summaryrefslogtreecommitdiff
path: root/tools/assert_get.c
diff options
context:
space:
mode:
Diffstat (limited to 'tools/assert_get.c')
-rw-r--r--tools/assert_get.c94
1 files changed, 80 insertions, 14 deletions
diff --git a/tools/assert_get.c b/tools/assert_get.c
index 5e209cd..d52cd06 100644
--- a/tools/assert_get.c
+++ b/tools/assert_get.c
@@ -15,8 +15,67 @@
15#include "../openbsd-compat/openbsd-compat.h" 15#include "../openbsd-compat/openbsd-compat.h"
16#include "extern.h" 16#include "extern.h"
17 17
18struct toggle {
19 fido_opt_t up;
20 fido_opt_t uv;
21 fido_opt_t pin;
22};
23
24static const char *
25opt2str(fido_opt_t v)
26{
27 switch (v) {
28 case FIDO_OPT_OMIT:
29 return "omit";
30 case FIDO_OPT_TRUE:
31 return "true";
32 case FIDO_OPT_FALSE:
33 return "false";
34 default:
35 return "unknown";
36 }
37}
38
39static void
40parse_toggle(const char *str, struct toggle *opt)
41{
42 fido_opt_t *k;
43 fido_opt_t v;
44 char *assignment;
45 char *key;
46 char *val;
47
48 if ((assignment = strdup(str)) == NULL)
49 err(1, "strdup");
50 if ((val = strchr(assignment, '=')) == NULL)
51 errx(1, "invalid assignment '%s'", assignment);
52
53 key = assignment;
54 *val++ = '\0';
55
56 if (!strcmp(val, "true"))
57 v = FIDO_OPT_TRUE;
58 else if (!strcmp(val, "false"))
59 v = FIDO_OPT_FALSE;
60 else
61 errx(1, "unknown value '%s'", val);
62
63 if (!strcmp(key, "up"))
64 k = &opt->up;
65 else if (!strcmp(key, "uv"))
66 k = &opt->uv;
67 else if (!strcmp(key, "pin"))
68 k = &opt->pin;
69 else
70 errx(1, "unknown key '%s'", key);
71
72 free(assignment);
73
74 *k = v;
75}
76
18static fido_assert_t * 77static fido_assert_t *
19prepare_assert(FILE *in_f, int flags) 78prepare_assert(FILE *in_f, int flags, const struct toggle *opt)
20{ 79{
21 fido_assert_t *assert = NULL; 80 fido_assert_t *assert = NULL;
22 struct blob cdh; 81 struct blob cdh;
@@ -46,6 +105,9 @@ prepare_assert(FILE *in_f, int flags)
46 fprintf(stderr, "credential id:\n"); 105 fprintf(stderr, "credential id:\n");
47 xxd(id.ptr, id.len); 106 xxd(id.ptr, id.len);
48 } 107 }
108 fprintf(stderr, "up=%s\n", opt2str(opt->up));
109 fprintf(stderr, "uv=%s\n", opt2str(opt->uv));
110 fprintf(stderr, "pin=%s\n", opt2str(opt->pin));
49 } 111 }
50 112
51 if ((assert = fido_assert_new()) == NULL) 113 if ((assert = fido_assert_new()) == NULL)
@@ -55,15 +117,11 @@ prepare_assert(FILE *in_f, int flags)
55 cdh.len)) != FIDO_OK || 117 cdh.len)) != FIDO_OK ||
56 (r = fido_assert_set_rp(assert, rpid)) != FIDO_OK) 118 (r = fido_assert_set_rp(assert, rpid)) != FIDO_OK)
57 errx(1, "fido_assert_set: %s", fido_strerr(r)); 119 errx(1, "fido_assert_set: %s", fido_strerr(r));
120 if ((r = fido_assert_set_up(assert, opt->up)) != FIDO_OK)
121 errx(1, "fido_assert_set_up: %s", fido_strerr(r));
122 if ((r = fido_assert_set_uv(assert, opt->uv)) != FIDO_OK)
123 errx(1, "fido_assert_set_uv: %s", fido_strerr(r));
58 124
59 if (flags & FLAG_UP) {
60 if ((r = fido_assert_set_up(assert, FIDO_OPT_TRUE)) != FIDO_OK)
61 errx(1, "fido_assert_set_up: %s", fido_strerr(r));
62 }
63 if (flags & FLAG_UV) {
64 if ((r = fido_assert_set_uv(assert, FIDO_OPT_TRUE)) != FIDO_OK)
65 errx(1, "fido_assert_set_uv: %s", fido_strerr(r));
66 }
67 if (flags & FLAG_HMAC) { 125 if (flags & FLAG_HMAC) {
68 if ((r = fido_assert_set_extensions(assert, 126 if ((r = fido_assert_set_extensions(assert,
69 FIDO_EXT_HMAC_SECRET)) != FIDO_OK) 127 FIDO_EXT_HMAC_SECRET)) != FIDO_OK)
@@ -136,6 +194,7 @@ assert_get(int argc, char **argv)
136{ 194{
137 fido_dev_t *dev = NULL; 195 fido_dev_t *dev = NULL;
138 fido_assert_t *assert = NULL; 196 fido_assert_t *assert = NULL;
197 struct toggle opt;
139 char pin[1024]; 198 char pin[1024];
140 char prompt[1024]; 199 char prompt[1024];
141 char *in_path = NULL; 200 char *in_path = NULL;
@@ -146,7 +205,9 @@ assert_get(int argc, char **argv)
146 int ch; 205 int ch;
147 int r; 206 int r;
148 207
149 while ((ch = getopt(argc, argv, "dhi:o:pruv")) != -1) { 208 opt.up = opt.uv = opt.pin = FIDO_OPT_OMIT;
209
210 while ((ch = getopt(argc, argv, "dhi:o:prt:uv")) != -1) {
150 switch (ch) { 211 switch (ch) {
151 case 'd': 212 case 'd':
152 flags |= FLAG_DEBUG; 213 flags |= FLAG_DEBUG;
@@ -161,16 +222,21 @@ assert_get(int argc, char **argv)
161 out_path = optarg; 222 out_path = optarg;
162 break; 223 break;
163 case 'p': 224 case 'p':
164 flags |= FLAG_UP; 225 opt.up = FIDO_OPT_TRUE;
165 break; 226 break;
166 case 'r': 227 case 'r':
167 flags |= FLAG_RK; 228 flags |= FLAG_RK;
168 break; 229 break;
230 case 't' :
231 parse_toggle(optarg, &opt);
232 break;
169 case 'u': 233 case 'u':
170 flags |= FLAG_U2F; 234 flags |= FLAG_U2F;
171 break; 235 break;
172 case 'v': 236 case 'v':
173 flags |= FLAG_UV; 237 /* -v implies both pin and uv for historical reasons */
238 opt.pin = FIDO_OPT_TRUE;
239 opt.uv = FIDO_OPT_TRUE;
174 break; 240 break;
175 default: 241 default:
176 usage(); 242 usage();
@@ -188,13 +254,13 @@ assert_get(int argc, char **argv)
188 254
189 fido_init((flags & FLAG_DEBUG) ? FIDO_DEBUG : 0); 255 fido_init((flags & FLAG_DEBUG) ? FIDO_DEBUG : 0);
190 256
191 assert = prepare_assert(in_f, flags); 257 assert = prepare_assert(in_f, flags, &opt);
192 258
193 dev = open_dev(argv[0]); 259 dev = open_dev(argv[0]);
194 if (flags & FLAG_U2F) 260 if (flags & FLAG_U2F)
195 fido_dev_force_u2f(dev); 261 fido_dev_force_u2f(dev);
196 262
197 if (flags & FLAG_UV) { 263 if (opt.pin == FIDO_OPT_TRUE) {
198 r = snprintf(prompt, sizeof(prompt), "Enter PIN for %s: ", 264 r = snprintf(prompt, sizeof(prompt), "Enter PIN for %s: ",
199 argv[0]); 265 argv[0]);
200 if (r < 0 || (size_t)r >= sizeof(prompt)) 266 if (r < 0 || (size_t)r >= sizeof(prompt))