coelner/pico-fido
1
0
Fork 0
mirror of https://github.com/polhenarejos/pico-fido.git synced 2024-09-20 03:10:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Upgrading to Version 2.10.

Browse Source 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos 2023-02-17 12:00:37 +01:00
commit 5e0b0bfe38
No known key found for this signature in database
GPG Key ID: C0095B7870A4CCD3
24 changed files with 624 additions and 152 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CMakeLists.txt
View File

@ -64,6 +64,7 @@ target_sources(pico_fido PUBLIC
${CMAKE_CURRENT_LIST_DIR}/src/fido/cbor_cred_mgmt.c
${CMAKE_CURRENT_LIST_DIR}/src/fido/cbor_config.c
${CMAKE_CURRENT_LIST_DIR}/src/fido/cbor_vendor.c
${CMAKE_CURRENT_LIST_DIR}/src/fido/cbor_large_blobs.c
)
set(HSM_DRIVER "hid")
include(pico-hsm-sdk/pico_hsm_sdk_import.cmake)

12
README.md
View File

@ -19,10 +19,14 @@ Pico FIDO has implemented the following features:
- Support for vendor Config
- Backup with 24 words
- Secure lock to protect the device from flash dumpings
- Permissions support (MC, GA, CM, ACFG)
- Permissions support (MC, GA, CM, ACFG, LBW)
- Authenticator configuration
- minPinLength extension
- Self attestation
- Enterprise attestation
- credBlobs extension
- largeBlobKey extension
- largeBlobs support (2048 bytes máx.)
All these features are compliant with the specification. Therefore, if you detect some behaviour that is not expected or it does not follow the rules of specs, please open an issue.
@ -34,10 +38,6 @@ If the Pico is stolen the contents of private and secret keys can be read.
## Download
Please, go to the [Release page](https://github.com/polhenarejos/pico-fido/releases "Release page") and download the UF2 file for your board.
Note that UF2 files are shiped with a dummy VID/PID to avoid license issues (FEFF:FCFD). If you are planning to use it with OpenSC or similar, you should modify Info.plist of CCID driver to add these VID/PID or use the VID/PID patcher as follows: `./pico-fido-patch-vidpid.sh VID:PID input_fido_file.uf2 output_fido_file.uf2`
You can use whatever VID/PID, but remember that you are not authorized to distribute the binary with a VID/PID that you do not own.
## Build
Before building, ensure you have installed the toolchain for the Pico and the Pico SDK is properly located in your drive.
@ -52,6 +52,8 @@ Note that PICO_BOARD, USB_VID and USB_PID are optional. If not provided, pico bo
After make ends, the binary file pico_fido.uf2 will be generated. Put your pico board into loading mode, by pushing BOOTSEL button while pluging on, and copy the UF2 to the new fresh usb mass storage Pico device. Once copied, the pico mass storage will be disconnected automatically and the pico board will reset with the new firmware. A blinking led will indicate the device is ready to work.
**Remark:** Pico Fido uses HID interface and thus, VID/PID values are irrelevant in terms of operativity. You can safely use any arbitrary value or the default ones.
## Led blink
Pico FIDO uses the led to indicate the current status. Four states are available:
### Press to confirm

2
build_pico_fido.sh
View File

@ -1,7 +1,7 @@
#!/bin/bash
VERSION_MAJOR="2"
VERSION_MINOR="8"
VERSION_MINOR="10"
rm -rf release/*
cd build_release

3
src/fido/cbor.c
View File

@ -37,6 +37,7 @@ int cbor_selection();
int cbor_cred_mgmt(const uint8_t *data, size_t len);
int cbor_config(const uint8_t *data, size_t len);
int cbor_vendor(const uint8_t *data, size_t len);
int cbor_large_blobs(const uint8_t *data, size_t len);
const uint8_t aaguid[16] = {0x89, 0xFB, 0x94, 0xB7, 0x06, 0xC9, 0x36, 0x73, 0x9B, 0x7E, 0x30, 0x52, 0x6D, 0x96, 0x81, 0x45}; // First 16 bytes of SHA256("Pico FIDO2")
@ -68,6 +69,8 @@ int cbor_parse(uint8_t cmd, const uint8_t *data, size_t len) {
return cbor_cred_mgmt(data + 1, len - 1);
else if (data[0] == CTAP_CONFIG)
return cbor_config(data + 1, len - 1);
else if (data[0] == CTAP_LARGE_BLOBS)
return cbor_large_blobs(data + 1, len - 1);
}
else if (cmd == CTAP_VENDOR_CBOR) {
return cbor_vendor(data, len);

9
src/fido/cbor_client_pin.c
View File

@ -31,7 +31,6 @@
#include "hsm.h"
#include "apdu.h"
uint8_t permissions_rp_id = 0, permission_set = 0;
uint32_t usage_timer = 0, initial_usage_time_limit = 0;
uint32_t max_usage_time_period = 600*1000;
bool needs_power_cycle = false;
@ -63,11 +62,11 @@ void clearPinUvAuthTokenPermissionsExceptLbw() {
}
void stopUsingPinUvAuthToken() {
permissions_rp_id = 0;
paut.permissions = 0;
usage_timer = 0;
paut.in_use = false;
memset(paut.rp_id_hash, 0, sizeof(paut.rp_id_hash));
paut.has_rp_id = false;
initial_usage_time_limit = 0;
paut.user_present = paut.user_verified = false;
user_present_time_limit = 0;
@ -486,7 +485,7 @@ int cbor_client_pin(const uint8_t *data, size_t len) {
if (subcommand == 0x9) {
if (permissions == 0)
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
if ((permissions & CTAP_PERMISSION_BE) || (permissions & CTAP_PERMISSION_LBW)) // Not supported yet
if ((permissions & CTAP_PERMISSION_BE)) // Not supported yet
CBOR_ERROR(CTAP2_ERR_UNAUTHORIZED_PERMISSION);
}
@ -547,7 +546,9 @@ int cbor_client_pin(const uint8_t *data, size_t len) {
mbedtls_sha256((uint8_t *)rpId.data, rpId.len, paut.rp_id_hash, 0);
paut.has_rp_id = true;
}
uint8_t pinUvAuthToken_enc[32+IV_SIZE];
else
paut.has_rp_id = false;
uint8_t pinUvAuthToken_enc[32 + IV_SIZE];
encrypt(pinUvAuthProtocol, sharedSecret, paut.data, 32, pinUvAuthToken_enc);
CBOR_CHECK(cbor_encoder_create_map(&encoder, &mapEncoder, 1));
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x02));

13
src/fido/cbor_config.c
View File

@ -95,7 +95,7 @@ int cbor_config(const uint8_t *data, size_t len) {
else if (val_u == 0x03) {
CBOR_FIELD_GET_UINT(pinUvAuthProtocol, 1);
}
else if (val_u == 0x04) { // pubKeyCredParams
else if (val_u == 0x04) {
CBOR_FIELD_GET_BYTES(pinUvAuthParam, 1);
}
}
@ -204,12 +204,11 @@ int cbor_config(const uint8_t *data, size_t len) {
CBOR_FREE_BYTE_STRING(minPinLengthRPIDs[i]);
}
if (error != CborNoError)
{
if (error == CborErrorImproperValue)
return CTAP2_ERR_CBOR_UNEXPECTED_TYPE;
return error;
}
if (error != CborNoError) {
if (error == CborErrorImproperValue)
return CTAP2_ERR_CBOR_UNEXPECTED_TYPE;
return error;
}
res_APDU_size = resp_size;
return 0;
}

32
src/fido/cbor_cred_mgmt.c
View File

@ -221,10 +221,20 @@ int cbor_cred_mgmt(const uint8_t *data, size_t len) {
}
cred_counter++;
CBOR_CHECK(cbor_encoder_create_map(&encoder, &mapEncoder, subcommand == 0x04 ? 5 : 4));
uint8_t l = 4;
if (subcommand == 0x04)
l++;
if (cred.extensions.present == true) {
if (cred.extensions.credProtect > 0)
l++;
if (cred.extensions.largeBlobKey == ptrue)
l++;
}
CBOR_CHECK(cbor_encoder_create_map(&encoder, &mapEncoder, l));
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x06));
uint8_t l = 0;
l = 0;
if (cred.userId.present == true)
l++;
if (cred.userName.present == true)
@ -279,8 +289,22 @@ int cbor_cred_mgmt(const uint8_t *data, size_t len) {
asserted = true;
rpIdHashx = rpIdHash;
}
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x0A));
CBOR_CHECK(cbor_encode_uint(&mapEncoder, cred.extensions.credProtect));
if (cred.extensions.present == true) {
if (cred.extensions.credProtect > 0) {
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x0A));
CBOR_CHECK(cbor_encode_uint(&mapEncoder, cred.extensions.credProtect));
}
if (cred.extensions.largeBlobKey == ptrue) {
uint8_t largeBlobKey[32];
int ret = credential_derive_large_blob_key(cred.id.data, cred.id.len, largeBlobKey);
if (ret != 0) {
CBOR_ERROR(CTAP2_ERR_PROCESSING);
}
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x0B));
CBOR_CHECK(cbor_encode_byte_string(&mapEncoder, largeBlobKey, sizeof(largeBlobKey)));
mbedtls_platform_zeroize(largeBlobKey, sizeof(largeBlobKey));
}
}
credential_free(&cred);
mbedtls_ecdsa_free(&key);
}

46
src/fido/cbor_get_assertion.c
View File

@ -85,9 +85,10 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) {
Credential creds[MAX_CREDENTIAL_COUNT_IN_LIST] = {0};
size_t allowList_len = 0, creds_len = 0;
uint8_t *aut_data = NULL;
bool asserted = false;
bool asserted = false, up = true, uv = false;
int64_t kty = 2, alg = 0, crv = 0;
CborByteString kax = {0}, kay = {0}, salt_enc = {0}, salt_auth = {0};
const bool *credBlob = NULL;
CBOR_CHECK(cbor_parser_init(data, len, 0, &parser, &map));
uint64_t val_c = 1;
@ -173,7 +174,8 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) {
CBOR_PARSE_MAP_END(_f2, 3);
continue;
}
CBOR_FIELD_KEY_TEXT_VAL_UINT(2, "credProtect", extensions.credProtect);
CBOR_FIELD_KEY_TEXT_VAL_BOOL(2, "credBlob", credBlob);
CBOR_FIELD_KEY_TEXT_VAL_BOOL(2, "largeBlobKey", extensions.largeBlobKey);
CBOR_ADVANCE(2);
}
CBOR_PARSE_MAP_END(_f1, 2);
@ -237,6 +239,10 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) {
}
//else if (options.up == NULL) //5.7
//rup = ptrue;
if (options.uv != NULL)
uv = *options.uv;
if (options.up != NULL)
up = *options.up;
}
if (pinUvAuthParam.present == true) { //6.1
@ -332,7 +338,11 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) {
clearPinUvAuthTokenPermissionsExceptLbw();
}
if (!(flags & FIDO2_AUT_FLAG_UP) && !(flags & FIDO2_AUT_FLAG_UV)) {
if (extensions.largeBlobKey == pfalse) {
CBOR_ERROR(CTAP2_ERR_INVALID_OPTION);
}
if (up == false && uv == false) {
selcred = &creds[0];
}
else {
@ -368,6 +378,14 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) {
}
}
uint8_t largeBlobKey[32];
if (extensions.largeBlobKey == ptrue && selcred->extensions.largeBlobKey == ptrue) {
ret = credential_derive_large_blob_key(selcred->id.data, selcred->id.len, largeBlobKey);
if (ret != 0) {
CBOR_ERROR(CTAP2_ERR_PROCESSING);
}
}
size_t ext_len = 0;
uint8_t ext [512];
if (extensions.present == true) {
@ -377,12 +395,15 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) {
extensions.hmac_secret = NULL;
if (extensions.hmac_secret != NULL)
l++;
if (extensions.credProtect != 0)
if (credBlob == ptrue)
l++;
CBOR_CHECK(cbor_encoder_create_map(&encoder, &mapEncoder, l));
if (extensions.credProtect != 0) {
CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder, "credProtect"));
CBOR_CHECK(cbor_encode_uint(&mapEncoder, extensions.credProtect));
if (credBlob == ptrue) {
CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder, "credBlob"));
if (selcred->extensions.credBlob.present == true)
CBOR_CHECK(cbor_encode_byte_string(&mapEncoder, selcred->extensions.credBlob.data, selcred->extensions.credBlob.len));
else
CBOR_CHECK(cbor_encode_byte_string(&mapEncoder, NULL, 0));
}
if (extensions.hmac_secret != NULL) {
@ -464,7 +485,9 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) {
uint8_t lfields = 3;
if (selcred->opts.present == true && selcred->opts.rk == ptrue)
lfields++;
if (numberOfCredentials > 1 && next == false && !(flags & FIDO2_AUT_FLAG_UP) && !(flags & FIDO2_AUT_FLAG_UV))
if (numberOfCredentials > 1 && next == false)
lfields++;
if (extensions.largeBlobKey == ptrue && selcred->extensions.largeBlobKey == ptrue)
lfields++;
cbor_encoder_init(&encoder, ctap_resp->init.data + 1, CTAP_MAX_PACKET_SIZE, 0);
CBOR_CHECK(cbor_encoder_create_map(&encoder, &mapEncoder, lfields));
@ -506,10 +529,15 @@ int cbor_get_assertion(const uint8_t *data, size_t len, bool next) {
}
CBOR_CHECK(cbor_encoder_close_container(&mapEncoder, &mapEncoder2));
}
if (numberOfCredentials > 1 && next == false && !(flags & FIDO2_AUT_FLAG_UP) && !(flags & FIDO2_AUT_FLAG_UV)) {
if (numberOfCredentials > 1 && next == false) {
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x05));
CBOR_CHECK(cbor_encode_uint(&mapEncoder, numberOfCredentials));
}
if (extensions.largeBlobKey == ptrue && selcred->extensions.largeBlobKey == ptrue) {
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x07));
CBOR_CHECK(cbor_encode_byte_string(&mapEncoder, largeBlobKey, sizeof(largeBlobKey)));
}
mbedtls_platform_zeroize(largeBlobKey, sizeof(largeBlobKey));
CBOR_CHECK(cbor_encoder_close_container(&encoder, &mapEncoder));
resp_size = cbor_encoder_get_buffer_size(&encoder, ctap_resp->init.data + 1);
ctr++;

19
src/fido/cbor_get_info.c
View File

@ -26,7 +26,7 @@ int cbor_get_info() {
CborEncoder encoder, mapEncoder, arrayEncoder, mapEncoder2;
CborError error = CborNoError;
cbor_encoder_init(&encoder, ctap_resp->init.data + 1, CTAP_MAX_PACKET_SIZE, 0);
CBOR_CHECK(cbor_encoder_create_map(&encoder, &mapEncoder, 12));
CBOR_CHECK(cbor_encoder_create_map(&encoder, &mapEncoder, 15));
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x01));
CBOR_CHECK(cbor_encoder_create_array(&mapEncoder, &arrayEncoder, 3));
@ -36,9 +36,11 @@ int cbor_get_info() {
CBOR_CHECK(cbor_encoder_close_container(&mapEncoder, &arrayEncoder));
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x02));
CBOR_CHECK(cbor_encoder_create_array(&mapEncoder, &arrayEncoder, 3));
CBOR_CHECK(cbor_encoder_create_array(&mapEncoder, &arrayEncoder, 5));
CBOR_CHECK(cbor_encode_text_stringz(&arrayEncoder, "credBlob"));
CBOR_CHECK(cbor_encode_text_stringz(&arrayEncoder, "credProtect"));
CBOR_CHECK(cbor_encode_text_stringz(&arrayEncoder, "hmac-secret"));
CBOR_CHECK(cbor_encode_text_stringz(&arrayEncoder, "largeBlobKey"));
CBOR_CHECK(cbor_encode_text_stringz(&arrayEncoder, "minPinLength"));
CBOR_CHECK(cbor_encoder_close_container(&mapEncoder, &arrayEncoder));
@ -46,7 +48,7 @@ int cbor_get_info() {
CBOR_CHECK(cbor_encode_byte_string(&mapEncoder, aaguid, sizeof(aaguid)));
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x04));
CBOR_CHECK(cbor_encoder_create_map(&mapEncoder, &arrayEncoder, 7));
CBOR_CHECK(cbor_encoder_create_map(&mapEncoder, &arrayEncoder, 8));
CBOR_CHECK(cbor_encode_text_stringz(&arrayEncoder, "ep"));
CBOR_CHECK(cbor_encode_boolean(&arrayEncoder, get_opts() & FIDO2_OPT_EA));
CBOR_CHECK(cbor_encode_text_stringz(&arrayEncoder, "rk"));
@ -60,12 +62,17 @@ int cbor_get_info() {
CBOR_CHECK(cbor_encode_boolean(&arrayEncoder, true));
else
CBOR_CHECK(cbor_encode_boolean(&arrayEncoder, false));
CBOR_CHECK(cbor_encode_text_stringz(&arrayEncoder, "largeBlobs"));
CBOR_CHECK(cbor_encode_boolean(&arrayEncoder, true));
CBOR_CHECK(cbor_encode_text_stringz(&arrayEncoder, "pinUvAuthToken"));
CBOR_CHECK(cbor_encode_boolean(&arrayEncoder, true));
CBOR_CHECK(cbor_encode_text_stringz(&arrayEncoder, "setMinPINLength"));
CBOR_CHECK(cbor_encode_boolean(&arrayEncoder, true));
CBOR_CHECK(cbor_encoder_close_container(&mapEncoder, &arrayEncoder));
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x05));
CBOR_CHECK(cbor_encode_uint(&mapEncoder, MAX_MSG_SIZE));
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x06));
CBOR_CHECK(cbor_encoder_create_array(&mapEncoder, &arrayEncoder, 2));
CBOR_CHECK(cbor_encode_uint(&arrayEncoder, 1)); // PIN protocols
@ -100,6 +107,9 @@ int cbor_get_info() {
CBOR_CHECK(cbor_encoder_close_container(&arrayEncoder, &mapEncoder2));
CBOR_CHECK(cbor_encoder_close_container(&mapEncoder, &arrayEncoder));
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x0B));
CBOR_CHECK(cbor_encode_uint(&mapEncoder, MAX_LARGE_BLOB_SIZE)); // maxSerializedLargeBlobArray
file_t *ef_minpin = search_by_fid(EF_MINPINLEN, NULL, SPECIFY_EF);
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x0C));
if (file_has_data(ef_minpin) && file_get_data(ef_minpin)[1] == 1)
@ -115,6 +125,9 @@ int cbor_get_info() {
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x0E));
CBOR_CHECK(cbor_encode_uint(&mapEncoder, PICO_FIDO_VERSION)); // firmwareVersion
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x0F));
CBOR_CHECK(cbor_encode_uint(&mapEncoder, MAX_CREDBLOB_LENGTH)); // maxCredBlobLength
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x15));
CBOR_CHECK(cbor_encoder_create_array(&mapEncoder, &arrayEncoder, 2));
CBOR_CHECK(cbor_encode_uint(&arrayEncoder, CTAP_CONFIG_AUT_ENABLE));

150
src/fido/cbor_large_blobs.c Normal file
View File

@ -0,0 +1,150 @@
/*
* This file is part of the Pico FIDO distribution (https://github.com/polhenarejos/pico-fido).
* Copyright (c) 2022 Pol Henarejos.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 3.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "ctap2_cbor.h"
#include "fido.h"
#include "ctap.h"
#include "files.h"
#include "apdu.h"
#include "version.h"
#include "hsm.h"
#include "mbedtls/sha256.h"
static uint64_t expectedLength = 0, expectedNextOffset = 0;
uint8_t temp_lba[MAX_LARGE_BLOB_SIZE];
int cbor_large_blobs(const uint8_t *data, size_t len) {
CborParser parser;
CborValue map;
CborEncoder encoder, mapEncoder;
CborError error = CborNoError;
uint64_t get = 0, offset = UINT64_MAX, length = 0, pinUvAuthProtocol = 0;
CborByteString set = {0}, pinUvAuthParam = {0};
CBOR_CHECK(cbor_parser_init(data, len, 0, &parser, &map));
uint64_t val_c = 1;
CBOR_PARSE_MAP_START(map, 1) {
uint64_t val_u = 0;
CBOR_FIELD_GET_UINT(val_u, 1);
if (val_c <= 0 && val_c != val_u)
CBOR_ERROR(CTAP2_ERR_MISSING_PARAMETER);
if (val_u < val_c)
CBOR_ERROR(CTAP2_ERR_INVALID_CBOR);
val_c = val_u + 1;
if (val_u == 0x01) {
CBOR_FIELD_GET_UINT(get, 1);
}
else if (val_u == 0x02) {
CBOR_FIELD_GET_BYTES(set, 1);
}
else if (val_u == 0x03) {
CBOR_FIELD_GET_UINT(offset, 1);
}
else if (val_u == 0x04) {
CBOR_FIELD_GET_UINT(length, 1);
}
else if (val_u == 0x05) {
CBOR_FIELD_GET_BYTES(pinUvAuthParam, 1);
}
else if (val_u == 0x06) {
CBOR_FIELD_GET_UINT(pinUvAuthProtocol, 1);
}
}
CBOR_PARSE_MAP_END(map, 1);
if (offset == UINT64_MAX)
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
if (get == 0 && set.present == false)
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
if (get != 0 && set.present == true)
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
cbor_encoder_init(&encoder, ctap_resp->init.data + 1, CTAP_MAX_PACKET_SIZE, 0);
if (get > 0) {
if (length != 0)
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
if (length > MAX_FRAGMENT_LENGTH)
CBOR_ERROR(CTAP1_ERR_INVALID_LEN);
if (offset > file_get_size(ef_largeblob))
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
CBOR_CHECK(cbor_encoder_create_map(&encoder, &mapEncoder, 1));
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x01));
CBOR_CHECK(cbor_encode_byte_string(&mapEncoder, file_get_data(ef_largeblob)+offset, MIN(get, file_get_size(ef_largeblob)-offset)));
}
else {
if (set.len > MAX_FRAGMENT_LENGTH)
CBOR_ERROR(CTAP1_ERR_INVALID_LEN);
if (offset == 0) {
if (length == 0)
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
if (length > MAX_LARGE_BLOB_SIZE) {
CBOR_ERROR(CTAP2_ERR_LARGE_BLOB_STORAGE_FULL);
}
if (length < 17) {
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
}
expectedLength = length;
expectedNextOffset = 0;
}
else {
if (length != 0)
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
}
if (offset != expectedNextOffset)
CBOR_ERROR(CTAP1_ERR_INVALID_SEQ);
if (pinUvAuthParam.present == false)
CBOR_ERROR(CTAP2_ERR_PUAT_REQUIRED);
if (pinUvAuthProtocol == 0)
CBOR_ERROR(CTAP2_ERR_MISSING_PARAMETER);
uint8_t verify_data[70] = {0};
memset(verify_data, 0xff, 32);
verify_data[32] = 0x0C;
verify_data[34] = offset & 0xff;
verify_data[35] = offset >> 8;
verify_data[36] = offset >> 16;
verify_data[37] = offset >> 24;
mbedtls_sha256(set.data, set.len, verify_data+38, 0);
if (verify(pinUvAuthProtocol, paut.data, verify_data, sizeof(verify_data), pinUvAuthParam.data) != 0)
CBOR_ERROR(CTAP2_ERR_PIN_AUTH_INVALID);
if (!(paut.permissions & CTAP_PERMISSION_LBW))
CBOR_ERROR(CTAP2_ERR_PIN_AUTH_INVALID);
if (offset+set.len > expectedLength)
CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
if (offset == 0)
memset(temp_lba, 0, sizeof(temp_lba));
memcpy(temp_lba+expectedNextOffset, set.data, set.len);
expectedNextOffset += set.len;
if (expectedNextOffset == expectedLength) {
uint8_t sha[32];
mbedtls_sha256(temp_lba, expectedLength-16, sha, 0);
if (expectedLength > 17 && memcmp(sha, temp_lba+expectedLength-16, 16) != 0)
CBOR_ERROR(CTAP2_ERR_INTEGRITY_FAILURE);
flash_write_data_to_file(ef_largeblob, temp_lba, expectedLength);
low_flash_available();
}
goto err;
}
CBOR_CHECK(cbor_encoder_close_container(&encoder, &mapEncoder));
err:
CBOR_FREE_BYTE_STRING(pinUvAuthParam);
CBOR_FREE_BYTE_STRING(set);
if (error != CborNoError)
return -CTAP2_ERR_INVALID_CBOR;
res_APDU_size = cbor_encoder_get_buffer_size(&encoder, res_APDU + 1);
return 0;
}

30
src/fido/cbor_make_credential.c
View File

@ -119,6 +119,8 @@ int cbor_make_credential(const uint8_t *data, size_t len) {
CBOR_FIELD_KEY_TEXT_VAL_BOOL(2, "hmac-secret", extensions.hmac_secret);
CBOR_FIELD_KEY_TEXT_VAL_UINT(2, "credProtect", extensions.credProtect);
CBOR_FIELD_KEY_TEXT_VAL_BOOL(2, "minPinLength", extensions.minPinLength);
CBOR_FIELD_KEY_TEXT_VAL_BYTES(2, "credBlob", extensions.credBlob);
CBOR_FIELD_KEY_TEXT_VAL_BOOL(2, "largeBlobKey", extensions.largeBlobKey);
CBOR_ADVANCE(2);
}
CBOR_PARSE_MAP_END(_f1, 2);
@ -238,10 +240,14 @@ int cbor_make_credential(const uint8_t *data, size_t len) {
if (strcmp(excludeList[e].type.data, "public-key") != 0)
continue;
Credential ecred;
if (credential_load(excludeList[e].id.data, excludeList[e].id.len, rp_id_hash, &ecred) == 0 && (ecred.extensions.credProtect != CRED_PROT_UV_REQUIRED || flags & FIDO2_AUT_FLAG_UV))
if (credential_load(excludeList[e].id.data, excludeList[e].id.len, rp_id_hash, &ecred) == 0 && (ecred.extensions.credProtect != CRED_PROT_UV_REQUIRED || (flags & FIDO2_AUT_FLAG_UV)))
CBOR_ERROR(CTAP2_ERR_CREDENTIAL_EXCLUDED);
}
if (extensions.largeBlobKey == pfalse || (extensions.largeBlobKey == ptrue && options.rk != ptrue)) {
CBOR_ERROR(CTAP2_ERR_INVALID_OPTION);
}
if (options.up == ptrue || options.up == NULL) { //14.1
if (pinUvAuthParam.present == true) {
if (getUserPresentFlagValue() == false) {
@ -289,7 +295,13 @@ int cbor_make_credential(const uint8_t *data, size_t len) {
}
}
}
if (extensions.credBlob.present == true)
l++;
CBOR_CHECK(cbor_encoder_create_map(&encoder, &mapEncoder, l));
if (extensions.credBlob.present == true) {
CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder, "credBlob"));
CBOR_CHECK(cbor_encode_boolean(&mapEncoder, extensions.credBlob.len < MAX_CREDBLOB_LENGTH));
}
if (extensions.credProtect != 0) {
CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder, "credProtect"));
CBOR_CHECK(cbor_encode_uint(&mapEncoder, extensions.credProtect));
@ -377,8 +389,16 @@ int cbor_make_credential(const uint8_t *data, size_t len) {
ret = mbedtls_ecdsa_write_signature(&ekey, MBEDTLS_MD_SHA256, hash, 32, sig, sizeof(sig), &olen, random_gen, NULL);
mbedtls_ecdsa_free(&ekey);
uint8_t largeBlobKey[32];
if (extensions.largeBlobKey == ptrue && options.rk == ptrue) {
ret = credential_derive_large_blob_key(cred_id, cred_id_len, largeBlobKey);
if (ret != 0) {
CBOR_ERROR(CTAP2_ERR_PROCESSING);
}
}
cbor_encoder_init(&encoder, ctap_resp->init.data + 1, CTAP_MAX_PACKET_SIZE, 0);
CBOR_CHECK(cbor_encoder_create_map(&encoder, &mapEncoder, 4));
CBOR_CHECK(cbor_encoder_create_map(&encoder, &mapEncoder, extensions.largeBlobKey == ptrue && options.rk == ptrue ? 5 : 4));
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x01));
CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder, "packed"));
@ -407,6 +427,12 @@ int cbor_make_credential(const uint8_t *data, size_t len) {
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x04));
CBOR_CHECK(cbor_encode_boolean(&mapEncoder, enterpriseAttestation == 2));
if (extensions.largeBlobKey == ptrue && options.rk == ptrue) {
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x05));
CBOR_CHECK(cbor_encode_byte_string(&mapEncoder, largeBlobKey, sizeof(largeBlobKey)));
}
mbedtls_platform_zeroize(largeBlobKey, sizeof(largeBlobKey));
CBOR_CHECK(cbor_encoder_close_container(&encoder, &mapEncoder));
resp_size = cbor_encoder_get_buffer_size(&encoder, ctap_resp->init.data + 1);

26
src/fido/credential.c
View File

@ -60,6 +60,10 @@ int credential_create(CborCharString *rpId, CborByteString *userId, CborCharStri
if (extensions->present == true) {
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x07));
CBOR_CHECK(cbor_encoder_create_map(&mapEncoder, &mapEncoder2, CborIndefiniteLength));
if (extensions->credBlob.present == true && extensions->credBlob.len < MAX_CREDBLOB_LENGTH) {
CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder2, "credBlob"));
CBOR_CHECK(cbor_encode_byte_string(&mapEncoder2, extensions->credBlob.data, extensions->credBlob.len));
}
if (extensions->credProtect != 0) {
CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder2, "credProtect"));
CBOR_CHECK(cbor_encode_uint(&mapEncoder2, extensions->credProtect));
@ -68,6 +72,10 @@ int credential_create(CborCharString *rpId, CborByteString *userId, CborCharStri
CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder2, "hmac-secret"));
CBOR_CHECK(cbor_encode_boolean(&mapEncoder2, *extensions->hmac_secret));
}
if (extensions->largeBlobKey == ptrue) {
CBOR_CHECK(cbor_encode_text_stringz(&mapEncoder2, "largeBlobKey"));
CBOR_CHECK(cbor_encode_boolean(&mapEncoder2, true));
}
CBOR_CHECK(cbor_encoder_close_container(&mapEncoder, &mapEncoder2));
}
CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x08));
@ -155,6 +163,8 @@ int credential_load(const uint8_t *cred_id, size_t cred_id_len, const uint8_t *r
CBOR_FIELD_GET_KEY_TEXT(2);
CBOR_FIELD_KEY_TEXT_VAL_BOOL(2, "hmac-secret", cred->extensions.hmac_secret);
CBOR_FIELD_KEY_TEXT_VAL_UINT(2, "credProtect", cred->extensions.credProtect);
CBOR_FIELD_KEY_TEXT_VAL_BYTES(2, "credBlob", cred->extensions.credBlob);
CBOR_FIELD_KEY_TEXT_VAL_BOOL(2, "largeBlobKey", cred->extensions.largeBlobKey);
CBOR_ADVANCE(2);
}
CBOR_PARSE_MAP_END(_f1, 2);
@ -309,10 +319,24 @@ int credential_derive_chacha_key(uint8_t *outk) {
int r = 0;
if ((r = load_keydev(outk)) != 0)
return r;
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA512);
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256);
mbedtls_md_hmac(md_info, outk, 32, (uint8_t *)"SLIP-0022", 9, outk);
mbedtls_md_hmac(md_info, outk, 32, (uint8_t *)CRED_PROTO, 4, outk);
mbedtls_md_hmac(md_info, outk, 32, (uint8_t *)"Encryption key", 14, outk);
return 0;
}
int credential_derive_large_blob_key(const uint8_t *cred_id, size_t cred_id_len, uint8_t *outk) {
memset(outk, 0, 32);
int r = 0;
if ((r = load_keydev(outk)) != 0)
return r;
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256);
mbedtls_md_hmac(md_info, outk, 32, (uint8_t *)"SLIP-0022", 9, outk);
mbedtls_md_hmac(md_info, outk, 32, (uint8_t *)CRED_PROTO, 4, outk);
mbedtls_md_hmac(md_info, outk, 32, (uint8_t *)"largeBlobKey", 12, outk);
mbedtls_md_hmac(md_info, outk, 32, cred_id, cred_id_len, outk);
return 0;
}

3
src/fido/credential.h
View File

@ -31,6 +31,8 @@ typedef struct CredExtensions {
const bool *hmac_secret;
uint64_t credProtect;
const bool *minPinLength;
CborByteString credBlob;
const bool *largeBlobKey;
bool present;
} CredExtensions;
@ -62,5 +64,6 @@ extern void credential_free(Credential *cred);
extern int credential_store(const uint8_t *cred_id, size_t cred_id_len, const uint8_t *rp_id_hash);
extern int credential_load(const uint8_t *cred_id, size_t cred_id_len, const uint8_t *rp_id_hash, Credential *cred);
extern int credential_derive_hmac_key(const uint8_t *cred_id, size_t cred_id_len, uint8_t *outk);
extern int credential_derive_large_blob_key(const uint8_t *cred_id, size_t cred_id_len, uint8_t *outk);
#endif // _CREDENTIAL_H_

1
src/fido/ctap.h
View File

@ -114,6 +114,7 @@ typedef struct {
#define CTAP_GET_NEXT_ASSERTION 0x08
#define CTAP_CREDENTIAL_MGMT 0x0A
#define CTAP_SELECTION 0x0B
#define CTAP_LARGE_BLOBS 0x0C
#define CTAP_CONFIG 0x0D
#define CTAP_CONFIG_AUT_ENABLE 0x03e43f56b34285e2

15
src/fido/fido.c
View File

@ -116,7 +116,8 @@ int x509_create_cert(mbedtls_ecdsa_context *ecdsa, uint8_t *buffer, size_t buffe
mbedtls_x509write_crt_set_authority_key_identifier(&ctx);
mbedtls_x509write_crt_set_key_usage(&ctx, MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_KEY_CERT_SIGN);
int ret = mbedtls_x509write_crt_der(&ctx, buffer, buffer_size, core1 ? random_gen : random_gen_core0, NULL);
mbedtls_pk_free(&key);
/* pk cannot be freed, as it is freed later */
//mbedtls_pk_free(&key);
return ret;
}
@ -242,11 +243,15 @@ int scan_files(bool core1) {
mbedtls_ecdsa_context key;
mbedtls_ecdsa_init(&key);
int ret = mbedtls_ecp_read_key(MBEDTLS_ECP_DP_SECP256R1, &key, file_get_data(ef_keydev), file_get_size(ef_keydev));
if (ret != 0)
if (ret != 0) {
mbedtls_ecdsa_free(&key);
return ret;
}
ret = mbedtls_ecp_mul(&key.grp, &key.Q, &key.d, &key.grp.G, core1 ? random_gen : random_gen_core0, NULL);
if (ret != 0)
if (ret != 0) {
mbedtls_ecdsa_free(&key);
return ret;
}
ret = x509_create_cert(&key, cert, sizeof(cert), core1);
mbedtls_ecdsa_free(&key);
if (ret <= 0)
@ -284,6 +289,10 @@ int scan_files(bool core1) {
else {
printf("FATAL ERROR: Auth Token not found in memory!\r\n");
}
ef_largeblob = search_by_fid(EF_LARGEBLOB, NULL, SPECIFY_EF);
if (!file_has_data(ef_largeblob)) {
flash_write_data_to_file(ef_largeblob, (const uint8_t *)"\x80\x76\xbe\x8b\x52\x8d\x00\x75\xf7\xaa\xe9\x8d\x6f\xa5\x7a\x6d\x3c", 17);
}
low_flash_available();
return CCID_OK;
}

4
src/fido/fido.h
View File

@ -78,6 +78,10 @@ extern void set_opts(uint8_t);
#define MAX_CREDENTIAL_COUNT_IN_LIST 16
#define MAX_CRED_ID_LENGTH 1024
#define MAX_RESIDENT_CREDENTIALS 256
#define MAX_CREDBLOB_LENGTH 128
#define MAX_MSG_SIZE 1024
#define MAX_FRAGMENT_LENGTH (MAX_MSG_SIZE - 64)
#define MAX_LARGE_BLOB_SIZE 2048
typedef struct known_app {
const uint8_t *rp_id_hash;

2
src/fido/files.c
View File

@ -29,6 +29,7 @@ file_t file_entries[] = {
{.fid = EF_AUTHTOKEN, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = {0xff}}, // AUTH TOKEN
{.fid = EF_MINPINLEN, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = {0xff}}, // MIN PIN LENGTH
{.fid = EF_OPTS, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = {0xff}}, // Global options
{.fid = EF_LARGEBLOB, .parent = 0, .name = NULL, .type = FILE_TYPE_INTERNAL_EF | FILE_DATA_FLASH, .data = NULL, .ef_structure = FILE_EF_TRANSPARENT, .acl = {0xff}}, // Large Blob
{ .fid = 0x0000, .parent = 0xff, .name = NULL, .type = FILE_TYPE_UNKNOWN, .data = NULL, .ef_structure = 0, .acl = {0} } //end
};
@ -40,3 +41,4 @@ file_t *ef_counter = NULL;
file_t *ef_pin = NULL;
file_t *ef_authtoken = NULL;
file_t *ef_keydev_enc = NULL;
file_t *ef_largeblob = NULL;

2
src/fido/files.h
View File

@ -31,6 +31,7 @@
#define EF_MINPINLEN 0x1100
#define EF_CRED 0xCF00 // Creds at 0xCF00 - 0xCFFF
#define EF_RP 0xD000 // RPs at 0xD000 - 0xD0FF
#define EF_LARGEBLOB 0x1101 // Large Blob Array
extern file_t *ef_keydev;
extern file_t *ef_certdev;
@ -38,5 +39,6 @@ extern file_t *ef_counter;
extern file_t *ef_pin;
extern file_t *ef_authtoken;
extern file_t *ef_keydev_enc;
extern file_t *ef_largeblob;
#endif //_FILES_H_

2
src/fido/version.h
View File

@ -18,7 +18,7 @@
#ifndef __VERSION_H_
#define __VERSION_H_
#define PICO_FIDO_VERSION 0x0208
#define PICO_FIDO_VERSION 0x020A
#define PICO_FIDO_VERSION_MAJOR ((PICO_FIDO_VERSION >> 8) & 0xff)
#define PICO_FIDO_VERSION_MINOR (PICO_FIDO_VERSION & 0xff)

2
tests/conftest.py
View File

@ -296,7 +296,7 @@ class Device():
def doGA(self, client_data=Ellipsis, rp_id=Ellipsis, allow_list=None, extensions=None, user_verification=None, event=None, ctap1=False, check_only=False):
client_data = client_data if client_data is not Ellipsis else CollectedClientData.create(
type=CollectedClientData.TYPE.CREATE, origin=self.__origin, challenge=os.urandom(32)
type=CollectedClientData.TYPE.GET, origin=self.__origin, challenge=os.urandom(32)
)
rp_id = rp_id if rp_id is not Ellipsis else self.__rp['id']
if (ctap1 is True):

2
tests/pico-fido/test_authenticate.py
View File

@ -76,7 +76,7 @@ def test_get_assertion_allow_list_filtering_and_buffering(device):
len(rp2_assertions)
)
assert counts in [(None, None), (l1, l2)]
assert counts in [(1, 1), (l1, l2)]
def test_corrupt_credId(device, MCRes):
# apply bit flip

130
tests/pico-fido/test_blob.py Normal file
View File

@ -0,0 +1,130 @@
import pytest
from fido2.ctap import CtapError
from fido2.ctap2.pin import PinProtocolV2, ClientPin
from utils import verify
import os
PIN='12345678'
SMALL_BLOB=b"A"*32
LARGE_BLOB=b"B"*1024
@pytest.fixture(scope="function")
def MCCredBlob(device):
res = device.doMC(extensions={'credBlob': SMALL_BLOB})['res'].attestation_object
return res
@pytest.fixture(scope="function")
def GACredBlob(device, MCCredBlob):
res = device.doGA(allow_list=[
{"id": MCCredBlob.auth_data.credential_data.credential_id, "type": "public-key"}
], extensions={'getCredBlob': True})
assertions = res['res'].get_assertions()
for a in assertions:
verify(MCCredBlob, a, res['req']['client_data'].hash)
return assertions[0]
@pytest.fixture(scope="function")
def MCLBK(device):
res = device.doMC(
rk=True,
extensions={'largeBlob':{'support':'required'}}
)['res']
return res
@pytest.fixture(scope="function")
def GALBRead(device, MCLBK):
res = device.doGA(
allow_list=[
{"id": MCLBK.attestation_object.auth_data.credential_data.credential_id, "type": "public-key"}
],extensions={'largeBlob':{'read': True}}
)
assertions = res['res'].get_assertions()
for a in assertions:
verify(MCLBK.attestation_object, a, res['req']['client_data'].hash)
return res['res']
@pytest.fixture(scope="function")
def GALBReadLBK(GALBRead):
return GALBRead.get_assertions()[0]
@pytest.fixture(scope="function")
def GALBReadLB(GALBRead):
return GALBRead.get_response(0)
@pytest.fixture(scope="function")
def GALBWrite(device, MCLBK):
res = device.doGA(
allow_list=[
{"id": MCLBK.attestation_object.auth_data.credential_data.credential_id, "type": "public-key"}
],extensions={'largeBlob':{'write': LARGE_BLOB}}
)
assertions = res['res'].get_assertions()
for a in assertions:
verify(MCLBK.attestation_object, a, res['req']['client_data'].hash)
return res['res'].get_response(0)
def test_supports_credblob(info):
assert info.extensions
assert 'credBlob' in info.extensions
assert info.max_cred_blob_length
assert info.max_cred_blob_length > 0
def test_mc_credblob(MCCredBlob):
assert MCCredBlob.auth_data.extensions
assert "credBlob" in MCCredBlob.auth_data.extensions
assert MCCredBlob.auth_data.extensions['credBlob'] is True
def test_ga_credblob(GACredBlob):
assert GACredBlob.auth_data.extensions
assert "credBlob" in GACredBlob.auth_data.extensions
assert GACredBlob.auth_data.extensions['credBlob'] == SMALL_BLOB
def test_wrong_credblob(device, info):
device.reset()
cdh = os.urandom(32)
ClientPin(device.client()._backend.ctap2).set_pin(PIN)
pin_token = ClientPin(device.client()._backend.ctap2).get_pin_token(PIN, permissions=ClientPin.PERMISSION.MAKE_CREDENTIAL | ClientPin.PERMISSION.AUTHENTICATOR_CFG)
protocol = PinProtocolV2()
MC = device.MC(
client_data_hash=cdh,
extensions={'credBlob': b'A'*(info.max_cred_blob_length+1)},
pin_uv_protocol=protocol.VERSION,
pin_uv_param=protocol.authenticate(pin_token, cdh)
)['res']
assert MC.auth_data.extensions
assert "credBlob" in MC.auth_data.extensions
assert MC.auth_data.extensions['credBlob'] is False
res = device.doGA(allow_list=[
{"id": MC.auth_data.credential_data.credential_id, "type": "public-key"}
], extensions={'getCredBlob': True})
assertions = res['res'].get_assertions()
for a in assertions:
verify(MC, a, res['req']['client_data'].hash)
assert assertions[0].auth_data.extensions
assert "credBlob" in assertions[0].auth_data.extensions
assert len(assertions[0].auth_data.extensions['credBlob']) == 0
def test_supports_largeblobs(info):
assert info.extensions
assert 'largeBlobKey' in info.extensions
assert 'largeBlobs' in info.options
assert info.max_large_blob is None or (info.max_large_blob > 1024)
def test_get_largeblobkey_mc(MCLBK):
assert 'supported' in MCLBK.extension_results
assert MCLBK.extension_results['supported'] is True
def test_get_largeblobkey_ga(GALBReadLBK):
assert GALBReadLBK.large_blob_key is not None
def test_get_largeblob_rw(GALBWrite, GALBReadLB):
assert 'written' in GALBWrite.extension_results
assert GALBWrite.extension_results['written'] is True
assert 'blob' in GALBReadLB.extension_results
assert GALBReadLB.extension_results['blob'] == LARGE_BLOB

189
tests/pico-fido/test_cred_mgmt.py
View File

@ -3,76 +3,78 @@ import time
import random
from fido2.ctap import CtapError
from fido2.ctap2 import CredentialManagement
from fido2.utils import sha256, hmac_sha256
from fido2.ctap2.pin import PinProtocolV2
from fido2.utils import sha256
from fido2.ctap2.pin import PinProtocolV2, ClientPin
from binascii import hexlify
from utils import generate_random_user
PIN = "12345678"
@pytest.fixture(params=[PIN], scope = 'function')
def PinToken(request, device, client_pin):
def client_pin_set(request, device, client_pin):
#device.reboot()
device.reset()
pin = request.param
client_pin.set_pin(pin)
return client_pin.get_pin_token(pin)
@pytest.fixture(scope = 'function')
def MC_RK_Res(device, PinToken):
def MC_RK_Res(device, client_pin_set):
rp = {"id": "ssh:", "name": "Bate Goiko"}
device.doMC(rp=rp, rk=True)
rp = {"id": "xakcop.com", "name": "John Doe"}
device.doMC(rp=rp, rk=True)
def PinToken(device):
return ClientPin(device.client()._backend.ctap2).get_pin_token(PIN, permissions=ClientPin.PERMISSION.MAKE_CREDENTIAL | ClientPin.PERMISSION.CREDENTIAL_MGMT)
@pytest.fixture(scope = 'function')
def CredMgmt(device, PinToken):
def CredMgmt(device):
pt = PinToken(device)
pin_protocol = PinProtocolV2()
return CredentialManagement(device.client()._backend.ctap2, pin_protocol, PinToken)
return CredentialManagement(device.client()._backend.ctap2, pin_protocol, pt)
def _test_enumeration(CredMgmt, rp_map):
def _test_enumeration(device, rp_map):
"Enumerate credentials using BFS"
res = CredMgmt.enumerate_rps()
credMgmt = CredMgmt(device)
res = credMgmt.enumerate_rps()
assert len(rp_map.keys()) == len(res)
for rp in res:
creds = CredMgmt.enumerate_creds(sha256(rp[3]["id"]))
assert len(creds) == rp_map[rp[3]["id"].decode()]
creds = credMgmt.enumerate_creds(sha256(rp[3]["id"].encode()))
assert len(creds) == rp_map[rp[3]["id"]]
def _test_enumeration_interleaved(CredMgmt, rp_map):
def _test_enumeration_interleaved(device, rp_map):
"Enumerate credentials using DFS"
first_rp = CredMgmt.enumerate_rps_begin()
credMgmt = CredMgmt(device)
first_rp = credMgmt.enumerate_rps_begin()
assert len(rp_map.keys()) == first_rp[CredentialManagement.RESULT.TOTAL_RPS]
rk_count = 1
first_rk = CredMgmt.enumerate_creds_begin(sha256(first_rp[3]["id"]))
first_rk = credMgmt.enumerate_creds_begin(sha256(first_rp[3]["id"].encode()))
for i in range(1, first_rk[CredentialManagement.RESULT.TOTAL_CREDENTIALS]):
c = CredMgmt.enumerate_creds_next()
c = credMgmt.enumerate_creds_next()
rk_count += 1
assert rk_count == rp_map[first_rp[3]["id"].decode()]
assert rk_count == rp_map[first_rp[3]["id"]]
for i in range(1, first_rp[CredentialManagement.RESULT.TOTAL_RPS]):
next_rp = CredMgmt.enumerate_rps_next()
next_rp = credMgmt.enumerate_rps_next()
rk_count = 1
first_rk = CredMgmt.enumerate_creds_begin(
sha256(next_rp[3]["id"])
first_rk =credMgmt.enumerate_creds_begin(
sha256(next_rp[3]["id"].encode())
)
for i in range(1, first_rk[CredentialManagement.RESULT.TOTAL_CREDENTIALS]):
c = CredMgmt.enumerate_creds_next()
c = credMgmt.enumerate_creds_next()
rk_count += 1
assert rk_count == rp_map[next_rp[3]["id"].decode()]
assert rk_count == rp_map[next_rp[3]["id"]]
def CredMgmtWrongPinAuth(device, pin_token):
def CredMgmtWrongPinAuth(device):
pin_token = PinToken(device)
pin_protocol = PinProtocolV2()
wrong_pt = bytearray(pin_token)
wrong_pt[0] = (wrong_pt[0] + 1) % 256
@ -98,55 +100,58 @@ def test_get_info(info):
assert 0x8 in info
assert info[0x8] > 1
def test_get_metadata(CredMgmt, MC_RK_Res):
metadata = CredMgmt.get_metadata()
def test_get_metadata_ok(MC_RK_Res, device):
metadata = CredMgmt(device).get_metadata()
assert metadata[CredentialManagement.RESULT.EXISTING_CRED_COUNT] == 2
assert metadata[CredentialManagement.RESULT.MAX_REMAINING_COUNT] >= 48
def test_enumerate_rps(CredMgmt, MC_RK_Res):
res = CredMgmt.enumerate_rps()
def test_enumerate_rps(MC_RK_Res, device):
res = CredMgmt(device).enumerate_rps()
assert len(res) == 2
assert res[0][CredentialManagement.RESULT.RP]["id"] == b"ssh:"
assert res[0][CredentialManagement.RESULT.RP]["id"] == "ssh:"
assert res[0][CredentialManagement.RESULT.RP_ID_HASH] == sha256(b"ssh:")
# Solo doesn't store rpId with the exception of "ssh:"
assert res[1][CredentialManagement.RESULT.RP]["id"] == b"xakcop.com"
assert res[1][CredentialManagement.RESULT.RP]["id"] == "xakcop.com"
assert res[1][CredentialManagement.RESULT.RP_ID_HASH] == sha256(b"xakcop.com")
def test_enumarate_creds(CredMgmt, MC_RK_Res):
res = CredMgmt.enumerate_creds(sha256(b"ssh:"))
def test_enumarate_creds(MC_RK_Res, device):
credMgmt = CredMgmt(device)
res = credMgmt.enumerate_creds(sha256(b"ssh:"))
assert len(res) == 1
assert_cred_response_has_all_fields(res[0])
res = CredMgmt.enumerate_creds(sha256(b"xakcop.com"))
res = credMgmt.enumerate_creds(sha256(b"xakcop.com"))
assert len(res) == 1
assert_cred_response_has_all_fields(res[0])
res = CredMgmt.enumerate_creds(sha256(b"missing.com"))
res = credMgmt.enumerate_creds(sha256(b"missing.com"))
assert not res
def test_get_metadata_wrong_pinauth(device, MC_RK_Res, PinToken):
def test_get_metadata_wrong_pinauth(device, MC_RK_Res):
cmd = lambda credMgmt: credMgmt.get_metadata()
_test_wrong_pinauth(device, cmd, PinToken)
_test_wrong_pinauth(device, cmd)
def test_rpbegin_wrong_pinauth(device, MC_RK_Res, PinToken):
def test_rpbegin_wrong_pinauth(device, MC_RK_Res):
cmd = lambda credMgmt: credMgmt.enumerate_rps_begin()
_test_wrong_pinauth(device, cmd, PinToken)
_test_wrong_pinauth(device, cmd)
def test_rkbegin_wrong_pinauth(device, MC_RK_Res, PinToken):
def test_rkbegin_wrong_pinauth(device, MC_RK_Res):
cmd = lambda credMgmt: credMgmt.enumerate_creds_begin(sha256(b"ssh:"))
_test_wrong_pinauth(device, cmd, PinToken)
_test_wrong_pinauth(device, cmd)
def test_rpnext_without_rpbegin(device, CredMgmt, MC_RK_Res):
CredMgmt.enumerate_creds_begin(sha256(b"ssh:"))
def test_rpnext_without_rpbegin(device, MC_RK_Res):
credMgmt = CredMgmt(device)
credMgmt.enumerate_creds_begin(sha256(b"ssh:"))
with pytest.raises(CtapError) as e:
CredMgmt.enumerate_rps_next()
credMgmt.enumerate_rps_next()
assert e.value.code == CtapError.ERR.NOT_ALLOWED
def test_rknext_without_rkbegin(device, CredMgmt, MC_RK_Res):
CredMgmt.enumerate_rps_begin()
def test_rknext_without_rkbegin(device, MC_RK_Res):
credMgmt = CredMgmt(device)
credMgmt.enumerate_rps_begin()
with pytest.raises(CtapError) as e:
CredMgmt.enumerate_creds_next()
credMgmt.enumerate_creds_next()
assert e.value.code == CtapError.ERR.NOT_ALLOWED
def test_delete(device, PinToken, CredMgmt):
def test_delete(device):
# create a new RK
rp = {"id": "example_3.com", "name": "John Doe 2"}
@ -156,21 +161,22 @@ def test_delete(device, PinToken, CredMgmt):
auth = device.doGA(rp_id=rp['id'])
# get the ID from enumeration
creds = CredMgmt.enumerate_creds(reg.auth_data.rp_id_hash)
credMgmt = CredMgmt(device)
creds = credMgmt.enumerate_creds(reg.auth_data.rp_id_hash)
for cred in creds:
if cred[7]["id"] == reg.auth_data.credential_data.credential_id:
break
# delete it
cred = {"id": cred[7]["id"], "type": "public-key"}
CredMgmt.delete_cred(cred)
credMgmt.delete_cred(cred)
# make sure it doesn't work
with pytest.raises(CtapError) as e:
auth = device.doGA(rp_id=rp['id'])
assert e.value.code == CtapError.ERR.NO_CREDENTIALS
def test_add_delete(device, PinToken, CredMgmt):
def test_add_delete(device):
""" Delete a credential in the 'middle' and ensure other credentials are not affected. """
rp = {"id": "example_4.com", "name": "John Doe 3"}
@ -182,11 +188,12 @@ def test_add_delete(device, PinToken, CredMgmt):
regs.append(reg)
# Check they all enumerate
res = CredMgmt.enumerate_creds(regs[1].auth_data.rp_id_hash)
credMgmt = CredMgmt(device)
res = credMgmt.enumerate_creds(regs[1].auth_data.rp_id_hash)
assert len(res) == 3
# delete the middle one
creds = CredMgmt.enumerate_creds(reg.auth_data.rp_id_hash)
creds = credMgmt.enumerate_creds(reg.auth_data.rp_id_hash)
for cred in creds:
if cred[7]["id"] == regs[1].auth_data.credential_data.credential_id:
break
@ -194,16 +201,16 @@ def test_add_delete(device, PinToken, CredMgmt):
assert cred[7]["id"] == regs[1].auth_data.credential_data.credential_id
cred = {"id": cred[7]["id"], "type": "public-key"}
CredMgmt.delete_cred(cred)
credMgmt.delete_cred(cred)
# Check one less enumerates
res = CredMgmt.enumerate_creds(regs[0].auth_data.rp_id_hash)
res = credMgmt.enumerate_creds(regs[0].auth_data.rp_id_hash)
assert len(res) == 2
def test_multiple_creds_per_multiple_rps(
device, PinToken, CredMgmt, MC_RK_Res
device, MC_RK_Res
):
res = CredMgmt.enumerate_rps()
res = CredMgmt(device).enumerate_rps()
assert len(res) == 2
new_rps = [
@ -217,27 +224,26 @@ def test_multiple_creds_per_multiple_rps(
for i in range(0, 3):
reg = device.doMC(rp=rp, rk=True, user=generate_random_user())
res = CredMgmt.enumerate_rps()
credMgmt = CredMgmt(device)
res = credMgmt.enumerate_rps()
assert len(res) == 5
for rp in res:
if rp[3]["id"][:12] == "new_example_":
creds = CredMgmt.enumerate_creds(sha256(rp[3]["id"].encode("utf8")))
creds = credMgmt.enumerate_creds(sha256(rp[3]["id"].encode("utf8")))
assert len(creds) == 3
@pytest.mark.parametrize(
"enumeration_test", [_test_enumeration, _test_enumeration_interleaved]
)
def test_multiple_enumeration(
device, PinToken, MC_RK_Res, CredMgmt, enumeration_test
device, MC_RK_Res, enumeration_test
):
""" Test enumerate still works after different commands """
res = CredMgmt.enumerate_rps()
expected_enumeration = {"xakcop.com": 1, "ssh:": 1}
enumeration_test(CredMgmt, expected_enumeration)
enumeration_test(device, expected_enumeration)
new_rps = [
{"id": "example-2.com", "name": "Example-2-creds", "count": 2},
@ -253,27 +259,19 @@ def test_multiple_enumeration(
# Now expect creds from this RP
expected_enumeration[rp["id"]] = rp["count"]
enumeration_test(CredMgmt, expected_enumeration)
enumeration_test(CredMgmt, expected_enumeration)
metadata = CredMgmt.get_metadata()
enumeration_test(CredMgmt, expected_enumeration)
enumeration_test(CredMgmt, expected_enumeration)
enumeration_test(device, expected_enumeration)
@pytest.mark.parametrize(
"enumeration_test", [_test_enumeration, _test_enumeration_interleaved]
)
def test_multiple_enumeration_with_deletions(
device, PinToken, MC_RK_Res, CredMgmt, enumeration_test
device, MC_RK_Res, enumeration_test
):
""" Create each credential in random order. Test enumerate still works after randomly deleting each credential"""
res = CredMgmt.enumerate_rps()
expected_enumeration = {"xakcop.com": 1, "ssh:": 1}
enumeration_test(CredMgmt, expected_enumeration)
enumeration_test(device, expected_enumeration)
new_rps = [
{"id": "example-1.com", "name": "Example-1-creds"},
@ -294,7 +292,7 @@ def test_multiple_enumeration_with_deletions(
else:
expected_enumeration[rp["id"]] += 1
enumeration_test(CredMgmt, expected_enumeration)
enumeration_test(device, expected_enumeration)
total_creds = len(new_rps)
@ -304,10 +302,11 @@ def test_multiple_enumeration_with_deletions(
num = expected_enumeration[rp]
index = 0 if num == 1 else random.randint(0, num - 1)
cred = CredMgmt.enumerate_creds(sha256(rp.encode("utf8")))[index]
credMgmt = CredMgmt(device)
cred = credMgmt.enumerate_creds(sha256(rp.encode("utf8")))[index]
# print('Delete %d index (%d total) cred of %s' % (index, expected_enumeration[rp], rp))
CredMgmt.delete_cred({"id": cred[7]["id"], "type": "public-key"})
credMgmt.delete_cred({"id": cred[7]["id"], "type": "public-key"})
expected_enumeration[rp] -= 1
if expected_enumeration[rp] == 0:
@ -316,43 +315,13 @@ def test_multiple_enumeration_with_deletions(
if len(list(expected_enumeration.keys())) == 0:
break
enumeration_test(CredMgmt, expected_enumeration)
enumeration_test(device, expected_enumeration)
def _test_wrong_pinauth(device, cmd, PinToken):
def _test_wrong_pinauth(device, cmd):
credMgmt = CredMgmtWrongPinAuth(device, PinToken)
credMgmt = CredMgmtWrongPinAuth(device)
for i in range(2):
with pytest.raises(CtapError) as e:
cmd(credMgmt)
assert e.value.code == CtapError.ERR.PIN_AUTH_INVALID
with pytest.raises(CtapError) as e:
cmd(credMgmt)
assert e.value.code == CtapError.ERR.PIN_AUTH_BLOCKED
#device.reboot()
credMgmt = CredMgmtWrongPinAuth(device, PinToken)
for i in range(2):
time.sleep(0.2)
with pytest.raises(CtapError) as e:
cmd(credMgmt)
assert e.value.code == CtapError.ERR.PIN_AUTH_INVALID
with pytest.raises(CtapError) as e:
cmd(credMgmt)
assert e.value.code == CtapError.ERR.PIN_AUTH_BLOCKED
#device.reboot()
credMgmt = CredMgmtWrongPinAuth(device, PinToken)
for i in range(1):
time.sleep(0.2)
with pytest.raises(CtapError) as e:
cmd(credMgmt)
assert e.value.code == CtapError.ERR.PIN_AUTH_INVALID
with pytest.raises(CtapError) as e:
cmd(credMgmt)
assert e.value.code == CtapError.ERR.PIN_BLOCKED

81
tests/pico-fido/test_minpinlength.py Normal file
View File

@ -0,0 +1,81 @@
import pytest
from fido2.ctap2.extensions import CredProtectExtension
from fido2.webauthn import UserVerificationRequirement
from fido2.ctap import CtapError
from fido2.ctap2.pin import PinProtocolV2, ClientPin
from fido2.ctap2 import Config
PIN='12345678'
MINPINLENGTH=6
@pytest.fixture(scope="function")
def MCMinPin(device):
res = device.doMC(rk=True, extensions={'minPinLength': True})['res'].attestation_object
return res
@pytest.fixture(scope="function")
def SetMinPin(device):
device.reset()
ClientPin(device.client()._backend.ctap2).set_pin(PIN)
cfg = FidoConfig(device)
cfg.set_min_pin_length(MINPINLENGTH,rp_ids=['example.com'])
@pytest.fixture(scope="function")
def SetMinPinWrongRpid(device):
device.reset()
ClientPin(device.client()._backend.ctap2).set_pin(PIN)
cfg = FidoConfig(device)
cfg.set_min_pin_length(MINPINLENGTH,rp_ids=['notanexample.com'])
def PinToken(device):
return ClientPin(device.client()._backend.ctap2).get_pin_token(PIN, permissions=ClientPin.PERMISSION.MAKE_CREDENTIAL | ClientPin.PERMISSION.AUTHENTICATOR_CFG)
def FidoConfig(device):
pt = PinToken(device)
pin_protocol = PinProtocolV2()
return Config(device.client()._backend.ctap2, pin_protocol, pt)
def test_supports_minpin(info):
assert info.extensions
assert 'minPinLength' in info.extensions
assert info.options
assert 'setMinPINLength' in info.options
assert info.options['setMinPINLength'] is True
def test_minpin(SetMinPin, MCMinPin):
assert MCMinPin.auth_data.extensions
assert "minPinLength" in MCMinPin.auth_data.extensions
assert MCMinPin.auth_data.extensions['minPinLength'] == MINPINLENGTH
def test_minpin_bad_rpid(SetMinPinWrongRpid, MCMinPin):
assert not MCMinPin.auth_data.extensions
assert "minPinLength" not in MCMinPin.auth_data.extensions
def test_setminpin(device, SetMinPin, MCMinPin):
cfg = FidoConfig(device)
cfg.set_min_pin_length(MINPINLENGTH+2,rp_ids=['example.com'])
res = device.doMC(rk=True, extensions={'minPinLength': True})['res'].attestation_object
assert res.auth_data.extensions
assert "minPinLength" in res.auth_data.extensions
assert res.auth_data.extensions['minPinLength'] == MINPINLENGTH+2
def test_no_setminpin(device, SetMinPin, MCMinPin):
cfg = FidoConfig(device)
with pytest.raises(CtapError) as e:
cfg.set_min_pin_length(MINPINLENGTH-2,rp_ids=['example.com'])
assert e.value.code == CtapError.ERR.PIN_POLICY_VIOLATION
def test_setminpin_check_force(device, SetMinPin, MCMinPin):
cfg = FidoConfig(device)
cfg.set_min_pin_length(len(PIN)+1,rp_ids=['example.com'])
info = device.client()._backend.ctap2.get_info()
assert info.force_pin_change == True
@pytest.mark.parametrize(
"force", [True, False]
)
def test_setminpin_set_forcee(device, SetMinPin, MCMinPin, force):
cfg = FidoConfig(device)
cfg.set_min_pin_length(MINPINLENGTH,rp_ids=['example.com'],force_change_pin=force)
info = device.client()._backend.ctap2.get_info()
assert info.force_pin_change == force