coelner/pico-fido
1
0
Fork 0
mirror of https://github.com/polhenarejos/pico-fido.git synced 2024-09-20 03:10:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix buffer initialization.

Browse Source 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos 2024-08-25 20:21:43 +02:00
parent f234b0dc26
commit 02556fcde1
No known key found for this signature in database
GPG Key ID: C0095B7870A4CCD3
4 changed files with 28 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pico-keys-sdk

@ -1 +1 @@
Subproject commit ac2a6c10521367a850668e427afce087251ed1d1 Subproject commit 956f476872e25603ee063b776e3da280670cb15e

26
src/fido/cbor_get_assertion.c
View File

@ -203,7 +203,7 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) {
} }
uint8_t flags = 0; uint8_t flags = 0;
uint8_t rp_id_hash[32]; uint8_t rp_id_hash[32] = {0};
mbedtls_sha256((uint8_t *) rpId.data, rpId.len, rp_id_hash, 0); mbedtls_sha256((uint8_t *) rpId.data, rpId.len, rp_id_hash, 0);
bool resident = false; bool resident = false;
@ -323,12 +323,22 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) {
credential_free(&creds[i]); credential_free(&creds[i]);
} }
else { else {
if (numberOfCredentials != i) {
creds[numberOfCredentials++] = creds[i]; creds[numberOfCredentials++] = creds[i];
} }
else {
numberOfCredentials++;
}
}
} }
else { else {
if (numberOfCredentials != i) {
creds[numberOfCredentials++] = creds[i]; creds[numberOfCredentials++] = creds[i];
} }
else {
numberOfCredentials++;
}
}
} }
} }
if (numberOfCredentials == 0) { if (numberOfCredentials == 0) {
@ -399,7 +409,7 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) {
} }
int ret = 0; int ret = 0;
uint8_t largeBlobKey[32]; uint8_t largeBlobKey[32] = {0};
if (extensions.largeBlobKey == ptrue && selcred->extensions.largeBlobKey == ptrue) { if (extensions.largeBlobKey == ptrue && selcred->extensions.largeBlobKey == ptrue) {
ret = credential_derive_large_blob_key(selcred->id.data, selcred->id.len, largeBlobKey); ret = credential_derive_large_blob_key(selcred->id.data, selcred->id.len, largeBlobKey);
if (ret != 0) { if (ret != 0) {
@ -408,7 +418,7 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) {
} }
size_t ext_len = 0; size_t ext_len = 0;
uint8_t ext[512]; uint8_t ext[512] = {0};
if (extensions.present == true) { if (extensions.present == true) {
cbor_encoder_init(&encoder, ext, sizeof(ext), 0); cbor_encoder_init(&encoder, ext, sizeof(ext), 0);
int l = 0; int l = 0;
@ -439,7 +449,7 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) {
CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder, "hmac-secret")); CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder, "hmac-secret"));
uint8_t sharedSecret[64]; uint8_t sharedSecret[64] = {0};
mbedtls_ecp_point Qp; mbedtls_ecp_point Qp;
mbedtls_ecp_point_init(&Qp); mbedtls_ecp_point_init(&Qp);
mbedtls_mpi_lset(&Qp.Z, 1); mbedtls_mpi_lset(&Qp.Z, 1);
@ -461,13 +471,13 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) {
mbedtls_platform_zeroize(sharedSecret, sizeof(sharedSecret)); mbedtls_platform_zeroize(sharedSecret, sizeof(sharedSecret));
CBOR_ERROR(CTAP2_ERR_EXTENSION_FIRST); CBOR_ERROR(CTAP2_ERR_EXTENSION_FIRST);
} }
uint8_t salt_dec[64], poff = ((uint8_t)hmacSecretPinUvAuthProtocol - 1) * IV_SIZE; uint8_t salt_dec[64] = {0}, poff = ((uint8_t)hmacSecretPinUvAuthProtocol - 1) * IV_SIZE;
ret = decrypt((uint8_t)hmacSecretPinUvAuthProtocol, sharedSecret, salt_enc.data, (uint16_t)salt_enc.len, salt_dec); ret = decrypt((uint8_t)hmacSecretPinUvAuthProtocol, sharedSecret, salt_enc.data, (uint16_t)salt_enc.len, salt_dec);
if (ret != 0) { if (ret != 0) {
mbedtls_platform_zeroize(sharedSecret, sizeof(sharedSecret)); mbedtls_platform_zeroize(sharedSecret, sizeof(sharedSecret));
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER); CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
} }
uint8_t cred_random[64], *crd = NULL; uint8_t cred_random[64] = {0}, *crd = NULL;
ret = credential_derive_hmac_key(selcred->id.data, selcred->id.len, cred_random); ret = credential_derive_hmac_key(selcred->id.data, selcred->id.len, cred_random);
if (ret != 0) { if (ret != 0) {
mbedtls_platform_zeroize(sharedSecret, sizeof(sharedSecret)); mbedtls_platform_zeroize(sharedSecret, sizeof(sharedSecret));
@ -479,7 +489,7 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) {
else { else {
crd = cred_random; crd = cred_random;
} }
uint8_t out1[64], hmac_res[80]; uint8_t out1[64] = {0}, hmac_res[80] = {0};
mbedtls_md_hmac(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), crd, 32, salt_dec, 32, out1); mbedtls_md_hmac(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), crd, 32, salt_dec, 32, out1);
if ((uint8_t)salt_enc.len == 64 + poff) { if ((uint8_t)salt_enc.len == 64 + poff) {
mbedtls_md_hmac(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), crd, 32, salt_dec + 32, 32, out1 + 32); mbedtls_md_hmac(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), crd, 32, salt_dec + 32, 32, out1 + 32);
@ -519,7 +529,7 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) {
} }
memcpy(pa, clientDataHash.data, clientDataHash.len); memcpy(pa, clientDataHash.data, clientDataHash.len);
uint8_t hash[64], sig[MBEDTLS_ECDSA_MAX_LEN]; uint8_t hash[64] = {0}, sig[MBEDTLS_ECDSA_MAX_LEN] = {0};
const mbedtls_md_info_t *md = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256); const mbedtls_md_info_t *md = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256);
mbedtls_ecdsa_context ekey; mbedtls_ecdsa_context ekey;
mbedtls_ecdsa_init(&ekey); mbedtls_ecdsa_init(&ekey);

12
src/fido/cbor_make_credential.c
View File

@ -162,7 +162,7 @@ int cbor_make_credential(const uint8_t *data, size_t len) {
CBOR_PARSE_MAP_END(map, 1); CBOR_PARSE_MAP_END(map, 1);
uint8_t flags = FIDO2_AUT_FLAG_AT; uint8_t flags = FIDO2_AUT_FLAG_AT;
uint8_t rp_id_hash[32]; uint8_t rp_id_hash[32] = {0};
mbedtls_sha256((uint8_t *) rp.id.data, rp.id.len, rp_id_hash, 0); mbedtls_sha256((uint8_t *) rp.id.data, rp.id.len, rp_id_hash, 0);
if (pinUvAuthParam.present == true) { if (pinUvAuthParam.present == true) {
@ -320,7 +320,7 @@ int cbor_make_credential(const uint8_t *data, size_t len) {
const known_app_t *ka = find_app_by_rp_id_hash(rp_id_hash); const known_app_t *ka = find_app_by_rp_id_hash(rp_id_hash);
uint8_t cred_id[MAX_CRED_ID_LENGTH]; uint8_t cred_id[MAX_CRED_ID_LENGTH] = {0};
size_t cred_id_len = 0; size_t cred_id_len = 0;
CBOR_CHECK(credential_create(&rp.id, &user.id, &user.parent.name, &user.displayName, &options, CBOR_CHECK(credential_create(&rp.id, &user.id, &user.parent.name, &user.displayName, &options,
@ -331,7 +331,7 @@ int cbor_make_credential(const uint8_t *data, size_t len) {
flags |= FIDO2_AUT_FLAG_UV; flags |= FIDO2_AUT_FLAG_UV;
} }
size_t ext_len = 0; size_t ext_len = 0;
uint8_t ext[512]; uint8_t ext[512] = {0};
CborEncoder encoder, mapEncoder, mapEncoder2; CborEncoder encoder, mapEncoder, mapEncoder2;
if (extensions.present == true) { if (extensions.present == true) {
cbor_encoder_init(&encoder, ext, sizeof(ext), 0); cbor_encoder_init(&encoder, ext, sizeof(ext), 0);
@ -400,7 +400,7 @@ int cbor_make_credential(const uint8_t *data, size_t len) {
} }
size_t olen = 0; size_t olen = 0;
uint32_t ctr = get_sign_counter(); uint32_t ctr = get_sign_counter();
uint8_t cbor_buf[1024]; uint8_t cbor_buf[1024] = {0};
cbor_encoder_init(&encoder, cbor_buf, sizeof(cbor_buf), 0); cbor_encoder_init(&encoder, cbor_buf, sizeof(cbor_buf), 0);
CBOR_CHECK(COSE_key(&ekey, &encoder, &mapEncoder)); CBOR_CHECK(COSE_key(&ekey, &encoder, &mapEncoder));
size_t rs = cbor_encoder_get_buffer_size(&encoder, cbor_buf); size_t rs = cbor_encoder_get_buffer_size(&encoder, cbor_buf);
@ -426,7 +426,7 @@ int cbor_make_credential(const uint8_t *data, size_t len) {
} }
memcpy(pa, clientDataHash.data, clientDataHash.len); memcpy(pa, clientDataHash.data, clientDataHash.len);
uint8_t hash[64], sig[MBEDTLS_ECDSA_MAX_LEN]; uint8_t hash[64] = {0}, sig[MBEDTLS_ECDSA_MAX_LEN] = {0};
const mbedtls_md_info_t *md = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256); const mbedtls_md_info_t *md = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256);
if (ekey.grp.id == MBEDTLS_ECP_DP_SECP384R1) { if (ekey.grp.id == MBEDTLS_ECP_DP_SECP384R1) {
md = mbedtls_md_info_from_type(MBEDTLS_MD_SHA384); md = mbedtls_md_info_from_type(MBEDTLS_MD_SHA384);
@ -447,7 +447,7 @@ int cbor_make_credential(const uint8_t *data, size_t len) {
ret = mbedtls_ecdsa_write_signature(&ekey, mbedtls_md_get_type(md), hash, mbedtls_md_get_size(md), sig, sizeof(sig), &olen, random_gen, NULL); ret = mbedtls_ecdsa_write_signature(&ekey, mbedtls_md_get_type(md), hash, mbedtls_md_get_size(md), sig, sizeof(sig), &olen, random_gen, NULL);
mbedtls_ecdsa_free(&ekey); mbedtls_ecdsa_free(&ekey);
uint8_t largeBlobKey[32]; uint8_t largeBlobKey[32] = {0};
if (extensions.largeBlobKey == ptrue && options.rk == ptrue) { if (extensions.largeBlobKey == ptrue && options.rk == ptrue) {
ret = credential_derive_large_blob_key(cred_id, cred_id_len, largeBlobKey); ret = credential_derive_large_blob_key(cred_id, cred_id_len, largeBlobKey);
if (ret != 0) { if (ret != 0) {

2
src/fido/ctap2_cbor.h
View File

@ -159,7 +159,7 @@ typedef struct CborCharString {
#define CBOR_FIELD_GET_KEY_TEXT(_n) \ #define CBOR_FIELD_GET_KEY_TEXT(_n) \
CBOR_ASSERT(cbor_value_is_text_string(&(_f##_n)) == true); \ CBOR_ASSERT(cbor_value_is_text_string(&(_f##_n)) == true); \
char _fd##_n[64]; \ char _fd##_n[64] = {0}; \
size_t _fdl##_n = sizeof(_fd##_n); \ size_t _fdl##_n = sizeof(_fd##_n); \
CBOR_CHECK(cbor_value_copy_text_string(&(_f##_n), _fd##_n, &_fdl##_n, &(_f##_n))) CBOR_CHECK(cbor_value_copy_text_string(&(_f##_n), _fd##_n, &_fdl##_n, &(_f##_n)))