New upstream version 1.4.0

author: Colin Watson <cjwatson@debian.org> 2020-04-17 20:57:17 +0100
committer: Colin Watson <cjwatson@debian.org> 2020-04-17 20:57:17 +0100
commit: 75073d0a8478441cc97a6efa10b566c5fb1dac81 (patch)
tree: b73bff259e1b16829ed8b19ee92df2bbbf36ef7d /tools
parent: c923f422b1e455bdd8ec3bdb10d005e3bfbacfe0 (diff)
7 files changed, 85 insertions, 7 deletions
diff --git a/tools/CMakeLists.txt b/tools/CMakeLists.txt
index 4b8ef32..274a799 100644
--- a/tools/CMakeLists.txt
+++ b/tools/CMakeLists.txt
@@ -8,7 +8,7 @@ list(APPEND COMPAT_SOURCES
        ../openbsd-compat/strlcat.c
 )
-if(WIN32)
+if(WIN32 AND NOT CYGWIN AND NOT MSYS)
        list(APPEND COMPAT_SOURCES
                ../openbsd-compat/bsd-getline.c
                ../openbsd-compat/explicit_bzero_win32.c
@@ -49,7 +49,6 @@ add_executable(fido2-token
        ${COMPAT_SOURCES}
 )
 target_link_libraries(fido2-cred ${CRYPTO_LIBRARIES} fido2_shared)
 target_link_libraries(fido2-assert ${CRYPTO_LIBRARIES} fido2_shared)
 target_link_libraries(fido2-token ${CRYPTO_LIBRARIES} fido2_shared)
diff --git a/tools/bio.c b/tools/bio.c
index b8f9b38..135b055 100644
--- a/tools/bio.c
+++ b/tools/bio.c
@@ -253,11 +253,10 @@ void
 bio_info(fido_dev_t *dev)
 {
        fido_bio_info_t *i = NULL;
-        int              r;
        if ((i = fido_bio_info_new()) == NULL)
                errx(1, "fido_bio_info_new");
-        if ((r = fido_bio_dev_get_info(dev, i)) != FIDO_OK) {
+        if (fido_bio_dev_get_info(dev, i) != FIDO_OK) {
                fido_bio_info_free(&i);
                return;
        }
diff --git a/tools/credman.c b/tools/credman.c
index 08c9eb8..6eda245 100644
--- a/tools/credman.c
+++ b/tools/credman.c
@@ -37,7 +37,7 @@ credman_get_metadata(fido_dev_t *dev, const char *path)
        printf("existing rk(s): %u\n",
            (unsigned)fido_credman_rk_existing(metadata));
-        printf("possible rk(s): %u\n",
+        printf("remaining rk(s): %u\n",
            (unsigned)fido_credman_rk_remaining(metadata));
        fido_credman_metadata_free(&metadata);
diff --git a/tools/extern.h b/tools/extern.h
index e79e6f0..be01046 100644
--- a/tools/extern.h
+++ b/tools/extern.h
@@ -7,6 +7,12 @@
 #ifndef _EXTERN_H_
 #define _EXTERN_H_
+#include <stddef.h>
+#include <stdio.h>
+#include <openssl/ec.h>
+#include <fido.h>
 struct blob {
        unsigned char *ptr;
        size_t len;
diff --git a/tools/include_check.sh b/tools/include_check.sh
new file mode 100755
index 0000000..9958c9a
--- /dev/null
+++ b/tools/include_check.sh
@@ -0,0 +1,21 @@
+#!/bin/bash
+#
+# Copyright (c) 2019 Yubico AB. All rights reserved.
+# Use of this source code is governed by a BSD-style
+# license that can be found in the LICENSE file.
+check() {
+        for f in $(find $1 -maxdepth 1 -name '*.h'); do
+                echo "#include \"$f\"" | \
+                        cc $CFLAGS -Isrc -xc -c - -o /dev/null 2>&1
+                echo $f $CFLAGS $?
+        done
+}
+check examples
+check fuzz
+check openbsd-compat
+CFLAGS=-D_FIDO_INTERNAL check src
+check src/fido.h
+check src/fido
+check tools
diff --git a/tools/macos_pkg.sh b/tools/macos_pkg.sh
new file mode 100755
index 0000000..4313c27
--- /dev/null
+++ b/tools/macos_pkg.sh
@@ -0,0 +1,44 @@
+#!/bin/bash -e
+# Copyright (c) 2019 Yubico AB. All rights reserved.
+# Use of this source code is governed by a BSD-style
+# license that can be found in the LICENSE file.
+if [[ "$#" -ne 2 ]]; then
+        echo usage: $0 version directory 1>&2
+        exit 1
+fi
+V=$1
+D=$2
+FIDO_PATH=$(realpath ${D}/lib/libfido2.${V}.dylib)
+CBOR_PATH=$(otool -L "${FIDO_PATH}" | grep cbor | awk '{ print $1 }')
+CRYPTO_PATH=$(otool -L "${FIDO_PATH}" | grep crypto | awk '{ print $1 }')
+cp -p "${CBOR_PATH}" "${CRYPTO_PATH}" "${D}/lib"
+chmod 755 "${D}/lib/"*dylib
+rm "${D}/lib/pkgconfig/libfido2.pc"
+rmdir "${D}/lib/pkgconfig"
+CBOR_NAME=$(echo "${CBOR_PATH}" | grep -o 'libcbor.*dylib')
+CRYPTO_NAME=$(echo "${CRYPTO_PATH}" | grep -o 'libcrypto.*dylib')
+FIDO_NAME="libfido2.${V}.dylib"
+install_name_tool -id "@loader_path/${CBOR_NAME}" "${D}/lib/${CBOR_NAME}"
+install_name_tool -id "@loader_path/${CRYPTO_NAME}" "${D}/lib/${CRYPTO_NAME}"
+install_name_tool -id "@loader_path/libfido2.${V}.dylib" "${FIDO_PATH}"
+install_name_tool -change "${CBOR_PATH}" "@loader_path/${CBOR_NAME}" \
+        "${FIDO_PATH}"
+install_name_tool -change "${CRYPTO_PATH}" "@loader_path/${CRYPTO_NAME}" \
+        "${FIDO_PATH}"
+for f in $(find "${D}/bin" -type f); do
+        FIDO_PATH=$(otool -L "${f}" | grep libfido2 | awk '{ print $1 }')
+        install_name_tool -change "${CBOR_PATH}" \
+                "@executable_path/../lib/${CBOR_NAME}" "${f}"
+        install_name_tool -change "${CRYPTO_PATH}" \
+                "@executable_path/../lib/${CRYPTO_NAME}" "${f}"
+        install_name_tool -change "${FIDO_PATH}" \
+                "@executable_path/../lib/${FIDO_NAME}" "${f}"
+done
diff --git a/tools/token.c b/tools/token.c
index b149208..e65f09f 100644
--- a/tools/token.c
+++ b/tools/token.c
@@ -112,6 +112,12 @@ print_maxmsgsiz(uint64_t maxmsgsiz)
 }
 static void
+print_fwversion(uint64_t fwversion)
+{
+        printf("fwversion: 0x%x\n", (int)fwversion);
+}
+static void
 print_byte_array(const char *label, const uint8_t *ba, size_t len)
 {
        if (len == 0)
@@ -166,7 +172,7 @@ token_info(int argc, char **argv, char *path)
                return (credman_print_rk(dev, path, rp_id, cred_id));
        if (cred_id || rp_id)
                usage();
-                
        print_attr(dev);
        if (fido_dev_is_fido2(dev) == false)
@@ -196,11 +202,14 @@ token_info(int argc, char **argv, char *path)
        /* print maximum message size */
        print_maxmsgsiz(fido_cbor_info_maxmsgsiz(ci));
+        /* print firmware version */
+        print_fwversion(fido_cbor_info_fwversion(ci));
        /* print supported pin protocols */
        print_byte_array("pin protocols", fido_cbor_info_protocols_ptr(ci),
            fido_cbor_info_protocols_len(ci));
-        if ((r = fido_dev_get_retry_count(dev, &retrycnt)) != FIDO_OK)
+        if (fido_dev_get_retry_count(dev, &retrycnt) != FIDO_OK)
                printf("pin retries: undefined\n");
        else
                printf("pin retries: %d\n", retrycnt);
author	Colin Watson <cjwatson@debian.org>	2020-04-17 20:57:17 +0100
committer	Colin Watson <cjwatson@debian.org>	2020-04-17 20:57:17 +0100
commit	75073d0a8478441cc97a6efa10b566c5fb1dac81 (patch)
tree	b73bff259e1b16829ed8b19ee92df2bbbf36ef7d /tools
parent	c923f422b1e455bdd8ec3bdb10d005e3bfbacfe0 (diff)

diff --git a/tools/CMakeLists.txt b/tools/CMakeLists.txt index 4b8ef32..274a799 100644 --- a/tools/CMakeLists.txt +++ b/tools/CMakeLists.txt
@@ -8,7 +8,7 @@ list(APPEND COMPAT_SOURCES
8	../openbsd-compat/strlcat.c	8	../openbsd-compat/strlcat.c
9	)	9	)
10		10
11	if(WIN32)	11	if(WIN32 AND NOT CYGWIN AND NOT MSYS)
12	list(APPEND COMPAT_SOURCES	12	list(APPEND COMPAT_SOURCES
13	../openbsd-compat/bsd-getline.c	13	../openbsd-compat/bsd-getline.c
14	../openbsd-compat/explicit_bzero_win32.c	14	../openbsd-compat/explicit_bzero_win32.c
@@ -49,7 +49,6 @@ add_executable(fido2-token
49	${COMPAT_SOURCES}	49	${COMPAT_SOURCES}
50	)	50	)
51		51
52
53	target_link_libraries(fido2-cred ${CRYPTO_LIBRARIES} fido2_shared)	52	target_link_libraries(fido2-cred ${CRYPTO_LIBRARIES} fido2_shared)
54	target_link_libraries(fido2-assert ${CRYPTO_LIBRARIES} fido2_shared)	53	target_link_libraries(fido2-assert ${CRYPTO_LIBRARIES} fido2_shared)
55	target_link_libraries(fido2-token ${CRYPTO_LIBRARIES} fido2_shared)	54	target_link_libraries(fido2-token ${CRYPTO_LIBRARIES} fido2_shared)


diff --git a/tools/bio.c b/tools/bio.c index b8f9b38..135b055 100644 --- a/tools/bio.c +++ b/tools/bio.c
@@ -253,11 +253,10 @@ void
253	bio_info(fido_dev_t *dev)	253	bio_info(fido_dev_t *dev)
254	{	254	{
255	fido_bio_info_t *i = NULL;	255	fido_bio_info_t *i = NULL;
256	int r;
257		256
258	if ((i = fido_bio_info_new()) == NULL)	257	if ((i = fido_bio_info_new()) == NULL)
259	errx(1, "fido_bio_info_new");	258	errx(1, "fido_bio_info_new");
260	if ((r = fido_bio_dev_get_info(dev, i)) != FIDO_OK) {	259	if (fido_bio_dev_get_info(dev, i) != FIDO_OK) {
261	fido_bio_info_free(&i);	260	fido_bio_info_free(&i);
262	return;	261	return;
263	}	262	}


diff --git a/tools/credman.c b/tools/credman.c index 08c9eb8..6eda245 100644 --- a/tools/credman.c +++ b/tools/credman.c
@@ -37,7 +37,7 @@ credman_get_metadata(fido_dev_t dev, const char path)
37		37
38	printf("existing rk(s): %u\n",	38	printf("existing rk(s): %u\n",
39	(unsigned)fido_credman_rk_existing(metadata));	39	(unsigned)fido_credman_rk_existing(metadata));
40	printf("possible rk(s): %u\n",	40	printf("remaining rk(s): %u\n",
41	(unsigned)fido_credman_rk_remaining(metadata));	41	(unsigned)fido_credman_rk_remaining(metadata));
42		42
43	fido_credman_metadata_free(&metadata);	43	fido_credman_metadata_free(&metadata);


diff --git a/tools/extern.h b/tools/extern.h index e79e6f0..be01046 100644 --- a/tools/extern.h +++ b/tools/extern.h
@@ -7,6 +7,12 @@
7	#ifndef _EXTERN_H_	7	#ifndef _EXTERN_H_
8	#define _EXTERN_H_	8	#define _EXTERN_H_
9		9
		10	#include <stddef.h>
		11	#include <stdio.h>
		12
		13	#include <openssl/ec.h>
		14	#include <fido.h>
		15
10	struct blob {	16	struct blob {
11	unsigned char *ptr;	17	unsigned char *ptr;
12	size_t len;	18	size_t len;


diff --git a/tools/include_check.sh b/tools/include_check.sh new file mode 100755 index 0000000..9958c9a --- /dev/null +++ b/tools/include_check.sh
@@ -0,0 +1,21 @@
		1	#!/bin/bash
		2	#
		3	# Copyright (c) 2019 Yubico AB. All rights reserved.
		4	# Use of this source code is governed by a BSD-style
		5	# license that can be found in the LICENSE file.
		6
		7	check() {
		8	for f in $(find $1 -maxdepth 1 -name '*.h'); do
		9	echo "#include \"$f\"" \| \
		10	cc $CFLAGS -Isrc -xc -c - -o /dev/null 2>&1
		11	echo $f $CFLAGS $?
		12	done
		13	}
		14
		15	check examples
		16	check fuzz
		17	check openbsd-compat
		18	CFLAGS=-D_FIDO_INTERNAL check src
		19	check src/fido.h
		20	check src/fido
		21	check tools


diff --git a/tools/macos_pkg.sh b/tools/macos_pkg.sh new file mode 100755 index 0000000..4313c27 --- /dev/null +++ b/tools/macos_pkg.sh
@@ -0,0 +1,44 @@
		1	#!/bin/bash -e
		2	# Copyright (c) 2019 Yubico AB. All rights reserved.
		3	# Use of this source code is governed by a BSD-style
		4	# license that can be found in the LICENSE file.
		5
		6	if [[ "$#" -ne 2 ]]; then
		7	echo usage: $0 version directory 1>&2
		8	exit 1
		9	fi
		10
		11	V=$1
		12	D=$2
		13
		14	FIDO_PATH=$(realpath ${D}/lib/libfido2.${V}.dylib)
		15	CBOR_PATH=$(otool -L "${FIDO_PATH}" \| grep cbor \| awk '{ print $1 }')
		16	CRYPTO_PATH=$(otool -L "${FIDO_PATH}" \| grep crypto \| awk '{ print $1 }')
		17
		18	cp -p "${CBOR_PATH}" "${CRYPTO_PATH}" "${D}/lib"
		19	chmod 755 "${D}/lib/"*dylib
		20	rm "${D}/lib/pkgconfig/libfido2.pc"
		21	rmdir "${D}/lib/pkgconfig"
		22
		23	CBOR_NAME=$(echo "${CBOR_PATH}" \| grep -o 'libcbor.*dylib')
		24	CRYPTO_NAME=$(echo "${CRYPTO_PATH}" \| grep -o 'libcrypto.*dylib')
		25	FIDO_NAME="libfido2.${V}.dylib"
		26
		27	install_name_tool -id "@loader_path/${CBOR_NAME}" "${D}/lib/${CBOR_NAME}"
		28	install_name_tool -id "@loader_path/${CRYPTO_NAME}" "${D}/lib/${CRYPTO_NAME}"
		29	install_name_tool -id "@loader_path/libfido2.${V}.dylib" "${FIDO_PATH}"
		30
		31	install_name_tool -change "${CBOR_PATH}" "@loader_path/${CBOR_NAME}" \
		32	"${FIDO_PATH}"
		33	install_name_tool -change "${CRYPTO_PATH}" "@loader_path/${CRYPTO_NAME}" \
		34	"${FIDO_PATH}"
		35
		36	for f in $(find "${D}/bin" -type f); do
		37	FIDO_PATH=$(otool -L "${f}" \| grep libfido2 \| awk '{ print $1 }')
		38	install_name_tool -change "${CBOR_PATH}" \
		39	"@executable_path/../lib/${CBOR_NAME}" "${f}"
		40	install_name_tool -change "${CRYPTO_PATH}" \
		41	"@executable_path/../lib/${CRYPTO_NAME}" "${f}"
		42	install_name_tool -change "${FIDO_PATH}" \
		43	"@executable_path/../lib/${FIDO_NAME}" "${f}"
		44	done


diff --git a/tools/token.c b/tools/token.c index b149208..e65f09f 100644 --- a/tools/token.c +++ b/tools/token.c
@@ -112,6 +112,12 @@ print_maxmsgsiz(uint64_t maxmsgsiz)
112	}	112	}
113		113
114	static void	114	static void
		115	print_fwversion(uint64_t fwversion)
		116	{
		117	printf("fwversion: 0x%x\n", (int)fwversion);
		118	}
		119
		120	static void
115	print_byte_array(const char label, const uint8_t ba, size_t len)	121	print_byte_array(const char label, const uint8_t ba, size_t len)
116	{	122	{
117	if (len == 0)	123	if (len == 0)
@@ -166,7 +172,7 @@ token_info(int argc, char *argv, char path)
166	return (credman_print_rk(dev, path, rp_id, cred_id));	172	return (credman_print_rk(dev, path, rp_id, cred_id));
167	if (cred_id \|\| rp_id)	173	if (cred_id \|\| rp_id)
168	usage();	174	usage();
169		175
170	print_attr(dev);	176	print_attr(dev);
171		177
172	if (fido_dev_is_fido2(dev) == false)	178	if (fido_dev_is_fido2(dev) == false)
@@ -196,11 +202,14 @@ token_info(int argc, char *argv, char path)
196	/* print maximum message size */	202	/* print maximum message size */
197	print_maxmsgsiz(fido_cbor_info_maxmsgsiz(ci));	203	print_maxmsgsiz(fido_cbor_info_maxmsgsiz(ci));
198		204
		205	/* print firmware version */
		206	print_fwversion(fido_cbor_info_fwversion(ci));
		207
199	/* print supported pin protocols */	208	/* print supported pin protocols */
200	print_byte_array("pin protocols", fido_cbor_info_protocols_ptr(ci),	209	print_byte_array("pin protocols", fido_cbor_info_protocols_ptr(ci),
201	fido_cbor_info_protocols_len(ci));	210	fido_cbor_info_protocols_len(ci));
202		211
203	if ((r = fido_dev_get_retry_count(dev, &retrycnt)) != FIDO_OK)	212	if (fido_dev_get_retry_count(dev, &retrycnt) != FIDO_OK)
204	printf("pin retries: undefined\n");	213	printf("pin retries: undefined\n");
205	else	214	else
206	printf("pin retries: %d\n", retrycnt);	215	printf("pin retries: %d\n", retrycnt);