log_debug("%s: unsupported attstmt->alg=%d",
1514
37
                            __func__, attstmt->alg);
1515
37
                        goto out;
1516
37
                }
1517
9.78k
        } else if (!strcmp(name, "sig")) {
1518
3.90k
                if (fido_blob_decode(val, &attstmt->sig) < 0) {
1519
18
                        fido_log_debug("%s: sig", __func__);
1520
18
                        goto out;
1521
18
                }
1522
5.87k
        } else if (!strcmp(name, "x5c")) {
1523
3.07k
                if (decode_x5c_array(val, &attstmt->x5c)) {
1524
44
                        fido_log_debug("%s: x5c", __func__);
1525
44
                        goto out;
1526
44
                }
1527
3.07k
        } else if (!strcmp(name, "certInfo")) {
1528
625
                if (fido_blob_decode(val, &attstmt->certinfo) < 0) {
1529
3
                        fido_log_debug("%s: certinfo", __func__);
1530
3
                        goto out;
1531
3
                }
1532
2.18k
        } else if (!strcmp(name, "pubArea")) {
1533
645
                if (fido_blob_decode(val, &attstmt->pubarea) < 0) {
1534
1
                        fido_log_debug("%s: pubarea", __func__);
1535
1
                        goto out;
1536
1
                }
1537
645
        }
1538
1539
13.6k
        ok = 0;
1540
14.0k
out:
1541
14.0k
        free(name);
1542
1543
14.0k
        return (ok);
1544
13.6k
}
1545
1546
int
1547
cbor_decode_attstmt(const cbor_item_t *item, fido_attstmt_t *attstmt)
1548
4.24k
{
1549
4.24k
        size_t alloc_len;
1550
1551
4.24k
        if (cbor_isa_map(item) == false ||
1552
4.24k
            cbor_map_is_definite(item) == false ||
1553
4.24k
            cbor_map_iter(item, attstmt, decode_attstmt_entry) < 0) {
1554
189
                fido_log_debug("%s: cbor type", __func__);
1555
189
                return (-1);
1556
189
        }
1557
1558
4.05k
        if (attstmt->cbor.ptr != NULL ||
1559
4.05k
            (attstmt->cbor.len = cbor_serialize_alloc(item,
1560
4.05k
            &attstmt->cbor.ptr, &alloc_len)) == 0) {
1561
32
                fido_log_debug("%s: cbor_serialize_alloc", __func__);
1562
32
                return (-1);
1563
32
        }
1564
1565
4.02k
        return (0);
1566
4.05k
}
1567
1568
int
1569
cbor_decode_uint64(const cbor_item_t *item, uint64_t *n)
1570
42.0k
{
1571
42.0k
        if (cbor_isa_uint(item) == false) {
1572
111
                fido_log_debug("%s: cbor type", __func__);
1573
111
                return (-1);
1574
111
        }
1575
1576
41.9k
        *n = cbor_get_int(item);
1577
1578
41.9k
        return (0);
1579
42.0k
}
1580
1581
static int
1582
decode_cred_id_entry(const cbor_item_t *key, const cbor_item_t *val, void *arg)
1583
3.80k
{
1584
3.80k
        fido_blob_t     *id = arg;
1585
3.80k
        char            *name = NULL;
1586
3.80k
        int              ok = -1;
1587
1588
3.80k
        if (cbor_string_copy(key, &name) < 0) {
1589
237
                fido_log_debug("%s: cbor type", __func__);
1590
237
                ok = 0; /* ignore */
1591
237
                goto out;
1592
237
        }
1593
1594
3.57k
        if (!strcmp(name, "id"))
1595
1.19k
                if (fido_blob_decode(val, id) < 0) {
1596
6
                        fido_log_debug("%s: cbor_bytestring_copy", __func__);
1597
6
                        goto out;
1598
6
                }
1599
1600
3.56k
        ok = 0;
1601
3.80k
out:
1602
3.80k
        free(name);
1603
1604
3.80k
        return (ok);
1605
3.56k
}
1606
1607
int
1608
cbor_decode_cred_id(const cbor_item_t *item, fido_blob_t *id)
1609
1.85k
{
1610
1.85k
        if (cbor_isa_map(item) == false ||
1611
1.85k
            cbor_map_is_definite(item) == false ||
1612
1.85k
            cbor_map_iter(item, id, decode_cred_id_entry) < 0) {
1613
30
                fido_log_debug("%s: cbor type", __func__);
1614
30
                return (-1);
1615
30
        }
1616
1617
1.82k
        return (0);
1618
1.85k
}
1619
1620
static int
1621
decode_user_entry(const cbor_item_t *key, const cbor_item_t *val, void *arg)
1622
4.24k
{
1623
4.24k
        fido_user_t     *user = arg;
1624
4.24k
        char            *name = NULL;
1625
4.24k
        int              ok = -1;
1626
1627
4.24k
        if (cbor_string_copy(key, &name) < 0) {
1628
41
                fido_log_debug("%s: cbor type", __func__);
1629
41
                ok = 0; /* ignore */
1630
41
                goto out;
1631
41
        }
1632
1633
4.20k
        if (!strcmp(name, "icon")) {
1634
51
                if (cbor_string_copy(val, &user->icon) < 0) {
1635
3
                        fido_log_debug("%s: icon", __func__);
1636
3
                        goto out;
1637
3
                }
1638
4.15k
        } else if (!strcmp(name, "name")) {
1639
354
                if (cbor_string_copy(val, &user->name) < 0) {
1640
2
                        fido_log_debug("%s: name", __func__);
1641
2
                        goto out;
1642
2
                }
1643
3.79k
        } else if (!strcmp(name, "displayName")) {
1644
207
                if (cbor_string_copy(val, &user->display_name) < 0) {
1645
1
                        fido_log_debug("%s: display_name", __func__);
1646
1
                        goto out;
1647
1
                }
1648
3.58k
        } else if (!strcmp(name, "id")) {
1649
1.09k
                if (fido_blob_decode(val, &user->id) < 0) {
1650
5
                        fido_log_debug("%s: id", __func__);
1651
5
                        goto out;
1652
5
                }
1653
1.09k
        }
1654
1655
4.19k
        ok = 0;
1656
4.24k
out:
1657
4.24k
        free(name);
1658
1659
4.24k
        return (ok);
1660
4.19k
}
1661
1662
int
1663
cbor_decode_user(const cbor_item_t *item, fido_user_t *user)
1664
1.71k
{
1665
1.71k
        if (cbor_isa_map(item) == false ||
1666
1.71k
            cbor_map_is_definite(item) == false ||
1667
1.71k
            cbor_map_iter(item, user, decode_user_entry) < 0) {
1668
25
                fido_log_debug("%s: cbor type", __func__);
1669
25
                return (-1);
1670
25
        }
1671
1672
1.69k
        return (0);
1673
1.71k
}
1674
1675
static int
1676
decode_rp_entity_entry(const cbor_item_t *key, const cbor_item_t *val,
1677
    void *arg)
1678
420
{
1679
420
        fido_rp_t       *rp = arg;
1680
420
        char            *name = NULL;
1681
420
        int              ok = -1;
1682
1683
420
        if (cbor_string_copy(key, &name) < 0) {
1684
18
                fido_log_debug("%s: cbor type", __func__);
1685
18
                ok = 0; /* ignore */
1686
18
                goto out;
1687
18
        }
1688
1689
402
        if (!strcmp(name, "id")) {
1690
71
                if (cbor_string_copy(val, &rp->id) < 0) {
1691
1
                        fido_log_debug("%s: id", __func__);
1692
1
                        goto out;
1693
1
                }
1694
331
        } else if (!strcmp(name, "name")) {
1695
2
                if (cbor_string_copy(val, &rp->name) < 0) {
1696
1
                        fido_log_debug("%s: name", __func__);
1697
1
                        goto out;
1698
1
                }
1699
2
        }
1700
1701
400
        ok = 0;
1702
420
out:
1703
420
        free(name);
1704
1705
420
        return (ok);
1706
400
}
1707
1708
int
1709
cbor_decode_rp_entity(const cbor_item_t *item, fido_rp_t *rp)
1710
417
{
1711
417
        if (cbor_isa_map(item) == false ||
1712
417
            cbor_map_is_definite(item) == false ||
1713
417
            cbor_map_iter(item, rp, decode_rp_entity_entry) < 0) {
1714
6
                fido_log_debug("%s: cbor type", __func__);
1715
6
                return (-1);
1716
6
        }
1717
1718
411
        return (0);
1719
417
}
1720
1721
int
1722
cbor_decode_bool(const cbor_item_t *item, bool *v)
1723
61.9k
{
1724
61.9k
        if (cbor_isa_float_ctrl(item) == false ||
1725
61.9k
            cbor_float_get_width(item) != CBOR_FLOAT_0 ||
1726
61.9k
            cbor_is_bool(item) == false) {
1727
3.75k
                fido_log_debug("%s: cbor type", __func__);
1728
3.75k
                return (-1);
1729
3.75k
        }
1730
1731
58.2k
        if (v != NULL)
1732
524
                *v = cbor_ctrl_value(item) == CBOR_CTRL_TRUE;
1733
1734
58.2k
        return (0);
1735
61.9k
}
1736
1737
cbor_item_t *
1738
cbor_build_uint(const uint64_t value)
1739
5.80k
{
1740
5.80k
        if (value <= UINT8_MAX)
1741
3.46k
                return cbor_build_uint8((uint8_t)value);
1742
2.34k
        else if (value <= UINT16_MAX)
1743
1.70k
                return cbor_build_uint16((uint16_t)value);
1744
637
        else if (value <= UINT32_MAX)
1745
637
                return cbor_build_uint32((uint32_t)value);
1746
1747
0
        return cbor_build_uint64(value);
1748
5.80k
}
1749
1750
int
1751
cbor_array_append(cbor_item_t **array, cbor_item_t *item)
1752
385
{
1753
385
        cbor_item_t **v, *ret;
1754
385
        size_t n;
1755
1756
385
        if ((v = cbor_array_handle(*array)) == NULL ||
1757
385
            (n = cbor_array_size(*array)) == SIZE_MAX ||
1758
385
            (ret = cbor_new_definite_array(n + 1)) == NULL)
1759
2
                return -1;
1760
570
        for (size_t i = 0; i < n; i++) {
1761
192
                if (cbor_array_push(ret, v[i]) == 0) {
1762
5
                        cbor_decref(&ret);
1763
5
                        return -1;
1764
5
                }
1765
192
        }
1766
378
        if (cbor_array_push(ret, item) == 0) {
1767
1
                cbor_decref(&ret);
1768
1
                return -1;
1769
1
        }
1770
377
        cbor_decref(array);
1771
377
        *array = ret;
1772
1773
377
        return 0;
1774
378
}
1775
1776
int
1777
cbor_array_drop(cbor_item_t **array, size_t idx)
1778
258
{
1779
258
        cbor_item_t **v, *ret;
1780
258
        size_t n;
1781
1782
258
        if ((v = cbor_array_handle(*array)) == NULL ||
1783
258
            (n = cbor_array_size(*array)) == 0 || idx >= n ||
1784
258
            (ret = cbor_new_definite_array(n - 1)) == NULL)
1785
2
                return -1;
1786
538
        for (size_t i = 0; i < n; i++) {
1787
287
                if (i != idx && cbor_array_push(ret, v[i]) == 0) {
1788
5
                        cbor_decref(&ret);
1789
5
                        return -1;
1790
5
                }
1791
287
        }
1792
251
        cbor_decref(array);
1793
251
        *array = ret;
1794
1795
251
        return 0;
1796
256
}