From 75073d0a8478441cc97a6efa10b566c5fb1dac81 Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Fri, 17 Apr 2020 20:57:17 +0100 Subject: New upstream version 1.4.0 --- .github/workflows/cifuzz_oss.yml | 23 ++ .github/workflows/scan.yml | 36 +++ .gitignore | 3 + .travis.yml | 4 +- .travis/fuzz-linux-asan | 11 +- .travis/fuzz-linux-msan | 11 +- CMakeLists.txt | 80 ++++-- NEWS | 15 + README.adoc | 10 +- debian/libfido2-dev.install | 46 +-- debian/libfido2-dev.links | 380 ++++++++++++++++-------- debian/libfido2-dev.manpages | 22 +- examples/CMakeLists.txt | 2 +- examples/cred.c | 40 ++- examples/info.c | 12 + fuzz/CMakeLists.txt | 2 - fuzz/Dockerfile | 10 + fuzz/Makefile | 78 +++++ fuzz/README | 2 +- fuzz/build-coverage | 27 ++ fuzz/corpus.tgz | Bin 1131788 -> 0 bytes fuzz/dummy.h | 96 +++++++ fuzz/export.gnu | 189 ++++++++++++ fuzz/functions.txt | 276 +++++++++--------- fuzz/fuzz_assert.c | 261 +++-------------- fuzz/fuzz_bio.c | 398 +++----------------------- fuzz/fuzz_cred.c | 604 +++------------------------------------ fuzz/fuzz_credman.c | 374 +++--------------------- fuzz/fuzz_mgmt.c | 257 ++++------------- fuzz/harnesses/assert | 32 --- fuzz/harnesses/assert-rsa-h-p | 33 --- fuzz/harnesses/assert-u2f | 32 --- fuzz/harnesses/cred | 31 -- fuzz/harnesses/cred-rsa-h-p | 32 --- fuzz/harnesses/cred-u2f | 31 -- fuzz/harnesses/cred-u2f-exclude | 33 --- fuzz/harnesses/fido2-assert-G | 31 -- fuzz/harnesses/fido2-assert-V | 32 --- fuzz/harnesses/fido2-cred-M | 31 -- fuzz/harnesses/fido2-cred-V | 31 -- fuzz/harnesses/fuzz_assert | 29 -- fuzz/harnesses/fuzz_bio | 29 -- fuzz/harnesses/fuzz_cred | 28 -- fuzz/harnesses/fuzz_credman | 28 -- fuzz/harnesses/fuzz_mgmt | 29 -- fuzz/mutator_aux.c | 30 ++ fuzz/mutator_aux.h | 15 + fuzz/prng.c | 112 ++++++++ fuzz/report | 80 ------ fuzz/report.html.gz | Bin 206440 -> 0 bytes fuzz/report.tgz | Bin 0 -> 211709 bytes fuzz/summary.txt | 40 +-- fuzz/uniform_random.c | 3 +- fuzz/wiredata_fido2.h | 569 ++++++++++++++++++++++++++++++++++++ fuzz/wiredata_u2f.h | 152 ++++++++++ fuzz/wrap.c | 132 ++++++++- fuzz/wrapped.sym | 16 ++ man/CMakeLists.txt | 23 +- man/es256_pk_new.3 | 4 + man/fido2-token.1 | 2 + man/fido_bio_dev_get_info.3 | 10 + man/fido_bio_template.3 | 22 +- man/fido_cbor_info_new.3 | 12 +- man/fido_cred_new.3 | 12 + man/fido_cred_set_authdata.3 | 25 +- man/fido_credman_metadata_new.3 | 11 +- man/fido_dev_set_io_functions.3 | 69 ++++- openbsd-compat/openbsd-compat.h | 4 + openbsd-compat/readpassphrase.c | 6 +- openbsd-compat/readpassphrase.h | 2 + regress/CMakeLists.txt | 22 +- regress/assert.c | 4 + regress/cred.c | 3 + regress/dev.c | 3 + src/CMakeLists.txt | 12 +- src/assert.c | 31 +- src/authkey.c | 10 +- src/bio.c | 32 +-- src/blob.h | 11 + src/cbor.c | 108 +++++-- src/cred.c | 122 ++++---- src/credman.c | 34 +-- src/dev.c | 223 +++++++++++++-- src/eddsa.c | 8 + src/err.c | 24 +- src/es256.c | 54 +++- src/export.gnu | 5 + src/export.llvm | 5 + src/export.msvc | 5 + src/extern.h | 32 ++- src/fido.h | 53 ++-- src/fido/bio.h | 16 ++ src/fido/credman.h | 16 ++ src/fido/eddsa.h | 14 + src/fido/err.h | 8 + src/fido/es256.h | 14 + src/fido/param.h | 11 + src/fido/rs256.h | 14 + src/fido/types.h | 235 +++++++++++++++ src/hid_hidapi.c | 138 +++++++++ src/hid_linux.c | 14 +- src/hid_openbsd.c | 8 +- src/hid_osx.c | 17 +- src/hid_win.c | 8 +- src/info.c | 21 +- src/io.c | 202 +++++++------ src/iso7816.h | 11 + src/log.c | 73 +++-- src/pin.c | 126 +++++++- src/reset.c | 5 +- src/types.h | 171 ----------- src/u2f.c | 69 +++-- tools/CMakeLists.txt | 3 +- tools/bio.c | 3 +- tools/credman.c | 2 +- tools/extern.h | 6 + tools/include_check.sh | 21 ++ tools/macos_pkg.sh | 44 +++ tools/token.c | 13 +- udev/70-u2f.rules | 10 +- 120 files changed, 3951 insertions(+), 3255 deletions(-) create mode 100644 .github/workflows/cifuzz_oss.yml create mode 100644 .github/workflows/scan.yml create mode 100644 fuzz/Dockerfile create mode 100644 fuzz/Makefile create mode 100755 fuzz/build-coverage delete mode 100644 fuzz/corpus.tgz create mode 100644 fuzz/dummy.h create mode 100644 fuzz/export.gnu delete mode 100755 fuzz/harnesses/assert delete mode 100755 fuzz/harnesses/assert-rsa-h-p delete mode 100755 fuzz/harnesses/assert-u2f delete mode 100755 fuzz/harnesses/cred delete mode 100755 fuzz/harnesses/cred-rsa-h-p delete mode 100755 fuzz/harnesses/cred-u2f delete mode 100755 fuzz/harnesses/cred-u2f-exclude delete mode 100755 fuzz/harnesses/fido2-assert-G delete mode 100755 fuzz/harnesses/fido2-assert-V delete mode 100755 fuzz/harnesses/fido2-cred-M delete mode 100755 fuzz/harnesses/fido2-cred-V delete mode 100755 fuzz/harnesses/fuzz_assert delete mode 100755 fuzz/harnesses/fuzz_bio delete mode 100755 fuzz/harnesses/fuzz_cred delete mode 100755 fuzz/harnesses/fuzz_credman delete mode 100755 fuzz/harnesses/fuzz_mgmt create mode 100755 fuzz/prng.c delete mode 100755 fuzz/report delete mode 100644 fuzz/report.html.gz create mode 100644 fuzz/report.tgz create mode 100644 fuzz/wiredata_fido2.h create mode 100644 fuzz/wiredata_u2f.h create mode 100644 src/fido/types.h create mode 100644 src/hid_hidapi.c delete mode 100644 src/types.h create mode 100755 tools/include_check.sh create mode 100755 tools/macos_pkg.sh diff --git a/.github/workflows/cifuzz_oss.yml b/.github/workflows/cifuzz_oss.yml new file mode 100644 index 0000000..cbb334c --- /dev/null +++ b/.github/workflows/cifuzz_oss.yml @@ -0,0 +1,23 @@ +name: CIFuzz +on: [pull_request] +jobs: + Fuzzing: + runs-on: ubuntu-latest + steps: + - name: Build Fuzzers + uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master + with: + oss-fuzz-project-name: 'libfido2' + dry-run: false + - name: Run Fuzzers + uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master + with: + oss-fuzz-project-name: 'libfido2' + fuzz-seconds: 600 + dry-run: false + - name: Upload Crash + uses: actions/upload-artifact@v1 + if: failure() + with: + name: artifacts + path: ./out/artifacts diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml new file mode 100644 index 0000000..008961b --- /dev/null +++ b/.github/workflows/scan.yml @@ -0,0 +1,36 @@ +name: static code analysis + +on: + push: + schedule: + - cron: '0 0 * * 1' + +env: + SCAN_IMG: + yes-docker-local.artifactory.in.yubico.org/static-code-analysis/c:v1 + SECRET: ${{ secrets.ARTIFACTORY_READER_TOKEN }} + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@master + + - name: Scan but do not fail on warnings + run: | + if [ "${SECRET}" != "" ]; then + docker login yes-docker-local.artifactory.in.yubico.org/ \ + -u svc-static-code-analysis-reader \ + -p ${{ secrets.ARTIFACTORY_READER_TOKEN }} + docker pull ${SCAN_IMG} + docker run -v${PWD}:/k -e COMPILE_DEPS="${COMPILE_DEPS}" \ + -e PROJECT_NAME=${GITHUB_REPOSITORY#Yubico/} -t ${SCAN_IMG} + fi + continue-on-error: true + + - uses: actions/upload-artifact@master + if: failure() + with: + name: suppression_files + path: suppression_files diff --git a/.gitignore b/.gitignore index 329c184..0915625 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,9 @@ build/ cscope.out fuzz/build/ +fuzz/corpus.tgz- +fuzz/fuzz_*/ fuzz/obj/ +fuzz/report fuzz/*.so output/ diff --git a/.travis.yml b/.travis.yml index 5ddf36f..c2bff78 100644 --- a/.travis.yml +++ b/.travis.yml @@ -53,7 +53,7 @@ matrix: script: /bin/sh -eux .travis/build-osx-clang - os: linux compiler: clang-7 - dist: xenial + dist: bionic sudo: required addons: apt: @@ -68,7 +68,7 @@ matrix: script: /bin/sh -eux .travis/fuzz-linux-asan - os: linux compiler: clang-7 - dist: xenial + dist: bionic sudo: required addons: apt: diff --git a/.travis/fuzz-linux-asan b/.travis/fuzz-linux-asan index 0a0aebb..af8a08c 100644 --- a/.travis/fuzz-linux-asan +++ b/.travis/fuzz-linux-asan @@ -45,14 +45,15 @@ make # Fuzz with ASAN. mkdir corpus +curl -s https://ambientworks.net/tmp/corpus.tgz > ../fuzz/corpus.tgz tar -C corpus -zxf ../fuzz/corpus.tgz fuzz/fuzz_cred -use_value_profile=1 -reload=30 -print_pcs=1 \ - -print_funcs=30 -timeout=10 -max_len=17408 -runs=1 corpus/fuzz_cred + -print_funcs=30 -timeout=10 -runs=1 corpus/fuzz_cred fuzz/fuzz_assert -use_value_profile=1 -reload=30 -print_pcs=1 \ - -print_funcs=30 -timeout=10 -max_len=17408 -runs=1 corpus/fuzz_assert + -print_funcs=30 -timeout=10 -runs=1 corpus/fuzz_assert fuzz/fuzz_credman -use_value_profile=1 -reload=30 -print_pcs=1 \ - -print_funcs=30 -timeout=10 -max_len=17408 -runs=1 corpus/fuzz_credman + -print_funcs=30 -timeout=10 -runs=1 corpus/fuzz_credman fuzz/fuzz_mgmt -use_value_profile=1 -reload=30 -print_pcs=1 \ - -print_funcs=30 -timeout=10 -max_len=17408 -runs=1 corpus/fuzz_mgmt + -print_funcs=30 -timeout=10 -runs=1 corpus/fuzz_mgmt fuzz/fuzz_bio -use_value_profile=1 -reload=30 -print_pcs=1 \ - -print_funcs=30 -timeout=10 -max_len=17408 -runs=1 corpus/fuzz_bio + -print_funcs=30 -timeout=10 -runs=1 corpus/fuzz_bio diff --git a/.travis/fuzz-linux-msan b/.travis/fuzz-linux-msan index fd7b2ac..e67ab22 100644 --- a/.travis/fuzz-linux-msan +++ b/.travis/fuzz-linux-msan @@ -45,14 +45,15 @@ make # Fuzz with MSAN. mkdir corpus +curl -s https://ambientworks.net/tmp/corpus.tgz > ../fuzz/corpus.tgz tar -C corpus -zxf ../fuzz/corpus.tgz fuzz/fuzz_cred -use_value_profile=1 -reload=30 -print_pcs=1 \ - -print_funcs=30 -timeout=10 -max_len=17408 -runs=1 corpus/fuzz_cred + -print_funcs=30 -timeout=10 -runs=1 corpus/fuzz_cred fuzz/fuzz_assert -use_value_profile=1 -reload=30 -print_pcs=1 \ - -print_funcs=30 -timeout=10 -max_len=17408 -runs=1 corpus/fuzz_assert + -print_funcs=30 -timeout=10 -runs=1 corpus/fuzz_assert fuzz/fuzz_credman -use_value_profile=1 -reload=30 -print_pcs=1 \ - -print_funcs=30 -timeout=10 -max_len=17408 -runs=1 corpus/fuzz_credman + -print_funcs=30 -timeout=10 -runs=1 corpus/fuzz_credman fuzz/fuzz_mgmt -use_value_profile=1 -reload=30 -print_pcs=1 \ - -print_funcs=30 -timeout=10 -max_len=17408 -runs=1 corpus/fuzz_mgmt + -print_funcs=30 -timeout=10 -runs=1 corpus/fuzz_mgmt fuzz/fuzz_bio -use_value_profile=1 -reload=30 -print_pcs=1 \ - -print_funcs=30 -timeout=10 -max_len=17408 -runs=1 corpus/fuzz_bio + -print_funcs=30 -timeout=10 -runs=1 corpus/fuzz_bio diff --git a/CMakeLists.txt b/CMakeLists.txt index 9481c46..0bb2e87 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -19,14 +19,19 @@ set(CMAKE_VERBOSE_MAKEFILE on) set(CMAKE_POSITION_INDEPENDENT_CODE ON) set(FIDO_MAJOR "1") -set(FIDO_MINOR "3") -set(FIDO_PATCH "1") +set(FIDO_MINOR "4") +set(FIDO_PATCH "0") set(FIDO_VERSION ${FIDO_MAJOR}.${FIDO_MINOR}.${FIDO_PATCH}) add_definitions(-D_FIDO_MAJOR=${FIDO_MAJOR}) add_definitions(-D_FIDO_MINOR=${FIDO_MINOR}) add_definitions(-D_FIDO_PATCH=${FIDO_PATCH}) +if(CYGWIN OR MSYS) + set(WIN32 1) + add_definitions(-DWINVER=0x0a00) +endif() + if(WIN32) add_definitions(-DWIN32_LEAN_AND_MEAN) endif() @@ -36,11 +41,6 @@ if(APPLE) "${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_LIBDIR}") endif() -# /dev/urandom -if(UNIX) - add_definitions(-DHAS_DEV_URANDOM) -endif() - # Observe OpenBSD's library versioning scheme. if(CMAKE_SYSTEM_NAME STREQUAL "OpenBSD") set(LIB_VERSION ${FIDO_MAJOR}.${FIDO_MINOR}) @@ -79,7 +79,7 @@ if(MSVC) else() include(FindPkgConfig) pkg_search_module(CBOR libcbor) - pkg_search_module(CRYPTO libcrypto REQUIRED) + pkg_search_module(CRYPTO libcrypto) # XXX workaround libcbor's missing .pc file if(NOT CBOR_FOUND) @@ -90,12 +90,24 @@ else() set(CBOR_LIBRARIES "cbor") endif() + # XXX workaround libcrypto's missing .pc file + if(NOT CRYPTO_FOUND) + check_include_files(openssl/opensslv.h HAVE_OPENSSLV_H) + if(NOT HAVE_OPENSSLV_H) + message(FATAL_ERROR "could not find crypto header files") + endif() + set(CRYPTO_LIBRARIES "crypto") + endif() + if(CMAKE_SYSTEM_NAME STREQUAL "Linux") pkg_search_module(UDEV libudev REQUIRED) set(UDEV_NAME "udev") # Define be32toh(). add_definitions(-D_GNU_SOURCE) - elseif(CMAKE_SYSTEM_NAME STREQUAL "OpenBSD") + # If using hidapi, use hidapi-hidraw. + set(HIDAPI_SUFFIX -hidraw) + elseif(CMAKE_SYSTEM_NAME STREQUAL "FreeBSD" OR + CMAKE_SYSTEM_NAME STREQUAL "OpenBSD") set(BASE_LIBRARIES usbhid) endif() @@ -103,6 +115,15 @@ else() # MinGW is stuck with a flavour of C89. add_definitions(-DFIDO_NO_DIAGNOSTIC) add_definitions(-DWC_ERR_INVALID_CHARS=0x80) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-unused-parameter") + endif() + + if(USE_HIDAPI) + add_definitions(-DUSE_HIDAPI) + pkg_search_module(HIDAPI hidapi${HIDAPI_SUFFIX} REQUIRED) + if(HIDAPI_FOUND) + set(HIDAPI_LIBRARIES hidapi${HIDAPI_SUFFIX}) + endif() endif() set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall") @@ -114,7 +135,12 @@ else() set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wbad-function-cast") set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -pedantic") set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -pedantic-errors") - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fstack-protector-all") + check_c_compiler_flag("-fstack-protector-all" HAVE_STACK_PROTECTOR_ALL) + if(HAVE_STACK_PROTECTOR_ALL) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fstack-protector-all") + endif() + + add_definitions(-D_DEFAULT_SOURCE) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=c99") set(CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} -g2") @@ -123,6 +149,7 @@ else() if(FUZZ) if(LIBFUZZER) set(FUZZ_LDFLAGS "-fsanitize=fuzzer") + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=fuzzer-no-link") endif() add_definitions(-DFIDO_FUZZ) endif() @@ -192,6 +219,12 @@ if(HAVE_SIGNAL_H) add_definitions(-DHAVE_SIGNAL_H) endif() +# sys/random.h +check_include_files(sys/random.h HAVE_SYS_RANDOM_H) +if(HAVE_SYS_RANDOM_H) + add_definitions(-DHAVE_SYS_RANDOM_H) +endif() + # strlcpy check_function_exists(strlcpy HAVE_STRLCPY) if(HAVE_STRLCPY) @@ -289,21 +322,32 @@ if(HAVE_ARC4RANDOM_BUF) add_definitions(-DHAVE_ARC4RANDOM_BUF) endif() -# getentropy -check_function_exists(getentropy HAVE_GETENTROPY) -if(HAVE_GETENTROPY) - add_definitions(-DHAVE_GETENTROPY) +# getrandom +check_function_exists(getrandom HAVE_GETRANDOM) +if(HAVE_GETRANDOM) + add_definitions(-DHAVE_GETRANDOM) +endif() + +# /dev/urandom +if(UNIX) + add_definitions(-DHAVE_DEV_URANDOM) endif() # export list -if(CMAKE_C_COMPILER_ID STREQUAL "AppleClang") +if(APPLE AND (CMAKE_C_COMPILER_ID STREQUAL "Clang" OR + CMAKE_C_COMPILER_ID STREQUAL "AppleClang")) # clang + lld string(CONCAT CMAKE_SHARED_LINKER_FLAGS ${CMAKE_SHARED_LINKER_FLAGS} " -exported_symbols_list ${CMAKE_CURRENT_SOURCE_DIR}/src/export.llvm") elseif(NOT MSVC) # clang/gcc + gnu ld - string(CONCAT CMAKE_SHARED_LINKER_FLAGS ${CMAKE_SHARED_LINKER_FLAGS} - " -Wl,--version-script=${CMAKE_CURRENT_SOURCE_DIR}/src/export.gnu") + if(FUZZ) + string(CONCAT CMAKE_SHARED_LINKER_FLAGS ${CMAKE_SHARED_LINKER_FLAGS} + " -Wl,--version-script=${CMAKE_CURRENT_SOURCE_DIR}/fuzz/export.gnu") + else() + string(CONCAT CMAKE_SHARED_LINKER_FLAGS ${CMAKE_SHARED_LINKER_FLAGS} + " -Wl,--version-script=${CMAKE_CURRENT_SOURCE_DIR}/src/export.gnu") + endif() if(NOT WIN32) string(CONCAT CMAKE_SHARED_LINKER_FLAGS ${CMAKE_SHARED_LINKER_FLAGS} @@ -344,6 +388,7 @@ message(STATUS "CRYPTO_INCLUDE_DIRS: ${CRYPTO_INCLUDE_DIRS}") message(STATUS "CRYPTO_LIBRARY_DIRS: ${CRYPTO_LIBRARY_DIRS}") message(STATUS "CRYPTO_LIBRARIES: ${CRYPTO_LIBRARIES}") message(STATUS "BASE_LIBRARIES: ${BASE_LIBRARIES}") +message(STATUS "HIDAPI_LIBRARIES: ${HIDAPI_LIBRARIES}") message(STATUS "VERSION: ${FIDO_VERSION}") message(STATUS "LIB_VERSION: ${LIB_VERSION}") message(STATUS "LIB_SOVERSION: ${LIB_SOVERSION}") @@ -354,6 +399,7 @@ message(STATUS "ASAN: ${ASAN}") message(STATUS "MSAN: ${MSAN}") message(STATUS "COVERAGE: ${COVERAGE}") message(STATUS "TLS: ${TLS}") +message(STATUS "USE_HIDAPI: ${USE_HIDAPI}") if(CMAKE_SYSTEM_NAME STREQUAL "Linux") message(STATUS "UDEV_INCLUDE_DIRS: ${UDEV_INCLUDE_DIRS}") diff --git a/NEWS b/NEWS index 8b96d39..153ff71 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,18 @@ +* Version 1.4.0 (2020-04-15) + ** hid_hidapi: hidapi backend; enable with -DUSE_HIDAPI=1. + ** Fall back to U2F if the key claims to, but does not support FIDO2. + ** FIDO2 credential protection (credprot) support. + ** New API calls: + - fido_cbor_info_fwversion; + - fido_cred_prot; + - fido_cred_set_prot; + - fido_dev_set_transport_functions; + - fido_set_log_handler. + ** Support for FreeBSD. + ** Support for C++. + ** Support for MSYS. + ** Fixed EdDSA and RSA self-attestation. + * Version 1.3.1 (2020-02-19) ** fix zero-ing of le1 and le2 when talking to a U2F device. ** dropping sk-libfido2 middleware, please find it in the openssh tree. diff --git a/README.adoc b/README.adoc index ce8ac1e..f389a83 100644 --- a/README.adoc +++ b/README.adoc @@ -31,16 +31,21 @@ is also available. ==== Releases -The current release of *libfido2* is 1.3.1. Please consult Yubico's +The current release of *libfido2* is 1.4.0. Please consult Yubico's https://developers.yubico.com/libfido2/Releases[release page] for source and binary releases. ==== Ubuntu + $ sudo apt install software-properties-common $ sudo apt-add-repository ppa:yubico/stable $ sudo apt update $ sudo apt install libfido2-dev +==== MacOS + + $ brew install libfido2 + Or from source, on UNIX-like systems: $ (rm -rf build && mkdir build && cd build && cmake ..) @@ -51,8 +56,7 @@ Depending on the platform, the PKG_CONFIG_PATH environment variable may need to be set. *libfido2* depends on https://github.com/pjk/libcbor[libcbor] and -https://github.com/libressl-portable/portable[LibreSSL] (alternatively, -https://www.openssl.org[OpenSSL] may be used). On Linux, libudev (part of +https://www.openssl.org[OpenSSL]. On Linux, libudev (part of https://www.freedesktop.org/wiki/Software/systemd[systemd]) is also required. For complete, OS-specific installation instructions, please refer to the diff --git a/debian/libfido2-dev.install b/debian/libfido2-dev.install index 77fd2fb..c1c34e7 100644 --- a/debian/libfido2-dev.install +++ b/debian/libfido2-dev.install @@ -1,23 +1,29 @@ usr/include usr/lib/*/*.so usr/lib/*/pkgconfig/*.pc -usr/share/doc/libfido2/es256_pk.html -usr/share/doc/libfido2/fido.html -usr/share/doc/libfido2/fido_assert.html -usr/share/doc/libfido2/fido_assert_allow_cred.html -usr/share/doc/libfido2/fido_assert_set.html -usr/share/doc/libfido2/fido_assert_verify.html -usr/share/doc/libfido2/fido_cbor_info.html -usr/share/doc/libfido2/fido_cred.html -usr/share/doc/libfido2/fido_cred_exclude.html -usr/share/doc/libfido2/fido_cred_set.html -usr/share/doc/libfido2/fido_cred_verify.html -usr/share/doc/libfido2/fido_dev_get_assert.html -usr/share/doc/libfido2/fido_dev_info_manifest.html -usr/share/doc/libfido2/fido_dev_make_cred.html -usr/share/doc/libfido2/fido_dev_open.html -usr/share/doc/libfido2/fido_dev_set_io_functions.html -usr/share/doc/libfido2/fido_dev_set_pin.html -usr/share/doc/libfido2/fido_strerr.html -usr/share/doc/libfido2/rs256_pk.html -usr/share/doc/libfido2/style.css +usr/share/doc/libfido2/html/eddsa_pk_new.html +usr/share/doc/libfido2/html/es256_pk_new.html +usr/share/doc/libfido2/html/fido_init.html +usr/share/doc/libfido2/html/fido_assert_new.html +usr/share/doc/libfido2/html/fido_assert_allow_cred.html +usr/share/doc/libfido2/html/fido_assert_set_authdata.html +usr/share/doc/libfido2/html/fido_assert_verify.html +usr/share/doc/libfido2/html/fido_bio_dev_get_info.html +usr/share/doc/libfido2/html/fido_bio_enroll_new.html +usr/share/doc/libfido2/html/fido_bio_info_new.html +usr/share/doc/libfido2/html/fido_bio_template.html +usr/share/doc/libfido2/html/fido_cbor_info_new.html +usr/share/doc/libfido2/html/fido_cred_new.html +usr/share/doc/libfido2/html/fido_cred_exclude.html +usr/share/doc/libfido2/html/fido_credman_metadata_new.html +usr/share/doc/libfido2/html/fido_cred_set_authdata.html +usr/share/doc/libfido2/html/fido_cred_verify.html +usr/share/doc/libfido2/html/fido_dev_get_assert.html +usr/share/doc/libfido2/html/fido_dev_info_manifest.html +usr/share/doc/libfido2/html/fido_dev_make_cred.html +usr/share/doc/libfido2/html/fido_dev_open.html +usr/share/doc/libfido2/html/fido_dev_set_io_functions.html +usr/share/doc/libfido2/html/fido_dev_set_pin.html +usr/share/doc/libfido2/html/fido_strerr.html +usr/share/doc/libfido2/html/rs256_pk_new.html +usr/share/doc/libfido2/html/style.css diff --git a/debian/libfido2-dev.links b/debian/libfido2-dev.links index 6fd8356..b23b8a0 100644 --- a/debian/libfido2-dev.links +++ b/debian/libfido2-dev.links @@ -1,148 +1,276 @@ -/usr/share/man/man3/es256_pk.3 /usr/share/man/man3/es256_pk_new.3 -/usr/share/man/man3/es256_pk.3 /usr/share/man/man3/es256_pk_free.3 -/usr/share/man/man3/es256_pk.3 /usr/share/man/man3/es256_pk_from_EC_KEY.3 -/usr/share/man/man3/es256_pk.3 /usr/share/man/man3/es256_pk_from_ptr.3 -/usr/share/man/man3/es256_pk.3 /usr/share/man/man3/es256_pk_to_EVP_PKEY.3 -/usr/share/man/man3/fido.3 /usr/share/man/man3/fido_init.3 -/usr/share/man/man3/fido_assert.3 /usr/share/man/man3/fido_assert_new.3 -/usr/share/man/man3/fido_assert.3 /usr/share/man/man3/fido_assert_free.3 -/usr/share/man/man3/fido_assert.3 /usr/share/man/man3/fido_assert_count.3 -/usr/share/man/man3/fido_assert.3 /usr/share/man/man3/fido_assert_user_display_name.3 -/usr/share/man/man3/fido_assert.3 /usr/share/man/man3/fido_assert_user_icon.3 -/usr/share/man/man3/fido_assert.3 /usr/share/man/man3/fido_assert_user_name.3 -/usr/share/man/man3/fido_assert.3 /usr/share/man/man3/fido_assert_authdata_ptr.3 -/usr/share/man/man3/fido_assert.3 /usr/share/man/man3/fido_assert_clientdata_hash_ptr.3 -/usr/share/man/man3/fido_assert.3 /usr/share/man/man3/fido_assert_user_id_ptr.3 -/usr/share/man/man3/fido_assert.3 /usr/share/man/man3/fido_assert_sig_ptr.3 -/usr/share/man/man3/fido_assert.3 /usr/share/man/man3/fido_assert_authdata_len.3 -/usr/share/man/man3/fido_assert.3 /usr/share/man/man3/fido_assert_clientdata_hash_len.3 -/usr/share/man/man3/fido_assert.3 /usr/share/man/man3/fido_assert_user_id_len.3 -/usr/share/man/man3/fido_assert.3 /usr/share/man/man3/fido_assert_sig_len.3 -/usr/share/man/man3/fido_assert_set.3 /usr/share/man/man3/fido_assert_set_authdata.3 -/usr/share/man/man3/fido_assert_set.3 /usr/share/man/man3/fido_assert_set_clientdata_hash.3 -/usr/share/man/man3/fido_assert_set.3 /usr/share/man/man3/fido_assert_set_count.3 -/usr/share/man/man3/fido_assert_set.3 /usr/share/man/man3/fido_assert_set_options.3 -/usr/share/man/man3/fido_assert_set.3 /usr/share/man/man3/fido_assert_set_rp.3 -/usr/share/man/man3/fido_assert_set.3 /usr/share/man/man3/fido_assert_set_sig.3 -/usr/share/man/man3/fido_cred.3 /usr/share/man/man3/fido_cred_new.3 -/usr/share/man/man3/fido_cred.3 /usr/share/man/man3/fido_cred_free.3 -/usr/share/man/man3/fido_cred.3 /usr/share/man/man3/fido_cred_fmt.3 -/usr/share/man/man3/fido_cred.3 /usr/share/man/man3/fido_cred_authdata_ptr.3 -/usr/share/man/man3/fido_cred.3 /usr/share/man/man3/fido_cred_clientdata_hash_ptr.3 -/usr/share/man/man3/fido_cred.3 /usr/share/man/man3/fido_cred_id_ptr.3 -/usr/share/man/man3/fido_cred.3 /usr/share/man/man3/fido_cred_pubkey_ptr.3 -/usr/share/man/man3/fido_cred.3 /usr/share/man/man3/fido_cred_sig_ptr.3 -/usr/share/man/man3/fido_cred.3 /usr/share/man/man3/fido_cred_x5c_ptr.3 -/usr/share/man/man3/fido_cred.3 /usr/share/man/man3/fido_cred_authdata_len.3 -/usr/share/man/man3/fido_cred.3 /usr/share/man/man3/fido_cred_clientdata_hash_len.3 -/usr/share/man/man3/fido_cred.3 /usr/share/man/man3/fido_cred_id_len.3 -/usr/share/man/man3/fido_cred.3 /usr/share/man/man3/fido_cred_pubkey_len.3 -/usr/share/man/man3/fido_cred.3 /usr/share/man/man3/fido_cred_sig_len.3 -/usr/share/man/man3/fido_cred.3 /usr/share/man/man3/fido_cred_x5c_len.3 -/usr/share/man/man3/fido_cred_set.3 /usr/share/man/man3/fido_cred_set_authdata.3 -/usr/share/man/man3/fido_cred_set.3 /usr/share/man/man3/fido_cred_set_x509.3 -/usr/share/man/man3/fido_cred_set.3 /usr/share/man/man3/fido_cred_set_sig.3 -/usr/share/man/man3/fido_cred_set.3 /usr/share/man/man3/fido_cred_set_clientdata_hash.3 -/usr/share/man/man3/fido_cred_set.3 /usr/share/man/man3/fido_cred_set_rp.3 -/usr/share/man/man3/fido_cred_set.3 /usr/share/man/man3/fido_cred_set_user.3 -/usr/share/man/man3/fido_cred_set.3 /usr/share/man/man3/fido_cred_set_options.3 -/usr/share/man/man3/fido_cred_set.3 /usr/share/man/man3/fido_cred_set_fmt.3 -/usr/share/man/man3/fido_cred_set.3 /usr/share/man/man3/fido_cred_set_type.3 -/usr/share/man/man3/fido_dev_info_manifest.3 /usr/share/man/man3/fido_dev_info_new.3 +/usr/share/man/man3/eddsa_pk_new.3 /usr/share/man/man3/eddsa_pk_free.3 +/usr/share/man/man3/eddsa_pk_new.3 /usr/share/man/man3/eddsa_pk_from_ptr.3 +/usr/share/man/man3/eddsa_pk_new.3 /usr/share/man/man3/eddsa_pk_to_EVP_PKEY.3 +/usr/share/man/man3/es256_pk_new.3 /usr/share/man/man3/es256_pk_free.3 +/usr/share/man/man3/es256_pk_new.3 /usr/share/man/man3/es256_pk_from_EC_KEY.3 +/usr/share/man/man3/es256_pk_new.3 /usr/share/man/man3/es256_pk_from_ptr.3 +/usr/share/man/man3/es256_pk_new.3 /usr/share/man/man3/es256_pk_to_EVP_PKEY.3 +/usr/share/man/man3/fido_assert_new.3 /usr/share/man/man3/fido_assert_authdata_len.3 +/usr/share/man/man3/fido_assert_new.3 /usr/share/man/man3/fido_assert_authdata_ptr.3 +/usr/share/man/man3/fido_assert_new.3 /usr/share/man/man3/fido_assert_clientdata_hash_len.3 +/usr/share/man/man3/fido_assert_new.3 /usr/share/man/man3/fido_assert_clientdata_hash_ptr.3 +/usr/share/man/man3/fido_assert_new.3 /usr/share/man/man3/fido_assert_count.3 +/usr/share/man/man3/fido_assert_new.3 /usr/share/man/man3/fido_assert_free.3 +/usr/share/man/man3/fido_assert_new.3 /usr/share/man/man3/fido_assert_hmac_secret_len.3 +/usr/share/man/man3/fido_assert_new.3 /usr/share/man/man3/fido_assert_hmac_secret_ptr.3 +/usr/share/man/man3/fido_assert_new.3 /usr/share/man/man3/fido_assert_sigcount.3 +/usr/share/man/man3/fido_assert_new.3 /usr/share/man/man3/fido_assert_sig_len.3 +/usr/share/man/man3/fido_assert_new.3 /usr/share/man/man3/fido_assert_sig_ptr.3 +/usr/share/man/man3/fido_assert_new.3 /usr/share/man/man3/fido_assert_user_display_name.3 +/usr/share/man/man3/fido_assert_new.3 /usr/share/man/man3/fido_assert_user_icon.3 +/usr/share/man/man3/fido_assert_new.3 /usr/share/man/man3/fido_assert_user_id_len.3 +/usr/share/man/man3/fido_assert_new.3 /usr/share/man/man3/fido_assert_user_id_ptr.3 +/usr/share/man/man3/fido_assert_new.3 /usr/share/man/man3/fido_assert_user_name.3 +/usr/share/man/man3/fido_assert_set_authdata.3 /usr/share/man/man3/fido_assert_set_clientdata_hash.3 +/usr/share/man/man3/fido_assert_set_authdata.3 /usr/share/man/man3/fido_assert_set_count.3 +/usr/share/man/man3/fido_assert_set_authdata.3 /usr/share/man/man3/fido_assert_set_extensions.3 +/usr/share/man/man3/fido_assert_set_authdata.3 /usr/share/man/man3/fido_assert_set_hmac_salt.3 +/usr/share/man/man3/fido_assert_set_authdata.3 /usr/share/man/man3/fido_assert_set_rp.3 +/usr/share/man/man3/fido_assert_set_authdata.3 /usr/share/man/man3/fido_assert_set_sig.3 +/usr/share/man/man3/fido_assert_set_authdata.3 /usr/share/man/man3/fido_assert_set_up.3 +/usr/share/man/man3/fido_assert_set_authdata.3 /usr/share/man/man3/fido_assert_set_uv.3 +/usr/share/man/man3/fido_bio_dev_get_info.3 /usr/share/man/man3/fido_bio_dev_enroll_begin.3 +/usr/share/man/man3/fido_bio_dev_get_info.3 /usr/share/man/man3/fido_bio_dev_enroll_cancel.3 +/usr/share/man/man3/fido_bio_dev_get_info.3 /usr/share/man/man3/fido_bio_dev_enroll_continue.3 +/usr/share/man/man3/fido_bio_dev_get_info.3 /usr/share/man/man3/fido_bio_dev_enroll_remove.3 +/usr/share/man/man3/fido_bio_dev_get_info.3 /usr/share/man/man3/fido_bio_dev_get_template_array.3 +/usr/share/man/man3/fido_bio_dev_get_info.3 /usr/share/man/man3/fido_bio_dev_set_template_name.3 +/usr/share/man/man3/fido_bio_enroll_new.3 /usr/share/man/man3/fido_bio_enroll_free.3 +/usr/share/man/man3/fido_bio_enroll_new.3 /usr/share/man/man3/fido_bio_enroll_last_status.3 +/usr/share/man/man3/fido_bio_enroll_new.3 /usr/share/man/man3/fido_bio_enroll_remaining_samples.3 +/usr/share/man/man3/fido_bio_info_new.3 /usr/share/man/man3/fido_bio_info_free.3 +/usr/share/man/man3/fido_bio_info_new.3 /usr/share/man/man3/fido_bio_info_max_samples.3 +/usr/share/man/man3/fido_bio_info_new.3 /usr/share/man/man3/fido_bio_info_type.3 +/usr/share/man/man3/fido_bio_template.3 /usr/share/man/man3/fido_bio_template_array_count.3 +/usr/share/man/man3/fido_bio_template.3 /usr/share/man/man3/fido_bio_template_array_free.3 +/usr/share/man/man3/fido_bio_template.3 /usr/share/man/man3/fido_bio_template_array_new.3 +/usr/share/man/man3/fido_bio_template.3 /usr/share/man/man3/fido_bio_template_free.3 +/usr/share/man/man3/fido_bio_template.3 /usr/share/man/man3/fido_bio_template_id_len.3 +/usr/share/man/man3/fido_bio_template.3 /usr/share/man/man3/fido_bio_template_id_ptr.3 +/usr/share/man/man3/fido_bio_template.3 /usr/share/man/man3/fido_bio_template_name.3 +/usr/share/man/man3/fido_bio_template.3 /usr/share/man/man3/fido_bio_template_new.3 +/usr/share/man/man3/fido_bio_template.3 /usr/share/man/man3/fido_bio_template_set_id.3 +/usr/share/man/man3/fido_bio_template.3 /usr/share/man/man3/fido_bio_template_set_name.3 +/usr/share/man/man3/fido_cbor_info_new.3 /usr/share/man/man3/fido_cbor_info_aaguid_len.3 +/usr/share/man/man3/fido_cbor_info_new.3 /usr/share/man/man3/fido_cbor_info_aaguid_ptr.3 +/usr/share/man/man3/fido_cbor_info_new.3 /usr/share/man/man3/fido_cbor_info_extensions_len.3 +/usr/share/man/man3/fido_cbor_info_new.3 /usr/share/man/man3/fido_cbor_info_extensions_ptr.3 +/usr/share/man/man3/fido_cbor_info_new.3 /usr/share/man/man3/fido_cbor_info_free.3 +/usr/share/man/man3/fido_cbor_info_new.3 /usr/share/man/man3/fido_cbor_info_maxmsgsiz.3 +/usr/share/man/man3/fido_cbor_info_new.3 /usr/share/man/man3/fido_cbor_info_options_len.3 +/usr/share/man/man3/fido_cbor_info_new.3 /usr/share/man/man3/fido_cbor_info_options_name_ptr.3 +/usr/share/man/man3/fido_cbor_info_new.3 /usr/share/man/man3/fido_cbor_info_options_value_ptr.3 +/usr/share/man/man3/fido_cbor_info_new.3 /usr/share/man/man3/fido_cbor_info_protocols_len.3 +/usr/share/man/man3/fido_cbor_info_new.3 /usr/share/man/man3/fido_cbor_info_protocols_ptr.3 +/usr/share/man/man3/fido_cbor_info_new.3 /usr/share/man/man3/fido_cbor_info_versions_len.3 +/usr/share/man/man3/fido_cbor_info_new.3 /usr/share/man/man3/fido_cbor_info_versions_ptr.3 +/usr/share/man/man3/fido_cbor_info_new.3 /usr/share/man/man3/fido_dev_get_cbor_info.3 +/usr/share/man/man3/fido_cred_new.3 /usr/share/man/man3/fido_cred_authdata_len.3 +/usr/share/man/man3/fido_cred_new.3 /usr/share/man/man3/fido_cred_authdata_ptr.3 +/usr/share/man/man3/fido_cred_new.3 /usr/share/man/man3/fido_cred_clientdata_hash_len.3 +/usr/share/man/man3/fido_cred_new.3 /usr/share/man/man3/fido_cred_clientdata_hash_ptr.3 +/usr/share/man/man3/fido_cred_new.3 /usr/share/man/man3/fido_cred_fmt.3 +/usr/share/man/man3/fido_cred_new.3 /usr/share/man/man3/fido_cred_free.3 +/usr/share/man/man3/fido_cred_new.3 /usr/share/man/man3/fido_cred_id_len.3 +/usr/share/man/man3/fido_cred_new.3 /usr/share/man/man3/fido_cred_id_ptr.3 +/usr/share/man/man3/fido_cred_new.3 /usr/share/man/man3/fido_cred_prot.3 +/usr/share/man/man3/fido_cred_new.3 /usr/share/man/man3/fido_cred_pubkey_len.3 +/usr/share/man/man3/fido_cred_new.3 /usr/share/man/man3/fido_cred_pubkey_ptr.3 +/usr/share/man/man3/fido_cred_new.3 /usr/share/man/man3/fido_cred_sig_len.3 +/usr/share/man/man3/fido_cred_new.3 /usr/share/man/man3/fido_cred_sig_ptr.3 +/usr/share/man/man3/fido_cred_new.3 /usr/share/man/man3/fido_cred_x5c_len.3 +/usr/share/man/man3/fido_cred_new.3 /usr/share/man/man3/fido_cred_x5c_ptr.3 +/usr/share/man/man3/fido_credman_metadata_new.3 /usr/share/man/man3/fido_credman_del_dev_rk.3 +/usr/share/man/man3/fido_credman_metadata_new.3 /usr/share/man/man3/fido_credman_get_dev_metadata.3 +/usr/share/man/man3/fido_credman_metadata_new.3 /usr/share/man/man3/fido_credman_get_dev_rk.3 +/usr/share/man/man3/fido_credman_metadata_new.3 /usr/share/man/man3/fido_credman_get_dev_rp.3 +/usr/share/man/man3/fido_credman_metadata_new.3 /usr/share/man/man3/fido_credman_metadata_free.3 +/usr/share/man/man3/fido_credman_metadata_new.3 /usr/share/man/man3/fido_credman_rk.3 +/usr/share/man/man3/fido_credman_metadata_new.3 /usr/share/man/man3/fido_credman_rk_count.3 +/usr/share/man/man3/fido_credman_metadata_new.3 /usr/share/man/man3/fido_credman_rk_existing.3 +/usr/share/man/man3/fido_credman_metadata_new.3 /usr/share/man/man3/fido_credman_rk_free.3 +/usr/share/man/man3/fido_credman_metadata_new.3 /usr/share/man/man3/fido_credman_rk_new.3 +/usr/share/man/man3/fido_credman_metadata_new.3 /usr/share/man/man3/fido_credman_rk_remaining.3 +/usr/share/man/man3/fido_credman_metadata_new.3 /usr/share/man/man3/fido_credman_rp_count.3 +/usr/share/man/man3/fido_credman_metadata_new.3 /usr/share/man/man3/fido_credman_rp_free.3 +/usr/share/man/man3/fido_credman_metadata_new.3 /usr/share/man/man3/fido_credman_rp_id.3 +/usr/share/man/man3/fido_credman_metadata_new.3 /usr/share/man/man3/fido_credman_rp_id_hash_len.3 +/usr/share/man/man3/fido_credman_metadata_new.3 /usr/share/man/man3/fido_credman_rp_id_hash_ptr.3 +/usr/share/man/man3/fido_credman_metadata_new.3 /usr/share/man/man3/fido_credman_rp_name.3 +/usr/share/man/man3/fido_credman_metadata_new.3 /usr/share/man/man3/fido_credman_rp_new.3 +/usr/share/man/man3/fido_cred_set_authdata.3 /usr/share/man/man3/fido_cred_set_authdata_raw.3 +/usr/share/man/man3/fido_cred_set_authdata.3 /usr/share/man/man3/fido_cred_set_clientdata_hash.3 +/usr/share/man/man3/fido_cred_set_authdata.3 /usr/share/man/man3/fido_cred_set_extensions.3 +/usr/share/man/man3/fido_cred_set_authdata.3 /usr/share/man/man3/fido_cred_set_fmt.3 +/usr/share/man/man3/fido_cred_set_authdata.3 /usr/share/man/man3/fido_cred_set_prot.3 +/usr/share/man/man3/fido_cred_set_authdata.3 /usr/share/man/man3/fido_cred_set_rk.3 +/usr/share/man/man3/fido_cred_set_authdata.3 /usr/share/man/man3/fido_cred_set_rp.3 +/usr/share/man/man3/fido_cred_set_authdata.3 /usr/share/man/man3/fido_cred_set_sig.3 +/usr/share/man/man3/fido_cred_set_authdata.3 /usr/share/man/man3/fido_cred_set_type.3 +/usr/share/man/man3/fido_cred_set_authdata.3 /usr/share/man/man3/fido_cred_set_user.3 +/usr/share/man/man3/fido_cred_set_authdata.3 /usr/share/man/man3/fido_cred_set_uv.3 +/usr/share/man/man3/fido_cred_set_authdata.3 /usr/share/man/man3/fido_cred_set_x509.3 /usr/share/man/man3/fido_dev_info_manifest.3 /usr/share/man/man3/fido_dev_info_free.3 -/usr/share/man/man3/fido_dev_info_manifest.3 /usr/share/man/man3/fido_dev_info_ptr.3 +/usr/share/man/man3/fido_dev_info_manifest.3 /usr/share/man/man3/fido_dev_info_manufacturer_string.3 +/usr/share/man/man3/fido_dev_info_manifest.3 /usr/share/man/man3/fido_dev_info_new.3 /usr/share/man/man3/fido_dev_info_manifest.3 /usr/share/man/man3/fido_dev_info_path.3 /usr/share/man/man3/fido_dev_info_manifest.3 /usr/share/man/man3/fido_dev_info_product.3 -/usr/share/man/man3/fido_dev_info_manifest.3 /usr/share/man/man3/fido_dev_info_vendor.3 -/usr/share/man/man3/fido_dev_info_manifest.3 /usr/share/man/man3/fido_dev_info_manufacturer_string.3 /usr/share/man/man3/fido_dev_info_manifest.3 /usr/share/man/man3/fido_dev_info_product_string.3 +/usr/share/man/man3/fido_dev_info_manifest.3 /usr/share/man/man3/fido_dev_info_ptr.3 +/usr/share/man/man3/fido_dev_info_manifest.3 /usr/share/man/man3/fido_dev_info_vendor.3 +/usr/share/man/man3/fido_dev_open.3 /usr/share/man/man3/fido_dev_build.3 +/usr/share/man/man3/fido_dev_open.3 /usr/share/man/man3/fido_dev_cancel.3 /usr/share/man/man3/fido_dev_open.3 /usr/share/man/man3/fido_dev_close.3 -/usr/share/man/man3/fido_dev_open.3 /usr/share/man/man3/fido_dev_new.3 +/usr/share/man/man3/fido_dev_open.3 /usr/share/man/man3/fido_dev_flags.3 +/usr/share/man/man3/fido_dev_open.3 /usr/share/man/man3/fido_dev_force_fido2.3 +/usr/share/man/man3/fido_dev_open.3 /usr/share/man/man3/fido_dev_force_u2f.3 /usr/share/man/man3/fido_dev_open.3 /usr/share/man/man3/fido_dev_free.3 /usr/share/man/man3/fido_dev_open.3 /usr/share/man/man3/fido_dev_is_fido2.3 -/usr/share/man/man3/fido_dev_open.3 /usr/share/man/man3/fido_dev_protocol.3 -/usr/share/man/man3/fido_dev_open.3 /usr/share/man/man3/fido_dev_build.3 -/usr/share/man/man3/fido_dev_open.3 /usr/share/man/man3/fido_dev_flags.3 /usr/share/man/man3/fido_dev_open.3 /usr/share/man/man3/fido_dev_major.3 /usr/share/man/man3/fido_dev_open.3 /usr/share/man/man3/fido_dev_minor.3 +/usr/share/man/man3/fido_dev_open.3 /usr/share/man/man3/fido_dev_new.3 +/usr/share/man/man3/fido_dev_open.3 /usr/share/man/man3/fido_dev_protocol.3 /usr/share/man/man3/fido_dev_set_pin.3 /usr/share/man/man3/fido_dev_get_retry_count.3 /usr/share/man/man3/fido_dev_set_pin.3 /usr/share/man/man3/fido_dev_reset.3 -/usr/share/man/man3/rs256_pk.3 /usr/share/man/man3/rs256_pk_new.3 -/usr/share/man/man3/rs256_pk.3 /usr/share/man/man3/rs256_pk_free.3 -/usr/share/man/man3/rs256_pk.3 /usr/share/man/man3/rs256_pk_from_RSA.3 -/usr/share/man/man3/rs256_pk.3 /usr/share/man/man3/rs256_pk_from_ptr.3 -/usr/share/man/man3/rs256_pk.3 /usr/share/man/man3/rs256_pk_to_EVP_PKEY.3 -/usr/share/doc/libfido2/es256_pk.html /usr/share/doc/libfido2/es256_pk_new.html -/usr/share/doc/libfido2/es256_pk.html /usr/share/doc/libfido2/es256_pk_free.html -/usr/share/doc/libfido2/es256_pk.html /usr/share/doc/libfido2/es256_pk_from_EC_KEY.html -/usr/share/doc/libfido2/es256_pk.html /usr/share/doc/libfido2/es256_pk_from_ptr.html -/usr/share/doc/libfido2/es256_pk.html /usr/share/doc/libfido2/es256_pk_to_EVP_PKEY.html -/usr/share/doc/libfido2/fido.html /usr/share/doc/libfido2/fido_init.html -/usr/share/doc/libfido2/fido_assert.html /usr/share/doc/libfido2/fido_assert_new.html -/usr/share/doc/libfido2/fido_assert.html /usr/share/doc/libfido2/fido_assert_free.html -/usr/share/doc/libfido2/fido_assert.html /usr/share/doc/libfido2/fido_assert_count.html -/usr/share/doc/libfido2/fido_assert.html /usr/share/doc/libfido2/fido_assert_user_display_name.html -/usr/share/doc/libfido2/fido_assert.html /usr/share/doc/libfido2/fido_assert_user_icon.html -/usr/share/doc/libfido2/fido_assert.html /usr/share/doc/libfido2/fido_assert_user_name.html -/usr/share/doc/libfido2/fido_assert.html /usr/share/doc/libfido2/fido_assert_authdata_ptr.html -/usr/share/doc/libfido2/fido_assert.html /usr/share/doc/libfido2/fido_assert_clientdata_hash_ptr.html -/usr/share/doc/libfido2/fido_assert.html /usr/share/doc/libfido2/fido_assert_user_id_ptr.html -/usr/share/doc/libfido2/fido_assert.html /usr/share/doc/libfido2/fido_assert_sig_ptr.html -/usr/share/doc/libfido2/fido_assert.html /usr/share/doc/libfido2/fido_assert_authdata_len.html -/usr/share/doc/libfido2/fido_assert.html /usr/share/doc/libfido2/fido_assert_clientdata_hash_len.html -/usr/share/doc/libfido2/fido_assert.html /usr/share/doc/libfido2/fido_assert_user_id_len.html -/usr/share/doc/libfido2/fido_assert.html /usr/share/doc/libfido2/fido_assert_sig_len.html -/usr/share/doc/libfido2/fido_assert_set.html /usr/share/doc/libfido2/fido_assert_set_authdata.html -/usr/share/doc/libfido2/fido_assert_set.html /usr/share/doc/libfido2/fido_assert_set_clientdata_hash.html -/usr/share/doc/libfido2/fido_assert_set.html /usr/share/doc/libfido2/fido_assert_set_count.html -/usr/share/doc/libfido2/fido_assert_set.html /usr/share/doc/libfido2/fido_assert_set_options.html -/usr/share/doc/libfido2/fido_assert_set.html /usr/share/doc/libfido2/fido_assert_set_rp.html -/usr/share/doc/libfido2/fido_assert_set.html /usr/share/doc/libfido2/fido_assert_set_sig.html -/usr/share/doc/libfido2/fido_cred.html /usr/share/doc/libfido2/fido_cred_new.html -/usr/share/doc/libfido2/fido_cred.html /usr/share/doc/libfido2/fido_cred_free.html -/usr/share/doc/libfido2/fido_cred.html /usr/share/doc/libfido2/fido_cred_fmt.html -/usr/share/doc/libfido2/fido_cred.html /usr/share/doc/libfido2/fido_cred_authdata_ptr.html -/usr/share/doc/libfido2/fido_cred.html /usr/share/doc/libfido2/fido_cred_clientdata_hash_ptr.html -/usr/share/doc/libfido2/fido_cred.html /usr/share/doc/libfido2/fido_cred_id_ptr.html -/usr/share/doc/libfido2/fido_cred.html /usr/share/doc/libfido2/fido_cred_pubkey_ptr.html -/usr/share/doc/libfido2/fido_cred.html /usr/share/doc/libfido2/fido_cred_sig_ptr.html -/usr/share/doc/libfido2/fido_cred.html /usr/share/doc/libfido2/fido_cred_x5c_ptr.html -/usr/share/doc/libfido2/fido_cred.html /usr/share/doc/libfido2/fido_cred_authdata_len.html -/usr/share/doc/libfido2/fido_cred.html /usr/share/doc/libfido2/fido_cred_clientdata_hash_len.html -/usr/share/doc/libfido2/fido_cred.html /usr/share/doc/libfido2/fido_cred_id_len.html -/usr/share/doc/libfido2/fido_cred.html /usr/share/doc/libfido2/fido_cred_pubkey_len.html -/usr/share/doc/libfido2/fido_cred.html /usr/share/doc/libfido2/fido_cred_sig_len.html -/usr/share/doc/libfido2/fido_cred.html /usr/share/doc/libfido2/fido_cred_x5c_len.html -/usr/share/doc/libfido2/fido_cred_set.html /usr/share/doc/libfido2/fido_cred_set_authdata.html -/usr/share/doc/libfido2/fido_cred_set.html /usr/share/doc/libfido2/fido_cred_set_x509.html -/usr/share/doc/libfido2/fido_cred_set.html /usr/share/doc/libfido2/fido_cred_set_sig.html -/usr/share/doc/libfido2/fido_cred_set.html /usr/share/doc/libfido2/fido_cred_set_clientdata_hash.html -/usr/share/doc/libfido2/fido_cred_set.html /usr/share/doc/libfido2/fido_cred_set_rp.html -/usr/share/doc/libfido2/fido_cred_set.html /usr/share/doc/libfido2/fido_cred_set_user.html -/usr/share/doc/libfido2/fido_cred_set.html /usr/share/doc/libfido2/fido_cred_set_options.html -/usr/share/doc/libfido2/fido_cred_set.html /usr/share/doc/libfido2/fido_cred_set_fmt.html -/usr/share/doc/libfido2/fido_cred_set.html /usr/share/doc/libfido2/fido_cred_set_type.html -/usr/share/doc/libfido2/fido_dev_info_manifest.html /usr/share/doc/libfido2/fido_dev_info_new.html +/usr/share/man/man3/rs256_pk_new.3 /usr/share/man/man3/rs256_pk_free.3 +/usr/share/man/man3/rs256_pk_new.3 /usr/share/man/man3/rs256_pk_from_ptr.3 +/usr/share/man/man3/rs256_pk_new.3 /usr/share/man/man3/rs256_pk_from_RSA.3 +/usr/share/man/man3/rs256_pk_new.3 /usr/share/man/man3/rs256_pk_to_EVP_PKEY.3 +/usr/share/doc/libfido2/eddsa_pk_new.html /usr/share/doc/libfido2/eddsa_pk_free.html +/usr/share/doc/libfido2/eddsa_pk_new.html /usr/share/doc/libfido2/eddsa_pk_from_ptr.html +/usr/share/doc/libfido2/eddsa_pk_new.html /usr/share/doc/libfido2/eddsa_pk_to_EVP_PKEY.html +/usr/share/doc/libfido2/es256_pk_new.html /usr/share/doc/libfido2/es256_pk_free.html +/usr/share/doc/libfido2/es256_pk_new.html /usr/share/doc/libfido2/es256_pk_from_EC_KEY.html +/usr/share/doc/libfido2/es256_pk_new.html /usr/share/doc/libfido2/es256_pk_from_ptr.html +/usr/share/doc/libfido2/es256_pk_new.html /usr/share/doc/libfido2/es256_pk_to_EVP_PKEY.html +/usr/share/doc/libfido2/fido_assert_new.html /usr/share/doc/libfido2/fido_assert_authdata_len.html +/usr/share/doc/libfido2/fido_assert_new.html /usr/share/doc/libfido2/fido_assert_authdata_ptr.html +/usr/share/doc/libfido2/fido_assert_new.html /usr/share/doc/libfido2/fido_assert_clientdata_hash_len.html +/usr/share/doc/libfido2/fido_assert_new.html /usr/share/doc/libfido2/fido_assert_clientdata_hash_ptr.html +/usr/share/doc/libfido2/fido_assert_new.html /usr/share/doc/libfido2/fido_assert_count.html +/usr/share/doc/libfido2/fido_assert_new.html /usr/share/doc/libfido2/fido_assert_free.html +/usr/share/doc/libfido2/fido_assert_new.html /usr/share/doc/libfido2/fido_assert_hmac_secret_len.html +/usr/share/doc/libfido2/fido_assert_new.html /usr/share/doc/libfido2/fido_assert_hmac_secret_ptr.html +/usr/share/doc/libfido2/fido_assert_new.html /usr/share/doc/libfido2/fido_assert_sigcount.html +/usr/share/doc/libfido2/fido_assert_new.html /usr/share/doc/libfido2/fido_assert_sig_len.html +/usr/share/doc/libfido2/fido_assert_new.html /usr/share/doc/libfido2/fido_assert_sig_ptr.html +/usr/share/doc/libfido2/fido_assert_new.html /usr/share/doc/libfido2/fido_assert_user_display_name.html +/usr/share/doc/libfido2/fido_assert_new.html /usr/share/doc/libfido2/fido_assert_user_icon.html +/usr/share/doc/libfido2/fido_assert_new.html /usr/share/doc/libfido2/fido_assert_user_id_len.html +/usr/share/doc/libfido2/fido_assert_new.html /usr/share/doc/libfido2/fido_assert_user_id_ptr.html +/usr/share/doc/libfido2/fido_assert_new.html /usr/share/doc/libfido2/fido_assert_user_name.html +/usr/share/doc/libfido2/fido_assert_set_authdata.html /usr/share/doc/libfido2/fido_assert_set_clientdata_hash.html +/usr/share/doc/libfido2/fido_assert_set_authdata.html /usr/share/doc/libfido2/fido_assert_set_count.html +/usr/share/doc/libfido2/fido_assert_set_authdata.html /usr/share/doc/libfido2/fido_assert_set_extensions.html +/usr/share/doc/libfido2/fido_assert_set_authdata.html /usr/share/doc/libfido2/fido_assert_set_hmac_salt.html +/usr/share/doc/libfido2/fido_assert_set_authdata.html /usr/share/doc/libfido2/fido_assert_set_rp.html +/usr/share/doc/libfido2/fido_assert_set_authdata.html /usr/share/doc/libfido2/fido_assert_set_sig.html +/usr/share/doc/libfido2/fido_assert_set_authdata.html /usr/share/doc/libfido2/fido_assert_set_up.html +/usr/share/doc/libfido2/fido_assert_set_authdata.html /usr/share/doc/libfido2/fido_assert_set_uv.html +/usr/share/doc/libfido2/fido_bio_dev_get_info.html /usr/share/doc/libfido2/fido_bio_dev_enroll_begin.html +/usr/share/doc/libfido2/fido_bio_dev_get_info.html /usr/share/doc/libfido2/fido_bio_dev_enroll_cancel.html +/usr/share/doc/libfido2/fido_bio_dev_get_info.html /usr/share/doc/libfido2/fido_bio_dev_enroll_continue.html +/usr/share/doc/libfido2/fido_bio_dev_get_info.html /usr/share/doc/libfido2/fido_bio_dev_enroll_remove.html +/usr/share/doc/libfido2/fido_bio_dev_get_info.html /usr/share/doc/libfido2/fido_bio_dev_get_template_array.html +/usr/share/doc/libfido2/fido_bio_dev_get_info.html /usr/share/doc/libfido2/fido_bio_dev_set_template_name.html +/usr/share/doc/libfido2/fido_bio_enroll_new.html /usr/share/doc/libfido2/fido_bio_enroll_free.html +/usr/share/doc/libfido2/fido_bio_enroll_new.html /usr/share/doc/libfido2/fido_bio_enroll_last_status.html +/usr/share/doc/libfido2/fido_bio_enroll_new.html /usr/share/doc/libfido2/fido_bio_enroll_remaining_samples.html +/usr/share/doc/libfido2/fido_bio_info_new.html /usr/share/doc/libfido2/fido_bio_info_free.html +/usr/share/doc/libfido2/fido_bio_info_new.html /usr/share/doc/libfido2/fido_bio_info_max_samples.html +/usr/share/doc/libfido2/fido_bio_info_new.html /usr/share/doc/libfido2/fido_bio_info_type.html +/usr/share/doc/libfido2/fido_bio_template.html /usr/share/doc/libfido2/fido_bio_template_array_count.html +/usr/share/doc/libfido2/fido_bio_template.html /usr/share/doc/libfido2/fido_bio_template_array_free.html +/usr/share/doc/libfido2/fido_bio_template.html /usr/share/doc/libfido2/fido_bio_template_array_new.html +/usr/share/doc/libfido2/fido_bio_template.html /usr/share/doc/libfido2/fido_bio_template_free.html +/usr/share/doc/libfido2/fido_bio_template.html /usr/share/doc/libfido2/fido_bio_template_id_len.html +/usr/share/doc/libfido2/fido_bio_template.html /usr/share/doc/libfido2/fido_bio_template_id_ptr.html +/usr/share/doc/libfido2/fido_bio_template.html /usr/share/doc/libfido2/fido_bio_template_name.html +/usr/share/doc/libfido2/fido_bio_template.html /usr/share/doc/libfido2/fido_bio_template_new.html +/usr/share/doc/libfido2/fido_bio_template.html /usr/share/doc/libfido2/fido_bio_template_set_id.html +/usr/share/doc/libfido2/fido_bio_template.html /usr/share/doc/libfido2/fido_bio_template_set_name.html +/usr/share/doc/libfido2/fido_cbor_info_new.html /usr/share/doc/libfido2/fido_cbor_info_aaguid_len.html +/usr/share/doc/libfido2/fido_cbor_info_new.html /usr/share/doc/libfido2/fido_cbor_info_aaguid_ptr.html +/usr/share/doc/libfido2/fido_cbor_info_new.html /usr/share/doc/libfido2/fido_cbor_info_extensions_len.html +/usr/share/doc/libfido2/fido_cbor_info_new.html /usr/share/doc/libfido2/fido_cbor_info_extensions_ptr.html +/usr/share/doc/libfido2/fido_cbor_info_new.html /usr/share/doc/libfido2/fido_cbor_info_free.html +/usr/share/doc/libfido2/fido_cbor_info_new.html /usr/share/doc/libfido2/fido_cbor_info_maxmsgsiz.html +/usr/share/doc/libfido2/fido_cbor_info_new.html /usr/share/doc/libfido2/fido_cbor_info_options_len.html +/usr/share/doc/libfido2/fido_cbor_info_new.html /usr/share/doc/libfido2/fido_cbor_info_options_name_ptr.html +/usr/share/doc/libfido2/fido_cbor_info_new.html /usr/share/doc/libfido2/fido_cbor_info_options_value_ptr.html +/usr/share/doc/libfido2/fido_cbor_info_new.html /usr/share/doc/libfido2/fido_cbor_info_protocols_len.html +/usr/share/doc/libfido2/fido_cbor_info_new.html /usr/share/doc/libfido2/fido_cbor_info_protocols_ptr.html +/usr/share/doc/libfido2/fido_cbor_info_new.html /usr/share/doc/libfido2/fido_cbor_info_versions_len.html +/usr/share/doc/libfido2/fido_cbor_info_new.html /usr/share/doc/libfido2/fido_cbor_info_versions_ptr.html +/usr/share/doc/libfido2/fido_cbor_info_new.html /usr/share/doc/libfido2/fido_dev_get_cbor_info.html +/usr/share/doc/libfido2/fido_cred_new.html /usr/share/doc/libfido2/fido_cred_authdata_len.html +/usr/share/doc/libfido2/fido_cred_new.html /usr/share/doc/libfido2/fido_cred_authdata_ptr.html +/usr/share/doc/libfido2/fido_cred_new.html /usr/share/doc/libfido2/fido_cred_clientdata_hash_len.html +/usr/share/doc/libfido2/fido_cred_new.html /usr/share/doc/libfido2/fido_cred_clientdata_hash_ptr.html +/usr/share/doc/libfido2/fido_cred_new.html /usr/share/doc/libfido2/fido_cred_fmt.html +/usr/share/doc/libfido2/fido_cred_new.html /usr/share/doc/libfido2/fido_cred_free.html +/usr/share/doc/libfido2/fido_cred_new.html /usr/share/doc/libfido2/fido_cred_id_len.html +/usr/share/doc/libfido2/fido_cred_new.html /usr/share/doc/libfido2/fido_cred_id_ptr.html +/usr/share/doc/libfido2/fido_cred_new.html /usr/share/doc/libfido2/fido_cred_prot.html +/usr/share/doc/libfido2/fido_cred_new.html /usr/share/doc/libfido2/fido_cred_pubkey_len.html +/usr/share/doc/libfido2/fido_cred_new.html /usr/share/doc/libfido2/fido_cred_pubkey_ptr.html +/usr/share/doc/libfido2/fido_cred_new.html /usr/share/doc/libfido2/fido_cred_sig_len.html +/usr/share/doc/libfido2/fido_cred_new.html /usr/share/doc/libfido2/fido_cred_sig_ptr.html +/usr/share/doc/libfido2/fido_cred_new.html /usr/share/doc/libfido2/fido_cred_x5c_len.html +/usr/share/doc/libfido2/fido_cred_new.html /usr/share/doc/libfido2/fido_cred_x5c_ptr.html +/usr/share/doc/libfido2/fido_credman_metadata_new.html /usr/share/doc/libfido2/fido_credman_del_dev_rk.html +/usr/share/doc/libfido2/fido_credman_metadata_new.html /usr/share/doc/libfido2/fido_credman_get_dev_metadata.html +/usr/share/doc/libfido2/fido_credman_metadata_new.html /usr/share/doc/libfido2/fido_credman_get_dev_rk.html +/usr/share/doc/libfido2/fido_credman_metadata_new.html /usr/share/doc/libfido2/fido_credman_get_dev_rp.html +/usr/share/doc/libfido2/fido_credman_metadata_new.html /usr/share/doc/libfido2/fido_credman_metadata_free.html +/usr/share/doc/libfido2/fido_credman_metadata_new.html /usr/share/doc/libfido2/fido_credman_rk.html +/usr/share/doc/libfido2/fido_credman_metadata_new.html /usr/share/doc/libfido2/fido_credman_rk_count.html +/usr/share/doc/libfido2/fido_credman_metadata_new.html /usr/share/doc/libfido2/fido_credman_rk_existing.html +/usr/share/doc/libfido2/fido_credman_metadata_new.html /usr/share/doc/libfido2/fido_credman_rk_free.html +/usr/share/doc/libfido2/fido_credman_metadata_new.html /usr/share/doc/libfido2/fido_credman_rk_new.html +/usr/share/doc/libfido2/fido_credman_metadata_new.html /usr/share/doc/libfido2/fido_credman_rk_remaining.html +/usr/share/doc/libfido2/fido_credman_metadata_new.html /usr/share/doc/libfido2/fido_credman_rp_count.html +/usr/share/doc/libfido2/fido_credman_metadata_new.html /usr/share/doc/libfido2/fido_credman_rp_free.html +/usr/share/doc/libfido2/fido_credman_metadata_new.html /usr/share/doc/libfido2/fido_credman_rp_id.html +/usr/share/doc/libfido2/fido_credman_metadata_new.html /usr/share/doc/libfido2/fido_credman_rp_id_hash_len.html +/usr/share/doc/libfido2/fido_credman_metadata_new.html /usr/share/doc/libfido2/fido_credman_rp_id_hash_ptr.html +/usr/share/doc/libfido2/fido_credman_metadata_new.html /usr/share/doc/libfido2/fido_credman_rp_name.html +/usr/share/doc/libfido2/fido_credman_metadata_new.html /usr/share/doc/libfido2/fido_credman_rp_new.html +/usr/share/doc/libfido2/fido_cred_set_authdata.html /usr/share/doc/libfido2/fido_cred_set_authdata_raw.html +/usr/share/doc/libfido2/fido_cred_set_authdata.html /usr/share/doc/libfido2/fido_cred_set_clientdata_hash.html +/usr/share/doc/libfido2/fido_cred_set_authdata.html /usr/share/doc/libfido2/fido_cred_set_extensions.html +/usr/share/doc/libfido2/fido_cred_set_authdata.html /usr/share/doc/libfido2/fido_cred_set_fmt.html +/usr/share/doc/libfido2/fido_cred_set_authdata.html /usr/share/doc/libfido2/fido_cred_set_prot.html +/usr/share/doc/libfido2/fido_cred_set_authdata.html /usr/share/doc/libfido2/fido_cred_set_rk.html +/usr/share/doc/libfido2/fido_cred_set_authdata.html /usr/share/doc/libfido2/fido_cred_set_rp.html +/usr/share/doc/libfido2/fido_cred_set_authdata.html /usr/share/doc/libfido2/fido_cred_set_sig.html +/usr/share/doc/libfido2/fido_cred_set_authdata.html /usr/share/doc/libfido2/fido_cred_set_type.html +/usr/share/doc/libfido2/fido_cred_set_authdata.html /usr/share/doc/libfido2/fido_cred_set_user.html +/usr/share/doc/libfido2/fido_cred_set_authdata.html /usr/share/doc/libfido2/fido_cred_set_uv.html +/usr/share/doc/libfido2/fido_cred_set_authdata.html /usr/share/doc/libfido2/fido_cred_set_x509.html /usr/share/doc/libfido2/fido_dev_info_manifest.html /usr/share/doc/libfido2/fido_dev_info_free.html -/usr/share/doc/libfido2/fido_dev_info_manifest.html /usr/share/doc/libfido2/fido_dev_info_ptr.html +/usr/share/doc/libfido2/fido_dev_info_manifest.html /usr/share/doc/libfido2/fido_dev_info_manufacturer_string.html +/usr/share/doc/libfido2/fido_dev_info_manifest.html /usr/share/doc/libfido2/fido_dev_info_new.html /usr/share/doc/libfido2/fido_dev_info_manifest.html /usr/share/doc/libfido2/fido_dev_info_path.html /usr/share/doc/libfido2/fido_dev_info_manifest.html /usr/share/doc/libfido2/fido_dev_info_product.html -/usr/share/doc/libfido2/fido_dev_info_manifest.html /usr/share/doc/libfido2/fido_dev_info_vendor.html -/usr/share/doc/libfido2/fido_dev_info_manifest.html /usr/share/doc/libfido2/fido_dev_info_docufacturer_string.html /usr/share/doc/libfido2/fido_dev_info_manifest.html /usr/share/doc/libfido2/fido_dev_info_product_string.html +/usr/share/doc/libfido2/fido_dev_info_manifest.html /usr/share/doc/libfido2/fido_dev_info_ptr.html +/usr/share/doc/libfido2/fido_dev_info_manifest.html /usr/share/doc/libfido2/fido_dev_info_vendor.html +/usr/share/doc/libfido2/fido_dev_open.html /usr/share/doc/libfido2/fido_dev_build.html +/usr/share/doc/libfido2/fido_dev_open.html /usr/share/doc/libfido2/fido_dev_cancel.html /usr/share/doc/libfido2/fido_dev_open.html /usr/share/doc/libfido2/fido_dev_close.html -/usr/share/doc/libfido2/fido_dev_open.html /usr/share/doc/libfido2/fido_dev_new.html +/usr/share/doc/libfido2/fido_dev_open.html /usr/share/doc/libfido2/fido_dev_flags.html +/usr/share/doc/libfido2/fido_dev_open.html /usr/share/doc/libfido2/fido_dev_force_fido2.html +/usr/share/doc/libfido2/fido_dev_open.html /usr/share/doc/libfido2/fido_dev_force_u2f.html /usr/share/doc/libfido2/fido_dev_open.html /usr/share/doc/libfido2/fido_dev_free.html /usr/share/doc/libfido2/fido_dev_open.html /usr/share/doc/libfido2/fido_dev_is_fido2.html -/usr/share/doc/libfido2/fido_dev_open.html /usr/share/doc/libfido2/fido_dev_protocol.html -/usr/share/doc/libfido2/fido_dev_open.html /usr/share/doc/libfido2/fido_dev_build.html -/usr/share/doc/libfido2/fido_dev_open.html /usr/share/doc/libfido2/fido_dev_flags.html /usr/share/doc/libfido2/fido_dev_open.html /usr/share/doc/libfido2/fido_dev_major.html /usr/share/doc/libfido2/fido_dev_open.html /usr/share/doc/libfido2/fido_dev_minor.html +/usr/share/doc/libfido2/fido_dev_open.html /usr/share/doc/libfido2/fido_dev_new.html +/usr/share/doc/libfido2/fido_dev_open.html /usr/share/doc/libfido2/fido_dev_protocol.html /usr/share/doc/libfido2/fido_dev_set_pin.html /usr/share/doc/libfido2/fido_dev_get_retry_count.html /usr/share/doc/libfido2/fido_dev_set_pin.html /usr/share/doc/libfido2/fido_dev_reset.html -/usr/share/doc/libfido2/rs256_pk.html /usr/share/doc/libfido2/rs256_pk_new.html -/usr/share/doc/libfido2/rs256_pk.html /usr/share/doc/libfido2/rs256_pk_free.html -/usr/share/doc/libfido2/rs256_pk.html /usr/share/doc/libfido2/rs256_pk_from_RSA.html -/usr/share/doc/libfido2/rs256_pk.html /usr/share/doc/libfido2/rs256_pk_from_ptr.html -/usr/share/doc/libfido2/rs256_pk.html /usr/share/doc/libfido2/rs256_pk_to_EVP_PKEY.html +/usr/share/doc/libfido2/rs256_pk_new.html /usr/share/doc/libfido2/rs256_pk_free.html +/usr/share/doc/libfido2/rs256_pk_new.html /usr/share/doc/libfido2/rs256_pk_from_ptr.html +/usr/share/doc/libfido2/rs256_pk_new.html /usr/share/doc/libfido2/rs256_pk_from_RSA.html +/usr/share/doc/libfido2/rs256_pk_new.html /usr/share/doc/libfido2/rs256_pk_to_EVP_PKEY.html diff --git a/debian/libfido2-dev.manpages b/debian/libfido2-dev.manpages index 1dab8b8..228a13e 100644 --- a/debian/libfido2-dev.manpages +++ b/debian/libfido2-dev.manpages @@ -1,13 +1,19 @@ -man/es256_pk.3 -man/fido.3 -man/fido_assert.3 +man/eddsa_pk_new.3 +man/es256_pk_new.3 +man/fido_init.3 +man/fido_assert_new.3 man/fido_assert_allow_cred.3 -man/fido_assert_set.3 +man/fido_assert_set_authdata.3 man/fido_assert_verify.3 -man/fido_cbor_info.3 -man/fido_cred.3 +man/fido_bio_dev_get_info.3 +man/fido_bio_enroll_new.3 +man/fido_bio_info_new.3 +man/fido_bio_template.3 +man/fido_cbor_info_new.3 +man/fido_cred_new.3 man/fido_cred_exclude.3 -man/fido_cred_set.3 +man/fido_credman_metadata_new.3 +man/fido_cred_set_authdata.3 man/fido_cred_verify.3 man/fido_dev_get_assert.3 man/fido_dev_info_manifest.3 @@ -16,4 +22,4 @@ man/fido_dev_open.3 man/fido_dev_set_io_functions.3 man/fido_dev_set_pin.3 man/fido_strerr.3 -man/rs256_pk.3 +man/rs256_pk_new.3 diff --git a/examples/CMakeLists.txt b/examples/CMakeLists.txt index 957311e..1203592 100644 --- a/examples/CMakeLists.txt +++ b/examples/CMakeLists.txt @@ -8,7 +8,7 @@ list(APPEND COMPAT_SOURCES ../openbsd-compat/strlcpy.c ) -if(WIN32) +if(WIN32 AND NOT CYGWIN AND NOT MSYS) list(APPEND COMPAT_SOURCES ../openbsd-compat/posix_win.c) endif() diff --git a/examples/cred.c b/examples/cred.c index e471f7e..3e0a30f 100644 --- a/examples/cred.c +++ b/examples/cred.c @@ -139,6 +139,27 @@ verify_cred(int type, const char *fmt, const unsigned char *authdata_ptr, fido_cred_free(&cred); } +static fido_dev_t * +open_from_manifest(const fido_dev_info_t *dev_infos, size_t len, + const char *path) +{ + size_t i; + fido_dev_t *dev; + + for (i = 0; i < len; i++) { + const fido_dev_info_t *curr = fido_dev_info_ptr(dev_infos, i); + if (path == NULL || + strcmp(path, fido_dev_info_path(curr)) == 0) { + dev = fido_dev_new_with_info(curr); + if (fido_dev_open_with_info(dev) == FIDO_OK) + return (dev); + fido_dev_free(&dev); + } + } + + return (NULL); +} + int main(int argc, char **argv) { @@ -150,6 +171,7 @@ main(int argc, char **argv) const char *pin = NULL; const char *key_out = NULL; const char *id_out = NULL; + const char *path = NULL; unsigned char *body = NULL; long long seconds = 0; size_t len; @@ -157,6 +179,8 @@ main(int argc, char **argv) int ext = 0; int ch; int r; + fido_dev_info_t *dev_infos = NULL; + size_t dev_infos_len = 0; if ((cred = fido_cred_new()) == NULL) errx(1, "fido_cred_new"); @@ -218,19 +242,21 @@ main(int argc, char **argv) } } + fido_init(0); + argc -= optind; argv += optind; - if (argc != 1) + if (argc > 1) usage(); + dev_infos = fido_dev_info_new(16); + fido_dev_info_manifest(dev_infos, 16, &dev_infos_len); + if (argc == 1) + path = argv[0]; - fido_init(0); - - if ((dev = fido_dev_new()) == NULL) - errx(1, "fido_dev_new"); + if ((dev = open_from_manifest(dev_infos, dev_infos_len, path)) == NULL) + errx(1, "open_from_manifest"); - if ((r = fido_dev_open(dev, argv[0])) != FIDO_OK) - errx(1, "fido_dev_open: %s (0x%x)", fido_strerr(r), r); if (u2f) fido_dev_force_u2f(dev); diff --git a/examples/info.c b/examples/info.c index e79729c..ef0d97e 100644 --- a/examples/info.c +++ b/examples/info.c @@ -130,6 +130,15 @@ print_maxmsgsiz(uint64_t maxmsgsiz) printf("maxmsgsiz: %d\n", (int)maxmsgsiz); } +/* + * Auxiliary function to print an authenticator's firmware version on stdout. + */ +static void +print_fwversion(uint64_t fwversion) +{ + printf("fwversion: 0x%x\n", (int)fwversion); +} + /* * Auxiliary function to print an array of bytes on stdout. */ @@ -190,6 +199,9 @@ getinfo(const char *path) /* print maximum message size */ print_maxmsgsiz(fido_cbor_info_maxmsgsiz(ci)); + /* print firmware version */ + print_fwversion(fido_cbor_info_fwversion(ci)); + /* print supported pin protocols */ print_byte_array("pin protocols", fido_cbor_info_protocols_ptr(ci), fido_cbor_info_protocols_len(ci)); diff --git a/fuzz/CMakeLists.txt b/fuzz/CMakeLists.txt index ad30aa3..241cdc7 100644 --- a/fuzz/CMakeLists.txt +++ b/fuzz/CMakeLists.txt @@ -9,10 +9,8 @@ list(APPEND COMPAT_SOURCES list(APPEND COMMON_SOURCES mutator_aux.c - uniform_random.c ) - # fuzz_cred add_executable(fuzz_cred fuzz_cred.c ${COMMON_SOURCES} ${COMPAT_SOURCES}) target_compile_options(fuzz_cred PRIVATE ${FUZZ_LDFLAGS}) diff --git a/fuzz/Dockerfile b/fuzz/Dockerfile new file mode 100644 index 0000000..68afd99 --- /dev/null +++ b/fuzz/Dockerfile @@ -0,0 +1,10 @@ +# Copyright (c) 2019 Yubico AB. All rights reserved. +# Use of this source code is governed by a BSD-style +# license that can be found in the LICENSE file. + +FROM ubuntu:bionic +RUN apt-get update +RUN apt-get install -y clang-9 cmake git libssl-dev libudev-dev make pkg-config +RUN git clone --branch v0.5.0 https://github.com/PJK/libcbor +RUN git clone https://github.com/yubico/libfido2 +RUN CC=clang-9 /libfido2/fuzz/build-coverage /libcbor /libfido2 diff --git a/fuzz/Makefile b/fuzz/Makefile new file mode 100644 index 0000000..c8fe0b8 --- /dev/null +++ b/fuzz/Makefile @@ -0,0 +1,78 @@ +# Copyright (c) 2019 Yubico AB. All rights reserved. +# Use of this source code is governed by a BSD-style +# license that can be found in the LICENSE file. + +IMAGE := libfido2-coverage:1.3.0 +RUNNER := libfido2-runner +PROFDATA := llvm-profdata-9 +COV := llvm-cov-9 +TARGETS := fuzz_assert fuzz_bio fuzz_cred fuzz_credman fuzz_mgmt +CORPORA := $(foreach f,${TARGETS},${f}/corpus) +MINIFY := $(foreach f,${TARGETS},/minify/${f}/corpus) +REMOTE := gs://libfido2-corpus.clusterfuzz-external.appspot.com +.DEFAULT_GOAL := all + +all: ${TARGETS} + +build: + docker build -t ${IMAGE} - < Dockerfile + +run: build + -docker run -it -d --name ${RUNNER} ${IMAGE} + docker start ${RUNNER} + +sync: run + tar Ccf .. - src fuzz | docker exec -i ${RUNNER} tar Cxf /libfido2 - + docker exec ${RUNNER} make -C libfido2/build + +corpus: sync + docker exec ${RUNNER} /bin/bash -c 'cd /libfido2/fuzz && rm -rf ${TARGETS}' + docker exec ${RUNNER} tar Czxf /libfido2/fuzz /libfido2/fuzz/corpus.tgz + +${TARGETS}: corpus sync + docker exec -e LLVM_PROFILE_FILE=/profraw/$@ ${RUNNER} \ + /bin/bash -c 'rm -f /profraw/$@ && /libfido2/build/fuzz/$@ \ + -runs=1 /libfido2/fuzz/$@' + +${MINIFY}: /minify/%/corpus: % + docker exec ${RUNNER} /bin/bash -c 'rm -rf $@ && mkdir -p $@ && \ + /libfido2/build/fuzz/$< -use_value_profile=1 -merge=1 $@ \ + /libfido2/fuzz/$ $@ + +profdata: run + docker exec ${RUNNER} /bin/bash -c 'rm -f /$@ && ${PROFDATA} \ + merge -sparse profraw/* -o $@' + +report.tgz: profdata + docker exec ${RUNNER} /bin/bash -c 'rm -rf /report && mkdir /report && \ + ${COV} show -format=html -tab-size=8 -instr-profile=/$< \ + -output-dir=/report /libfido2/build/src/libfido2.so' + docker exec -i ${RUNNER} tar Czcf / - report > $@ + +summary.txt: profdata + docker exec ${RUNNER} ${COV} report -use-color=false \ + /libfido2/build/src/libfido2.so -instr-profile=/$< > $@ + +functions.txt: profdata + docker exec ${RUNNER} /bin/bash -c '${COV} report -use-color=false \ + -show-functions -instr-profile=/$< \ + /libfido2/build/src/libfido2.so /libfido2/src/*.[ch]' > $@ + +clean: run + docker exec ${RUNNER} /bin/bash -c 'rm -rf /profraw /profdata && \ + make -C /libfido2/build clean' + -docker stop ${RUNNER} + rm -rf ${TARGETS} + +${CORPORA}: + -mkdir -p $@ + gsutil -q -m rsync -d -r ${REMOTE}/libFuzzer/libfido2_$(@:/corpus=) $@ + +corpus.tgz: ${CORPORA} + tar zcf $@ ${TARGETS} + +.PHONY: build run sync corpus ${TARGETS} ${CORPORA} +.PHONY: report.tgz summary.txt functions.txt diff --git a/fuzz/README b/fuzz/README index ecb02bb..42646e4 100644 --- a/fuzz/README +++ b/fuzz/README @@ -129,7 +129,7 @@ When running under ASAN, you may want to set ASAN_OPTIONS to The recommended way to run the harnesses is: $ fuzz_{assert,cred,credman,mgmt} -use_value_profile=1 -reload=30 \ - -print_pcs=1 -print_funcs=30 -timeout=10 -max_len=17408 CORPUS_DIR + -print_pcs=1 -print_funcs=30 -timeout=10 CORPUS_DIR You may want to use -jobs or -workers depending on the number of logical cores available for fuzzing. diff --git a/fuzz/build-coverage b/fuzz/build-coverage new file mode 100755 index 0000000..af9f8df --- /dev/null +++ b/fuzz/build-coverage @@ -0,0 +1,27 @@ +#!/bin/bash -eux +# +# Copyright (c) 2019 Yubico AB. All rights reserved. +# Use of this source code is governed by a BSD-style +# license that can be found in the LICENSE file. + +LIBCBOR=$1 +LIBFIDO2=$2 + +CC=${CC:-clang} +PKG_CONFIG_PATH=${PKG_CONFIG_PATH:-${LIBCBOR}/install/lib/pkgconfig} +export CC PKG_CONFIG_PATH + +# Clean up. +rm -rf ${LIBCBOR}/build ${LIBCBOR}/install ${LIBFIDO2}/build + +# Patch, build, and install libcbor. +(cd ${LIBCBOR} && patch -N -l -s -p0 < ${LIBFIDO2}/fuzz/README) || true +mkdir ${LIBCBOR}/build ${LIBCBOR}/install +(cd ${LIBCBOR}/build && cmake -DCMAKE_INSTALL_PREFIX=${LIBCBOR}/install ..) +make -C ${LIBCBOR}/build all install + +# Build libfido2. +mkdir -p ${LIBFIDO2}/build +(cd ${LIBFIDO2}/build && cmake -DFUZZ=1 -DLIBFUZZER=1 -DCOVERAGE=1 \ + -DCMAKE_BUILD_TYPE=Debug ..) +make -C ${LIBFIDO2}/build diff --git a/fuzz/corpus.tgz b/fuzz/corpus.tgz deleted file mode 100644 index 9da3099..0000000 Binary files a/fuzz/corpus.tgz and /dev/null differ diff --git a/fuzz/dummy.h b/fuzz/dummy.h new file mode 100644 index 0000000..a899e4a --- /dev/null +++ b/fuzz/dummy.h @@ -0,0 +1,96 @@ +/* + * Copyright (c) 2020 Yubico AB. All rights reserved. + * Use of this source code is governed by a BSD-style + * license that can be found in the LICENSE file. + */ + +#ifndef _DUMMY_H +#define _DUMMY_H + +#include + +const char dummy_name[] = "finger1"; +const char dummy_pin[] = "9}4gT:8d=A37Dh}U"; +const char dummy_rp_id[] = "localhost"; +const char dummy_rp_name[] = "sweet home localhost"; +const char dummy_user_icon[] = "an icon"; +const char dummy_user_name[] = "john smith"; +const char dummy_user_nick[] = "jsmith"; +const uint8_t dummy_id[] = { 0x5e, 0xd2 }; +const char dummy_pin1[] = "skepp cg0u3;Y.."; +const char dummy_pin2[] = "bastilha 6rJrfQZI."; + +const uint8_t dummy_user_id[] = { + 0x78, 0x1c, 0x78, 0x60, 0xad, 0x88, 0xd2, 0x63, + 0x32, 0x62, 0x2a, 0xf1, 0x74, 0x5d, 0xed, 0xb2, + 0xe7, 0xa4, 0x2b, 0x44, 0x89, 0x29, 0x39, 0xc5, + 0x56, 0x64, 0x01, 0x27, 0x0d, 0xbb, 0xc4, 0x49, +}; + +const uint8_t dummy_cred_id[] = { + 0x4f, 0x72, 0x98, 0x42, 0x4a, 0xe1, 0x17, 0xa5, + 0x85, 0xa0, 0xef, 0x3b, 0x11, 0x24, 0x4a, 0x3d, +}; + +const uint8_t dummy_cdh[] = { + 0xec, 0x8d, 0x8f, 0x78, 0x42, 0x4a, 0x2b, 0xb7, + 0x82, 0x34, 0xaa, 0xca, 0x07, 0xa1, 0xf6, 0x56, + 0x42, 0x1c, 0xb6, 0xf6, 0xb3, 0x00, 0x86, 0x52, + 0x35, 0x2d, 0xa2, 0x62, 0x4a, 0xbe, 0x89, 0x76, +}; + +const uint8_t dummy_es256[] = { + 0xcc, 0x1b, 0x50, 0xac, 0xc4, 0x19, 0xf8, 0x3a, + 0xee, 0x0a, 0x77, 0xd6, 0xf3, 0x53, 0xdb, 0xef, + 0xf2, 0xb9, 0x5c, 0x2d, 0x8b, 0x1e, 0x52, 0x58, + 0x88, 0xf4, 0x0b, 0x85, 0x1f, 0x40, 0x6d, 0x18, + 0x15, 0xb3, 0xcc, 0x25, 0x7c, 0x38, 0x3d, 0xec, + 0xdf, 0xad, 0xbd, 0x46, 0x91, 0xc3, 0xac, 0x30, + 0x94, 0x2a, 0xf7, 0x78, 0x35, 0x70, 0x59, 0x6f, + 0x28, 0xcb, 0x8e, 0x07, 0x85, 0xb5, 0x91, 0x96, +}; + +const uint8_t dummy_rs256[] = { + 0xd2, 0xa8, 0xc0, 0x11, 0x82, 0x9e, 0x57, 0x2e, + 0x60, 0xae, 0x8c, 0xb0, 0x09, 0xe1, 0x58, 0x2b, + 0x99, 0xec, 0xc3, 0x11, 0x1b, 0xef, 0x81, 0x49, + 0x34, 0x53, 0x6a, 0x01, 0x65, 0x2c, 0x24, 0x09, + 0x30, 0x87, 0x98, 0x51, 0x6e, 0x30, 0x4f, 0x60, + 0xbd, 0x54, 0xd2, 0x54, 0xbd, 0x94, 0x42, 0xdd, + 0x63, 0xe5, 0x2c, 0xc6, 0x04, 0x32, 0xc0, 0x8f, + 0x72, 0xd5, 0xb4, 0xf0, 0x4f, 0x42, 0xe5, 0xb0, + 0xa2, 0x95, 0x11, 0xfe, 0xd8, 0xb0, 0x65, 0x34, + 0xff, 0xfb, 0x44, 0x97, 0x52, 0xfc, 0x67, 0x23, + 0x0b, 0xad, 0xf3, 0x3a, 0x82, 0xd4, 0x96, 0x10, + 0x87, 0x6b, 0xfa, 0xd6, 0x51, 0x60, 0x3e, 0x1c, + 0xae, 0x19, 0xb8, 0xce, 0x08, 0xae, 0x9a, 0xee, + 0x78, 0x16, 0x22, 0xcc, 0x92, 0xcb, 0xa8, 0x95, + 0x34, 0xe5, 0xb9, 0x42, 0x6a, 0xf0, 0x2e, 0x82, + 0x1f, 0x4c, 0x7d, 0x84, 0x94, 0x68, 0x7b, 0x97, + 0x2b, 0xf7, 0x7d, 0x67, 0x83, 0xbb, 0xc7, 0x8a, + 0x31, 0x5a, 0xf3, 0x2a, 0x95, 0xdf, 0x63, 0xe7, + 0x4e, 0xee, 0x26, 0xda, 0x87, 0x00, 0xe2, 0x23, + 0x4a, 0x33, 0x9a, 0xa0, 0x1b, 0xce, 0x60, 0x1f, + 0x98, 0xa1, 0xb0, 0xdb, 0xbf, 0x20, 0x59, 0x27, + 0xf2, 0x06, 0xd9, 0xbe, 0x37, 0xa4, 0x03, 0x6b, + 0x6a, 0x4e, 0xaf, 0x22, 0x68, 0xf3, 0xff, 0x28, + 0x59, 0x05, 0xc9, 0xf1, 0x28, 0xf4, 0xbb, 0x35, + 0xe0, 0xc2, 0x68, 0xc2, 0xaa, 0x54, 0xac, 0x8c, + 0xc1, 0x69, 0x9e, 0x4b, 0x32, 0xfc, 0x53, 0x58, + 0x85, 0x7d, 0x3f, 0x51, 0xd1, 0xc9, 0x03, 0x02, + 0x13, 0x61, 0x62, 0xda, 0xf8, 0xfe, 0x3e, 0xc8, + 0x95, 0x12, 0xfb, 0x0c, 0xdf, 0x06, 0x65, 0x6f, + 0x23, 0xc7, 0x83, 0x7c, 0x50, 0x2d, 0x27, 0x25, + 0x4d, 0xbf, 0x94, 0xf0, 0x89, 0x04, 0xb9, 0x2d, + 0xc4, 0xa5, 0x32, 0xa9, 0x25, 0x0a, 0x99, 0x59, + 0x01, 0x00, 0x01, +}; + +const uint8_t dummy_eddsa[] = { + 0xfe, 0x8b, 0x61, 0x50, 0x31, 0x7a, 0xe6, 0xdf, + 0xb1, 0x04, 0x9d, 0x4d, 0xb5, 0x7a, 0x5e, 0x96, + 0x4c, 0xb2, 0xf9, 0x5f, 0x72, 0x47, 0xb5, 0x18, + 0xe2, 0x39, 0xdf, 0x2f, 0x87, 0x19, 0xb3, 0x02, +}; + +#endif /* !_DUMMY_H */ diff --git a/fuzz/export.gnu b/fuzz/export.gnu new file mode 100644 index 0000000..68463ff --- /dev/null +++ b/fuzz/export.gnu @@ -0,0 +1,189 @@ +{ + global: + eddsa_pk_free; + eddsa_pk_from_EVP_PKEY; + eddsa_pk_from_ptr; + eddsa_pk_new; + eddsa_pk_to_EVP_PKEY; + es256_pk_free; + es256_pk_from_EC_KEY; + es256_pk_from_ptr; + es256_pk_new; + es256_pk_to_EVP_PKEY; + fido_assert_allow_cred; + fido_assert_authdata_len; + fido_assert_authdata_ptr; + fido_assert_clientdata_hash_len; + fido_assert_clientdata_hash_ptr; + fido_assert_count; + fido_assert_flags; + fido_assert_free; + fido_assert_hmac_secret_len; + fido_assert_hmac_secret_ptr; + fido_assert_id_len; + fido_assert_id_ptr; + fido_assert_new; + fido_assert_rp_id; + fido_assert_set_authdata; + fido_assert_set_authdata_raw; + fido_assert_set_clientdata_hash; + fido_assert_set_count; + fido_assert_set_extensions; + fido_assert_set_hmac_salt; + fido_assert_set_options; + fido_assert_set_rp; + fido_assert_set_sig; + fido_assert_set_up; + fido_assert_set_uv; + fido_assert_sigcount; + fido_assert_sig_len; + fido_assert_sig_ptr; + fido_assert_user_display_name; + fido_assert_user_icon; + fido_assert_user_id_len; + fido_assert_user_id_ptr; + fido_assert_user_name; + fido_assert_verify; + fido_bio_dev_enroll_begin; + fido_bio_dev_enroll_cancel; + fido_bio_dev_enroll_continue; + fido_bio_dev_enroll_remove; + fido_bio_dev_get_info; + fido_bio_dev_get_template_array; + fido_bio_dev_set_template_name; + fido_bio_enroll_free; + fido_bio_enroll_last_status; + fido_bio_enroll_new; + fido_bio_enroll_remaining_samples; + fido_bio_info_free; + fido_bio_info_max_samples; + fido_bio_info_new; + fido_bio_info_type; + fido_bio_template; + fido_bio_template_array_count; + fido_bio_template_array_free; + fido_bio_template_array_new; + fido_bio_template_free; + fido_bio_template_id_len; + fido_bio_template_id_ptr; + fido_bio_template_name; + fido_bio_template_new; + fido_bio_template_set_id; + fido_bio_template_set_name; + fido_cbor_info_aaguid_len; + fido_cbor_info_aaguid_ptr; + fido_cbor_info_extensions_len; + fido_cbor_info_extensions_ptr; + fido_cbor_info_free; + fido_cbor_info_maxmsgsiz; + fido_cbor_info_fwversion; + fido_cbor_info_new; + fido_cbor_info_options_len; + fido_cbor_info_options_name_ptr; + fido_cbor_info_options_value_ptr; + fido_cbor_info_protocols_len; + fido_cbor_info_protocols_ptr; + fido_cbor_info_versions_len; + fido_cbor_info_versions_ptr; + fido_cred_authdata_len; + fido_cred_authdata_ptr; + fido_cred_clientdata_hash_len; + fido_cred_clientdata_hash_ptr; + fido_cred_display_name; + fido_cred_exclude; + fido_cred_flags; + fido_cred_fmt; + fido_cred_free; + fido_cred_id_len; + fido_cred_id_ptr; + fido_credman_del_dev_rk; + fido_credman_get_dev_metadata; + fido_credman_get_dev_rk; + fido_credman_get_dev_rp; + fido_credman_metadata_free; + fido_credman_metadata_new; + fido_credman_rk; + fido_credman_rk_count; + fido_credman_rk_existing; + fido_credman_rk_free; + fido_credman_rk_new; + fido_credman_rk_remaining; + fido_credman_rp_count; + fido_credman_rp_free; + fido_credman_rp_id; + fido_credman_rp_id_hash_len; + fido_credman_rp_id_hash_ptr; + fido_credman_rp_name; + fido_credman_rp_new; + fido_cred_new; + fido_cred_prot; + fido_cred_pubkey_len; + fido_cred_pubkey_ptr; + fido_cred_rp_id; + fido_cred_rp_name; + fido_cred_set_authdata; + fido_cred_set_authdata_raw; + fido_cred_set_clientdata_hash; + fido_cred_set_extensions; + fido_cred_set_fmt; + fido_cred_set_options; + fido_cred_set_prot; + fido_cred_set_rk; + fido_cred_set_rp; + fido_cred_set_sig; + fido_cred_set_type; + fido_cred_set_user; + fido_cred_set_uv; + fido_cred_set_x509; + fido_cred_sig_len; + fido_cred_sig_ptr; + fido_cred_type; + fido_cred_user_id_len; + fido_cred_user_id_ptr; + fido_cred_user_name; + fido_cred_verify; + fido_cred_verify_self; + fido_cred_x5c_len; + fido_cred_x5c_ptr; + fido_dev_build; + fido_dev_cancel; + fido_dev_close; + fido_dev_flags; + fido_dev_force_fido2; + fido_dev_force_u2f; + fido_dev_free; + fido_dev_get_assert; + fido_dev_get_cbor_info; + fido_dev_get_retry_count; + fido_dev_info_free; + fido_dev_info_manifest; + fido_dev_info_manufacturer_string; + fido_dev_info_new; + fido_dev_info_path; + fido_dev_info_product; + fido_dev_info_product_string; + fido_dev_info_ptr; + fido_dev_info_vendor; + fido_dev_is_fido2; + fido_dev_major; + fido_dev_make_cred; + fido_dev_minor; + fido_dev_new; + fido_dev_open; + fido_dev_protocol; + fido_dev_reset; + fido_dev_set_io_functions; + fido_dev_set_pin; + fido_init; + fido_set_log_handler; + fido_strerr; + rs256_pk_free; + rs256_pk_from_ptr; + rs256_pk_from_RSA; + rs256_pk_new; + rs256_pk_to_EVP_PKEY; + prng_init; + uniform_random; + local: + *; +}; diff --git a/fuzz/functions.txt b/fuzz/functions.txt index cd652f2..27a9608 100644 --- a/fuzz/functions.txt +++ b/fuzz/functions.txt @@ -1,4 +1,4 @@ -File '/home/pedro/projects/libfido2/src/aes256.c': +File '/libfido2/src/aes256.c': Name Regions Miss Cover Lines Miss Cover ----------------------------------------------------------------------------- aes256_cbc_enc 28 0 100.00% 41 0 100.00% @@ -6,14 +6,15 @@ aes256_cbc_dec 28 0 100.00% 41 0 100.00% ----------------------------------------------------------------------------- TOTAL 56 0 100.00% 82 0 100.00% -File '/home/pedro/projects/libfido2/src/assert.c': +File '/libfido2/src/assert.c': Name Regions Miss Cover Lines Miss Cover --------------------------------------------------------------------------------------- fido_dev_get_assert 35 3 91.43% 38 4 89.47% fido_check_flags 13 0 100.00% 18 0 100.00% +fido_get_signed_hash 32 0 100.00% 46 0 100.00% fido_verify_sig_es256 17 2 88.24% 31 7 77.42% fido_verify_sig_rs256 17 2 88.24% 31 7 77.42% -fido_verify_sig_eddsa 23 2 91.30% 43 7 83.72% +fido_verify_sig_eddsa 23 4 82.61% 43 13 69.77% fido_assert_verify 48 4 91.67% 79 4 94.94% fido_assert_set_clientdata_hash 6 0 100.00% 6 0 100.00% fido_assert_set_hmac_salt 10 0 100.00% 7 0 100.00% @@ -27,7 +28,7 @@ fido_assert_clientdata_hash_ptr 1 0 100.00% 3 0 fido_assert_clientdata_hash_len 1 0 100.00% 3 0 100.00% fido_assert_new 1 0 100.00% 3 0 100.00% fido_assert_reset_tx 1 0 100.00% 15 0 100.00% -fido_assert_reset_rx 6 0 100.00% 24 0 100.00% +fido_assert_reset_rx 6 1 83.33% 24 3 87.50% fido_assert_free 6 0 100.00% 13 0 100.00% fido_assert_count 1 0 100.00% 3 0 100.00% fido_assert_rp_id 1 0 100.00% 3 0 100.00% @@ -47,36 +48,35 @@ fido_assert_user_display_name 4 0 100.00% 6 0 fido_assert_hmac_secret_ptr 4 0 100.00% 6 0 100.00% fido_assert_hmac_secret_len 4 0 100.00% 6 0 100.00% fido_assert_set_authdata 24 0 100.00% 35 0 100.00% -fido_assert_set_authdata_raw 24 0 100.00% 34 0 100.00% +fido_assert_set_authdata_raw 24 4 83.33% 34 7 79.41% fido_assert_set_sig 14 0 100.00% 17 0 100.00% fido_assert_set_count 10 0 100.00% 21 0 100.00% -assert.c:fido_dev_get_assert_wait 21 0 100.00% 16 0 100.00% +assert.c:fido_dev_get_assert_wait 21 1 95.24% 16 2 87.50% assert.c:fido_dev_get_assert_tx 58 4 93.10% 84 11 86.90% -assert.c:fido_dev_get_assert_rx 20 0 100.00% 38 0 100.00% +assert.c:fido_dev_get_assert_rx 19 0 100.00% 38 0 100.00% assert.c:adjust_assert_count 24 0 100.00% 33 0 100.00% assert.c:parse_assert_reply 11 0 100.00% 25 0 100.00% -assert.c:fido_get_next_assert_tx 9 0 100.00% 11 0 100.00% -assert.c:fido_get_next_assert_rx 16 2 87.50% 26 4 84.62% -assert.c:decrypt_hmac_secrets 9 1 88.89% 15 4 73.33% +assert.c:fido_get_next_assert_tx 8 2 75.00% 10 3 70.00% +assert.c:fido_get_next_assert_rx 15 4 73.33% 26 7 73.08% +assert.c:decrypt_hmac_secrets 9 3 66.67% 15 7 53.33% assert.c:check_extensions 4 0 100.00% 9 0 100.00% -assert.c:get_signed_hash 32 0 100.00% 46 0 100.00% assert.c:fido_assert_clean_authdata 1 0 100.00% 9 0 100.00% assert.c:fido_assert_clean_sig 1 0 100.00% 5 0 100.00% --------------------------------------------------------------------------------------- -TOTAL 569 29 94.90% 901 60 93.34% +TOTAL 566 43 92.40% 900 87 90.33% -File '/home/pedro/projects/libfido2/src/authkey.c': +File '/libfido2/src/authkey.c': Name Regions Miss Cover Lines Miss Cover --------------------------------------------------------------------------------------- fido_dev_authkey 1 0 100.00% 3 0 100.00% authkey.c:fido_dev_authkey_wait 10 0 100.00% 9 0 100.00% authkey.c:fido_dev_authkey_tx 19 0 100.00% 33 0 100.00% -authkey.c:fido_dev_authkey_rx 7 0 100.00% 18 0 100.00% +authkey.c:fido_dev_authkey_rx 6 0 100.00% 18 0 100.00% authkey.c:parse_authkey 8 0 100.00% 12 0 100.00% --------------------------------------------------------------------------------------- -TOTAL 45 0 100.00% 75 0 100.00% +TOTAL 44 0 100.00% 75 0 100.00% -File '/home/pedro/projects/libfido2/src/bio.c': +File '/libfido2/src/bio.c': Name Regions Miss Cover Lines Miss Cover --------------------------------------------------------------------------------------- fido_bio_dev_get_template_array 5 2 60.00% 6 0 100.00% @@ -108,30 +108,30 @@ fido_bio_enroll_last_status 1 0 100.00% 3 0 bio.c:bio_get_template_array_wait 11 0 100.00% 9 0 100.00% bio.c:bio_tx 43 0 100.00% 65 0 100.00% bio.c:bio_prepare_hmac 18 0 100.00% 36 0 100.00% -bio.c:bio_rx_template_array 12 0 100.00% 21 0 100.00% +bio.c:bio_rx_template_array 11 0 100.00% 21 0 100.00% bio.c:bio_parse_template_array 26 1 96.15% 34 4 88.24% bio.c:decode_template_array 12 1 91.67% 23 3 86.96% bio.c:decode_template 9 0 100.00% 18 0 100.00% bio.c:bio_set_template_name_wait 19 0 100.00% 24 0 100.00% -bio.c:bio_enroll_begin_wait 17 1 94.12% 24 3 87.50% -bio.c:bio_rx_enroll_begin 16 0 100.00% 29 0 100.00% +bio.c:bio_enroll_begin_wait 17 0 100.00% 24 0 100.00% +bio.c:bio_rx_enroll_begin 15 0 100.00% 29 0 100.00% bio.c:bio_parse_enroll_status 20 0 100.00% 31 0 100.00% bio.c:bio_parse_template_id 8 0 100.00% 12 0 100.00% bio.c:bio_enroll_continue_wait 19 0 100.00% 25 0 100.00% -bio.c:bio_rx_enroll_continue 12 0 100.00% 22 0 100.00% +bio.c:bio_rx_enroll_continue 11 0 100.00% 22 0 100.00% bio.c:bio_enroll_cancel_wait 11 11 0.00% 12 12 0.00% bio.c:bio_enroll_remove_wait 17 0 100.00% 24 0 100.00% bio.c:bio_get_info_wait 11 0 100.00% 11 0 100.00% -bio.c:bio_rx_info 12 0 100.00% 21 0 100.00% +bio.c:bio_rx_info 11 0 100.00% 21 0 100.00% bio.c:bio_reset_info 1 0 100.00% 4 0 100.00% bio.c:bio_parse_info 20 0 100.00% 31 0 100.00% bio.c:bio_reset_template_array 4 0 100.00% 8 0 100.00% bio.c:bio_reset_template 1 0 100.00% 6 0 100.00% bio.c:bio_reset_enroll 3 0 100.00% 7 0 100.00% --------------------------------------------------------------------------------------- -TOTAL 422 21 95.02% 661 25 96.22% +TOTAL 418 20 95.22% 661 22 96.67% -File '/home/pedro/projects/libfido2/src/blob.c': +File '/libfido2/src/blob.c': Name Regions Miss Cover Lines Miss Cover --------------------------------------------------------------------------------------- fido_blob_new 1 0 100.00% 3 0 100.00% @@ -144,7 +144,7 @@ fido_blob_is_empty 3 0 100.00% 3 0 --------------------------------------------------------------------------------------- TOTAL 39 1 97.44% 73 4 94.52% -File '/home/pedro/projects/libfido2/src/buf.c': +File '/libfido2/src/buf.c': Name Regions Miss Cover Lines Miss Cover --------------------------------------------------------------------------------------- fido_buf_read 4 0 100.00% 10 0 100.00% @@ -152,10 +152,10 @@ fido_buf_write 4 1 75.00% 10 1 --------------------------------------------------------------------------------------- TOTAL 8 1 87.50% 20 1 95.00% -File '/home/pedro/projects/libfido2/src/cbor.c': +File '/libfido2/src/cbor.c': Name Regions Miss Cover Lines Miss Cover --------------------------------------------------------------------------------------- -cbor_map_iter 20 1 95.00% 30 4 86.67% +cbor_map_iter 20 0 100.00% 30 0 100.00% cbor_array_iter 12 0 100.00% 20 0 100.00% cbor_parse_reply 27 0 100.00% 43 0 100.00% cbor_vector_free 6 0 100.00% 5 0 100.00% @@ -168,10 +168,10 @@ cbor_flatten_vector 14 1 92.86% 21 1 cbor_build_frame 15 0 100.00% 32 0 100.00% cbor_encode_rp_entity 13 0 100.00% 14 0 100.00% cbor_encode_user_entity 21 0 100.00% 18 0 100.00% -cbor_encode_pubkey_param 36 0 100.00% 48 0 100.00% +cbor_encode_pubkey_param 36 1 97.22% 48 0 100.00% cbor_encode_pubkey 10 0 100.00% 13 0 100.00% -cbor_encode_pubkey_list 18 2 88.89% 23 0 100.00% -cbor_encode_extensions 13 1 92.31% 16 0 100.00% +cbor_encode_pubkey_list 18 1 94.44% 23 0 100.00% +cbor_encode_extensions 24 2 91.67% 26 3 88.46% cbor_encode_options 13 0 100.00% 14 0 100.00% cbor_encode_assert_options 13 0 100.00% 14 0 100.00% cbor_encode_pin_auth 8 0 100.00% 12 0 100.00% @@ -180,11 +180,11 @@ cbor_encode_pin_enc 4 0 100.00% 12 0 cbor_encode_change_pin_auth 44 1 97.73% 69 3 95.65% cbor_encode_set_pin_auth 17 0 100.00% 28 0 100.00% cbor_encode_pin_hash_enc 15 0 100.00% 27 0 100.00% -cbor_encode_hmac_secret_param 41 1 97.56% 66 4 93.94% +cbor_encode_hmac_secret_param 41 2 95.12% 66 9 86.36% cbor_decode_fmt 9 0 100.00% 18 0 100.00% -cbor_decode_pubkey 21 1 95.24% 32 2 93.75% -cbor_decode_cred_authdata 31 0 100.00% 46 0 100.00% -cbor_decode_assert_authdata 23 0 100.00% 44 0 100.00% +cbor_decode_pubkey 21 6 71.43% 32 7 78.12% +cbor_decode_cred_authdata 31 0 100.00% 47 0 100.00% +cbor_decode_assert_authdata 23 2 91.30% 44 2 95.45% cbor_decode_attstmt 8 0 100.00% 10 0 100.00% cbor_decode_uint64 4 0 100.00% 10 0 100.00% cbor_decode_cred_id 8 0 100.00% 10 0 100.00% @@ -193,29 +193,30 @@ cbor_decode_rp_entity 8 0 100.00% 10 0 cbor.c:ctap_check_cbor 28 0 100.00% 32 0 100.00% cbor.c:check_key_type 8 0 100.00% 9 0 100.00% cbor.c:cbor_add_arg 13 0 100.00% 28 0 100.00% +cbor.c:cbor_add_uint8 14 1 92.86% 26 3 88.46% cbor.c:sha256 7 0 100.00% 15 0 100.00% -cbor.c:get_cose_alg 36 0 100.00% 48 0 100.00% +cbor.c:get_cose_alg 36 6 83.33% 48 6 87.50% cbor.c:find_cose_alg 35 0 100.00% 40 0 100.00% cbor.c:decode_attcred 25 0 100.00% 58 0 100.00% -cbor.c:decode_extensions 16 4 75.00% 34 6 82.35% -cbor.c:decode_extension 19 19 0.00% 27 27 0.00% -cbor.c:decode_hmac_secret 16 0 100.00% 32 0 100.00% -cbor.c:decode_hmac_secret_aux 7 0 100.00% 17 0 100.00% -cbor.c:decode_attstmt_entry 29 0 100.00% 39 0 100.00% +cbor.c:decode_extensions 14 9 35.71% 34 13 61.76% +cbor.c:decode_extension 27 27 0.00% 36 36 0.00% +cbor.c:decode_hmac_secret 16 4 75.00% 32 6 81.25% +cbor.c:decode_hmac_secret_aux 7 7 0.00% 17 17 0.00% +cbor.c:decode_attstmt_entry 38 0 100.00% 45 0 100.00% cbor.c:decode_x5c 4 0 100.00% 8 0 100.00% cbor.c:decode_cred_id_entry 10 0 100.00% 23 0 100.00% cbor.c:decode_user_entry 25 0 100.00% 39 0 100.00% cbor.c:decode_rp_entity_entry 15 0 100.00% 29 0 100.00% --------------------------------------------------------------------------------------- -TOTAL 844 31 96.33% 1319 47 96.44% +TOTAL 884 70 92.08% 1371 106 92.27% -File '/home/pedro/projects/libfido2/src/cred.c': +File '/libfido2/src/cred.c': Name Regions Miss Cover Lines Miss Cover --------------------------------------------------------------------------------------- -fido_dev_make_cred 12 0 100.00% 9 0 100.00% +fido_dev_make_cred 12 0 100.00% 10 0 100.00% fido_check_rp_id 4 0 100.00% 14 0 100.00% -fido_cred_verify 45 0 100.00% 71 0 100.00% -fido_cred_verify_self 54 10 81.48% 90 14 84.44% +fido_cred_verify 46 6 86.96% 71 11 84.51% +fido_cred_verify_self 54 14 74.07% 90 22 75.56% fido_cred_new 1 0 100.00% 3 0 100.00% fido_cred_reset_tx 1 0 100.00% 20 0 100.00% fido_cred_reset_rx 1 0 100.00% 8 0 100.00% @@ -228,10 +229,11 @@ fido_cred_exclude 14 2 85.71% 25 3 fido_cred_set_clientdata_hash 6 0 100.00% 6 0 100.00% fido_cred_set_rp 18 2 88.89% 26 6 76.92% fido_cred_set_user 33 4 87.88% 50 13 74.00% -fido_cred_set_extensions 9 0 100.00% 8 0 100.00% +fido_cred_set_extensions 15 0 100.00% 12 0 100.00% fido_cred_set_options 6 6 0.00% 6 6 0.00% fido_cred_set_rk 2 0 100.00% 5 0 100.00% fido_cred_set_uv 2 0 100.00% 5 0 100.00% +fido_cred_set_prot 21 2 90.48% 16 0 100.00% fido_cred_set_fmt 16 4 75.00% 15 1 93.33% fido_cred_set_type 17 2 88.24% 9 1 88.89% fido_cred_type 1 0 100.00% 3 0 100.00% @@ -244,10 +246,11 @@ fido_cred_sig_ptr 1 0 100.00% 3 0 fido_cred_sig_len 1 0 100.00% 3 0 100.00% fido_cred_authdata_ptr 1 0 100.00% 3 0 100.00% fido_cred_authdata_len 1 0 100.00% 3 0 100.00% -fido_cred_pubkey_ptr 9 0 100.00% 20 0 100.00% -fido_cred_pubkey_len 9 0 100.00% 20 0 100.00% +fido_cred_pubkey_ptr 9 2 77.78% 20 2 90.00% +fido_cred_pubkey_len 9 2 77.78% 20 2 90.00% fido_cred_id_ptr 1 0 100.00% 3 0 100.00% fido_cred_id_len 1 0 100.00% 3 0 100.00% +fido_cred_prot 1 0 100.00% 3 0 100.00% fido_cred_fmt 1 0 100.00% 3 0 100.00% fido_cred_rp_id 1 0 100.00% 3 0 100.00% fido_cred_rp_name 1 0 100.00% 3 0 100.00% @@ -257,19 +260,18 @@ fido_cred_user_id_ptr 1 0 100.00% 3 0 fido_cred_user_id_len 1 0 100.00% 3 0 100.00% cred.c:fido_dev_make_cred_wait 10 0 100.00% 9 0 100.00% cred.c:fido_dev_make_cred_tx 59 0 100.00% 81 0 100.00% -cred.c:fido_dev_make_cred_rx 22 0 100.00% 28 0 100.00% +cred.c:fido_dev_make_cred_rx 21 0 100.00% 28 0 100.00% cred.c:parse_makecred_reply 10 0 100.00% 23 0 100.00% -cred.c:check_extensions 4 0 100.00% 9 0 100.00% -cred.c:get_signed_hash_packed 23 1 95.65% 38 3 92.11% +cred.c:check_extensions 1 0 100.00% 3 0 100.00% cred.c:get_signed_hash_u2f 22 0 100.00% 20 0 100.00% -cred.c:verify_sig 27 1 96.30% 40 4 90.00% +cred.c:verify_sig 27 2 92.59% 40 7 82.50% cred.c:fido_cred_clean_authdata 1 0 100.00% 9 0 100.00% cred.c:fido_cred_clean_x509 1 0 100.00% 5 0 100.00% cred.c:fido_cred_clean_sig 1 0 100.00% 5 0 100.00% --------------------------------------------------------------------------------------- -TOTAL 532 35 93.42% 850 55 93.53% +TOTAL 534 51 90.45% 830 78 90.60% -File '/home/pedro/projects/libfido2/src/credman.c': +File '/libfido2/src/credman.c': Name Regions Miss Cover Lines Miss Cover --------------------------------------------------------------------------------------- fido_credman_get_dev_metadata 9 2 77.78% 8 0 100.00% @@ -294,35 +296,41 @@ fido_credman_rp_id_hash_ptr 4 0 100.00% 6 0 credman.c:credman_get_metadata_wait 11 0 100.00% 9 0 100.00% credman.c:credman_tx 30 0 100.00% 53 0 100.00% credman.c:credman_prepare_hmac 21 1 95.24% 43 2 95.35% -credman.c:credman_rx_metadata 12 0 100.00% 21 0 100.00% +credman.c:credman_rx_metadata 11 0 100.00% 21 0 100.00% credman.c:credman_parse_metadata 9 0 100.00% 19 0 100.00% credman.c:credman_get_rk_wait 27 0 100.00% 26 0 100.00% -credman.c:credman_rx_rk 20 0 100.00% 36 0 100.00% +credman.c:credman_rx_rk 19 0 100.00% 36 0 100.00% credman.c:credman_parse_rk_count 16 0 100.00% 25 0 100.00% credman.c:credman_grow_array 17 2 88.24% 28 5 82.14% credman.c:credman_parse_rk 13 0 100.00% 25 0 100.00% -credman.c:credman_rx_next_rk 16 2 87.50% 26 4 84.62% +credman.c:credman_rx_next_rk 15 2 86.67% 26 4 84.62% credman.c:credman_del_rk_wait 16 0 100.00% 19 0 100.00% credman.c:credman_get_rp_wait 23 0 100.00% 16 0 100.00% -credman.c:credman_rx_rp 20 0 100.00% 36 0 100.00% +credman.c:credman_rx_rp 19 0 100.00% 36 0 100.00% credman.c:credman_parse_rp_count 16 0 100.00% 25 0 100.00% credman.c:credman_parse_rp 9 0 100.00% 19 0 100.00% -credman.c:credman_rx_next_rp 16 2 87.50% 26 4 84.62% +credman.c:credman_rx_next_rp 15 2 86.67% 26 4 84.62% credman.c:credman_reset_rk 4 0 100.00% 10 0 100.00% credman.c:credman_reset_rp 4 0 100.00% 15 0 100.00% --------------------------------------------------------------------------------------- -TOTAL 381 18 95.28% 589 15 97.45% +TOTAL 376 18 95.21% 589 15 97.45% -File '/home/pedro/projects/libfido2/src/dev.c': +File '/libfido2/src/dev.c': Name Regions Miss Cover Lines Miss Cover --------------------------------------------------------------------------------------- +fido_dev_register_manifest_func 10 10 0.00% 18 18 0.00% +fido_dev_unregister_manifest_func 7 7 0.00% 13 13 0.00% +fido_dev_info_manifest 17 17 0.00% 24 24 0.00% +fido_dev_open_with_info 5 5 0.00% 6 6 0.00% fido_dev_open 1 0 100.00% 3 0 100.00% fido_dev_close 8 2 75.00% 9 0 100.00% -fido_dev_cancel 8 2 75.00% 6 3 50.00% -fido_dev_set_io_functions 18 4 77.78% 19 6 68.42% +fido_dev_cancel 7 0 100.00% 6 0 100.00% +fido_dev_set_io_functions 18 4 77.78% 16 6 62.50% +fido_dev_set_transport_functions 6 6 0.00% 10 10 0.00% fido_init 7 1 85.71% 4 0 100.00% -fido_dev_new 9 1 88.89% 22 4 81.82% -fido_dev_free 6 0 100.00% 10 0 100.00% +fido_dev_new 5 0 100.00% 16 0 100.00% +fido_dev_new_with_info 17 17 0.00% 26 26 0.00% +fido_dev_free 6 0 100.00% 11 0 100.00% fido_dev_protocol 1 0 100.00% 3 0 100.00% fido_dev_major 1 0 100.00% 3 0 100.00% fido_dev_minor 1 0 100.00% 3 0 100.00% @@ -331,14 +339,15 @@ fido_dev_flags 1 0 100.00% 3 0 fido_dev_is_fido2 2 0 100.00% 3 0 100.00% fido_dev_force_u2f 2 0 100.00% 3 0 100.00% fido_dev_force_fido2 2 2 0.00% 3 3 0.00% +dev.c:find_manifest_func_node 5 5 0.00% 9 9 0.00% dev.c:fido_dev_open_wait 10 0 100.00% 9 0 100.00% -dev.c:fido_dev_open_tx 26 8 69.23% 32 12 62.50% -dev.c:obtain_nonce 13 2 84.62% 18 2 88.89% -dev.c:fido_dev_open_rx 14 0 100.00% 27 0 100.00% +dev.c:fido_dev_open_tx 25 8 68.00% 32 12 62.50% +dev.c:obtain_nonce 4 1 75.00% 5 1 80.00% +dev.c:fido_dev_open_rx 32 0 100.00% 53 0 100.00% --------------------------------------------------------------------------------------- -TOTAL 131 22 83.21% 183 30 83.61% +TOTAL 201 85 57.71% 294 128 56.46% -File '/home/pedro/projects/libfido2/src/ecdh.c': +File '/libfido2/src/ecdh.c': Name Regions Miss Cover Lines Miss Cover --------------------------------------------------------------------------------------- fido_do_ecdh 29 0 100.00% 44 0 100.00% @@ -346,7 +355,7 @@ ecdh.c:do_ecdh 39 0 100.00% 60 0 --------------------------------------------------------------------------------------- TOTAL 68 0 100.00% 104 0 100.00% -File '/home/pedro/projects/libfido2/src/eddsa.c': +File '/libfido2/src/eddsa.c': Name Regions Miss Cover Lines Miss Cover --------------------------------------------------------------------------------------- eddsa_pk_decode 8 0 100.00% 10 0 100.00% @@ -354,20 +363,20 @@ eddsa_pk_new 1 0 100.00% 3 0 eddsa_pk_free 6 0 100.00% 11 0 100.00% eddsa_pk_from_ptr 6 0 100.00% 8 0 100.00% eddsa_pk_to_EVP_PKEY 3 0 100.00% 9 0 100.00% -eddsa_pk_from_EVP_PKEY 14 4 71.43% 12 2 83.33% +eddsa_pk_from_EVP_PKEY 14 0 100.00% 12 0 100.00% eddsa.c:decode_pubkey_point 8 0 100.00% 14 0 100.00% eddsa.c:decode_coord 8 0 100.00% 12 0 100.00% --------------------------------------------------------------------------------------- -TOTAL 54 4 92.59% 79 2 97.47% +TOTAL 54 0 100.00% 79 0 100.00% -File '/home/pedro/projects/libfido2/src/err.c': +File '/libfido2/src/err.c': Name Regions Miss Cover Lines Miss Cover --------------------------------------------------------------------------------------- fido_strerr 108 108 0.00% 112 112 0.00% --------------------------------------------------------------------------------------- TOTAL 108 108 0.00% 112 112 0.00% -File '/home/pedro/projects/libfido2/src/es256.c': +File '/libfido2/src/es256.c': Name Regions Miss Cover Lines Miss Cover --------------------------------------------------------------------------------------- es256_pk_decode 8 0 100.00% 10 0 100.00% @@ -376,28 +385,28 @@ es256_sk_new 1 0 100.00% 3 0 es256_sk_free 6 0 100.00% 11 0 100.00% es256_pk_new 1 0 100.00% 3 0 100.00% es256_pk_free 6 0 100.00% 11 0 100.00% -es256_pk_from_ptr 6 0 100.00% 8 0 100.00% +es256_pk_from_ptr 11 0 100.00% 13 0 100.00% es256_pk_set_x 1 0 100.00% 5 0 100.00% es256_pk_set_y 1 0 100.00% 5 0 100.00% -es256_sk_create 39 2 94.87% 46 6 86.96% +es256_sk_create 39 0 100.00% 46 0 100.00% es256_pk_to_EVP_PKEY 41 0 100.00% 58 0 100.00% -es256_pk_from_EC_KEY 38 2 94.74% 39 7 82.05% +es256_pk_from_EC_KEY 38 0 100.00% 39 0 100.00% es256_sk_to_EVP_PKEY 27 0 100.00% 41 0 100.00% es256_derive_pk 25 0 100.00% 34 0 100.00% es256.c:decode_pubkey_point 9 0 100.00% 16 0 100.00% es256.c:decode_coord 8 0 100.00% 12 0 100.00% --------------------------------------------------------------------------------------- -TOTAL 273 4 98.53% 372 13 96.51% +TOTAL 278 0 100.00% 377 0 100.00% -File '/home/pedro/projects/libfido2/src/extern.h': +File '/libfido2/src/extern.h': Name Regions Miss Cover Lines Miss Cover --------------------------------------------------------------------------------------- -File '/home/pedro/projects/libfido2/src/fido.h': +File '/libfido2/src/fido.h': Name Regions Miss Cover Lines Miss Cover --------------------------------------------------------------------------------------- -File '/home/pedro/projects/libfido2/src/hid.c': +File '/libfido2/src/hid.c': Name Regions Miss Cover Lines Miss Cover --------------------------------------------------------------------------------------- fido_dev_info_new 1 1 0.00% 3 3 0.00% @@ -411,30 +420,31 @@ fido_dev_info_product_string 1 1 0.00% 3 3 --------------------------------------------------------------------------------------- TOTAL 16 16 0.00% 38 38 0.00% -File '/home/pedro/projects/libfido2/src/hid_linux.c': +File '/libfido2/src/hid_linux.c': Name Regions Miss Cover Lines Miss Cover --------------------------------------------------------------------------------------- -fido_dev_info_manifest 33 33 0.00% 40 40 0.00% +fido_hid_manifest 33 33 0.00% 46 46 0.00% fido_hid_open 6 6 0.00% 11 11 0.00% fido_hid_close 1 1 0.00% 6 6 0.00% fido_hid_read 12 12 0.00% 16 16 0.00% fido_hid_write 12 12 0.00% 16 16 0.00% hid_linux.c:copy_info 35 35 0.00% 56 56 0.00% hid_linux.c:is_fido 6 6 0.00% 14 14 0.00% -hid_linux.c:get_report_descriptor 17 17 0.00% 31 31 0.00% +hid_linux.c:get_report_descriptor 17 17 0.00% 30 30 0.00% hid_linux.c:get_usage_info 16 16 0.00% 33 33 0.00% hid_linux.c:get_key_len 6 6 0.00% 14 14 0.00% hid_linux.c:get_key_val 6 6 0.00% 20 20 0.00% hid_linux.c:parse_uevent 16 16 0.00% 30 30 0.00% --------------------------------------------------------------------------------------- -TOTAL 166 166 0.00% 287 287 0.00% +TOTAL 166 166 0.00% 292 292 0.00% -File '/home/pedro/projects/libfido2/src/info.c': +File '/libfido2/src/info.c': Name Regions Miss Cover Lines Miss Cover --------------------------------------------------------------------------------------- +fido_dev_get_cbor_info_wait 10 0 100.00% 9 0 100.00% fido_dev_get_cbor_info 1 0 100.00% 3 0 100.00% fido_cbor_info_new 1 0 100.00% 3 0 100.00% -fido_cbor_info_free 6 1 83.33% 14 0 100.00% +fido_cbor_info_free 6 0 100.00% 14 0 100.00% fido_cbor_info_versions_ptr 1 0 100.00% 3 0 100.00% fido_cbor_info_versions_len 1 0 100.00% 3 0 100.00% fido_cbor_info_extensions_ptr 1 0 100.00% 3 0 100.00% @@ -447,9 +457,8 @@ fido_cbor_info_options_len 1 0 100.00% 3 0 fido_cbor_info_maxmsgsiz 1 0 100.00% 3 0 100.00% fido_cbor_info_protocols_ptr 1 0 100.00% 3 0 100.00% fido_cbor_info_protocols_len 1 0 100.00% 3 0 100.00% -info.c:fido_dev_get_cbor_info_wait 10 0 100.00% 9 0 100.00% -info.c:fido_dev_get_cbor_info_tx 9 0 100.00% 13 0 100.00% -info.c:fido_dev_get_cbor_info_rx 7 0 100.00% 18 0 100.00% +info.c:fido_dev_get_cbor_info_tx 8 0 100.00% 12 0 100.00% +info.c:fido_dev_get_cbor_info_rx 6 0 100.00% 18 0 100.00% info.c:parse_reply_element 13 0 100.00% 27 0 100.00% info.c:decode_versions 12 0 100.00% 21 0 100.00% info.c:decode_version 4 0 100.00% 14 0 100.00% @@ -464,22 +473,25 @@ info.c:free_str_array 4 0 100.00% 8 0 info.c:free_opt_array 4 0 100.00% 9 0 100.00% info.c:free_byte_array 1 0 100.00% 6 0 100.00% --------------------------------------------------------------------------------------- -TOTAL 148 1 99.32% 305 0 100.00% +TOTAL 146 0 100.00% 304 0 100.00% -File '/home/pedro/projects/libfido2/src/io.c': +File '/libfido2/src/io.c': Name Regions Miss Cover Lines Miss Cover --------------------------------------------------------------------------------------- -fido_tx 18 0 100.00% 35 0 100.00% -fido_rx 34 3 91.18% 84 12 85.71% -fido_rx_cbor_status 9 0 100.00% 13 0 100.00% -io.c:tx_preamble 16 1 93.75% 24 1 95.83% -io.c:tx_frame 16 1 93.75% 21 0 100.00% -io.c:rx_preamble 11 0 100.00% 12 0 100.00% -io.c:rx_frame 9 1 88.89% 12 0 100.00% ---------------------------------------------------------------------------------------- -TOTAL 113 6 94.69% 201 13 93.53% +fido_tx 14 1 92.86% 18 0 100.00% +fido_rx 13 2 84.62% 21 3 85.71% +fido_rx_cbor_status 8 0 100.00% 12 0 100.00% +io.c:tx_empty 7 0 100.00% 16 0 100.00% +io.c:tx 13 0 100.00% 21 0 100.00% +io.c:tx_preamble 10 0 100.00% 20 0 100.00% +io.c:tx_frame 9 0 100.00% 18 0 100.00% +io.c:rx 25 1 96.00% 58 4 93.10% +io.c:rx_preamble 18 1 94.44% 25 4 84.00% +io.c:rx_frame 6 0 100.00% 9 0 100.00% +--------------------------------------------------------------------------------------- +TOTAL 123 5 95.93% 218 11 94.95% -File '/home/pedro/projects/libfido2/src/iso7816.c': +File '/libfido2/src/iso7816.c': Name Regions Miss Cover Lines Miss Cover --------------------------------------------------------------------------------------- iso7816_new 4 0 100.00% 19 0 100.00% @@ -490,25 +502,27 @@ iso7816_len 1 0 100.00% 4 0 --------------------------------------------------------------------------------------- TOTAL 18 1 94.44% 47 0 100.00% -File '/home/pedro/projects/libfido2/src/log.c': +File '/libfido2/src/log.c': Name Regions Miss Cover Lines Miss Cover --------------------------------------------------------------------------------------- -fido_log_init 1 1 0.00% 3 3 0.00% -fido_log_xxd 11 8 27.27% 18 12 33.33% -fido_log_debug 4 1 75.00% 13 8 38.46% +fido_log_init 1 0 100.00% 4 0 100.00% +fido_log_debug 11 1 90.91% 16 0 100.00% +fido_log_xxd 18 0 100.00% 23 0 100.00% +fido_set_log_handler 3 0 100.00% 4 0 100.00% +log.c:log_on_stderr 1 1 0.00% 3 3 0.00% --------------------------------------------------------------------------------------- -TOTAL 16 10 37.50% 34 23 32.35% +TOTAL 34 2 94.12% 50 3 94.00% -File '/home/pedro/projects/libfido2/src/pin.c': +File '/libfido2/src/pin.c': Name Regions Miss Cover Lines Miss Cover --------------------------------------------------------------------------------------- fido_dev_get_pin_token 1 0 100.00% 3 0 100.00% fido_dev_set_pin 1 0 100.00% 3 0 100.00% fido_dev_get_retry_count 1 0 100.00% 3 0 100.00% cbor_add_pin_params 17 0 100.00% 27 0 100.00% -pin.c:fido_dev_get_pin_token_wait 10 0 100.00% 9 0 100.00% +pin.c:fido_dev_get_pin_token_wait 10 0 100.00% 10 0 100.00% pin.c:fido_dev_get_pin_token_tx 29 0 100.00% 40 0 100.00% -pin.c:fido_dev_get_pin_token_rx 21 0 100.00% 36 0 100.00% +pin.c:fido_dev_get_pin_token_rx 20 0 100.00% 36 0 100.00% pin.c:parse_pintoken 8 0 100.00% 12 0 100.00% pin.c:fido_dev_set_pin_wait 16 0 100.00% 22 0 100.00% pin.c:fido_dev_change_pin_tx 41 0 100.00% 59 0 100.00% @@ -516,49 +530,49 @@ pin.c:pad64 18 0 100.00% 24 0 pin.c:fido_dev_set_pin_tx 33 0 100.00% 48 0 100.00% pin.c:fido_dev_get_retry_count_wait 10 0 100.00% 9 0 100.00% pin.c:fido_dev_get_retry_count_tx 19 0 100.00% 28 0 100.00% -pin.c:fido_dev_get_retry_count_rx 12 0 100.00% 21 0 100.00% +pin.c:fido_dev_get_retry_count_rx 11 0 100.00% 21 0 100.00% pin.c:parse_retry_count 13 0 100.00% 20 0 100.00% --------------------------------------------------------------------------------------- -TOTAL 250 0 100.00% 364 0 100.00% +TOTAL 248 0 100.00% 365 0 100.00% -File '/home/pedro/projects/libfido2/src/reset.c': +File '/libfido2/src/reset.c': Name Regions Miss Cover Lines Miss Cover --------------------------------------------------------------------------------------- fido_dev_reset 1 0 100.00% 3 0 100.00% reset.c:fido_dev_reset_wait 10 0 100.00% 9 0 100.00% -reset.c:fido_dev_reset_tx 9 0 100.00% 11 0 100.00% +reset.c:fido_dev_reset_tx 8 0 100.00% 10 0 100.00% --------------------------------------------------------------------------------------- -TOTAL 20 0 100.00% 23 0 100.00% +TOTAL 19 0 100.00% 22 0 100.00% -File '/home/pedro/projects/libfido2/src/rs256.c': +File '/libfido2/src/rs256.c': Name Regions Miss Cover Lines Miss Cover --------------------------------------------------------------------------------------- -rs256_pk_decode 8 0 100.00% 10 0 100.00% +rs256_pk_decode 8 8 0.00% 10 10 0.00% rs256_pk_new 1 0 100.00% 3 0 100.00% rs256_pk_free 6 0 100.00% 11 0 100.00% rs256_pk_from_ptr 6 0 100.00% 8 0 100.00% rs256_pk_to_EVP_PKEY 32 0 100.00% 48 0 100.00% -rs256_pk_from_RSA 32 6 81.25% 32 9 71.88% -rs256.c:decode_rsa_pubkey 9 0 100.00% 16 0 100.00% -rs256.c:decode_bignum 8 0 100.00% 12 0 100.00% +rs256_pk_from_RSA 32 4 87.50% 32 6 81.25% +rs256.c:decode_rsa_pubkey 9 9 0.00% 16 16 0.00% +rs256.c:decode_bignum 8 8 0.00% 12 12 0.00% --------------------------------------------------------------------------------------- -TOTAL 102 6 94.12% 140 9 93.57% +TOTAL 102 29 71.57% 140 44 68.57% -File '/home/pedro/projects/libfido2/src/u2f.c': +File '/libfido2/src/u2f.c': Name Regions Miss Cover Lines Miss Cover --------------------------------------------------------------------------------------- -u2f_register 70 1 98.57% 89 0 100.00% -u2f_authenticate 27 0 100.00% 33 0 100.00% +u2f_register 70 5 92.86% 88 7 92.05% +u2f_authenticate 32 4 87.50% 44 2 95.45% u2f.c:key_lookup 44 0 100.00% 69 0 100.00% -u2f.c:send_dummy_register 31 1 96.77% 50 0 100.00% +u2f.c:send_dummy_register 31 5 83.87% 49 8 83.67% u2f.c:parse_register_reply 57 0 100.00% 83 0 100.00% -u2f.c:x5c_get 21 1 95.24% 37 3 91.89% +u2f.c:x5c_get 21 2 90.48% 37 6 83.78% u2f.c:sig_get 8 1 87.50% 16 6 62.50% -u2f.c:encode_cred_authdata 37 2 94.59% 82 6 92.68% -u2f.c:cbor_blob_from_ec_point 22 0 100.00% 39 0 100.00% -u2f.c:u2f_authenticate_single 34 2 94.12% 53 4 92.45% -u2f.c:do_auth 50 1 98.00% 72 0 100.00% +u2f.c:encode_cred_authdata 37 3 91.89% 82 9 89.02% +u2f.c:cbor_blob_from_ec_point 22 1 95.45% 39 3 92.31% +u2f.c:u2f_authenticate_single 36 2 94.44% 58 4 93.10% +u2f.c:do_auth 50 3 94.00% 71 4 94.37% u2f.c:parse_auth_reply 23 2 91.30% 29 3 89.66% u2f.c:authdata_fake 12 0 100.00% 34 0 100.00% --------------------------------------------------------------------------------------- -TOTAL 436 11 97.48% 686 22 96.79% +TOTAL 443 28 93.68% 699 52 92.56% diff --git a/fuzz/fuzz_assert.c b/fuzz/fuzz_assert.c index 0395345..5b72658 100644 --- a/fuzz/fuzz_assert.c +++ b/fuzz/fuzz_assert.c @@ -12,6 +12,10 @@ #include #include "mutator_aux.h" +#include "wiredata_fido2.h" +#include "wiredata_u2f.h" +#include "dummy.h" + #include "fido.h" #include "fido/es256.h" #include "fido/rs256.h" @@ -54,140 +58,16 @@ struct param { uint8_t uv; }; -/* Example parameters. */ -static const char dummy_rp_id[] = "localhost"; -static const char dummy_pin[] = "9}4gT:8d=A37Dh}U"; - -static const uint8_t dummy_cdh[] = { - 0xec, 0x8d, 0x8f, 0x78, 0x42, 0x4a, 0x2b, 0xb7, - 0x82, 0x34, 0xaa, 0xca, 0x07, 0xa1, 0xf6, 0x56, - 0x42, 0x1c, 0xb6, 0xf6, 0xb3, 0x00, 0x86, 0x52, - 0x35, 0x2d, 0xa2, 0x62, 0x4a, 0xbe, 0x89, 0x76, -}; - -static const uint8_t dummy_es256[] = { - 0xcc, 0x1b, 0x50, 0xac, 0xc4, 0x19, 0xf8, 0x3a, - 0xee, 0x0a, 0x77, 0xd6, 0xf3, 0x53, 0xdb, 0xef, - 0xf2, 0xb9, 0x5c, 0x2d, 0x8b, 0x1e, 0x52, 0x58, - 0x88, 0xf4, 0x0b, 0x85, 0x1f, 0x40, 0x6d, 0x18, - 0x15, 0xb3, 0xcc, 0x25, 0x7c, 0x38, 0x3d, 0xec, - 0xdf, 0xad, 0xbd, 0x46, 0x91, 0xc3, 0xac, 0x30, - 0x94, 0x2a, 0xf7, 0x78, 0x35, 0x70, 0x59, 0x6f, - 0x28, 0xcb, 0x8e, 0x07, 0x85, 0xb5, 0x91, 0x96, -}; - -static const uint8_t dummy_rs256[] = { - 0xd2, 0xa8, 0xc0, 0x11, 0x82, 0x9e, 0x57, 0x2e, - 0x60, 0xae, 0x8c, 0xb0, 0x09, 0xe1, 0x58, 0x2b, - 0x99, 0xec, 0xc3, 0x11, 0x1b, 0xef, 0x81, 0x49, - 0x34, 0x53, 0x6a, 0x01, 0x65, 0x2c, 0x24, 0x09, - 0x30, 0x87, 0x98, 0x51, 0x6e, 0x30, 0x4f, 0x60, - 0xbd, 0x54, 0xd2, 0x54, 0xbd, 0x94, 0x42, 0xdd, - 0x63, 0xe5, 0x2c, 0xc6, 0x04, 0x32, 0xc0, 0x8f, - 0x72, 0xd5, 0xb4, 0xf0, 0x4f, 0x42, 0xe5, 0xb0, - 0xa2, 0x95, 0x11, 0xfe, 0xd8, 0xb0, 0x65, 0x34, - 0xff, 0xfb, 0x44, 0x97, 0x52, 0xfc, 0x67, 0x23, - 0x0b, 0xad, 0xf3, 0x3a, 0x82, 0xd4, 0x96, 0x10, - 0x87, 0x6b, 0xfa, 0xd6, 0x51, 0x60, 0x3e, 0x1c, - 0xae, 0x19, 0xb8, 0xce, 0x08, 0xae, 0x9a, 0xee, - 0x78, 0x16, 0x22, 0xcc, 0x92, 0xcb, 0xa8, 0x95, - 0x34, 0xe5, 0xb9, 0x42, 0x6a, 0xf0, 0x2e, 0x82, - 0x1f, 0x4c, 0x7d, 0x84, 0x94, 0x68, 0x7b, 0x97, - 0x2b, 0xf7, 0x7d, 0x67, 0x83, 0xbb, 0xc7, 0x8a, - 0x31, 0x5a, 0xf3, 0x2a, 0x95, 0xdf, 0x63, 0xe7, - 0x4e, 0xee, 0x26, 0xda, 0x87, 0x00, 0xe2, 0x23, - 0x4a, 0x33, 0x9a, 0xa0, 0x1b, 0xce, 0x60, 0x1f, - 0x98, 0xa1, 0xb0, 0xdb, 0xbf, 0x20, 0x59, 0x27, - 0xf2, 0x06, 0xd9, 0xbe, 0x37, 0xa4, 0x03, 0x6b, - 0x6a, 0x4e, 0xaf, 0x22, 0x68, 0xf3, 0xff, 0x28, - 0x59, 0x05, 0xc9, 0xf1, 0x28, 0xf4, 0xbb, 0x35, - 0xe0, 0xc2, 0x68, 0xc2, 0xaa, 0x54, 0xac, 0x8c, - 0xc1, 0x69, 0x9e, 0x4b, 0x32, 0xfc, 0x53, 0x58, - 0x85, 0x7d, 0x3f, 0x51, 0xd1, 0xc9, 0x03, 0x02, - 0x13, 0x61, 0x62, 0xda, 0xf8, 0xfe, 0x3e, 0xc8, - 0x95, 0x12, 0xfb, 0x0c, 0xdf, 0x06, 0x65, 0x6f, - 0x23, 0xc7, 0x83, 0x7c, 0x50, 0x2d, 0x27, 0x25, - 0x4d, 0xbf, 0x94, 0xf0, 0x89, 0x04, 0xb9, 0x2d, - 0xc4, 0xa5, 0x32, 0xa9, 0x25, 0x0a, 0x99, 0x59, - 0x01, 0x00, 0x01, -}; - -static const uint8_t dummy_eddsa[] = { - 0xfe, 0x8b, 0x61, 0x50, 0x31, 0x7a, 0xe6, 0xdf, - 0xb1, 0x04, 0x9d, 0x4d, 0xb5, 0x7a, 0x5e, 0x96, - 0x4c, 0xb2, 0xf9, 0x5f, 0x72, 0x47, 0xb5, 0x18, - 0xe2, 0x39, 0xdf, 0x2f, 0x87, 0x19, 0xb3, 0x02, -}; - /* * Collection of HID reports from an authenticator issued with a FIDO2 * get assertion using the example parameters above. */ static const uint8_t dummy_wire_data_fido[] = { - 0xff, 0xff, 0xff, 0xff, 0x86, 0x00, 0x11, 0xf7, - 0x6f, 0xda, 0x52, 0xfd, 0xcb, 0xb6, 0x24, 0x00, - 0x92, 0x00, 0x0e, 0x02, 0x05, 0x00, 0x02, 0x05, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x92, 0x00, 0x0e, 0x90, 0x00, 0x51, 0x00, - 0xa1, 0x01, 0xa5, 0x01, 0x02, 0x03, 0x38, 0x18, - 0x20, 0x01, 0x21, 0x58, 0x20, 0xe9, 0x1d, 0x9b, - 0xac, 0x14, 0x25, 0x5f, 0xda, 0x1e, 0x11, 0xdb, - 0xae, 0xc2, 0x90, 0x22, 0xca, 0x32, 0xec, 0x32, - 0xe6, 0x05, 0x15, 0x44, 0xe5, 0xe8, 0xbc, 0x4f, - 0x0a, 0xb6, 0x1a, 0xeb, 0x11, 0x22, 0x58, 0x20, - 0xcc, 0x72, 0xf0, 0x22, 0xe8, 0x28, 0x82, 0xc5, - 0x00, 0x92, 0x00, 0x0e, 0x00, 0xa6, 0x65, 0x6e, - 0xff, 0x1e, 0xe3, 0x7f, 0x27, 0x44, 0x2d, 0xfb, - 0x8d, 0x41, 0xfa, 0x85, 0x0e, 0xcb, 0xda, 0x95, - 0x64, 0x64, 0x9b, 0x1f, 0x34, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x92, 0x00, 0x0e, 0x90, 0x00, 0x14, 0x00, - 0xa1, 0x02, 0x50, 0xee, 0x40, 0x4c, 0x85, 0xd7, - 0xa1, 0x2f, 0x56, 0xc4, 0x4e, 0xc5, 0x93, 0x41, - 0xd0, 0x3b, 0x23, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x92, 0x00, 0x0e, 0x90, 0x00, 0xcb, 0x00, - 0xa3, 0x01, 0xa2, 0x62, 0x69, 0x64, 0x58, 0x40, - 0x4a, 0x4c, 0x9e, 0xcc, 0x81, 0x7d, 0x42, 0x03, - 0x2b, 0x41, 0xd1, 0x38, 0xd3, 0x49, 0xb4, 0xfc, - 0xfb, 0xe4, 0x4e, 0xe4, 0xff, 0x76, 0x34, 0x16, - 0x68, 0x06, 0x9d, 0xa6, 0x01, 0x32, 0xb9, 0xff, - 0xc2, 0x35, 0x0d, 0x89, 0x43, 0x66, 0x12, 0xf8, - 0x8e, 0x5b, 0xde, 0xf4, 0xcc, 0xec, 0x9d, 0x03, - 0x00, 0x92, 0x00, 0x0e, 0x00, 0x85, 0xc2, 0xf5, - 0xe6, 0x8e, 0xeb, 0x3f, 0x3a, 0xec, 0xc3, 0x1d, - 0x04, 0x6e, 0xf3, 0x5b, 0x88, 0x64, 0x74, 0x79, - 0x70, 0x65, 0x6a, 0x70, 0x75, 0x62, 0x6c, 0x69, - 0x63, 0x2d, 0x6b, 0x65, 0x79, 0x02, 0x58, 0x25, - 0x49, 0x96, 0x0d, 0xe5, 0x88, 0x0e, 0x8c, 0x68, - 0x74, 0x34, 0x17, 0x0f, 0x64, 0x76, 0x60, 0x5b, - 0x8f, 0xe4, 0xae, 0xb9, 0xa2, 0x86, 0x32, 0xc7, - 0x00, 0x92, 0x00, 0x0e, 0x01, 0x99, 0x5c, 0xf3, - 0xba, 0x83, 0x1d, 0x97, 0x63, 0x04, 0x00, 0x00, - 0x00, 0x09, 0x03, 0x58, 0x47, 0x30, 0x45, 0x02, - 0x21, 0x00, 0xcf, 0x3f, 0x36, 0x0e, 0x1f, 0x6f, - 0xd6, 0xa0, 0x9d, 0x13, 0xcf, 0x55, 0xf7, 0x49, - 0x8f, 0xc8, 0xc9, 0x03, 0x12, 0x76, 0x41, 0x75, - 0x7b, 0xb5, 0x0a, 0x90, 0xa5, 0x82, 0x26, 0xf1, - 0x6b, 0x80, 0x02, 0x20, 0x34, 0x9b, 0x7a, 0x82, - 0x00, 0x92, 0x00, 0x0e, 0x02, 0xd3, 0xe1, 0x79, - 0x49, 0x55, 0x41, 0x9f, 0xa4, 0x06, 0x06, 0xbd, - 0xc8, 0xb9, 0x2b, 0x5f, 0xe1, 0xa7, 0x99, 0x1c, - 0xa1, 0xfc, 0x7e, 0x3e, 0xd5, 0x85, 0x2e, 0x11, - 0x75, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + WIREDATA_CTAP_INIT, + WIREDATA_CTAP_CBOR_INFO, + WIREDATA_CTAP_CBOR_AUTHKEY, + WIREDATA_CTAP_CBOR_PINTOKEN, + WIREDATA_CTAP_CBOR_ASSERT, }; /* @@ -195,102 +75,12 @@ static const uint8_t dummy_wire_data_fido[] = { * authentication using the example parameters above. */ static const uint8_t dummy_wire_data_u2f[] = { - 0xff, 0xff, 0xff, 0xff, 0x86, 0x00, 0x11, 0x0f, - 0x26, 0x9c, 0xd3, 0x87, 0x0d, 0x7b, 0xf6, 0x00, - 0x00, 0x99, 0x01, 0x02, 0x01, 0x01, 0x00, 0x01, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x4e, 0x01, - 0x00, 0x00, 0x00, 0x2c, 0x30, 0x45, 0x02, 0x20, - 0x1c, 0xf5, 0x7c, 0xf6, 0xde, 0xbe, 0xe9, 0x86, - 0xee, 0x97, 0xb7, 0x64, 0xa3, 0x4e, 0x7a, 0x70, - 0x85, 0xd0, 0x66, 0xf9, 0xf0, 0xcd, 0x04, 0x5d, - 0x97, 0xf2, 0x3c, 0x22, 0xe3, 0x0e, 0x61, 0xc8, - 0x02, 0x21, 0x00, 0x97, 0xef, 0xae, 0x36, 0xe6, - 0x17, 0x9f, 0x5e, 0x2d, 0xd7, 0x8c, 0x34, 0xa7, - 0x00, 0x00, 0x99, 0x01, 0x00, 0xa1, 0xe9, 0xfb, - 0x8f, 0x86, 0x8c, 0xe3, 0x1e, 0xde, 0x3f, 0x4e, - 0x1b, 0xe1, 0x2f, 0x8f, 0x2f, 0xca, 0x42, 0x26, - 0x90, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + WIREDATA_CTAP_INIT, + WIREDATA_CTAP_U2F_6985, + WIREDATA_CTAP_U2F_6985, + WIREDATA_CTAP_U2F_6985, + WIREDATA_CTAP_U2F_6985, + WIREDATA_CTAP_U2F_AUTH, }; int LLVMFuzzerTestOneInput(const uint8_t *, size_t); @@ -346,6 +136,13 @@ pack(uint8_t *ptr, size_t len, const struct param *p) return (max - len); } +static size_t +input_len(int max) +{ + return (5 * len_byte() + 2 * len_int() + 2 * len_string(max) + + 6 * len_blob(max)); +} + static void get_assert(fido_assert_t *assert, uint8_t u2f, const struct blob *cdh, const char *rp_id, int ext, uint8_t up, uint8_t uv, const char *pin, @@ -354,6 +151,8 @@ get_assert(fido_assert_t *assert, uint8_t u2f, const struct blob *cdh, fido_dev_t *dev; fido_dev_io_t io; + memset(&io, 0, sizeof(io)); + io.open = dev_open; io.close = dev_close; io.read = dev_read; @@ -478,12 +277,14 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) memset(&p, 0, sizeof(p)); - if (unpack(data, size, &p) < 0) + if (size < input_len(GETLEN_MIN) || size > input_len(GETLEN_MAX) || + unpack(data, size, &p) < 0) return (0); - srandom((unsigned int)p.seed); + prng_init((unsigned int)p.seed); - fido_init(0); + fido_init(FIDO_DEBUG); + fido_set_log_handler(consume_str); switch (p.type & 3) { case 0: @@ -577,18 +378,20 @@ pack_dummy(uint8_t *ptr, size_t len) memset(&dummy, 0, sizeof(dummy)); - dummy.type = 1; + dummy.type = 1; /* rsa */ dummy.ext = FIDO_EXT_HMAC_SECRET; strlcpy(dummy.pin, dummy_pin, sizeof(dummy.pin)); strlcpy(dummy.rp_id, dummy_rp_id, sizeof(dummy.rp_id)); + dummy.cred.len = sizeof(dummy_cdh); /* XXX */ dummy.cdh.len = sizeof(dummy_cdh); dummy.es256.len = sizeof(dummy_es256); dummy.rs256.len = sizeof(dummy_rs256); dummy.eddsa.len = sizeof(dummy_eddsa); dummy.wire_data.len = sizeof(dummy_wire_data_fido); + memcpy(&dummy.cred.body, &dummy_cdh, dummy.cred.len); /* XXX */ memcpy(&dummy.cdh.body, &dummy_cdh, dummy.cdh.len); memcpy(&dummy.wire_data.body, &dummy_wire_data_fido, dummy.wire_data.len); diff --git a/fuzz/fuzz_bio.c b/fuzz/fuzz_bio.c index f1596a7..05f6ce3 100644 --- a/fuzz/fuzz_bio.c +++ b/fuzz/fuzz_bio.c @@ -11,6 +11,9 @@ #include #include "mutator_aux.h" +#include "wiredata_fido2.h" +#include "dummy.h" + #include "fido.h" #include "fido/bio.h" @@ -39,32 +42,14 @@ struct param { struct blob remove_wire_data; }; -/* Example parameters. */ -static const uint8_t dummy_id[] = { 0x5e, 0xd2, }; -static const char dummy_pin[] = "3Q;I){TAx"; -static const char dummy_name[] = "finger1"; - /* * Collection of HID reports from an authenticator issued with a FIDO2 * 'getFingerprintSensorInfo' bio enrollment command. */ static const uint8_t dummy_info_wire_data[] = { - 0xff, 0xff, 0xff, 0xff, 0x86, 0x00, 0x11, 0xf0, - 0x08, 0xc1, 0x8f, 0x76, 0x4b, 0x8f, 0xa9, 0x00, - 0x10, 0x00, 0x04, 0x02, 0x00, 0x04, 0x06, 0x05, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x10, 0x00, 0x04, 0x90, 0x00, 0x06, 0x00, - 0xa2, 0x02, 0x01, 0x03, 0x04, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + WIREDATA_CTAP_INIT, + WIREDATA_CTAP_CBOR_INFO, + WIREDATA_CTAP_CBOR_BIO_INFO, }; /* @@ -72,221 +57,11 @@ static const uint8_t dummy_info_wire_data[] = { * 'enrollBegin' + 'enrollCaptureNextSample' bio enrollment commands. */ static const uint8_t dummy_enroll_wire_data[] = { - 0xff, 0xff, 0xff, 0xff, 0x86, 0x00, 0x11, 0x06, - 0xb4, 0xba, 0x2e, 0xb3, 0x88, 0x24, 0x38, 0x00, - 0x0a, 0x00, 0x05, 0x02, 0x00, 0x04, 0x06, 0x05, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x0a, 0x00, 0x05, 0x90, 0x00, 0x51, 0x00, - 0xa1, 0x01, 0xa5, 0x01, 0x02, 0x03, 0x38, 0x18, - 0x20, 0x01, 0x21, 0x58, 0x20, 0xc9, 0x12, 0x01, - 0xab, 0x88, 0xd7, 0x0a, 0x24, 0xdd, 0xdc, 0xde, - 0x16, 0x27, 0x50, 0x77, 0x37, 0x06, 0xd3, 0x48, - 0xe6, 0xf9, 0xdb, 0xaa, 0x10, 0x83, 0x81, 0xac, - 0x13, 0x3c, 0xf9, 0x77, 0x2d, 0x22, 0x58, 0x20, - 0xda, 0x20, 0x71, 0x03, 0x01, 0x40, 0xac, 0xd0, - 0x00, 0x0a, 0x00, 0x05, 0x00, 0xb8, 0xdf, 0x2a, - 0x95, 0xd3, 0x88, 0x1c, 0x06, 0x34, 0x30, 0xf1, - 0xf3, 0xcd, 0x27, 0x40, 0x90, 0x5c, 0xc6, 0x74, - 0x66, 0xff, 0x10, 0xde, 0xb6, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x0a, 0x00, 0x05, 0x90, 0x00, 0x14, 0x00, - 0xa1, 0x02, 0x50, 0x18, 0x81, 0xff, 0xf2, 0xf5, - 0xde, 0x74, 0x43, 0xd5, 0xe0, 0x77, 0x37, 0x6b, - 0x6c, 0x18, 0x6b, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x0a, 0x00, 0x05, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x0a, 0x00, 0x05, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x0a, 0x00, 0x05, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x0a, 0x00, 0x05, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x0a, 0x00, 0x05, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x0a, 0x00, 0x05, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x0a, 0x00, 0x05, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x0a, 0x00, 0x05, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x0a, 0x00, 0x05, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x0a, 0x00, 0x05, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x0a, 0x00, 0x05, 0x90, 0x00, 0x0a, 0x00, - 0xa3, 0x04, 0x42, 0x68, 0x96, 0x05, 0x00, 0x06, - 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x0a, 0x00, 0x05, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x0a, 0x00, 0x05, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x0a, 0x00, 0x05, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x0a, 0x00, 0x05, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x0a, 0x00, 0x05, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x0a, 0x00, 0x05, 0x90, 0x00, 0x06, 0x00, - 0xa2, 0x05, 0x00, 0x06, 0x01, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x0a, 0x00, 0x05, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x0a, 0x00, 0x05, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x0a, 0x00, 0x05, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x0a, 0x00, 0x05, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x0a, 0x00, 0x05, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x0a, 0x00, 0x05, 0x90, 0x00, 0x06, 0x00, - 0xa2, 0x05, 0x00, 0x06, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + WIREDATA_CTAP_INIT, + WIREDATA_CTAP_CBOR_INFO, + WIREDATA_CTAP_CBOR_AUTHKEY, + WIREDATA_CTAP_CBOR_PINTOKEN, + WIREDATA_CTAP_CBOR_BIO_ENROLL, }; /* @@ -294,46 +69,11 @@ static const uint8_t dummy_enroll_wire_data[] = { * 'enumerateEnrollments' bio enrollment command. */ static const uint8_t dummy_list_wire_data[] = { - 0xff, 0xff, 0xff, 0xff, 0x86, 0x00, 0x11, 0xae, - 0x21, 0x88, 0x51, 0x09, 0x6f, 0xd7, 0xbb, 0x00, - 0x10, 0x00, 0x0f, 0x02, 0x00, 0x04, 0x06, 0x05, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x10, 0x00, 0x0f, 0x90, 0x00, 0x51, 0x00, - 0xa1, 0x01, 0xa5, 0x01, 0x02, 0x03, 0x38, 0x18, - 0x20, 0x01, 0x21, 0x58, 0x20, 0x5a, 0x70, 0x63, - 0x11, 0x5b, 0xa6, 0xe1, 0x8e, 0x4a, 0xb0, 0x75, - 0xe7, 0xfd, 0x39, 0x26, 0x29, 0xed, 0x69, 0xb0, - 0xc1, 0x1f, 0xa5, 0x7d, 0xcb, 0x64, 0x1e, 0x7c, - 0x9f, 0x60, 0x5e, 0xb2, 0xf8, 0x22, 0x58, 0x20, - 0xec, 0xe9, 0x1b, 0x11, 0xac, 0x2a, 0x0d, 0xd5, - 0x00, 0x10, 0x00, 0x0f, 0x00, 0x3b, 0x9f, 0xba, - 0x0f, 0x25, 0xd5, 0x24, 0x33, 0x4c, 0x5d, 0x0f, - 0x63, 0xbf, 0xf1, 0xf3, 0x64, 0x55, 0x78, 0x1a, - 0x59, 0x6e, 0x65, 0x59, 0xfc, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x10, 0x00, 0x0f, 0x90, 0x00, 0x14, 0x00, - 0xa1, 0x02, 0x50, 0xb9, 0x31, 0x34, 0xe2, 0x71, - 0x6a, 0x8e, 0xa3, 0x60, 0xec, 0x5e, 0xd2, 0x13, - 0x2e, 0x19, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x10, 0x00, 0x0f, 0x90, 0x00, 0x2e, 0x00, - 0xa1, 0x07, 0x83, 0xa2, 0x01, 0x42, 0xce, 0xa3, - 0x02, 0x67, 0x66, 0x69, 0x6e, 0x67, 0x65, 0x72, - 0x31, 0xa2, 0x01, 0x42, 0xbf, 0x5e, 0x02, 0x67, - 0x66, 0x69, 0x6e, 0x67, 0x65, 0x72, 0x32, 0xa2, - 0x01, 0x42, 0x5e, 0xd2, 0x02, 0x67, 0x66, 0x69, - 0x6e, 0x67, 0x65, 0x72, 0x33, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + WIREDATA_CTAP_INIT, + WIREDATA_CTAP_CBOR_INFO, + WIREDATA_CTAP_CBOR_AUTHKEY, + WIREDATA_CTAP_CBOR_PINTOKEN, + WIREDATA_CTAP_CBOR_BIO_ENUM, }; /* @@ -341,46 +81,11 @@ static const uint8_t dummy_list_wire_data[] = { * 'setFriendlyName' bio enrollment command. */ static const uint8_t dummy_set_name_wire_data[] = { - 0xff, 0xff, 0xff, 0xff, 0x86, 0x00, 0x11, 0xac, - 0x48, 0xfd, 0xbd, 0xdd, 0x36, 0x24, 0x4d, 0x00, - 0x10, 0x00, 0x10, 0x02, 0x00, 0x04, 0x06, 0x05, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x10, 0x00, 0x10, 0x90, 0x00, 0x51, 0x00, - 0xa1, 0x01, 0xa5, 0x01, 0x02, 0x03, 0x38, 0x18, - 0x20, 0x01, 0x21, 0x58, 0x20, 0x5a, 0x70, 0x63, - 0x11, 0x5b, 0xa6, 0xe1, 0x8e, 0x4a, 0xb0, 0x75, - 0xe7, 0xfd, 0x39, 0x26, 0x29, 0xed, 0x69, 0xb0, - 0xc1, 0x1f, 0xa5, 0x7d, 0xcb, 0x64, 0x1e, 0x7c, - 0x9f, 0x60, 0x5e, 0xb2, 0xf8, 0x22, 0x58, 0x20, - 0xec, 0xe9, 0x1b, 0x11, 0xac, 0x2a, 0x0d, 0xd5, - 0x00, 0x10, 0x00, 0x10, 0x00, 0x3b, 0x9f, 0xba, - 0x0f, 0x25, 0xd5, 0x24, 0x33, 0x4c, 0x5d, 0x0f, - 0x63, 0xbf, 0xf1, 0xf3, 0x64, 0x55, 0x78, 0x1a, - 0x59, 0x6e, 0x65, 0x59, 0xfc, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x10, 0x00, 0x10, 0x90, 0x00, 0x14, 0x00, - 0xa1, 0x02, 0x50, 0x40, 0x95, 0xf3, 0xcb, 0xae, - 0xf2, 0x8d, 0xd9, 0xe0, 0xe0, 0x8a, 0xbd, 0xc3, - 0x03, 0x58, 0x49, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x10, 0x00, 0x10, 0x90, 0x00, 0x01, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + WIREDATA_CTAP_INIT, + WIREDATA_CTAP_CBOR_INFO, + WIREDATA_CTAP_CBOR_AUTHKEY, + WIREDATA_CTAP_CBOR_PINTOKEN, + WIREDATA_CTAP_CBOR_STATUS, }; /* @@ -388,46 +93,11 @@ static const uint8_t dummy_set_name_wire_data[] = { * 'removeEnrollment' bio enrollment command. */ static const uint8_t dummy_remove_wire_data[] = { - 0xff, 0xff, 0xff, 0xff, 0x86, 0x00, 0x11, 0x4b, - 0x24, 0xde, 0xd9, 0x06, 0x57, 0x1a, 0xbd, 0x00, - 0x10, 0x00, 0x15, 0x02, 0x00, 0x04, 0x06, 0x05, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x10, 0x00, 0x15, 0x90, 0x00, 0x51, 0x00, - 0xa1, 0x01, 0xa5, 0x01, 0x02, 0x03, 0x38, 0x18, - 0x20, 0x01, 0x21, 0x58, 0x20, 0x5a, 0x70, 0x63, - 0x11, 0x5b, 0xa6, 0xe1, 0x8e, 0x4a, 0xb0, 0x75, - 0xe7, 0xfd, 0x39, 0x26, 0x29, 0xed, 0x69, 0xb0, - 0xc1, 0x1f, 0xa5, 0x7d, 0xcb, 0x64, 0x1e, 0x7c, - 0x9f, 0x60, 0x5e, 0xb2, 0xf8, 0x22, 0x58, 0x20, - 0xec, 0xe9, 0x1b, 0x11, 0xac, 0x2a, 0x0d, 0xd5, - 0x00, 0x10, 0x00, 0x15, 0x00, 0x3b, 0x9f, 0xba, - 0x0f, 0x25, 0xd5, 0x24, 0x33, 0x4c, 0x5d, 0x0f, - 0x63, 0xbf, 0xf1, 0xf3, 0x64, 0x55, 0x78, 0x1a, - 0x59, 0x6e, 0x65, 0x59, 0xfc, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x10, 0x00, 0x15, 0x90, 0x00, 0x14, 0x00, - 0xa1, 0x02, 0x50, 0xb0, 0xd0, 0x71, 0x2f, 0xa7, - 0x8b, 0x89, 0xbd, 0xca, 0xa4, 0x1e, 0x6c, 0x43, - 0xa1, 0x71, 0x48, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x10, 0x00, 0x15, 0x90, 0x00, 0x01, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + WIREDATA_CTAP_INIT, + WIREDATA_CTAP_CBOR_INFO, + WIREDATA_CTAP_CBOR_AUTHKEY, + WIREDATA_CTAP_CBOR_PINTOKEN, + WIREDATA_CTAP_CBOR_STATUS, }; int LLVMFuzzerTestOneInput(const uint8_t *, size_t); @@ -471,12 +141,20 @@ pack(uint8_t *ptr, size_t len, const struct param *p) return (max - len); } +static size_t +input_len(int max) +{ + return (2 * len_string(max) + len_int() + 6 * len_blob(max)); +} + static fido_dev_t * prepare_dev() { fido_dev_t *dev; fido_dev_io_t io; + memset(&io, 0, sizeof(io)); + io.open = dev_open; io.close = dev_close; io.read = dev_read; @@ -659,12 +337,14 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) memset(&p, 0, sizeof(p)); - if (unpack(data, size, &p) < 0) + if (size < input_len(GETLEN_MIN) || size > input_len(GETLEN_MAX) || + unpack(data, size, &p) < 0) return (0); - srandom((unsigned int)p.seed); + prng_init((unsigned int)p.seed); - fido_init(0); + fido_init(FIDO_DEBUG); + fido_set_log_handler(consume_str); get_info(&p); enroll(&p); diff --git a/fuzz/fuzz_cred.c b/fuzz/fuzz_cred.c index 7bd1d3c..cc37903 100644 --- a/fuzz/fuzz_cred.c +++ b/fuzz/fuzz_cred.c @@ -11,6 +11,9 @@ #include #include "mutator_aux.h" +#include "wiredata_fido2.h" +#include "wiredata_u2f.h" +#include "dummy.h" #include "fido.h" #include "../openbsd-compat/openbsd-compat.h" @@ -54,281 +57,19 @@ struct param { uint8_t uv; }; -/* Example parameters. */ -static const char dummy_rp_id[] = "localhost"; -static const char dummy_rp_name[] = "sweet home localhost"; -static const char dummy_pin[] = "9}4gT:8d=A37Dh}U"; -static const char dummy_user_icon[] = "an icon"; -static const char dummy_user_name[] = "john smith"; -static const char dummy_user_nick[] = "jsmith"; - -static const uint8_t dummy_cdh[] = { - 0xf9, 0x64, 0x57, 0xe7, 0x2d, 0x97, 0xf6, 0xbb, - 0xdd, 0xd7, 0xfb, 0x06, 0x37, 0x62, 0xea, 0x26, - 0x20, 0x44, 0x8e, 0x69, 0x7c, 0x03, 0xf2, 0x31, - 0x2f, 0x99, 0xdc, 0xaf, 0x3e, 0x8a, 0x91, 0x6b, -}; - -static const uint8_t dummy_user_id[] = { - 0x78, 0x1c, 0x78, 0x60, 0xad, 0x88, 0xd2, 0x63, - 0x32, 0x62, 0x2a, 0xf1, 0x74, 0x5d, 0xed, 0xb2, - 0xe7, 0xa4, 0x2b, 0x44, 0x89, 0x29, 0x39, 0xc5, - 0x56, 0x64, 0x01, 0x27, 0x0d, 0xbb, 0xc4, 0x49, -}; - /* * Collection of HID reports from an authenticator issued with a FIDO2 * make credential using the example parameters above. */ static const uint8_t dummy_wire_data_fido[] = { - 0xff, 0xff, 0xff, 0xff, 0x86, 0x00, 0x11, 0xb0, - 0x84, 0xeb, 0xec, 0x4d, 0x97, 0x72, 0x09, 0x00, - 0x91, 0x00, 0x03, 0x02, 0x05, 0x00, 0x02, 0x05, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x91, 0x00, 0x03, 0x90, 0x00, 0x51, 0x00, - 0xa1, 0x01, 0xa5, 0x01, 0x02, 0x03, 0x38, 0x18, - 0x20, 0x01, 0x21, 0x58, 0x20, 0x69, 0xf2, 0x7d, - 0x37, 0x57, 0xda, 0x11, 0xba, 0x42, 0xde, 0x79, - 0xe4, 0xab, 0x8d, 0x73, 0x63, 0xee, 0x66, 0x9e, - 0x8a, 0x70, 0xa9, 0xb5, 0xf6, 0x38, 0x4f, 0x5b, - 0xdf, 0xe1, 0xa0, 0xa4, 0xff, 0x22, 0x58, 0x20, - 0x8a, 0xcb, 0x23, 0x2e, 0x93, 0xdb, 0xe0, 0xa4, - 0x00, 0x91, 0x00, 0x03, 0x00, 0xbb, 0xb5, 0x60, - 0x19, 0x18, 0x8b, 0x4d, 0xb8, 0x88, 0x6e, 0x13, - 0x75, 0xac, 0x00, 0x19, 0x27, 0x80, 0xcc, 0x63, - 0xc4, 0xbf, 0xfe, 0x4b, 0x4a, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x91, 0x00, 0x03, 0x90, 0x00, 0x14, 0x00, - 0xa1, 0x02, 0x50, 0x10, 0x89, 0x77, 0x43, 0x3a, - 0x58, 0xa2, 0xc9, 0x98, 0x18, 0x1a, 0xb1, 0xcc, - 0x09, 0x6b, 0xd0, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x91, 0x00, 0x03, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x91, 0x00, 0x03, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x91, 0x00, 0x03, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x91, 0x00, 0x03, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x91, 0x00, 0x03, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x91, 0x00, 0x03, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x91, 0x00, 0x03, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x91, 0x00, 0x03, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x91, 0x00, 0x03, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x91, 0x00, 0x03, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x91, 0x00, 0x03, 0x90, 0x03, 0xe1, 0x00, - 0xa3, 0x01, 0x66, 0x70, 0x61, 0x63, 0x6b, 0x65, - 0x64, 0x02, 0x58, 0xc4, 0x49, 0x96, 0x0d, 0xe5, - 0x88, 0x0e, 0x8c, 0x68, 0x74, 0x34, 0x17, 0x0f, - 0x64, 0x76, 0x60, 0x5b, 0x8f, 0xe4, 0xae, 0xb9, - 0xa2, 0x86, 0x32, 0xc7, 0x99, 0x5c, 0xf3, 0xba, - 0x83, 0x1d, 0x97, 0x63, 0x45, 0x00, 0x00, 0x00, - 0x00, 0xf8, 0xa0, 0x11, 0xf3, 0x8c, 0x0a, 0x4d, - 0x00, 0x91, 0x00, 0x03, 0x00, 0x15, 0x80, 0x06, - 0x17, 0x11, 0x1f, 0x9e, 0xdc, 0x7d, 0x00, 0x40, - 0xed, 0x88, 0x48, 0xa1, 0xdb, 0x56, 0x4d, 0x0f, - 0x0d, 0xc8, 0x8f, 0x0f, 0xe9, 0x16, 0xb1, 0x78, - 0xa9, 0x40, 0x98, 0x71, 0xa0, 0xb3, 0xf2, 0xcf, - 0x05, 0x73, 0x6c, 0x12, 0xbf, 0x00, 0x96, 0xf3, - 0x7b, 0x93, 0xba, 0x49, 0xee, 0x23, 0xb4, 0x78, - 0x2e, 0xfb, 0xce, 0x27, 0xa8, 0xc2, 0x26, 0x78, - 0x00, 0x91, 0x00, 0x03, 0x01, 0xcc, 0x95, 0x2d, - 0x40, 0xdb, 0xd1, 0x40, 0x3d, 0x2b, 0xa3, 0x31, - 0xa0, 0x75, 0x82, 0x63, 0xf0, 0xa5, 0x01, 0x02, - 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0x9d, - 0x95, 0xa1, 0xb5, 0xd6, 0x11, 0xbf, 0xe2, 0x28, - 0xa0, 0x7f, 0xca, 0x1e, 0xd9, 0x09, 0x0f, 0x0d, - 0xe7, 0x8e, 0x29, 0xe8, 0x2e, 0x11, 0xdb, 0x55, - 0x62, 0x13, 0xd7, 0x26, 0xc2, 0x7e, 0x2b, 0x22, - 0x00, 0x91, 0x00, 0x03, 0x02, 0x58, 0x20, 0xbe, - 0x74, 0x2a, 0xac, 0xde, 0x11, 0x40, 0x76, 0x31, - 0x0b, 0xed, 0x55, 0xde, 0xf3, 0x03, 0xe4, 0x1c, - 0xac, 0x42, 0x63, 0x8f, 0xe8, 0x30, 0x63, 0xb7, - 0x07, 0x4e, 0x5d, 0xfb, 0x17, 0x5e, 0x9b, 0x03, - 0xa3, 0x63, 0x61, 0x6c, 0x67, 0x26, 0x63, 0x73, - 0x69, 0x67, 0x58, 0x48, 0x30, 0x46, 0x02, 0x21, - 0x00, 0xfb, 0xd1, 0x26, 0x76, 0x34, 0x74, 0xac, - 0x00, 0x91, 0x00, 0x03, 0x03, 0xf6, 0xd8, 0x5c, - 0x5d, 0xbc, 0xda, 0xe0, 0x43, 0xe0, 0xa5, 0x42, - 0x9f, 0xc7, 0xe2, 0x18, 0x3e, 0xe2, 0x2c, 0x94, - 0x78, 0xbf, 0x9c, 0xeb, 0x3e, 0x9d, 0x02, 0x21, - 0x00, 0xab, 0x21, 0x1b, 0xc4, 0x30, 0x69, 0xee, - 0x7f, 0x09, 0xe6, 0x6b, 0x99, 0x98, 0x34, 0x07, - 0x7b, 0x9a, 0x58, 0xb2, 0xe8, 0x77, 0xe0, 0xba, - 0x7d, 0xab, 0x65, 0xf8, 0xba, 0x2a, 0xcb, 0x9a, - 0x00, 0x91, 0x00, 0x03, 0x04, 0x41, 0x63, 0x78, - 0x35, 0x63, 0x81, 0x59, 0x02, 0xb3, 0x30, 0x82, - 0x02, 0xaf, 0x30, 0x82, 0x01, 0x97, 0xa0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x04, 0x48, 0x5b, 0x3d, - 0xb6, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, - 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, - 0x30, 0x21, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x03, - 0x55, 0x04, 0x03, 0x0c, 0x16, 0x59, 0x75, 0x62, - 0x00, 0x91, 0x00, 0x03, 0x05, 0x69, 0x63, 0x6f, - 0x20, 0x46, 0x49, 0x44, 0x4f, 0x20, 0x50, 0x72, - 0x65, 0x76, 0x69, 0x65, 0x77, 0x20, 0x43, 0x41, - 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x38, 0x30, 0x34, - 0x31, 0x32, 0x31, 0x30, 0x35, 0x37, 0x31, 0x30, - 0x5a, 0x17, 0x0d, 0x31, 0x38, 0x31, 0x32, 0x33, - 0x31, 0x31, 0x30, 0x35, 0x37, 0x31, 0x30, 0x5a, - 0x30, 0x6f, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, - 0x00, 0x91, 0x00, 0x03, 0x06, 0x55, 0x04, 0x06, - 0x13, 0x02, 0x53, 0x45, 0x31, 0x12, 0x30, 0x10, - 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x09, 0x59, - 0x75, 0x62, 0x69, 0x63, 0x6f, 0x20, 0x41, 0x42, - 0x31, 0x22, 0x30, 0x20, 0x06, 0x03, 0x55, 0x04, - 0x0b, 0x0c, 0x19, 0x41, 0x75, 0x74, 0x68, 0x65, - 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x6f, 0x72, - 0x20, 0x41, 0x74, 0x74, 0x65, 0x73, 0x74, 0x61, - 0x00, 0x91, 0x00, 0x03, 0x07, 0x74, 0x69, 0x6f, - 0x6e, 0x31, 0x28, 0x30, 0x26, 0x06, 0x03, 0x55, - 0x04, 0x03, 0x0c, 0x1f, 0x59, 0x75, 0x62, 0x69, - 0x63, 0x6f, 0x20, 0x55, 0x32, 0x46, 0x20, 0x45, - 0x45, 0x20, 0x53, 0x65, 0x72, 0x69, 0x61, 0x6c, - 0x20, 0x31, 0x32, 0x31, 0x33, 0x39, 0x33, 0x39, - 0x31, 0x32, 0x36, 0x30, 0x59, 0x30, 0x13, 0x06, - 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, - 0x00, 0x91, 0x00, 0x03, 0x08, 0x06, 0x08, 0x2a, - 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, - 0x42, 0x00, 0x04, 0xfb, 0x2c, 0xdd, 0x30, 0x43, - 0x28, 0xc5, 0x72, 0x4a, 0x50, 0xcc, 0xe6, 0xf6, - 0x0b, 0xad, 0x7d, 0x27, 0xa9, 0x1b, 0x59, 0xe1, - 0xe6, 0x6f, 0x29, 0x7b, 0x89, 0xc9, 0xd4, 0x3d, - 0xc2, 0xb2, 0xc7, 0x78, 0x89, 0xb4, 0xf0, 0xff, - 0x9d, 0x02, 0x28, 0xcb, 0x94, 0x6d, 0xfc, 0xe0, - 0x00, 0x91, 0x00, 0x03, 0x09, 0x1b, 0x19, 0x58, - 0x9b, 0x67, 0x80, 0x4a, 0xac, 0x97, 0x7f, 0x28, - 0x18, 0x9c, 0xcd, 0xb3, 0x25, 0x74, 0xca, 0x28, - 0xa3, 0x6c, 0x30, 0x6a, 0x30, 0x22, 0x06, 0x09, - 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0xc4, 0x0a, - 0x02, 0x04, 0x15, 0x31, 0x2e, 0x33, 0x2e, 0x36, - 0x2e, 0x31, 0x2e, 0x34, 0x2e, 0x31, 0x2e, 0x34, - 0x31, 0x34, 0x38, 0x32, 0x2e, 0x31, 0x2e, 0x36, - 0x00, 0x91, 0x00, 0x03, 0x0a, 0x30, 0x13, 0x06, - 0x0b, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0xe5, - 0x1c, 0x02, 0x01, 0x01, 0x04, 0x04, 0x03, 0x02, - 0x04, 0x30, 0x30, 0x21, 0x06, 0x0b, 0x2b, 0x06, - 0x01, 0x04, 0x01, 0x82, 0xe5, 0x1c, 0x01, 0x01, - 0x04, 0x04, 0x12, 0x04, 0x10, 0xf8, 0xa0, 0x11, - 0xf3, 0x8c, 0x0a, 0x4d, 0x15, 0x80, 0x06, 0x17, - 0x11, 0x1f, 0x9e, 0xdc, 0x7d, 0x30, 0x0c, 0x06, - 0x00, 0x91, 0x00, 0x03, 0x0b, 0x03, 0x55, 0x1d, - 0x13, 0x01, 0x01, 0xff, 0x04, 0x02, 0x30, 0x00, - 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, - 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, - 0x82, 0x01, 0x01, 0x00, 0x32, 0xf3, 0xe4, 0xbd, - 0x58, 0xd7, 0x42, 0x2b, 0xaf, 0x49, 0x99, 0x86, - 0x08, 0x1f, 0x0d, 0xa9, 0x3b, 0xc6, 0xaa, 0x1c, - 0x72, 0x11, 0xf9, 0x28, 0x53, 0xeb, 0xf3, 0xeb, - 0x00, 0x91, 0x00, 0x03, 0x0c, 0x73, 0xda, 0x69, - 0x3b, 0x06, 0xde, 0x31, 0x33, 0x8e, 0x5d, 0x02, - 0xec, 0xf6, 0x76, 0xe9, 0x5c, 0x42, 0xbe, 0xa5, - 0x8f, 0x25, 0xd3, 0x37, 0x3f, 0x77, 0xbb, 0x2a, - 0x9d, 0x7c, 0xb2, 0x3e, 0x11, 0x8c, 0x41, 0xd4, - 0x9a, 0x4c, 0x9a, 0xd8, 0xf3, 0xe2, 0xa4, 0xec, - 0x01, 0x77, 0x7a, 0x74, 0xa8, 0xc4, 0x12, 0x43, - 0xc3, 0x1e, 0xce, 0x20, 0x8f, 0x2d, 0x0f, 0x6e, - 0x00, 0x91, 0x00, 0x03, 0x0d, 0xbc, 0x61, 0x9b, - 0xe1, 0x84, 0xa1, 0x72, 0xf6, 0xa9, 0xac, 0xcb, - 0xf8, 0x73, 0x6d, 0x5b, 0xe2, 0x98, 0xb3, 0x6b, - 0xec, 0xe7, 0x1e, 0x77, 0x8d, 0x0a, 0x69, 0xaa, - 0xf9, 0x94, 0xb8, 0x63, 0x6d, 0xe8, 0xfa, 0xf6, - 0x2f, 0xd3, 0xce, 0x7f, 0x04, 0x4c, 0x32, 0x2c, - 0xf7, 0x26, 0x3e, 0x34, 0x99, 0xe6, 0xa5, 0xb2, - 0xb0, 0x2a, 0xbb, 0xad, 0x5b, 0xd9, 0xec, 0xe5, - 0x00, 0x91, 0x00, 0x03, 0x0e, 0xb0, 0x71, 0x4d, - 0x73, 0xbb, 0x94, 0x61, 0x49, 0x9c, 0x94, 0x2a, - 0x5f, 0x1d, 0xcc, 0xaf, 0x65, 0x03, 0x3b, 0x39, - 0x39, 0xd4, 0x47, 0xd9, 0xfc, 0xc4, 0x7b, 0x0b, - 0x16, 0xd8, 0xe9, 0x01, 0xfc, 0xec, 0x3f, 0x8c, - 0x1b, 0xc0, 0xc6, 0xac, 0x0b, 0x5d, 0x74, 0xc7, - 0xbb, 0x03, 0x05, 0x69, 0x17, 0xe9, 0x98, 0x1a, - 0x19, 0xb9, 0x09, 0x5c, 0xa1, 0xf4, 0xab, 0x9f, - 0x00, 0x91, 0x00, 0x03, 0x0f, 0x02, 0x7c, 0x28, - 0x0f, 0x8a, 0xf9, 0xed, 0x1d, 0x29, 0x3c, 0xf6, - 0xcc, 0x2f, 0x04, 0x6d, 0x9a, 0xd6, 0x62, 0xb4, - 0xa9, 0x6e, 0xb1, 0xca, 0xca, 0xac, 0x5e, 0x05, - 0x3e, 0x83, 0x91, 0x47, 0x7c, 0x1f, 0x8b, 0x60, - 0x01, 0xde, 0x65, 0x3a, 0xbf, 0xf2, 0xaa, 0xbb, - 0x55, 0x98, 0x86, 0x91, 0x7e, 0xad, 0x3b, 0x36, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + WIREDATA_CTAP_INIT, + WIREDATA_CTAP_CBOR_INFO, + WIREDATA_CTAP_CBOR_AUTHKEY, + WIREDATA_CTAP_CBOR_PINTOKEN, + WIREDATA_CTAP_KEEPALIVE, + WIREDATA_CTAP_KEEPALIVE, + WIREDATA_CTAP_KEEPALIVE, + WIREDATA_CTAP_CBOR_CRED, }; /* @@ -336,294 +77,13 @@ static const uint8_t dummy_wire_data_fido[] = { * registration using the example parameters above. */ static const uint8_t dummy_wire_data_u2f[] = { - 0xff, 0xff, 0xff, 0xff, 0x86, 0x00, 0x11, 0x8e, - 0x80, 0xd0, 0xe2, 0x3b, 0x24, 0x93, 0xea, 0x00, - 0x00, 0x99, 0x01, 0x02, 0x01, 0x01, 0x00, 0x01, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, - 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x83, 0x03, 0x1e, 0x05, - 0x04, 0x9f, 0xa0, 0xf9, 0x0d, 0x4c, 0xf4, 0xae, - 0x96, 0x3c, 0xb7, 0x46, 0xb7, 0x5c, 0x9d, 0x8b, - 0x48, 0x19, 0xdf, 0xc4, 0xad, 0xea, 0xb2, 0x70, - 0x58, 0x72, 0xd9, 0xce, 0x75, 0xf5, 0xe6, 0x8e, - 0x0f, 0x9c, 0x0e, 0x2e, 0x62, 0x3e, 0x91, 0xd3, - 0x7b, 0x97, 0x46, 0x60, 0xb9, 0x57, 0x13, 0x97, - 0x26, 0xae, 0x0f, 0xb3, 0x8f, 0x2e, 0x9b, 0x3f, - 0x00, 0x00, 0x99, 0x01, 0x00, 0xa5, 0x55, 0xec, - 0x8c, 0x25, 0x7c, 0x65, 0xb7, 0x09, 0x40, 0x48, - 0xae, 0xa8, 0xcb, 0xa1, 0x91, 0xac, 0x40, 0x24, - 0xf2, 0x34, 0x6e, 0x3a, 0x8f, 0xa5, 0xb7, 0x48, - 0x54, 0x6e, 0xfb, 0xf4, 0x37, 0x88, 0x69, 0x79, - 0x6f, 0x12, 0xc1, 0x32, 0xdf, 0x15, 0x5d, 0x6e, - 0x82, 0x54, 0xc0, 0x6e, 0x56, 0x4f, 0x3a, 0x9c, - 0xc3, 0x96, 0x7a, 0xde, 0xa5, 0xfe, 0xec, 0xd1, - 0x00, 0x00, 0x99, 0x01, 0x01, 0x5a, 0x21, 0x85, - 0x0e, 0x25, 0x7b, 0x8d, 0x6e, 0x1d, 0x32, 0x29, - 0xdb, 0x21, 0xb0, 0xa3, 0x30, 0x82, 0x02, 0x4f, - 0x30, 0x82, 0x01, 0x37, 0xa0, 0x03, 0x02, 0x01, - 0x02, 0x02, 0x04, 0x2a, 0xd9, 0x6a, 0xf3, 0x30, - 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, - 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x2e, - 0x31, 0x2c, 0x30, 0x2a, 0x06, 0x03, 0x55, 0x04, - 0x00, 0x00, 0x99, 0x01, 0x02, 0x03, 0x13, 0x23, - 0x59, 0x75, 0x62, 0x69, 0x63, 0x6f, 0x20, 0x55, - 0x32, 0x46, 0x20, 0x52, 0x6f, 0x6f, 0x74, 0x20, - 0x43, 0x41, 0x20, 0x53, 0x65, 0x72, 0x69, 0x61, - 0x6c, 0x20, 0x34, 0x35, 0x37, 0x32, 0x30, 0x30, - 0x36, 0x33, 0x31, 0x30, 0x20, 0x17, 0x0d, 0x31, - 0x34, 0x30, 0x38, 0x30, 0x31, 0x30, 0x30, 0x30, - 0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x32, 0x30, - 0x00, 0x00, 0x99, 0x01, 0x03, 0x35, 0x30, 0x30, - 0x39, 0x30, 0x34, 0x30, 0x30, 0x30, 0x30, 0x30, - 0x30, 0x5a, 0x30, 0x31, 0x31, 0x2f, 0x30, 0x2d, - 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x26, 0x59, - 0x75, 0x62, 0x69, 0x63, 0x6f, 0x20, 0x55, 0x32, - 0x46, 0x20, 0x45, 0x45, 0x20, 0x53, 0x65, 0x72, - 0x69, 0x61, 0x6c, 0x20, 0x32, 0x33, 0x39, 0x32, - 0x35, 0x37, 0x33, 0x34, 0x35, 0x31, 0x36, 0x35, - 0x00, 0x00, 0x99, 0x01, 0x04, 0x35, 0x30, 0x33, - 0x38, 0x37, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, - 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, - 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, - 0x07, 0x03, 0x42, 0x00, 0x04, 0x2f, 0xe1, 0xa2, - 0x3e, 0xbf, 0xa5, 0x5b, 0x3e, 0x46, 0x1d, 0x59, - 0xa4, 0x35, 0x22, 0xd7, 0x97, 0x48, 0x98, 0x1c, - 0xba, 0x6d, 0x28, 0x9a, 0x98, 0xf1, 0xbd, 0x7d, - 0x00, 0x00, 0x99, 0x01, 0x05, 0xff, 0x65, 0x66, - 0x80, 0xdb, 0xbb, 0xed, 0xbc, 0x2b, 0xae, 0x60, - 0x7e, 0x6e, 0xf7, 0x72, 0xf5, 0x76, 0xb0, 0x4d, - 0x54, 0xc4, 0xe5, 0xf3, 0x2f, 0x59, 0x6f, 0x26, - 0xe6, 0x11, 0x15, 0xc7, 0x27, 0x2c, 0xf6, 0xca, - 0x75, 0x94, 0xa3, 0x3b, 0x30, 0x39, 0x30, 0x22, - 0x06, 0x09, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, - 0xc4, 0x0a, 0x02, 0x04, 0x15, 0x31, 0x2e, 0x33, - 0x00, 0x00, 0x99, 0x01, 0x06, 0x2e, 0x36, 0x2e, - 0x31, 0x2e, 0x34, 0x2e, 0x31, 0x2e, 0x34, 0x31, - 0x34, 0x38, 0x32, 0x2e, 0x31, 0x2e, 0x32, 0x30, - 0x13, 0x06, 0x0b, 0x2b, 0x06, 0x01, 0x04, 0x01, - 0x82, 0xe5, 0x1c, 0x02, 0x01, 0x01, 0x04, 0x04, - 0x03, 0x02, 0x04, 0x30, 0x30, 0x0d, 0x06, 0x09, - 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, - 0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, - 0x00, 0x00, 0x99, 0x01, 0x07, 0x85, 0x6a, 0xfa, - 0x8b, 0xcf, 0x4f, 0x3f, 0x62, 0x5f, 0x29, 0x1b, - 0xc1, 0x15, 0x8e, 0x3c, 0x7e, 0xbd, 0x25, 0x52, - 0xbc, 0xf7, 0x57, 0x07, 0x53, 0xf5, 0x12, 0x1d, - 0xa6, 0xa5, 0x4d, 0x24, 0xcc, 0xcf, 0xae, 0x27, - 0xce, 0xd6, 0xab, 0x31, 0x12, 0x8c, 0x29, 0x7e, - 0x5b, 0x5b, 0x89, 0x05, 0xdd, 0xa0, 0x20, 0x17, - 0x93, 0x1f, 0x1f, 0x5f, 0x59, 0x25, 0x93, 0x59, - 0x00, 0x00, 0x99, 0x01, 0x08, 0x51, 0xfc, 0x00, - 0x4b, 0xcb, 0xe2, 0x0a, 0xdd, 0x7d, 0x8d, 0x05, - 0x2f, 0x95, 0x43, 0xb3, 0x49, 0x6c, 0x15, 0xb8, - 0x31, 0x0e, 0x10, 0xcb, 0xd9, 0xbb, 0x05, 0x38, - 0x27, 0x4f, 0x58, 0x3e, 0xad, 0x1f, 0x45, 0x12, - 0x88, 0xc3, 0xea, 0x76, 0xd0, 0x70, 0xad, 0x44, - 0xe5, 0x3a, 0xfe, 0xa8, 0xf2, 0x2d, 0x1f, 0x73, - 0x62, 0x5f, 0xf2, 0xd5, 0x89, 0xfe, 0x30, 0xdf, - 0x00, 0x00, 0x99, 0x01, 0x09, 0x26, 0x62, 0xcb, - 0x7c, 0xbb, 0x7c, 0x99, 0x61, 0x80, 0xad, 0xcf, - 0xa9, 0x8a, 0x4d, 0x01, 0x2c, 0xf3, 0x13, 0x46, - 0xcd, 0x11, 0x74, 0x6a, 0x58, 0x48, 0xe8, 0xbe, - 0xed, 0xf3, 0xe3, 0x0c, 0xcb, 0xd9, 0xc1, 0xdd, - 0x22, 0x16, 0x71, 0xb2, 0x83, 0x88, 0x61, 0xf6, - 0x5a, 0x45, 0x36, 0x23, 0xb5, 0x18, 0xd5, 0x56, - 0x7f, 0xa8, 0xf0, 0xa3, 0xce, 0x10, 0x5d, 0xf4, - 0x00, 0x00, 0x99, 0x01, 0x0a, 0xf1, 0x39, 0x53, - 0xe1, 0x14, 0xea, 0x59, 0xe0, 0xa7, 0xf2, 0xfe, - 0x66, 0x88, 0x67, 0x43, 0x2e, 0x52, 0xfd, 0x6a, - 0x2f, 0x64, 0xf7, 0x3c, 0x48, 0xcd, 0x9b, 0x38, - 0xf2, 0xdf, 0xba, 0x2c, 0x7a, 0x4b, 0x3b, 0x11, - 0x28, 0xdf, 0x26, 0xd6, 0x6a, 0x24, 0xf8, 0x95, - 0xdd, 0xa0, 0xb6, 0x11, 0x80, 0xf4, 0x14, 0x4f, - 0x6b, 0x70, 0x75, 0xc3, 0x18, 0xa4, 0x9a, 0xe0, - 0x00, 0x00, 0x99, 0x01, 0x0b, 0x8b, 0x58, 0xd3, - 0x6a, 0xdb, 0x1e, 0x30, 0x53, 0x67, 0x2b, 0x17, - 0xc5, 0xa1, 0x9f, 0x7f, 0x0a, 0x22, 0xf1, 0x0e, - 0x94, 0x30, 0x44, 0x02, 0x20, 0x07, 0x5c, 0x4f, - 0xd2, 0x83, 0xb6, 0x9f, 0x0a, 0x4a, 0x4d, 0x4b, - 0x08, 0x35, 0xeb, 0xc0, 0x7e, 0x4a, 0x14, 0x2e, - 0xc7, 0x8c, 0xd6, 0x64, 0x2f, 0xd3, 0x1e, 0xcc, - 0xb5, 0xe8, 0x42, 0xea, 0xf6, 0x02, 0x20, 0x6b, - 0x00, 0x00, 0x99, 0x01, 0x0c, 0x5a, 0xba, 0x4a, - 0xc8, 0xd7, 0x89, 0xcc, 0x77, 0xe6, 0xb9, 0xa3, - 0x34, 0xea, 0x06, 0x85, 0x72, 0xc6, 0x28, 0xa8, - 0x7a, 0xaa, 0x19, 0x88, 0x34, 0xbb, 0xdc, 0x64, - 0x90, 0x0a, 0xdb, 0x39, 0x90, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + WIREDATA_CTAP_INIT, + WIREDATA_CTAP_U2F_6985, + WIREDATA_CTAP_U2F_6985, + WIREDATA_CTAP_U2F_6985, + WIREDATA_CTAP_U2F_6985, + WIREDATA_CTAP_U2F_6985, + WIREDATA_CTAP_U2F_REGISTER, }; int LLVMFuzzerTestOneInput(const uint8_t *, size_t); @@ -683,6 +143,13 @@ pack(uint8_t *ptr, size_t len, const struct param *p) return (max - len); } +static size_t +input_len(int max) +{ + return (5 * len_byte() + 6 * len_string(max) + 2 * len_int() + + 4 * len_blob(max)); +} + static void make_cred(fido_cred_t *cred, uint8_t u2f, int type, const struct blob *cdh, const char *rp_id, const char *rp_name, struct blob *user_id, @@ -693,6 +160,8 @@ make_cred(fido_cred_t *cred, uint8_t u2f, int type, const struct blob *cdh, fido_dev_t *dev; fido_dev_io_t io; + memset(&io, 0, sizeof(io)); + io.open = dev_open; io.close = dev_close; io.read = dev_read; @@ -720,6 +189,8 @@ make_cred(fido_cred_t *cred, uint8_t u2f, int type, const struct blob *cdh, fido_cred_set_rk(cred, FIDO_OPT_TRUE); if (uv & 1) fido_cred_set_uv(cred, FIDO_OPT_TRUE); + if (user_id->len) + fido_cred_set_prot(cred, user_id->body[0] & 0x03); fido_dev_make_cred(dev, cred, u2f & 1 ? NULL : pin); @@ -733,15 +204,13 @@ verify_cred(int type, const unsigned char *cdh_ptr, size_t cdh_len, const char *rp_id, const char *rp_name, const unsigned char *authdata_ptr, size_t authdata_len, int ext, uint8_t rk, uint8_t uv, const unsigned char *x5c_ptr, size_t x5c_len, const unsigned char *sig_ptr, - size_t sig_len, const char *fmt) + size_t sig_len, const char *fmt, int prot) { fido_cred_t *cred; uint8_t flags; - if ((cred = fido_cred_new()) == NULL) { - warnx("%s: fido_cred_new", __func__); + if ((cred = fido_cred_new()) == NULL) return; - } fido_cred_set_type(cred, type); fido_cred_set_clientdata_hash(cred, cdh_ptr, cdh_len); @@ -751,6 +220,7 @@ verify_cred(int type, const unsigned char *cdh_ptr, size_t cdh_len, fido_cred_set_extensions(cred, ext); fido_cred_set_x509(cred, x5c_ptr, x5c_len); fido_cred_set_sig(cred, sig_ptr, sig_len); + fido_cred_set_prot(cred, prot); if (rk & 1) fido_cred_set_rk(cred, FIDO_OPT_TRUE); @@ -786,12 +256,14 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) memset(&p, 0, sizeof(p)); - if (unpack(data, size, &p) < 0) + if (size < input_len(GETLEN_MIN) || size > input_len(GETLEN_MAX) || + unpack(data, size, &p) < 0) return (0); - srandom((unsigned int)p.seed); + prng_init((unsigned int)p.seed); - fido_init(0); + fido_init(FIDO_DEBUG); + fido_set_log_handler(consume_str); if ((cred = fido_cred_new()) == NULL) return (0); @@ -821,7 +293,7 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) fido_cred_authdata_len(cred), p.ext, p.rk, p.uv, fido_cred_x5c_ptr(cred), fido_cred_x5c_len(cred), fido_cred_sig_ptr(cred), fido_cred_sig_len(cred), - fido_cred_fmt(cred)); + fido_cred_fmt(cred), fido_cred_prot(cred)); fido_cred_free(&cred); diff --git a/fuzz/fuzz_credman.c b/fuzz/fuzz_credman.c index 4359938..323d0a9 100644 --- a/fuzz/fuzz_credman.c +++ b/fuzz/fuzz_credman.c @@ -11,6 +11,9 @@ #include #include "mutator_aux.h" +#include "wiredata_fido2.h" +#include "dummy.h" + #include "fido.h" #include "fido/credman.h" @@ -37,59 +40,16 @@ struct param { struct blob rp_wire_data; }; -/* Example parameters. */ -static const uint8_t dummy_cred_id[] = { - 0x4f, 0x72, 0x98, 0x42, 0x4a, 0xe1, 0x17, 0xa5, - 0x85, 0xa0, 0xef, 0x3b, 0x11, 0x24, 0x4a, 0x3d, -}; -static const char dummy_pin[] = "[n#899:~m"; -static const char dummy_rp_id[] = "yubico.com"; - /* * Collection of HID reports from an authenticator issued with a FIDO2 * 'getCredsMetadata' credential management command. */ static const uint8_t dummy_meta_wire_data[] = { - 0xff, 0xff, 0xff, 0xff, 0x86, 0x00, 0x11, 0xc5, - 0xb7, 0x89, 0xba, 0x8d, 0x5f, 0x94, 0x1b, 0x00, - 0x12, 0x00, 0x04, 0x02, 0x00, 0x04, 0x05, 0x05, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x12, 0x00, 0x04, 0x90, 0x00, 0x51, 0x00, - 0xa1, 0x01, 0xa5, 0x01, 0x02, 0x03, 0x38, 0x18, - 0x20, 0x01, 0x21, 0x58, 0x20, 0x93, 0xc5, 0x64, - 0x71, 0xe9, 0xd1, 0xb8, 0xed, 0xf6, 0xd5, 0xf3, - 0xa7, 0xd5, 0x96, 0x70, 0xbb, 0xd5, 0x20, 0xa1, - 0xa3, 0xd3, 0x93, 0x4c, 0x5c, 0x20, 0x5c, 0x22, - 0xeb, 0xb0, 0x6a, 0x27, 0x59, 0x22, 0x58, 0x20, - 0x63, 0x02, 0x33, 0xa8, 0xed, 0x3c, 0xbc, 0xe9, - 0x00, 0x12, 0x00, 0x04, 0x00, 0xda, 0x44, 0xf5, - 0xed, 0xda, 0xe6, 0xa4, 0xad, 0x3f, 0x9e, 0xf8, - 0x50, 0x8d, 0x01, 0x47, 0x6c, 0x4e, 0x72, 0xa4, - 0x04, 0x13, 0xa8, 0x65, 0x97, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x12, 0x00, 0x04, 0x90, 0x00, 0x14, 0x00, - 0xa1, 0x02, 0x50, 0x6f, 0x11, 0x96, 0x21, 0x92, - 0x52, 0xf1, 0x6b, 0xd4, 0x2c, 0xe3, 0xf8, 0xc9, - 0x8c, 0x47, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x12, 0x00, 0x04, 0x90, 0x00, 0x07, 0x00, - 0xa2, 0x01, 0x00, 0x02, 0x18, 0x19, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + WIREDATA_CTAP_INIT, + WIREDATA_CTAP_CBOR_INFO, + WIREDATA_CTAP_CBOR_AUTHKEY, + WIREDATA_CTAP_CBOR_PINTOKEN, + WIREDATA_CTAP_CBOR_CREDMAN_META, }; /* @@ -97,62 +57,11 @@ static const uint8_t dummy_meta_wire_data[] = { * 'enumerateRPsBegin' credential management command. */ static const uint8_t dummy_rp_wire_data[] = { - 0xff, 0xff, 0xff, 0xff, 0x86, 0x00, 0x11, 0x87, - 0xbf, 0xc6, 0x7f, 0x36, 0xf5, 0xe2, 0x49, 0x00, - 0x15, 0x00, 0x02, 0x02, 0x00, 0x04, 0x05, 0x05, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x15, 0x00, 0x02, 0x90, 0x00, 0x51, 0x00, - 0xa1, 0x01, 0xa5, 0x01, 0x02, 0x03, 0x38, 0x18, - 0x20, 0x01, 0x21, 0x58, 0x20, 0x12, 0xc1, 0x81, - 0x6b, 0x92, 0x6a, 0x56, 0x05, 0xfe, 0xdb, 0xab, - 0x90, 0x2f, 0x57, 0x0b, 0x3d, 0x85, 0x3e, 0x3f, - 0xbc, 0xe5, 0xd3, 0xb6, 0x86, 0xdf, 0x10, 0x43, - 0xc2, 0xaf, 0x87, 0x34, 0x0e, 0x22, 0x58, 0x20, - 0xd3, 0x0f, 0x7e, 0x5d, 0x10, 0x33, 0x57, 0x24, - 0x00, 0x15, 0x00, 0x02, 0x00, 0x6e, 0x90, 0x58, - 0x61, 0x2a, 0xd2, 0xc2, 0x1e, 0x08, 0xea, 0x91, - 0xcb, 0x44, 0x66, 0x73, 0x29, 0x92, 0x29, 0x59, - 0x91, 0xa3, 0x4d, 0x2c, 0xbb, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x15, 0x00, 0x02, 0x90, 0x00, 0x14, 0x00, - 0xa1, 0x02, 0x50, 0x6d, 0x95, 0x0e, 0x73, 0x78, - 0x46, 0x13, 0x2e, 0x07, 0xbf, 0xeb, 0x61, 0x31, - 0x37, 0x36, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x15, 0x00, 0x02, 0x90, 0x00, 0x37, 0x00, - 0xa3, 0x03, 0xa1, 0x62, 0x69, 0x64, 0x6a, 0x79, - 0x75, 0x62, 0x69, 0x63, 0x6f, 0x2e, 0x63, 0x6f, - 0x6d, 0x04, 0x58, 0x20, 0x37, 0x82, 0x09, 0xb7, - 0x2d, 0xef, 0xcb, 0xa9, 0x1d, 0xcb, 0xf8, 0x54, - 0xed, 0xb4, 0xda, 0xa6, 0x48, 0x82, 0x8a, 0x2c, - 0xbd, 0x18, 0x0a, 0xfc, 0x77, 0xa7, 0x44, 0x34, - 0x65, 0x5a, 0x1c, 0x7d, 0x05, 0x03, 0x00, 0x00, - 0x00, 0x15, 0x00, 0x02, 0x90, 0x00, 0x36, 0x00, - 0xa2, 0x03, 0xa1, 0x62, 0x69, 0x64, 0x6b, 0x79, - 0x75, 0x62, 0x69, 0x6b, 0x65, 0x79, 0x2e, 0x6f, - 0x72, 0x67, 0x04, 0x58, 0x20, 0x12, 0x6b, 0xba, - 0x6a, 0x2d, 0x7a, 0x81, 0x84, 0x25, 0x7b, 0x74, - 0xdd, 0x1d, 0xdd, 0x46, 0xb6, 0x2a, 0x8c, 0xa2, - 0xa7, 0x83, 0xfe, 0xdb, 0x5b, 0x19, 0x48, 0x73, - 0x55, 0xb7, 0xe3, 0x46, 0x09, 0x00, 0x00, 0x00, - 0x00, 0x15, 0x00, 0x02, 0x90, 0x00, 0x37, 0x00, - 0xa2, 0x03, 0xa1, 0x62, 0x69, 0x64, 0x6c, 0x77, - 0x65, 0x62, 0x61, 0x75, 0x74, 0x68, 0x6e, 0x2e, - 0x64, 0x65, 0x76, 0x04, 0x58, 0x20, 0xd6, 0x32, - 0x7d, 0x8c, 0x6a, 0x5d, 0xe6, 0xae, 0x0e, 0x33, - 0xd0, 0xa3, 0x31, 0xfb, 0x67, 0x77, 0xb9, 0x4e, - 0xf4, 0x73, 0x19, 0xfe, 0x7e, 0xfd, 0xfa, 0x82, - 0x70, 0x8e, 0x1f, 0xbb, 0xa2, 0x55, 0x00, 0x00, + WIREDATA_CTAP_INIT, + WIREDATA_CTAP_CBOR_INFO, + WIREDATA_CTAP_CBOR_AUTHKEY, + WIREDATA_CTAP_CBOR_PINTOKEN, + WIREDATA_CTAP_CBOR_CREDMAN_RPLIST, }; /* @@ -160,182 +69,11 @@ static const uint8_t dummy_rp_wire_data[] = { * 'enumerateCredentialsBegin' credential management command. */ static const uint8_t dummy_rk_wire_data[] = { - 0xff, 0xff, 0xff, 0xff, 0x86, 0x00, 0x11, 0x35, - 0x3b, 0x34, 0xb9, 0xcb, 0xeb, 0x40, 0x55, 0x00, - 0x15, 0x00, 0x04, 0x02, 0x00, 0x04, 0x05, 0x05, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x15, 0x00, 0x04, 0x90, 0x00, 0x51, 0x00, - 0xa1, 0x01, 0xa5, 0x01, 0x02, 0x03, 0x38, 0x18, - 0x20, 0x01, 0x21, 0x58, 0x20, 0x12, 0xc1, 0x81, - 0x6b, 0x92, 0x6a, 0x56, 0x05, 0xfe, 0xdb, 0xab, - 0x90, 0x2f, 0x57, 0x0b, 0x3d, 0x85, 0x3e, 0x3f, - 0xbc, 0xe5, 0xd3, 0xb6, 0x86, 0xdf, 0x10, 0x43, - 0xc2, 0xaf, 0x87, 0x34, 0x0e, 0x22, 0x58, 0x20, - 0xd3, 0x0f, 0x7e, 0x5d, 0x10, 0x33, 0x57, 0x24, - 0x00, 0x15, 0x00, 0x04, 0x00, 0x6e, 0x90, 0x58, - 0x61, 0x2a, 0xd2, 0xc2, 0x1e, 0x08, 0xea, 0x91, - 0xcb, 0x44, 0x66, 0x73, 0x29, 0x92, 0x29, 0x59, - 0x91, 0xa3, 0x4d, 0x2c, 0xbb, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x15, 0x00, 0x04, 0x90, 0x00, 0x14, 0x00, - 0xa1, 0x02, 0x50, 0x1b, 0xf0, 0x01, 0x0d, 0x32, - 0xee, 0x28, 0xa4, 0x5a, 0x7f, 0x56, 0x5b, 0x28, - 0xfd, 0x1f, 0x48, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x15, 0x00, 0x04, 0x90, 0x00, 0xc5, 0x00, - 0xa5, 0x06, 0xa3, 0x62, 0x69, 0x64, 0x58, 0x20, - 0xe4, 0xe1, 0x06, 0x31, 0xde, 0x00, 0x0f, 0x4f, - 0x12, 0x6e, 0xc9, 0x68, 0x2d, 0x43, 0x3f, 0xf1, - 0x02, 0x2c, 0x6e, 0xe6, 0x96, 0x10, 0xbf, 0x73, - 0x35, 0xc9, 0x20, 0x27, 0x06, 0xba, 0x39, 0x09, - 0x64, 0x6e, 0x61, 0x6d, 0x65, 0x6a, 0x62, 0x6f, - 0x62, 0x20, 0x62, 0x61, 0x6e, 0x61, 0x6e, 0x61, - 0x00, 0x15, 0x00, 0x04, 0x00, 0x6b, 0x64, 0x69, - 0x73, 0x70, 0x6c, 0x61, 0x79, 0x4e, 0x61, 0x6d, - 0x65, 0x67, 0x62, 0x62, 0x61, 0x6e, 0x61, 0x6e, - 0x61, 0x07, 0xa2, 0x62, 0x69, 0x64, 0x50, 0x19, - 0xf7, 0x78, 0x0c, 0xa0, 0xbc, 0xb9, 0xa6, 0xd5, - 0x1e, 0xd7, 0x87, 0xfb, 0x6c, 0x80, 0x03, 0x64, - 0x74, 0x79, 0x70, 0x65, 0x6a, 0x70, 0x75, 0x62, - 0x6c, 0x69, 0x63, 0x2d, 0x6b, 0x65, 0x79, 0x08, - 0x00, 0x15, 0x00, 0x04, 0x01, 0xa5, 0x01, 0x02, - 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0x81, - 0x6c, 0xdd, 0x8c, 0x8f, 0x8c, 0xc8, 0x43, 0xa7, - 0xbb, 0x79, 0x51, 0x09, 0xb1, 0xdf, 0xbe, 0xc4, - 0xa5, 0x54, 0x16, 0x9e, 0x58, 0x56, 0xb3, 0x0b, - 0x34, 0x4f, 0xa5, 0x6c, 0x05, 0xa2, 0x21, 0x22, - 0x58, 0x20, 0xcd, 0xc2, 0x0c, 0x99, 0x83, 0x5a, - 0x61, 0x73, 0xd8, 0xe0, 0x74, 0x23, 0x46, 0x64, - 0x00, 0x15, 0x00, 0x04, 0x02, 0x39, 0x4c, 0xb0, - 0xf4, 0x6c, 0x0a, 0x37, 0x72, 0xaa, 0xa8, 0xea, - 0x58, 0xd3, 0xd4, 0xe0, 0x51, 0xb2, 0x28, 0x09, - 0x05, 0x0a, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x15, 0x00, 0x04, 0x90, 0x00, 0xa0, 0x00, - 0xa4, 0x06, 0xa3, 0x62, 0x69, 0x64, 0x58, 0x20, - 0x56, 0xa1, 0x3c, 0x06, 0x2b, 0xad, 0xa2, 0x21, - 0x7d, 0xcd, 0x91, 0x08, 0x47, 0xa8, 0x8a, 0x06, - 0x06, 0xf6, 0x66, 0x91, 0xf6, 0xeb, 0x89, 0xe4, - 0xdf, 0x26, 0xbc, 0x46, 0x59, 0xc3, 0x7d, 0xc0, - 0x64, 0x6e, 0x61, 0x6d, 0x65, 0x6a, 0x62, 0x6f, - 0x62, 0x20, 0x62, 0x61, 0x6e, 0x61, 0x6e, 0x61, - 0x00, 0x15, 0x00, 0x04, 0x00, 0x6b, 0x64, 0x69, - 0x73, 0x70, 0x6c, 0x61, 0x79, 0x4e, 0x61, 0x6d, - 0x65, 0x67, 0x62, 0x62, 0x61, 0x6e, 0x61, 0x6e, - 0x61, 0x07, 0xa2, 0x62, 0x69, 0x64, 0x50, 0xd8, - 0x27, 0x4b, 0x25, 0xed, 0x19, 0xef, 0x11, 0xaf, - 0xa6, 0x89, 0x7b, 0x84, 0x50, 0xe7, 0x62, 0x64, - 0x74, 0x79, 0x70, 0x65, 0x6a, 0x70, 0x75, 0x62, - 0x6c, 0x69, 0x63, 0x2d, 0x6b, 0x65, 0x79, 0x08, - 0x00, 0x15, 0x00, 0x04, 0x01, 0xa4, 0x01, 0x01, - 0x03, 0x27, 0x20, 0x06, 0x21, 0x58, 0x20, 0x8d, - 0xfe, 0x45, 0xd5, 0x7d, 0xb6, 0x17, 0xab, 0x86, - 0x2d, 0x32, 0xf6, 0x85, 0xf0, 0x92, 0x76, 0xb7, - 0xce, 0x73, 0xca, 0x4e, 0x0e, 0xfd, 0xd5, 0xdb, - 0x2a, 0x1d, 0x55, 0x90, 0x96, 0x52, 0xc2, 0x0a, - 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x15, 0x00, 0x04, 0x90, 0x00, 0xa0, 0x00, - 0xa4, 0x06, 0xa3, 0x62, 0x69, 0x64, 0x58, 0x20, - 0x04, 0x0e, 0x0f, 0xa0, 0xcd, 0x60, 0x35, 0x9a, - 0xba, 0x47, 0x0c, 0x10, 0xb6, 0x82, 0x6e, 0x2f, - 0x66, 0xb9, 0xa7, 0xcf, 0xd8, 0x47, 0xb4, 0x3d, - 0xfd, 0x77, 0x1a, 0x38, 0x22, 0xa1, 0xda, 0xa5, - 0x64, 0x6e, 0x61, 0x6d, 0x65, 0x6a, 0x62, 0x6f, - 0x62, 0x20, 0x62, 0x61, 0x6e, 0x61, 0x6e, 0x61, - 0x00, 0x15, 0x00, 0x04, 0x00, 0x6b, 0x64, 0x69, - 0x73, 0x70, 0x6c, 0x61, 0x79, 0x4e, 0x61, 0x6d, - 0x65, 0x67, 0x62, 0x62, 0x61, 0x6e, 0x61, 0x6e, - 0x61, 0x07, 0xa2, 0x62, 0x69, 0x64, 0x50, 0x00, - 0x5d, 0xdf, 0xef, 0xe2, 0xf3, 0x06, 0xb2, 0xa5, - 0x46, 0x4d, 0x98, 0xbc, 0x14, 0x65, 0xc1, 0x64, - 0x74, 0x79, 0x70, 0x65, 0x6a, 0x70, 0x75, 0x62, - 0x6c, 0x69, 0x63, 0x2d, 0x6b, 0x65, 0x79, 0x08, - 0x00, 0x15, 0x00, 0x04, 0x01, 0xa4, 0x01, 0x01, - 0x03, 0x27, 0x20, 0x06, 0x21, 0x58, 0x20, 0x72, - 0x79, 0x14, 0x69, 0xdf, 0xcb, 0x64, 0x75, 0xee, - 0xd4, 0x45, 0x94, 0xbc, 0x48, 0x4d, 0x2a, 0x9f, - 0xc9, 0xf4, 0xb5, 0x1b, 0x05, 0xa6, 0x5b, 0x54, - 0x9a, 0xac, 0x6c, 0x2e, 0xc6, 0x90, 0x62, 0x0a, - 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x15, 0x00, 0x04, 0x90, 0x00, 0xc3, 0x00, - 0xa4, 0x06, 0xa3, 0x62, 0x69, 0x64, 0x58, 0x20, - 0xce, 0x32, 0xd8, 0x79, 0xdd, 0x86, 0xa2, 0x42, - 0x7c, 0xc3, 0xe1, 0x95, 0x12, 0x93, 0x1a, 0x03, - 0xe6, 0x70, 0xb8, 0xff, 0xcd, 0xa5, 0xdf, 0x15, - 0xfc, 0x88, 0x2a, 0xf5, 0x44, 0xf1, 0x33, 0x9c, - 0x64, 0x6e, 0x61, 0x6d, 0x65, 0x6a, 0x62, 0x6f, - 0x62, 0x20, 0x62, 0x61, 0x6e, 0x61, 0x6e, 0x61, - 0x00, 0x15, 0x00, 0x04, 0x00, 0x6b, 0x64, 0x69, - 0x73, 0x70, 0x6c, 0x61, 0x79, 0x4e, 0x61, 0x6d, - 0x65, 0x67, 0x62, 0x62, 0x61, 0x6e, 0x61, 0x6e, - 0x61, 0x07, 0xa2, 0x62, 0x69, 0x64, 0x50, 0x0a, - 0x26, 0x5b, 0x7e, 0x1a, 0x2a, 0xba, 0x70, 0x5f, - 0x18, 0x26, 0x14, 0xb2, 0x71, 0xca, 0x98, 0x64, - 0x74, 0x79, 0x70, 0x65, 0x6a, 0x70, 0x75, 0x62, - 0x6c, 0x69, 0x63, 0x2d, 0x6b, 0x65, 0x79, 0x08, - 0x00, 0x15, 0x00, 0x04, 0x01, 0xa5, 0x01, 0x02, - 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0x8b, - 0x48, 0xf0, 0x69, 0xfb, 0x22, 0xfb, 0xf3, 0x86, - 0x57, 0x7c, 0xdd, 0x82, 0x2c, 0x1c, 0x0c, 0xdc, - 0x27, 0xe2, 0x6a, 0x4c, 0x1a, 0x10, 0x04, 0x27, - 0x51, 0x3e, 0x2a, 0x9d, 0x3a, 0xb6, 0xb5, 0x22, - 0x58, 0x20, 0x70, 0xfe, 0x91, 0x67, 0x64, 0x53, - 0x63, 0x83, 0x72, 0x31, 0xe9, 0xe5, 0x20, 0xb7, - 0x00, 0x15, 0x00, 0x04, 0x02, 0xee, 0xc9, 0xfb, - 0x63, 0xd7, 0xe4, 0x76, 0x39, 0x80, 0x82, 0x74, - 0xb8, 0xfa, 0x67, 0xf5, 0x1b, 0x8f, 0xe0, 0x0a, - 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x15, 0x00, 0x04, 0x90, 0x00, 0xc3, 0x00, - 0xa4, 0x06, 0xa3, 0x62, 0x69, 0x64, 0x58, 0x20, - 0xf9, 0xa3, 0x67, 0xbf, 0x5e, 0x80, 0x95, 0xdb, - 0x4c, 0xc5, 0x8f, 0x65, 0x36, 0xc5, 0xaf, 0xdd, - 0x90, 0x2e, 0x62, 0x68, 0x67, 0x9c, 0xa2, 0x26, - 0x2f, 0x2a, 0xf9, 0x3a, 0xda, 0x15, 0xf2, 0x27, - 0x64, 0x6e, 0x61, 0x6d, 0x65, 0x6a, 0x62, 0x6f, - 0x62, 0x20, 0x62, 0x61, 0x6e, 0x61, 0x6e, 0x61, - 0x00, 0x15, 0x00, 0x04, 0x00, 0x6b, 0x64, 0x69, - 0x73, 0x70, 0x6c, 0x61, 0x79, 0x4e, 0x61, 0x6d, - 0x65, 0x67, 0x62, 0x62, 0x61, 0x6e, 0x61, 0x6e, - 0x61, 0x07, 0xa2, 0x62, 0x69, 0x64, 0x50, 0xfb, - 0xa6, 0xbe, 0xc1, 0x01, 0xf6, 0x7a, 0x81, 0xf9, - 0xcd, 0x6d, 0x20, 0x41, 0x7a, 0x1c, 0x40, 0x64, - 0x74, 0x79, 0x70, 0x65, 0x6a, 0x70, 0x75, 0x62, - 0x6c, 0x69, 0x63, 0x2d, 0x6b, 0x65, 0x79, 0x08, - 0x00, 0x15, 0x00, 0x04, 0x01, 0xa5, 0x01, 0x02, - 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0xda, - 0x2b, 0x53, 0xc3, 0xbe, 0x48, 0xf8, 0xab, 0xbd, - 0x06, 0x28, 0x46, 0xfa, 0x35, 0xab, 0xf9, 0xc5, - 0x2e, 0xfd, 0x3c, 0x38, 0x88, 0xb3, 0xe1, 0xa7, - 0xc5, 0xc6, 0xed, 0x72, 0x54, 0x37, 0x93, 0x22, - 0x58, 0x20, 0x12, 0x82, 0x32, 0x2d, 0xab, 0xbc, - 0x64, 0xb3, 0xed, 0xcc, 0xd5, 0x22, 0xec, 0x79, - 0x00, 0x15, 0x00, 0x04, 0x02, 0x4b, 0xe2, 0x4d, - 0x0c, 0x4b, 0x8d, 0x31, 0x4c, 0xb4, 0x0f, 0xd4, - 0xa9, 0xbe, 0x0c, 0xab, 0x9e, 0x0a, 0xc9, 0x0a, - 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + WIREDATA_CTAP_INIT, + WIREDATA_CTAP_CBOR_INFO, + WIREDATA_CTAP_CBOR_AUTHKEY, + WIREDATA_CTAP_CBOR_PINTOKEN, + WIREDATA_CTAP_CBOR_CREDMAN_RKLIST, }; /* @@ -343,46 +81,11 @@ static const uint8_t dummy_rk_wire_data[] = { * 'deleteCredential' credential management command. */ static const uint8_t dummy_del_wire_data[] = { - 0xff, 0xff, 0xff, 0xff, 0x86, 0x00, 0x11, 0x8b, - 0xe1, 0xf0, 0x3a, 0x18, 0xa5, 0xda, 0x59, 0x00, - 0x15, 0x00, 0x05, 0x02, 0x00, 0x04, 0x05, 0x05, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x15, 0x00, 0x05, 0x90, 0x00, 0x51, 0x00, - 0xa1, 0x01, 0xa5, 0x01, 0x02, 0x03, 0x38, 0x18, - 0x20, 0x01, 0x21, 0x58, 0x20, 0x12, 0xc1, 0x81, - 0x6b, 0x92, 0x6a, 0x56, 0x05, 0xfe, 0xdb, 0xab, - 0x90, 0x2f, 0x57, 0x0b, 0x3d, 0x85, 0x3e, 0x3f, - 0xbc, 0xe5, 0xd3, 0xb6, 0x86, 0xdf, 0x10, 0x43, - 0xc2, 0xaf, 0x87, 0x34, 0x0e, 0x22, 0x58, 0x20, - 0xd3, 0x0f, 0x7e, 0x5d, 0x10, 0x33, 0x57, 0x24, - 0x00, 0x15, 0x00, 0x05, 0x00, 0x6e, 0x90, 0x58, - 0x61, 0x2a, 0xd2, 0xc2, 0x1e, 0x08, 0xea, 0x91, - 0xcb, 0x44, 0x66, 0x73, 0x29, 0x92, 0x29, 0x59, - 0x91, 0xa3, 0x4d, 0x2c, 0xbb, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x15, 0x00, 0x05, 0x90, 0x00, 0x14, 0x00, - 0xa1, 0x02, 0x50, 0x33, 0xf1, 0x3b, 0xde, 0x1e, - 0xa5, 0xd1, 0xbf, 0xf6, 0x5d, 0x63, 0xb6, 0xfc, - 0xd2, 0x24, 0xe8, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x15, 0x00, 0x05, 0x90, 0x00, 0x01, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + WIREDATA_CTAP_INIT, + WIREDATA_CTAP_CBOR_INFO, + WIREDATA_CTAP_CBOR_AUTHKEY, + WIREDATA_CTAP_CBOR_PINTOKEN, + WIREDATA_CTAP_CBOR_STATUS, }; int LLVMFuzzerTestOneInput(const uint8_t *, size_t); @@ -424,12 +127,20 @@ pack(uint8_t *ptr, size_t len, const struct param *p) return (max - len); } +static size_t +input_len(int max) +{ + return (2 * len_string(max) + 5 * len_blob(max) + len_int()); +} + static fido_dev_t * prepare_dev() { fido_dev_t *dev; fido_dev_io_t io; + memset(&io, 0, sizeof(io)); + io.open = dev_open; io.close = dev_close; io.read = dev_read; @@ -454,9 +165,9 @@ get_metadata(struct param *p) set_wire_data(p->meta_wire_data.body, p->meta_wire_data.len); - if ((dev = prepare_dev()) == NULL) { + if ((dev = prepare_dev()) == NULL) return; - } + if ((metadata = fido_credman_metadata_new()) == NULL) { fido_dev_close(dev); fido_dev_free(&dev); @@ -483,9 +194,9 @@ get_rp_list(struct param *p) set_wire_data(p->rp_wire_data.body, p->rp_wire_data.len); - if ((dev = prepare_dev()) == NULL) { + if ((dev = prepare_dev()) == NULL) return; - } + if ((rp = fido_credman_rp_new()) == NULL) { fido_dev_close(dev); fido_dev_free(&dev); @@ -519,9 +230,9 @@ get_rk_list(struct param *p) set_wire_data(p->rk_wire_data.body, p->rk_wire_data.len); - if ((dev = prepare_dev()) == NULL) { + if ((dev = prepare_dev()) == NULL) return; - } + if ((rk = fido_credman_rk_new()) == NULL) { fido_dev_close(dev); fido_dev_free(&dev); @@ -560,9 +271,8 @@ del_rk(struct param *p) set_wire_data(p->del_wire_data.body, p->del_wire_data.len); - if ((dev = prepare_dev()) == NULL) { + if ((dev = prepare_dev()) == NULL) return; - } fido_credman_del_dev_rk(dev, p->cred_id.body, p->cred_id.len, p->pin); fido_dev_close(dev); @@ -576,12 +286,14 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) memset(&p, 0, sizeof(p)); - if (unpack(data, size, &p) < 0) + if (size < input_len(GETLEN_MIN) || size > input_len(GETLEN_MAX) || + unpack(data, size, &p) < 0) return (0); - srandom((unsigned int)p.seed); + prng_init((unsigned int)p.seed); - fido_init(0); + fido_init(FIDO_DEBUG); + fido_set_log_handler(consume_str); get_metadata(&p); get_rp_list(&p); diff --git a/fuzz/fuzz_mgmt.c b/fuzz/fuzz_mgmt.c index 741b375..d46daf6 100644 --- a/fuzz/fuzz_mgmt.c +++ b/fuzz/fuzz_mgmt.c @@ -11,6 +11,8 @@ #include #include "mutator_aux.h" +#include "wiredata_fido2.h" +#include "dummy.h" #include "fido.h" #include "../openbsd-compat/openbsd-compat.h" @@ -35,207 +37,39 @@ struct param { int seed; }; -/* Example parameters. */ -static const char dummy_pin1[] = "skepp cg0u3;Y.."; -static const char dummy_pin2[] = "bastilha 6rJrfQZI."; - static const uint8_t dummy_reset_wire_data[] = { - 0xff, 0xff, 0xff, 0xff, 0x86, 0x00, 0x11, 0x91, - 0xef, 0xbe, 0x74, 0x39, 0x1a, 0x1c, 0x4a, 0x00, - 0x22, 0x00, 0x01, 0x02, 0x05, 0x02, 0x01, 0x05, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x22, 0x00, 0x01, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x22, 0x00, 0x01, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x22, 0x00, 0x01, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x22, 0x00, 0x01, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x22, 0x00, 0x01, 0xbb, 0x00, 0x01, 0x02, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x22, 0x00, 0x01, 0xbb, 0x00, 0x01, 0x01, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x22, 0x00, 0x01, 0x90, 0x00, 0x01, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + WIREDATA_CTAP_INIT, + WIREDATA_CTAP_CBOR_INFO, + WIREDATA_CTAP_KEEPALIVE, + WIREDATA_CTAP_KEEPALIVE, + WIREDATA_CTAP_KEEPALIVE, + WIREDATA_CTAP_CBOR_RESET, }; static const uint8_t dummy_info_wire_data[] = { - 0xff, 0xff, 0xff, 0xff, 0x86, 0x00, 0x11, 0x80, - 0x43, 0x56, 0x40, 0xb1, 0x4e, 0xd9, 0x2d, 0x00, - 0x22, 0x00, 0x02, 0x02, 0x05, 0x02, 0x01, 0x05, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x22, 0x00, 0x02, 0x90, 0x00, 0xb9, 0x00, - 0xa9, 0x01, 0x83, 0x66, 0x55, 0x32, 0x46, 0x5f, - 0x56, 0x32, 0x68, 0x46, 0x49, 0x44, 0x4f, 0x5f, - 0x32, 0x5f, 0x30, 0x6c, 0x46, 0x49, 0x44, 0x4f, - 0x5f, 0x32, 0x5f, 0x31, 0x5f, 0x50, 0x52, 0x45, - 0x02, 0x82, 0x6b, 0x63, 0x72, 0x65, 0x64, 0x50, - 0x72, 0x6f, 0x74, 0x65, 0x63, 0x74, 0x6b, 0x68, - 0x6d, 0x61, 0x63, 0x2d, 0x73, 0x65, 0x63, 0x72, - 0x00, 0x22, 0x00, 0x02, 0x00, 0x65, 0x74, 0x03, - 0x50, 0x19, 0x56, 0xe5, 0xbd, 0xa3, 0x74, 0x45, - 0xf1, 0xa8, 0x14, 0x35, 0x64, 0x03, 0xfd, 0xbc, - 0x18, 0x04, 0xa5, 0x62, 0x72, 0x6b, 0xf5, 0x62, - 0x75, 0x70, 0xf5, 0x64, 0x70, 0x6c, 0x61, 0x74, - 0xf4, 0x69, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, - 0x50, 0x69, 0x6e, 0xf4, 0x75, 0x63, 0x72, 0x65, - 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x4d, - 0x00, 0x22, 0x00, 0x02, 0x01, 0x67, 0x6d, 0x74, - 0x50, 0x72, 0x65, 0x76, 0x69, 0x65, 0x77, 0xf5, - 0x05, 0x19, 0x04, 0xb0, 0x06, 0x81, 0x01, 0x07, - 0x08, 0x08, 0x18, 0x80, 0x0a, 0x82, 0xa2, 0x63, - 0x61, 0x6c, 0x67, 0x26, 0x64, 0x74, 0x79, 0x70, - 0x65, 0x6a, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, - 0x2d, 0x6b, 0x65, 0x79, 0xa2, 0x63, 0x61, 0x6c, - 0x67, 0x27, 0x64, 0x74, 0x79, 0x70, 0x65, 0x6a, - 0x00, 0x22, 0x00, 0x02, 0x02, 0x70, 0x75, 0x62, - 0x6c, 0x69, 0x63, 0x2d, 0x6b, 0x65, 0x79, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + WIREDATA_CTAP_INIT, + WIREDATA_CTAP_CBOR_INFO, + WIREDATA_CTAP_CBOR_INFO, }; static const uint8_t dummy_set_pin_wire_data[] = { - 0xff, 0xff, 0xff, 0xff, 0x86, 0x00, 0x11, 0x59, - 0x50, 0x8c, 0x27, 0x14, 0x83, 0x43, 0xd5, 0x00, - 0x22, 0x00, 0x03, 0x02, 0x05, 0x02, 0x01, 0x05, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x22, 0x00, 0x03, 0x90, 0x00, 0x51, 0x00, - 0xa1, 0x01, 0xa5, 0x01, 0x02, 0x03, 0x38, 0x18, - 0x20, 0x01, 0x21, 0x58, 0x20, 0x2a, 0xb8, 0x2d, - 0x36, 0x69, 0xab, 0x30, 0x9d, 0xe3, 0x5e, 0x9b, - 0xfb, 0x94, 0xfc, 0x1d, 0x92, 0x95, 0xaf, 0x01, - 0x47, 0xfe, 0x4b, 0x87, 0xe5, 0xcf, 0x3f, 0x05, - 0x0b, 0x39, 0xda, 0x17, 0x49, 0x22, 0x58, 0x20, - 0x15, 0x1b, 0xbe, 0x08, 0x78, 0x60, 0x4d, 0x3c, - 0x00, 0x22, 0x00, 0x03, 0x00, 0x3f, 0xf1, 0x60, - 0xa6, 0xd8, 0xf8, 0xed, 0xce, 0x4a, 0x30, 0x5d, - 0x1a, 0xaf, 0x80, 0xc4, 0x0a, 0xd2, 0x6f, 0x77, - 0x38, 0x12, 0x97, 0xaa, 0xbd, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x22, 0x00, 0x03, 0x90, 0x00, 0x01, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + WIREDATA_CTAP_INIT, + WIREDATA_CTAP_CBOR_INFO, + WIREDATA_CTAP_CBOR_AUTHKEY, + WIREDATA_CTAP_CBOR_STATUS, }; static const uint8_t dummy_change_pin_wire_data[] = { - 0xff, 0xff, 0xff, 0xff, 0x86, 0x00, 0x11, 0x48, - 0xfd, 0xf9, 0xde, 0x28, 0x21, 0x99, 0xd5, 0x00, - 0x22, 0x00, 0x04, 0x02, 0x05, 0x02, 0x01, 0x05, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x22, 0x00, 0x04, 0x90, 0x00, 0x51, 0x00, - 0xa1, 0x01, 0xa5, 0x01, 0x02, 0x03, 0x38, 0x18, - 0x20, 0x01, 0x21, 0x58, 0x20, 0x2a, 0xb8, 0x2d, - 0x36, 0x69, 0xab, 0x30, 0x9d, 0xe3, 0x5e, 0x9b, - 0xfb, 0x94, 0xfc, 0x1d, 0x92, 0x95, 0xaf, 0x01, - 0x47, 0xfe, 0x4b, 0x87, 0xe5, 0xcf, 0x3f, 0x05, - 0x0b, 0x39, 0xda, 0x17, 0x49, 0x22, 0x58, 0x20, - 0x15, 0x1b, 0xbe, 0x08, 0x78, 0x60, 0x4d, 0x3c, - 0x00, 0x22, 0x00, 0x04, 0x00, 0x3f, 0xf1, 0x60, - 0xa6, 0xd8, 0xf8, 0xed, 0xce, 0x4a, 0x30, 0x5d, - 0x1a, 0xaf, 0x80, 0xc4, 0x0a, 0xd2, 0x6f, 0x77, - 0x38, 0x12, 0x97, 0xaa, 0xbd, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x22, 0x00, 0x04, 0x90, 0x00, 0x01, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + WIREDATA_CTAP_INIT, + WIREDATA_CTAP_CBOR_INFO, + WIREDATA_CTAP_CBOR_AUTHKEY, + WIREDATA_CTAP_CBOR_STATUS, }; static const uint8_t dummy_retry_wire_data[] = { - 0xff, 0xff, 0xff, 0xff, 0x86, 0x00, 0x11, 0x7f, - 0xaa, 0x73, 0x3e, 0x95, 0x98, 0xa8, 0x60, 0x00, - 0x22, 0x00, 0x05, 0x02, 0x05, 0x02, 0x01, 0x05, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x22, 0x00, 0x05, 0x90, 0x00, 0x04, 0x00, - 0xa1, 0x03, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + WIREDATA_CTAP_INIT, + WIREDATA_CTAP_CBOR_INFO, + WIREDATA_CTAP_CBOR_RETRIES, }; int LLVMFuzzerTestOneInput(const uint8_t *, size_t); @@ -277,12 +111,20 @@ pack(uint8_t *ptr, size_t len, const struct param *p) return (max - len); } +static size_t +input_len(int max) +{ + return (2 * len_string(max) + 5 * len_blob(max) + len_int()); +} + static fido_dev_t * prepare_dev() { fido_dev_t *dev; fido_dev_io_t io; + memset(&io, 0, sizeof(io)); + io.open = dev_open; io.close = dev_close; io.read = dev_read; @@ -304,9 +146,8 @@ dev_reset(struct param *p) set_wire_data(p->reset_wire_data.body, p->reset_wire_data.len); - if ((dev = prepare_dev()) == NULL) { + if ((dev = prepare_dev()) == NULL) return; - } fido_dev_reset(dev); fido_dev_close(dev); @@ -327,9 +168,8 @@ dev_get_cbor_info(struct param *p) set_wire_data(p->info_wire_data.body, p->info_wire_data.len); - if ((dev = prepare_dev()) == NULL) { + if ((dev = prepare_dev()) == NULL) return; - } proto = fido_dev_protocol(dev); major = fido_dev_major(dev); @@ -343,15 +183,10 @@ dev_get_cbor_info(struct param *p) consume(&build, sizeof(build)); consume(&flags, sizeof(flags)); - if ((ci = fido_cbor_info_new()) == NULL) { - fido_dev_close(dev); - fido_dev_free(&dev); - return; - } + if ((ci = fido_cbor_info_new()) == NULL) + goto out; fido_dev_get_cbor_info(dev, ci); - fido_dev_close(dev); - fido_dev_free(&dev); for (size_t i = 0; i < fido_cbor_info_versions_len(ci); i++) { char * const *sa = fido_cbor_info_versions_ptr(ci); @@ -372,10 +207,17 @@ dev_get_cbor_info(struct param *p) n = fido_cbor_info_maxmsgsiz(ci); consume(&n, sizeof(n)); + n = fido_cbor_info_fwversion(ci); + consume(&n, sizeof(n)); + consume(fido_cbor_info_aaguid_ptr(ci), fido_cbor_info_aaguid_len(ci)); consume(fido_cbor_info_protocols_ptr(ci), fido_cbor_info_protocols_len(ci)); +out: + fido_dev_close(dev); + fido_dev_free(&dev); + fido_cbor_info_free(&ci); } @@ -386,9 +228,8 @@ dev_set_pin(struct param *p) set_wire_data(p->set_pin_wire_data.body, p->set_pin_wire_data.len); - if ((dev = prepare_dev()) == NULL) { + if ((dev = prepare_dev()) == NULL) return; - } fido_dev_set_pin(dev, p->pin1, NULL); fido_dev_close(dev); @@ -402,9 +243,8 @@ dev_change_pin(struct param *p) set_wire_data(p->change_pin_wire_data.body, p->change_pin_wire_data.len); - if ((dev = prepare_dev()) == NULL) { + if ((dev = prepare_dev()) == NULL) return; - } fido_dev_set_pin(dev, p->pin2, p->pin1); fido_dev_close(dev); @@ -419,9 +259,8 @@ dev_get_retry_count(struct param *p) set_wire_data(p->retry_wire_data.body, p->retry_wire_data.len); - if ((dev = prepare_dev()) == NULL) { + if ((dev = prepare_dev()) == NULL) return; - } fido_dev_get_retry_count(dev, &n); consume(&n, sizeof(n)); @@ -436,12 +275,14 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) memset(&p, 0, sizeof(p)); - if (unpack(data, size, &p) < 0) + if (size < input_len(GETLEN_MIN) || size > input_len(GETLEN_MAX) || + unpack(data, size, &p) < 0) return (0); - srandom((unsigned int)p.seed); + prng_init((unsigned int)p.seed); - fido_init(0); + fido_init(FIDO_DEBUG); + fido_set_log_handler(consume_str); dev_reset(&p); dev_get_cbor_info(&p); diff --git a/fuzz/harnesses/assert b/fuzz/harnesses/assert deleted file mode 100755 index 55cd889..0000000 --- a/fuzz/harnesses/assert +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash -u -# Copyright (c) 2019 Yubico AB. All rights reserved. -# Use of this source code is governed by a BSD-style -# license that can be found in the LICENSE file. - -T=assert - -sync() { - mkdir ${T} - ssh "${REMOTE}" "cd ${T}/afl-out && tar -cf- queue ../pubkey" | \ - tar -C ${T} -xf- -} - -run() { - find ${T}/queue -type f | while read f; do - cat "${f}" | LD_PRELOAD=${PRELOAD} build/examples/assert \ - ${T}/pubkey nodev 2>/dev/null 1>&2 - done -} - -case "$1" in -sync) - sync - ;; -run) - run - exit 0 - ;; -*) - echo unknown command "$1" - exit 1 -esac diff --git a/fuzz/harnesses/assert-rsa-h-p b/fuzz/harnesses/assert-rsa-h-p deleted file mode 100755 index 8eb9ea6..0000000 --- a/fuzz/harnesses/assert-rsa-h-p +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -u -# Copyright (c) 2019 Yubico AB. All rights reserved. -# Use of this source code is governed by a BSD-style -# license that can be found in the LICENSE file. - -T=assert-rsa-h-p - -sync() { - mkdir ${T} - ssh "${REMOTE}" "cd ${T}/afl-out && tar -cf- queue ../pubkey ../hmac-salt" | \ - tar -C ${T} -xf- -} - -run() { - find ${T}/queue -type f | while read f; do - cat "${f}" | LD_PRELOAD=${PRELOAD} build/examples/assert \ - -t rsa -h ${T}/hmac-out -s ${T}/hmac-salt \ - -p ${T}/pubkey nodev 2>/dev/null 1>&2 - done -} - -case "$1" in -sync) - sync - ;; -run) - run - exit 0 - ;; -*) - echo unknown command "$1" - exit 1 -esac diff --git a/fuzz/harnesses/assert-u2f b/fuzz/harnesses/assert-u2f deleted file mode 100755 index 257d1d6..0000000 --- a/fuzz/harnesses/assert-u2f +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash -u -# Copyright (c) 2019 Yubico AB. All rights reserved. -# Use of this source code is governed by a BSD-style -# license that can be found in the LICENSE file. - -T=assert-u2f - -sync() { - mkdir ${T} - ssh "${REMOTE}" "cd ${T}/afl-out && tar -cf- queue ../cred_id ../pubkey" | \ - tar -C ${T} -xf- -} - -run() { - find ${T}/queue -type f | while read f; do - cat "${f}" | LD_PRELOAD=${PRELOAD} build/examples/assert -up \ - -a ${T}/cred_id ${T}/pubkey nodev 2>/dev/null 1>&2 - done -} - -case "$1" in -sync) - sync - ;; -run) - run - exit 0 - ;; -*) - echo unknown command "$1" - exit 1 -esac diff --git a/fuzz/harnesses/cred b/fuzz/harnesses/cred deleted file mode 100755 index 71ee845..0000000 --- a/fuzz/harnesses/cred +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -u -# Copyright (c) 2019 Yubico AB. All rights reserved. -# Use of this source code is governed by a BSD-style -# license that can be found in the LICENSE file. - -T=cred - -sync() { - mkdir ${T} - ssh "${REMOTE}" "cd ${T}/afl-out && tar -cf- queue" | tar -C ${T} -xf- -} - -run() { - find ${T}/queue -type f | while read f; do - cat "${f}" | LD_PRELOAD=${PRELOAD} build/examples/cred \ - -k ${T}/pubkey -i ${T}/cred_id nodev 2>/dev/null 1>&2 - done -} - -case "$1" in -sync) - sync - ;; -run) - run - exit 0 - ;; -*) - echo unknown command "$1" - exit 1 -esac diff --git a/fuzz/harnesses/cred-rsa-h-p b/fuzz/harnesses/cred-rsa-h-p deleted file mode 100755 index bb14c23..0000000 --- a/fuzz/harnesses/cred-rsa-h-p +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash -u -# Copyright (c) 2019 Yubico AB. All rights reserved. -# Use of this source code is governed by a BSD-style -# license that can be found in the LICENSE file. - -T=cred-rsa-h-p - -sync() { - mkdir ${T} - ssh "${REMOTE}" "cd ${T}/afl-out && tar -cf- queue" | tar -C ${T} -xf- -} - -run() { - find ${T}/queue -type f | while read f; do - cat "${f}" | LD_PRELOAD=${PRELOAD} build/examples/cred \ - -t rsa -r -k ${T}/pubkey -i ${T}/cred_id -h nodev \ - 2>/dev/null 1>&2 - done -} - -case "$1" in -sync) - sync - ;; -run) - run - exit 0 - ;; -*) - echo unknown command "$1" - exit 1 -esac diff --git a/fuzz/harnesses/cred-u2f b/fuzz/harnesses/cred-u2f deleted file mode 100755 index 3af4393..0000000 --- a/fuzz/harnesses/cred-u2f +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -u -# Copyright (c) 2019 Yubico AB. All rights reserved. -# Use of this source code is governed by a BSD-style -# license that can be found in the LICENSE file. - -T=cred-u2f - -sync() { - mkdir ${T} - ssh "${REMOTE}" "cd ${T}/afl-out && tar -cf- queue" | tar -C ${T} -xf- -} - -run() { - find ${T}/queue -type f | while read f; do - cat "${f}" | LD_PRELOAD=${PRELOAD} build/examples/cred \ - -k ${T}/pubkey -i ${T}/cred_id -u nodev 2>/dev/null 1>&2 - done -} - -case "$1" in -sync) - sync - ;; -run) - run - exit 0 - ;; -*) - echo unknown command "$1" - exit 1 -esac diff --git a/fuzz/harnesses/cred-u2f-exclude b/fuzz/harnesses/cred-u2f-exclude deleted file mode 100755 index 3777134..0000000 --- a/fuzz/harnesses/cred-u2f-exclude +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -u -# Copyright (c) 2019 Yubico AB. All rights reserved. -# Use of this source code is governed by a BSD-style -# license that can be found in the LICENSE file. - -T=cred-u2f-exclude - -sync() { - mkdir ${T} - ssh "${REMOTE}" "cd ${T}/afl-out && tar -cf- queue ../excl_id" | \ - tar -C ${T} -xf- -} - -run() { - find ${T}/queue -type f | while read f; do - cat "${f}" | LD_PRELOAD=${PRELOAD} build/examples/cred \ - -k ${T}/pubkey -i ${T}/cred_id -e ${T}/excl_id \ - -u nodev 2>/dev/null 1>&2 - done -} - -case "$1" in -sync) - sync - ;; -run) - run - exit 0 - ;; -*) - echo unknown command "$1" - exit 1 -esac diff --git a/fuzz/harnesses/fido2-assert-G b/fuzz/harnesses/fido2-assert-G deleted file mode 100755 index 6671449..0000000 --- a/fuzz/harnesses/fido2-assert-G +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -u -# Copyright (c) 2019 Yubico AB. All rights reserved. -# Use of this source code is governed by a BSD-style -# license that can be found in the LICENSE file. - -T=fido2-assert-G - -sync() { - mkdir ${T} - ssh "${REMOTE}" "cd ${T}/afl-out && tar -cf- queue" | tar -C ${T} -xf- -} - -run() { - find ${T}/queue -type f | while read f; do - cat "${f}" | LD_PRELOAD=${PRELOAD} build/tools/fido2-assert \ - -G -i - nodev 2>/dev/null 1>&2 - done -} - -case "$1" in -sync) - sync - ;; -run) - run - exit 0 - ;; -*) - echo unknown command "$1" - exit 1 -esac diff --git a/fuzz/harnesses/fido2-assert-V b/fuzz/harnesses/fido2-assert-V deleted file mode 100755 index 898cb0f..0000000 --- a/fuzz/harnesses/fido2-assert-V +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash -u -# Copyright (c) 2019 Yubico AB. All rights reserved. -# Use of this source code is governed by a BSD-style -# license that can be found in the LICENSE file. - -T=fido2-assert-V - -sync() { - mkdir ${T} - ssh "${REMOTE}" "cd ${T}/afl-out && tar -cf- queue ../pubkey" | \ - tar -C ${T} -xf- -} - -run() { - find ${T}/queue -type f | while read f; do - cat "${f}" | LD_PRELOAD=${PRELOAD} build/tools/fido2-assert -V \ - pubkey es256 2>/dev/null 1>&2 - done -} - -case "$1" in -sync) - sync - ;; -run) - run - exit 0 - ;; -*) - echo unknown command "$1" - exit 1 -esac diff --git a/fuzz/harnesses/fido2-cred-M b/fuzz/harnesses/fido2-cred-M deleted file mode 100755 index f82fbf7..0000000 --- a/fuzz/harnesses/fido2-cred-M +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -u -# Copyright (c) 2019 Yubico AB. All rights reserved. -# Use of this source code is governed by a BSD-style -# license that can be found in the LICENSE file. - -T=fido2-cred-M - -sync() { - mkdir ${T} - ssh "${REMOTE}" "cd ${T}/afl-out && tar -cf- queue" | tar -C ${T} -xf- -} - -run() { - find ${T}/queue -type f | while read f; do - cat "${f}" | LD_PRELOAD=${PRELOAD} build/tools/fido2-cred -M \ - -q -i - nodev 2>/dev/null 1>&2 - done -} - -case "$1" in -sync) - sync - ;; -run) - run - exit 0 - ;; -*) - echo unknown command "$1" - exit 1 -esac diff --git a/fuzz/harnesses/fido2-cred-V b/fuzz/harnesses/fido2-cred-V deleted file mode 100755 index 13a648f..0000000 --- a/fuzz/harnesses/fido2-cred-V +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -u -# Copyright (c) 2019 Yubico AB. All rights reserved. -# Use of this source code is governed by a BSD-style -# license that can be found in the LICENSE file. - -T=fido2-cred-V - -sync() { - mkdir ${T} - ssh "${REMOTE}" "cd ${T}/afl-out && tar -cf- queue" | tar -C ${T} -xf- -} - -run() { - find ${T}/queue -type f | while read f; do - cat "${f}" | LD_PRELOAD=${PRELOAD} build/tools/fido2-cred -V \ - -o cred 2>/dev/null 1>&2 - done -} - -case "$1" in -sync) - sync - ;; -run) - run - exit 0 - ;; -*) - echo unknown command "$1" - exit 1 -esac diff --git a/fuzz/harnesses/fuzz_assert b/fuzz/harnesses/fuzz_assert deleted file mode 100755 index 6a0baa9..0000000 --- a/fuzz/harnesses/fuzz_assert +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -u -# Copyright (c) 2019 Yubico AB. All rights reserved. -# Use of this source code is governed by a BSD-style -# license that can be found in the LICENSE file. - -T=fuzz_assert - -sync() { - mkdir ${T} - ssh "${REMOTE}" "cd ${T} && tar -cf- corpus" | tar -C ${T} -xf- -} - -run() { - build/fuzz/fuzz_assert -max_len=17408 -runs=1 ${T}/corpus \ - 2>/dev/null 1>&2 -} - -case "$1" in -sync) - sync - ;; -run) - run - exit 0 - ;; -*) - echo unknown command "$1" - exit 1 -esac diff --git a/fuzz/harnesses/fuzz_bio b/fuzz/harnesses/fuzz_bio deleted file mode 100755 index f4bab19..0000000 --- a/fuzz/harnesses/fuzz_bio +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -u -# Copyright (c) 2019 Yubico AB. All rights reserved. -# Use of this source code is governed by a BSD-style -# license that can be found in the LICENSE file. - -T=fuzz_bio - -sync() { - mkdir ${T} - ssh "${REMOTE}" "cd ${T} && tar -cf- corpus" | tar -C ${T} -xf- -} - -run() { - build/fuzz/fuzz_bio -max_len=17408 -runs=1 ${T}/corpus \ - 2>/dev/null 1>&2 -} - -case "$1" in -sync) - sync - ;; -run) - run - exit 0 - ;; -*) - echo unknown command "$1" - exit 1 -esac diff --git a/fuzz/harnesses/fuzz_cred b/fuzz/harnesses/fuzz_cred deleted file mode 100755 index 8dfb168..0000000 --- a/fuzz/harnesses/fuzz_cred +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -u -# Copyright (c) 2019 Yubico AB. All rights reserved. -# Use of this source code is governed by a BSD-style -# license that can be found in the LICENSE file. - -T=fuzz_cred - -sync() { - mkdir ${T} - ssh "${REMOTE}" "cd ${T} && tar -cf- corpus" | tar -C ${T} -xf- -} - -run() { - build/fuzz/fuzz_cred -max_len=17408 -runs=1 ${T}/corpus 2>/dev/null 1>&2 -} - -case "$1" in -sync) - sync - ;; -run) - run - exit 0 - ;; -*) - echo unknown command "$1" - exit 1 -esac diff --git a/fuzz/harnesses/fuzz_credman b/fuzz/harnesses/fuzz_credman deleted file mode 100755 index 7721a58..0000000 --- a/fuzz/harnesses/fuzz_credman +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -u -# Copyright (c) 2019 Yubico AB. All rights reserved. -# Use of this source code is governed by a BSD-style -# license that can be found in the LICENSE file. - -T=fuzz_credman - -sync() { - mkdir ${T} - ssh "${REMOTE}" "cd ${T} && tar -cf- corpus" | tar -C ${T} -xf- -} - -run() { - build/fuzz/fuzz_credman -max_len=17408 -runs=1 ${T}/corpus 2>/dev/null 1>&2 -} - -case "$1" in -sync) - sync - ;; -run) - run - exit 0 - ;; -*) - echo unknown command "$1" - exit 1 -esac diff --git a/fuzz/harnesses/fuzz_mgmt b/fuzz/harnesses/fuzz_mgmt deleted file mode 100755 index 9224eea..0000000 --- a/fuzz/harnesses/fuzz_mgmt +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -u -# Copyright (c) 2019 Yubico AB. All rights reserved. -# Use of this source code is governed by a BSD-style -# license that can be found in the LICENSE file. - -T=fuzz_mgmt - -sync() { - mkdir ${T} - ssh "${REMOTE}" "cd ${T} && tar -cf- corpus" | tar -C ${T} -xf- -} - -run() { - build/fuzz/fuzz_mgmt -max_len=17408 -runs=1 ${T}/corpus \ - 2>/dev/null 1>&2 -} - -case "$1" in -sync) - sync - ;; -run) - run - exit 0 - ;; -*) - echo unknown command "$1" - exit 1 -esac diff --git a/fuzz/mutator_aux.c b/fuzz/mutator_aux.c index 24aa716..fe09438 100644 --- a/fuzz/mutator_aux.c +++ b/fuzz/mutator_aux.c @@ -37,6 +37,12 @@ consume(const void *body, size_t len) x ^= *ptr++; } +void +consume_str(const char *str) +{ + consume(str, strlen(str)); +} + int unpack_int(uint8_t t, uint8_t **ptr, size_t *len, int *v) NO_MSAN { @@ -227,6 +233,30 @@ pack_blob(uint8_t t, uint8_t **ptr, size_t *len, const struct blob *v) NO_MSAN return (0); } +size_t +len_int(void) +{ + return (sizeof(uint8_t) + sizeof(size_t) + sizeof(int)); +} + +size_t +len_string(int max) +{ + return ((sizeof(uint8_t) + sizeof(size_t)) + (max ? MAXSTR - 1 : 0)); +} + +size_t +len_byte(void) +{ + return (sizeof(uint8_t) + sizeof(size_t) + sizeof(uint8_t)); +} + +size_t +len_blob(int max) +{ + return (sizeof(uint8_t) + sizeof(size_t) + (max ? MAXBLOB : 0)); +} + void mutate_byte(uint8_t *b) { diff --git a/fuzz/mutator_aux.h b/fuzz/mutator_aux.h index 687f130..d14e177 100644 --- a/fuzz/mutator_aux.h +++ b/fuzz/mutator_aux.h @@ -7,6 +7,9 @@ #ifndef _MUTATOR_AUX_H #define _MUTATOR_AUX_H +#include +#include + /* * As of LLVM 7.0.1, MSAN support in libFuzzer was still experimental. * We therefore have to be careful when using our custom mutator, or @@ -31,6 +34,9 @@ #define MAXSTR 1024 #define MAXBLOB 3072 +#define GETLEN_MIN 0 +#define GETLEN_MAX 1 + struct blob { uint8_t body[MAXBLOB]; size_t len; @@ -38,6 +44,7 @@ struct blob { size_t xstrlen(const char *); void consume(const void *, size_t); +void consume_str(const char *); int unpack_blob(uint8_t, uint8_t **, size_t *, struct blob *); int unpack_byte(uint8_t, uint8_t **, size_t *, uint8_t *); @@ -49,6 +56,11 @@ int pack_byte(uint8_t, uint8_t **, size_t *, uint8_t); int pack_int(uint8_t, uint8_t **, size_t *, int); int pack_string(uint8_t, uint8_t **, size_t *, const char *); +size_t len_int(void); +size_t len_string(int); +size_t len_byte(void); +size_t len_blob(int); + void mutate_byte(uint8_t *); void mutate_int(int *); void mutate_blob(struct blob *); @@ -60,6 +72,9 @@ void set_wire_data(uint8_t *, size_t); int dev_read(void *, unsigned char *, size_t, int); int dev_write(void *, const unsigned char *, size_t); +void prng_init(unsigned long); +unsigned long prng_uint32(void); + uint32_t uniform_random(uint32_t); #endif /* !_MUTATOR_AUX_H */ diff --git a/fuzz/prng.c b/fuzz/prng.c new file mode 100755 index 0000000..fa6d4e4 --- /dev/null +++ b/fuzz/prng.c @@ -0,0 +1,112 @@ +/* + A C-program for MT19937, with initialization improved 2002/1/26. + Coded by Takuji Nishimura and Makoto Matsumoto. + + Copyright (C) 1997 - 2002, Makoto Matsumoto and Takuji Nishimura, + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + 3. The names of its contributors may not be used to endorse or promote + products derived from this software without specific prior written + permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + + Any feedback is very welcome. + http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/emt.html + email: m-mat @ math.sci.hiroshima-u.ac.jp (remove space) +*/ + +#include +#include +#include +#include "mutator_aux.h" + +#define init_genrand prng_init +#define genrand_int32 prng_uint32 + +/* Period parameters */ +#define N 624 +#define M 397 +#define MATRIX_A 0x9908b0dfUL /* constant vector a */ +#define UPPER_MASK 0x80000000UL /* most significant w-r bits */ +#define LOWER_MASK 0x7fffffffUL /* least significant r bits */ + +int prng_up = 0; +static unsigned long mt[N]; /* the array for the state vector */ +static int mti=N+1; /* mti==N+1 means mt[N] is not initialized */ + +/* initializes mt[N] with a seed */ +void init_genrand(unsigned long s) +{ + mt[0]= s & 0xffffffffUL; + for (mti=1; mti> 30)) + mti); + /* See Knuth TAOCP Vol2. 3rd Ed. P.106 for multiplier. */ + /* In the previous versions, MSBs of the seed affect */ + /* only MSBs of the array mt[]. */ + /* 2002/01/09 modified by Makoto Matsumoto */ + mt[mti] &= 0xffffffffUL; + /* for >32 bit machines */ + } + prng_up = 1; +} + +/* generates a random number on [0,0xffffffff]-interval */ +unsigned long genrand_int32(void) +{ + unsigned long y; + static unsigned long mag01[2]={0x0UL, MATRIX_A}; + /* mag01[x] = x * MATRIX_A for x=0,1 */ + + if (mti >= N) { /* generate N words at one time */ + int kk; + + assert(mti != N+1); + + for (kk=0;kk> 1) ^ mag01[y & 0x1UL]; + } + for (;kk> 1) ^ mag01[y & 0x1UL]; + } + y = (mt[N-1]&UPPER_MASK)|(mt[0]&LOWER_MASK); + mt[N-1] = mt[M-1] ^ (y >> 1) ^ mag01[y & 0x1UL]; + + mti = 0; + } + + y = mt[mti++]; + + /* Tempering */ + y ^= (y >> 11); + y ^= (y << 7) & 0x9d2c5680UL; + y ^= (y << 15) & 0xefc60000UL; + y ^= (y >> 18); + + return y; +} diff --git a/fuzz/report b/fuzz/report deleted file mode 100755 index bebb0ca..0000000 --- a/fuzz/report +++ /dev/null @@ -1,80 +0,0 @@ -#!/bin/bash -e -# Copyright (c) 2019 Yubico AB. All rights reserved. -# Use of this source code is governed by a BSD-style -# license that can be found in the LICENSE file. -# -# XXX This should really be a Makefile. - -T="" -#T+=" harnesses/assert" -#T+=" harnesses/assert-rsa-h-p" -#T+=" harnesses/assert-u2f" -#T+=" harnesses/cred" -#T+=" harnesses/cred-rsa-h-p" -#T+=" harnesses/cred-u2f" -#T+=" harnesses/cred-u2f-exclude" -#T+=" harnesses/fido2-assert-G" -#T+=" harnesses/fido2-assert-V" -#T+=" harnesses/fido2-cred-M" -#T+=" harnesses/fido2-cred-V" -T+=" harnesses/fuzz_assert" -T+=" harnesses/fuzz_bio" -T+=" harnesses/fuzz_cred" -T+=" harnesses/fuzz_credman" -T+=" harnesses/fuzz_mgmt" - -clean() { - echo cleaning - rm -rf obj - mkdir obj -} - -build() { - echo building - mkdir obj/build - (cd obj/build && cmake -DFUZZ=1 -DLIBFUZZER=1 -DCMAKE_C_COMPILER=clang \ - -DCOVERAGE=1 -DCMAKE_BUILD_TYPE=Debug ../../..) 2>/dev/null 1>&2 - make -C obj/build 2>/dev/null 1>&2 - cc -fPIC -D_GNU_SOURCE -shared -o obj/preload-fuzz.so preload-fuzz.c -} - -sync() { - if [ -n "${REMOTE}" ]; then - for t in ${T}; do - echo syncing ${t} - (cd obj && REMOTE="${REMOTE}" ../${t} sync) - done - else - tar -C obj -zxf corpus.tgz - fi -} - -run() { - export LLVM_PROFILE_FILE="profraw/%h-%p.profraw" - export PRELOAD=$(realpath obj/preload-fuzz.so) - - for t in ${T}; do - echo running ${t} - (cd obj && ../${t} run) - done -} - -merge() { - echo merging - (cd obj && \ - llvm-profdata merge -sparse profraw/*.profraw \ - -o libfido2.profdata && - llvm-cov show -format=html -tab-size=8 build/src/libfido2.so \ - -instr-profile=libfido2.profdata > report.html && - llvm-cov report -use-color=false build/src/libfido2.so \ - -instr-profile=libfido2.profdata > summary.txt && - llvm-cov report -use-color=false -show-functions \ - -instr-profile=libfido2.profdata build/src/libfido2.so \ - ../../src/*.[ch] > functions.txt) -} - -clean -build -sync -run -merge diff --git a/fuzz/report.html.gz b/fuzz/report.html.gz deleted file mode 100644 index 9f07223..0000000 Binary files a/fuzz/report.html.gz and /dev/null differ diff --git a/fuzz/report.tgz b/fuzz/report.tgz new file mode 100644 index 0000000..8a002f0 Binary files /dev/null and b/fuzz/report.tgz differ diff --git a/fuzz/summary.txt b/fuzz/summary.txt index e494865..da9d165 100644 --- a/fuzz/summary.txt +++ b/fuzz/summary.txt @@ -1,34 +1,36 @@ Filename Regions Missed Regions Cover Functions Missed Functions Executed Lines Missed Lines Cover -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- +fuzz/prng.c 31 0 100.00% 2 0 100.00% 48 0 100.00% fuzz/uniform_random.c 7 1 85.71% 1 0 100.00% 23 1 95.65% -fuzz/wrap.c 4 0 100.00% 1 0 100.00% 7 0 100.00% +fuzz/wrap.c 6 0 100.00% 1 0 100.00% 7 0 100.00% openbsd-compat/explicit_bzero.c 4 0 100.00% 1 0 100.00% 12 0 100.00% openbsd-compat/recallocarray.c 41 7 82.93% 1 0 100.00% 49 7 85.71% +openbsd-compat/strlcat.c 12 1 91.67% 1 0 100.00% 25 1 96.00% openbsd-compat/timingsafe_bcmp.c 4 0 100.00% 1 0 100.00% 8 0 100.00% src/aes256.c 56 0 100.00% 2 0 100.00% 82 0 100.00% -src/assert.c 569 29 94.90% 53 1 98.11% 901 60 93.34% -src/authkey.c 45 0 100.00% 5 0 100.00% 75 0 100.00% -src/bio.c 422 21 95.02% 49 2 95.92% 661 25 96.22% +src/assert.c 566 43 92.40% 53 1 98.11% 900 87 90.33% +src/authkey.c 44 0 100.00% 5 0 100.00% 75 0 100.00% +src/bio.c 418 20 95.22% 49 2 95.92% 661 22 96.67% src/blob.c 39 1 97.44% 7 0 100.00% 73 4 94.52% src/buf.c 8 1 87.50% 2 0 100.00% 20 1 95.00% -src/cbor.c 844 31 96.33% 51 1 98.04% 1319 47 96.44% -src/cred.c 532 35 93.42% 54 1 98.15% 850 55 93.53% -src/credman.c 381 18 95.28% 38 0 100.00% 589 15 97.45% -src/dev.c 131 22 83.21% 19 1 94.74% 183 30 83.61% +src/cbor.c 884 70 92.08% 52 2 96.15% 1371 106 92.27% +src/cred.c 534 51 90.45% 55 1 98.18% 830 78 90.60% +src/credman.c 376 18 95.21% 38 0 100.00% 589 15 97.45% +src/dev.c 201 85 57.71% 26 8 69.23% 294 128 56.46% src/ecdh.c 68 0 100.00% 2 0 100.00% 104 0 100.00% -src/eddsa.c 54 4 92.59% 8 0 100.00% 79 2 97.47% +src/eddsa.c 54 0 100.00% 8 0 100.00% 79 0 100.00% src/err.c 108 108 0.00% 1 1 0.00% 112 112 0.00% -src/es256.c 273 4 98.53% 16 0 100.00% 372 13 96.51% +src/es256.c 278 0 100.00% 16 0 100.00% 377 0 100.00% src/hid.c 16 16 0.00% 8 8 0.00% 38 38 0.00% -src/hid_linux.c 166 166 0.00% 12 12 0.00% 287 287 0.00% -src/info.c 148 1 99.32% 31 0 100.00% 305 0 100.00% -src/io.c 113 6 94.69% 7 0 100.00% 201 13 93.53% +src/hid_linux.c 166 166 0.00% 12 12 0.00% 292 292 0.00% +src/info.c 146 0 100.00% 31 0 100.00% 304 0 100.00% +src/io.c 123 5 95.93% 10 0 100.00% 218 11 94.95% src/iso7816.c 18 1 94.44% 5 0 100.00% 47 0 100.00% -src/log.c 16 10 37.50% 3 1 66.67% 34 23 32.35% -src/pin.c 250 0 100.00% 16 0 100.00% 364 0 100.00% -src/reset.c 20 0 100.00% 3 0 100.00% 23 0 100.00% -src/rs256.c 102 6 94.12% 8 0 100.00% 140 9 93.57% -src/u2f.c 436 11 97.48% 13 0 100.00% 686 22 96.79% +src/log.c 34 2 94.12% 5 1 80.00% 50 3 94.00% +src/pin.c 248 0 100.00% 16 0 100.00% 365 0 100.00% +src/reset.c 19 0 100.00% 3 0 100.00% 22 0 100.00% +src/rs256.c 102 29 71.57% 8 3 62.50% 140 44 68.57% +src/u2f.c 443 28 93.68% 13 0 100.00% 699 52 92.56% Files which contain no functions: src/extern.h 0 0 - 0 0 - 0 0 - @@ -36,4 +38,4 @@ src/fido.h 0 0 - src/fido/err.h 0 0 - 0 0 - 0 0 - src/fido/param.h 0 0 - 0 0 - 0 0 - -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- -TOTAL 4875 499 89.76% 418 28 93.30% 7644 764 90.01% +TOTAL 5054 653 87.08% 435 39 91.03% 7914 1002 87.34% diff --git a/fuzz/uniform_random.c b/fuzz/uniform_random.c index 7711d69..357091c 100644 --- a/fuzz/uniform_random.c +++ b/fuzz/uniform_random.c @@ -18,6 +18,7 @@ #include uint32_t uniform_random(uint32_t); +unsigned long prng_uint32(void); /* * Calculate a uniformly distributed random number less than upper_bound @@ -47,7 +48,7 @@ uniform_random(uint32_t upper_bound) * to re-roll. */ for (;;) { - r = (uint32_t)random(); + r = (uint32_t)prng_uint32(); if (r >= min) break; } diff --git a/fuzz/wiredata_fido2.h b/fuzz/wiredata_fido2.h new file mode 100644 index 0000000..57402ef --- /dev/null +++ b/fuzz/wiredata_fido2.h @@ -0,0 +1,569 @@ +/* + * Copyright (c) 2020 Yubico AB. All rights reserved. + * Use of this source code is governed by a BSD-style + * license that can be found in the LICENSE file. + */ + +#ifndef _WIREDATA_FIDO2_H +#define _WIREDATA_FIDO2_H + +#define WIREDATA_CTAP_INIT \ + 0xff, 0xff, 0xff, 0xff, 0x86, 0x00, 0x11, 0x80, \ + 0x43, 0x56, 0x40, 0xb1, 0x4e, 0xd9, 0x2d, 0x00, \ + 0x22, 0x00, 0x02, 0x02, 0x05, 0x02, 0x01, 0x05, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + +#define WIREDATA_CTAP_KEEPALIVE \ + 0x00, 0x22, 0x00, 0x02, 0xbb, 0x00, 0x01, 0x02, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + +#define WIREDATA_CTAP_CBOR_INFO \ + 0x00, 0x22, 0x00, 0x02, 0x90, 0x00, 0xb9, 0x00, \ + 0xa9, 0x01, 0x83, 0x66, 0x55, 0x32, 0x46, 0x5f, \ + 0x56, 0x32, 0x68, 0x46, 0x49, 0x44, 0x4f, 0x5f, \ + 0x32, 0x5f, 0x30, 0x6c, 0x46, 0x49, 0x44, 0x4f, \ + 0x5f, 0x32, 0x5f, 0x31, 0x5f, 0x50, 0x52, 0x45, \ + 0x02, 0x82, 0x6b, 0x63, 0x72, 0x65, 0x64, 0x50, \ + 0x72, 0x6f, 0x74, 0x65, 0x63, 0x74, 0x6b, 0x68, \ + 0x6d, 0x61, 0x63, 0x2d, 0x73, 0x65, 0x63, 0x72, \ + 0x00, 0x22, 0x00, 0x02, 0x00, 0x65, 0x74, 0x03, \ + 0x50, 0x19, 0x56, 0xe5, 0xbd, 0xa3, 0x74, 0x45, \ + 0xf1, 0xa8, 0x14, 0x35, 0x64, 0x03, 0xfd, 0xbc, \ + 0x18, 0x04, 0xa5, 0x62, 0x72, 0x6b, 0xf5, 0x62, \ + 0x75, 0x70, 0xf5, 0x64, 0x70, 0x6c, 0x61, 0x74, \ + 0xf4, 0x69, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, \ + 0x50, 0x69, 0x6e, 0xf4, 0x75, 0x63, 0x72, 0x65, \ + 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x4d, \ + 0x00, 0x22, 0x00, 0x02, 0x01, 0x67, 0x6d, 0x74, \ + 0x50, 0x72, 0x65, 0x76, 0x69, 0x65, 0x77, 0xf5, \ + 0x05, 0x19, 0x04, 0xb0, 0x06, 0x81, 0x01, 0x07, \ + 0x08, 0x08, 0x18, 0x80, 0x0a, 0x82, 0xa2, 0x63, \ + 0x61, 0x6c, 0x67, 0x26, 0x64, 0x74, 0x79, 0x70, \ + 0x65, 0x6a, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, \ + 0x2d, 0x6b, 0x65, 0x79, 0xa2, 0x63, 0x61, 0x6c, \ + 0x67, 0x27, 0x64, 0x74, 0x79, 0x70, 0x65, 0x6a, \ + 0x00, 0x22, 0x00, 0x02, 0x02, 0x70, 0x75, 0x62, \ + 0x6c, 0x69, 0x63, 0x2d, 0x6b, 0x65, 0x79, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + +#define WIREDATA_CTAP_CBOR_RESET \ + 0x00, 0x22, 0x00, 0x02, 0x90, 0x00, 0x01, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + +#define WIREDATA_CTAP_CBOR_AUTHKEY \ + 0x00, 0x22, 0x00, 0x02, 0x90, 0x00, 0x51, 0x00, \ + 0xa1, 0x01, 0xa5, 0x01, 0x02, 0x03, 0x38, 0x18, \ + 0x20, 0x01, 0x21, 0x58, 0x20, 0x2a, 0xb8, 0x2d, \ + 0x36, 0x69, 0xab, 0x30, 0x9d, 0xe3, 0x5e, 0x9b, \ + 0xfb, 0x94, 0xfc, 0x1d, 0x92, 0x95, 0xaf, 0x01, \ + 0x47, 0xfe, 0x4b, 0x87, 0xe5, 0xcf, 0x3f, 0x05, \ + 0x0b, 0x39, 0xda, 0x17, 0x49, 0x22, 0x58, 0x20, \ + 0x15, 0x1b, 0xbe, 0x08, 0x78, 0x60, 0x4d, 0x3c, \ + 0x00, 0x22, 0x00, 0x03, 0x00, 0x3f, 0xf1, 0x60, \ + 0xa6, 0xd8, 0xf8, 0xed, 0xce, 0x4a, 0x30, 0x5d, \ + 0x1a, 0xaf, 0x80, 0xc4, 0x0a, 0xd2, 0x6f, 0x77, \ + 0x38, 0x12, 0x97, 0xaa, 0xbd, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + +#define WIREDATA_CTAP_CBOR_PINTOKEN \ + 0x00, 0x22, 0x00, 0x02, 0x90, 0x00, 0x14, 0x00, \ + 0xa1, 0x02, 0x50, 0xee, 0x40, 0x4c, 0x85, 0xd7, \ + 0xa1, 0x2f, 0x56, 0xc4, 0x4e, 0xc5, 0x93, 0x41, \ + 0xd0, 0x3b, 0x23, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + +#define WIREDATA_CTAP_CBOR_STATUS \ + 0x00, 0x22, 0x00, 0x02, 0x90, 0x00, 0x01, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + +#define WIREDATA_CTAP_CBOR_RETRIES \ + 0x00, 0x22, 0x00, 0x02, 0x90, 0x00, 0x04, 0x00, \ + 0xa1, 0x03, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + +#define WIREDATA_CTAP_CBOR_ASSERT \ + 0x00, 0x22, 0x00, 0x02, 0x90, 0x00, 0xcb, 0x00, \ + 0xa3, 0x01, 0xa2, 0x62, 0x69, 0x64, 0x58, 0x40, \ + 0x4a, 0x4c, 0x9e, 0xcc, 0x81, 0x7d, 0x42, 0x03, \ + 0x2b, 0x41, 0xd1, 0x38, 0xd3, 0x49, 0xb4, 0xfc, \ + 0xfb, 0xe4, 0x4e, 0xe4, 0xff, 0x76, 0x34, 0x16, \ + 0x68, 0x06, 0x9d, 0xa6, 0x01, 0x32, 0xb9, 0xff, \ + 0xc2, 0x35, 0x0d, 0x89, 0x43, 0x66, 0x12, 0xf8, \ + 0x8e, 0x5b, 0xde, 0xf4, 0xcc, 0xec, 0x9d, 0x03, \ + 0x00, 0x92, 0x00, 0x0e, 0x00, 0x85, 0xc2, 0xf5, \ + 0xe6, 0x8e, 0xeb, 0x3f, 0x3a, 0xec, 0xc3, 0x1d, \ + 0x04, 0x6e, 0xf3, 0x5b, 0x88, 0x64, 0x74, 0x79, \ + 0x70, 0x65, 0x6a, 0x70, 0x75, 0x62, 0x6c, 0x69, \ + 0x63, 0x2d, 0x6b, 0x65, 0x79, 0x02, 0x58, 0x25, \ + 0x49, 0x96, 0x0d, 0xe5, 0x88, 0x0e, 0x8c, 0x68, \ + 0x74, 0x34, 0x17, 0x0f, 0x64, 0x76, 0x60, 0x5b, \ + 0x8f, 0xe4, 0xae, 0xb9, 0xa2, 0x86, 0x32, 0xc7, \ + 0x00, 0x92, 0x00, 0x0e, 0x01, 0x99, 0x5c, 0xf3, \ + 0xba, 0x83, 0x1d, 0x97, 0x63, 0x04, 0x00, 0x00, \ + 0x00, 0x09, 0x03, 0x58, 0x47, 0x30, 0x45, 0x02, \ + 0x21, 0x00, 0xcf, 0x3f, 0x36, 0x0e, 0x1f, 0x6f, \ + 0xd6, 0xa0, 0x9d, 0x13, 0xcf, 0x55, 0xf7, 0x49, \ + 0x8f, 0xc8, 0xc9, 0x03, 0x12, 0x76, 0x41, 0x75, \ + 0x7b, 0xb5, 0x0a, 0x90, 0xa5, 0x82, 0x26, 0xf1, \ + 0x6b, 0x80, 0x02, 0x20, 0x34, 0x9b, 0x7a, 0x82, \ + 0x00, 0x92, 0x00, 0x0e, 0x02, 0xd3, 0xe1, 0x79, \ + 0x49, 0x55, 0x41, 0x9f, 0xa4, 0x06, 0x06, 0xbd, \ + 0xc8, 0xb9, 0x2b, 0x5f, 0xe1, 0xa7, 0x99, 0x1c, \ + 0xa1, 0xfc, 0x7e, 0x3e, 0xd5, 0x85, 0x2e, 0x11, \ + 0x75, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + +#define WIREDATA_CTAP_CBOR_CRED \ + 0x00, 0x91, 0x00, 0x03, 0x90, 0x03, 0xe1, 0x00, \ + 0xa3, 0x01, 0x66, 0x70, 0x61, 0x63, 0x6b, 0x65, \ + 0x64, 0x02, 0x58, 0xc4, 0x49, 0x96, 0x0d, 0xe5, \ + 0x88, 0x0e, 0x8c, 0x68, 0x74, 0x34, 0x17, 0x0f, \ + 0x64, 0x76, 0x60, 0x5b, 0x8f, 0xe4, 0xae, 0xb9, \ + 0xa2, 0x86, 0x32, 0xc7, 0x99, 0x5c, 0xf3, 0xba, \ + 0x83, 0x1d, 0x97, 0x63, 0x45, 0x00, 0x00, 0x00, \ + 0x00, 0xf8, 0xa0, 0x11, 0xf3, 0x8c, 0x0a, 0x4d, \ + 0x00, 0x91, 0x00, 0x03, 0x00, 0x15, 0x80, 0x06, \ + 0x17, 0x11, 0x1f, 0x9e, 0xdc, 0x7d, 0x00, 0x40, \ + 0xed, 0x88, 0x48, 0xa1, 0xdb, 0x56, 0x4d, 0x0f, \ + 0x0d, 0xc8, 0x8f, 0x0f, 0xe9, 0x16, 0xb1, 0x78, \ + 0xa9, 0x40, 0x98, 0x71, 0xa0, 0xb3, 0xf2, 0xcf, \ + 0x05, 0x73, 0x6c, 0x12, 0xbf, 0x00, 0x96, 0xf3, \ + 0x7b, 0x93, 0xba, 0x49, 0xee, 0x23, 0xb4, 0x78, \ + 0x2e, 0xfb, 0xce, 0x27, 0xa8, 0xc2, 0x26, 0x78, \ + 0x00, 0x91, 0x00, 0x03, 0x01, 0xcc, 0x95, 0x2d, \ + 0x40, 0xdb, 0xd1, 0x40, 0x3d, 0x2b, 0xa3, 0x31, \ + 0xa0, 0x75, 0x82, 0x63, 0xf0, 0xa5, 0x01, 0x02, \ + 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0x9d, \ + 0x95, 0xa1, 0xb5, 0xd6, 0x11, 0xbf, 0xe2, 0x28, \ + 0xa0, 0x7f, 0xca, 0x1e, 0xd9, 0x09, 0x0f, 0x0d, \ + 0xe7, 0x8e, 0x29, 0xe8, 0x2e, 0x11, 0xdb, 0x55, \ + 0x62, 0x13, 0xd7, 0x26, 0xc2, 0x7e, 0x2b, 0x22, \ + 0x00, 0x91, 0x00, 0x03, 0x02, 0x58, 0x20, 0xbe, \ + 0x74, 0x2a, 0xac, 0xde, 0x11, 0x40, 0x76, 0x31, \ + 0x0b, 0xed, 0x55, 0xde, 0xf3, 0x03, 0xe4, 0x1c, \ + 0xac, 0x42, 0x63, 0x8f, 0xe8, 0x30, 0x63, 0xb7, \ + 0x07, 0x4e, 0x5d, 0xfb, 0x17, 0x5e, 0x9b, 0x03, \ + 0xa3, 0x63, 0x61, 0x6c, 0x67, 0x26, 0x63, 0x73, \ + 0x69, 0x67, 0x58, 0x48, 0x30, 0x46, 0x02, 0x21, \ + 0x00, 0xfb, 0xd1, 0x26, 0x76, 0x34, 0x74, 0xac, \ + 0x00, 0x91, 0x00, 0x03, 0x03, 0xf6, 0xd8, 0x5c, \ + 0x5d, 0xbc, 0xda, 0xe0, 0x43, 0xe0, 0xa5, 0x42, \ + 0x9f, 0xc7, 0xe2, 0x18, 0x3e, 0xe2, 0x2c, 0x94, \ + 0x78, 0xbf, 0x9c, 0xeb, 0x3e, 0x9d, 0x02, 0x21, \ + 0x00, 0xab, 0x21, 0x1b, 0xc4, 0x30, 0x69, 0xee, \ + 0x7f, 0x09, 0xe6, 0x6b, 0x99, 0x98, 0x34, 0x07, \ + 0x7b, 0x9a, 0x58, 0xb2, 0xe8, 0x77, 0xe0, 0xba, \ + 0x7d, 0xab, 0x65, 0xf8, 0xba, 0x2a, 0xcb, 0x9a, \ + 0x00, 0x91, 0x00, 0x03, 0x04, 0x41, 0x63, 0x78, \ + 0x35, 0x63, 0x81, 0x59, 0x02, 0xb3, 0x30, 0x82, \ + 0x02, 0xaf, 0x30, 0x82, 0x01, 0x97, 0xa0, 0x03, \ + 0x02, 0x01, 0x02, 0x02, 0x04, 0x48, 0x5b, 0x3d, \ + 0xb6, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, \ + 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, \ + 0x30, 0x21, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x03, \ + 0x55, 0x04, 0x03, 0x0c, 0x16, 0x59, 0x75, 0x62, \ + 0x00, 0x91, 0x00, 0x03, 0x05, 0x69, 0x63, 0x6f, \ + 0x20, 0x46, 0x49, 0x44, 0x4f, 0x20, 0x50, 0x72, \ + 0x65, 0x76, 0x69, 0x65, 0x77, 0x20, 0x43, 0x41, \ + 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x38, 0x30, 0x34, \ + 0x31, 0x32, 0x31, 0x30, 0x35, 0x37, 0x31, 0x30, \ + 0x5a, 0x17, 0x0d, 0x31, 0x38, 0x31, 0x32, 0x33, \ + 0x31, 0x31, 0x30, 0x35, 0x37, 0x31, 0x30, 0x5a, \ + 0x30, 0x6f, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ + 0x00, 0x91, 0x00, 0x03, 0x06, 0x55, 0x04, 0x06, \ + 0x13, 0x02, 0x53, 0x45, 0x31, 0x12, 0x30, 0x10, \ + 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x09, 0x59, \ + 0x75, 0x62, 0x69, 0x63, 0x6f, 0x20, 0x41, 0x42, \ + 0x31, 0x22, 0x30, 0x20, 0x06, 0x03, 0x55, 0x04, \ + 0x0b, 0x0c, 0x19, 0x41, 0x75, 0x74, 0x68, 0x65, \ + 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x6f, 0x72, \ + 0x20, 0x41, 0x74, 0x74, 0x65, 0x73, 0x74, 0x61, \ + 0x00, 0x91, 0x00, 0x03, 0x07, 0x74, 0x69, 0x6f, \ + 0x6e, 0x31, 0x28, 0x30, 0x26, 0x06, 0x03, 0x55, \ + 0x04, 0x03, 0x0c, 0x1f, 0x59, 0x75, 0x62, 0x69, \ + 0x63, 0x6f, 0x20, 0x55, 0x32, 0x46, 0x20, 0x45, \ + 0x45, 0x20, 0x53, 0x65, 0x72, 0x69, 0x61, 0x6c, \ + 0x20, 0x31, 0x32, 0x31, 0x33, 0x39, 0x33, 0x39, \ + 0x31, 0x32, 0x36, 0x30, 0x59, 0x30, 0x13, 0x06, \ + 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, \ + 0x00, 0x91, 0x00, 0x03, 0x08, 0x06, 0x08, 0x2a, \ + 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, \ + 0x42, 0x00, 0x04, 0xfb, 0x2c, 0xdd, 0x30, 0x43, \ + 0x28, 0xc5, 0x72, 0x4a, 0x50, 0xcc, 0xe6, 0xf6, \ + 0x0b, 0xad, 0x7d, 0x27, 0xa9, 0x1b, 0x59, 0xe1, \ + 0xe6, 0x6f, 0x29, 0x7b, 0x89, 0xc9, 0xd4, 0x3d, \ + 0xc2, 0xb2, 0xc7, 0x78, 0x89, 0xb4, 0xf0, 0xff, \ + 0x9d, 0x02, 0x28, 0xcb, 0x94, 0x6d, 0xfc, 0xe0, \ + 0x00, 0x91, 0x00, 0x03, 0x09, 0x1b, 0x19, 0x58, \ + 0x9b, 0x67, 0x80, 0x4a, 0xac, 0x97, 0x7f, 0x28, \ + 0x18, 0x9c, 0xcd, 0xb3, 0x25, 0x74, 0xca, 0x28, \ + 0xa3, 0x6c, 0x30, 0x6a, 0x30, 0x22, 0x06, 0x09, \ + 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0xc4, 0x0a, \ + 0x02, 0x04, 0x15, 0x31, 0x2e, 0x33, 0x2e, 0x36, \ + 0x2e, 0x31, 0x2e, 0x34, 0x2e, 0x31, 0x2e, 0x34, \ + 0x31, 0x34, 0x38, 0x32, 0x2e, 0x31, 0x2e, 0x36, \ + 0x00, 0x91, 0x00, 0x03, 0x0a, 0x30, 0x13, 0x06, \ + 0x0b, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0xe5, \ + 0x1c, 0x02, 0x01, 0x01, 0x04, 0x04, 0x03, 0x02, \ + 0x04, 0x30, 0x30, 0x21, 0x06, 0x0b, 0x2b, 0x06, \ + 0x01, 0x04, 0x01, 0x82, 0xe5, 0x1c, 0x01, 0x01, \ + 0x04, 0x04, 0x12, 0x04, 0x10, 0xf8, 0xa0, 0x11, \ + 0xf3, 0x8c, 0x0a, 0x4d, 0x15, 0x80, 0x06, 0x17, \ + 0x11, 0x1f, 0x9e, 0xdc, 0x7d, 0x30, 0x0c, 0x06, \ + 0x00, 0x91, 0x00, 0x03, 0x0b, 0x03, 0x55, 0x1d, \ + 0x13, 0x01, 0x01, 0xff, 0x04, 0x02, 0x30, 0x00, \ + 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ + 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, \ + 0x82, 0x01, 0x01, 0x00, 0x32, 0xf3, 0xe4, 0xbd, \ + 0x58, 0xd7, 0x42, 0x2b, 0xaf, 0x49, 0x99, 0x86, \ + 0x08, 0x1f, 0x0d, 0xa9, 0x3b, 0xc6, 0xaa, 0x1c, \ + 0x72, 0x11, 0xf9, 0x28, 0x53, 0xeb, 0xf3, 0xeb, \ + 0x00, 0x91, 0x00, 0x03, 0x0c, 0x73, 0xda, 0x69, \ + 0x3b, 0x06, 0xde, 0x31, 0x33, 0x8e, 0x5d, 0x02, \ + 0xec, 0xf6, 0x76, 0xe9, 0x5c, 0x42, 0xbe, 0xa5, \ + 0x8f, 0x25, 0xd3, 0x37, 0x3f, 0x77, 0xbb, 0x2a, \ + 0x9d, 0x7c, 0xb2, 0x3e, 0x11, 0x8c, 0x41, 0xd4, \ + 0x9a, 0x4c, 0x9a, 0xd8, 0xf3, 0xe2, 0xa4, 0xec, \ + 0x01, 0x77, 0x7a, 0x74, 0xa8, 0xc4, 0x12, 0x43, \ + 0xc3, 0x1e, 0xce, 0x20, 0x8f, 0x2d, 0x0f, 0x6e, \ + 0x00, 0x91, 0x00, 0x03, 0x0d, 0xbc, 0x61, 0x9b, \ + 0xe1, 0x84, 0xa1, 0x72, 0xf6, 0xa9, 0xac, 0xcb, \ + 0xf8, 0x73, 0x6d, 0x5b, 0xe2, 0x98, 0xb3, 0x6b, \ + 0xec, 0xe7, 0x1e, 0x77, 0x8d, 0x0a, 0x69, 0xaa, \ + 0xf9, 0x94, 0xb8, 0x63, 0x6d, 0xe8, 0xfa, 0xf6, \ + 0x2f, 0xd3, 0xce, 0x7f, 0x04, 0x4c, 0x32, 0x2c, \ + 0xf7, 0x26, 0x3e, 0x34, 0x99, 0xe6, 0xa5, 0xb2, \ + 0xb0, 0x2a, 0xbb, 0xad, 0x5b, 0xd9, 0xec, 0xe5, \ + 0x00, 0x91, 0x00, 0x03, 0x0e, 0xb0, 0x71, 0x4d, \ + 0x73, 0xbb, 0x94, 0x61, 0x49, 0x9c, 0x94, 0x2a, \ + 0x5f, 0x1d, 0xcc, 0xaf, 0x65, 0x03, 0x3b, 0x39, \ + 0x39, 0xd4, 0x47, 0xd9, 0xfc, 0xc4, 0x7b, 0x0b, \ + 0x16, 0xd8, 0xe9, 0x01, 0xfc, 0xec, 0x3f, 0x8c, \ + 0x1b, 0xc0, 0xc6, 0xac, 0x0b, 0x5d, 0x74, 0xc7, \ + 0xbb, 0x03, 0x05, 0x69, 0x17, 0xe9, 0x98, 0x1a, \ + 0x19, 0xb9, 0x09, 0x5c, 0xa1, 0xf4, 0xab, 0x9f, \ + 0x00, 0x91, 0x00, 0x03, 0x0f, 0x02, 0x7c, 0x28, \ + 0x0f, 0x8a, 0xf9, 0xed, 0x1d, 0x29, 0x3c, 0xf6, \ + 0xcc, 0x2f, 0x04, 0x6d, 0x9a, 0xd6, 0x62, 0xb4, \ + 0xa9, 0x6e, 0xb1, 0xca, 0xca, 0xac, 0x5e, 0x05, \ + 0x3e, 0x83, 0x91, 0x47, 0x7c, 0x1f, 0x8b, 0x60, \ + 0x01, 0xde, 0x65, 0x3a, 0xbf, 0xf2, 0xaa, 0xbb, \ + 0x55, 0x98, 0x86, 0x91, 0x7e, 0xad, 0x3b, 0x36, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + +#define WIREDATA_CTAP_CBOR_CREDMAN_META \ + 0x00, 0x12, 0x00, 0x04, 0x90, 0x00, 0x07, 0x00, \ + 0xa2, 0x01, 0x00, 0x02, 0x18, 0x19, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + +#define WIREDATA_CTAP_CBOR_CREDMAN_RPLIST \ + 0x00, 0x15, 0x00, 0x02, 0x90, 0x00, 0x37, 0x00, \ + 0xa3, 0x03, 0xa1, 0x62, 0x69, 0x64, 0x6a, 0x79, \ + 0x75, 0x62, 0x69, 0x63, 0x6f, 0x2e, 0x63, 0x6f, \ + 0x6d, 0x04, 0x58, 0x20, 0x37, 0x82, 0x09, 0xb7, \ + 0x2d, 0xef, 0xcb, 0xa9, 0x1d, 0xcb, 0xf8, 0x54, \ + 0xed, 0xb4, 0xda, 0xa6, 0x48, 0x82, 0x8a, 0x2c, \ + 0xbd, 0x18, 0x0a, 0xfc, 0x77, 0xa7, 0x44, 0x34, \ + 0x65, 0x5a, 0x1c, 0x7d, 0x05, 0x03, 0x00, 0x00, \ + 0x00, 0x15, 0x00, 0x02, 0x90, 0x00, 0x36, 0x00, \ + 0xa2, 0x03, 0xa1, 0x62, 0x69, 0x64, 0x6b, 0x79, \ + 0x75, 0x62, 0x69, 0x6b, 0x65, 0x79, 0x2e, 0x6f, \ + 0x72, 0x67, 0x04, 0x58, 0x20, 0x12, 0x6b, 0xba, \ + 0x6a, 0x2d, 0x7a, 0x81, 0x84, 0x25, 0x7b, 0x74, \ + 0xdd, 0x1d, 0xdd, 0x46, 0xb6, 0x2a, 0x8c, 0xa2, \ + 0xa7, 0x83, 0xfe, 0xdb, 0x5b, 0x19, 0x48, 0x73, \ + 0x55, 0xb7, 0xe3, 0x46, 0x09, 0x00, 0x00, 0x00, \ + 0x00, 0x15, 0x00, 0x02, 0x90, 0x00, 0x37, 0x00, \ + 0xa2, 0x03, 0xa1, 0x62, 0x69, 0x64, 0x6c, 0x77, \ + 0x65, 0x62, 0x61, 0x75, 0x74, 0x68, 0x6e, 0x2e, \ + 0x64, 0x65, 0x76, 0x04, 0x58, 0x20, 0xd6, 0x32, \ + 0x7d, 0x8c, 0x6a, 0x5d, 0xe6, 0xae, 0x0e, 0x33, \ + 0xd0, 0xa3, 0x31, 0xfb, 0x67, 0x77, 0xb9, 0x4e, \ + 0xf4, 0x73, 0x19, 0xfe, 0x7e, 0xfd, 0xfa, 0x82, \ + 0x70, 0x8e, 0x1f, 0xbb, 0xa2, 0x55, 0x00, 0x00 + +#define WIREDATA_CTAP_CBOR_CREDMAN_RKLIST \ + 0x00, 0x15, 0x00, 0x04, 0x90, 0x00, 0xc5, 0x00, \ + 0xa5, 0x06, 0xa3, 0x62, 0x69, 0x64, 0x58, 0x20, \ + 0xe4, 0xe1, 0x06, 0x31, 0xde, 0x00, 0x0f, 0x4f, \ + 0x12, 0x6e, 0xc9, 0x68, 0x2d, 0x43, 0x3f, 0xf1, \ + 0x02, 0x2c, 0x6e, 0xe6, 0x96, 0x10, 0xbf, 0x73, \ + 0x35, 0xc9, 0x20, 0x27, 0x06, 0xba, 0x39, 0x09, \ + 0x64, 0x6e, 0x61, 0x6d, 0x65, 0x6a, 0x62, 0x6f, \ + 0x62, 0x20, 0x62, 0x61, 0x6e, 0x61, 0x6e, 0x61, \ + 0x00, 0x15, 0x00, 0x04, 0x00, 0x6b, 0x64, 0x69, \ + 0x73, 0x70, 0x6c, 0x61, 0x79, 0x4e, 0x61, 0x6d, \ + 0x65, 0x67, 0x62, 0x62, 0x61, 0x6e, 0x61, 0x6e, \ + 0x61, 0x07, 0xa2, 0x62, 0x69, 0x64, 0x50, 0x19, \ + 0xf7, 0x78, 0x0c, 0xa0, 0xbc, 0xb9, 0xa6, 0xd5, \ + 0x1e, 0xd7, 0x87, 0xfb, 0x6c, 0x80, 0x03, 0x64, \ + 0x74, 0x79, 0x70, 0x65, 0x6a, 0x70, 0x75, 0x62, \ + 0x6c, 0x69, 0x63, 0x2d, 0x6b, 0x65, 0x79, 0x08, \ + 0x00, 0x15, 0x00, 0x04, 0x01, 0xa5, 0x01, 0x02, \ + 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0x81, \ + 0x6c, 0xdd, 0x8c, 0x8f, 0x8c, 0xc8, 0x43, 0xa7, \ + 0xbb, 0x79, 0x51, 0x09, 0xb1, 0xdf, 0xbe, 0xc4, \ + 0xa5, 0x54, 0x16, 0x9e, 0x58, 0x56, 0xb3, 0x0b, \ + 0x34, 0x4f, 0xa5, 0x6c, 0x05, 0xa2, 0x21, 0x22, \ + 0x58, 0x20, 0xcd, 0xc2, 0x0c, 0x99, 0x83, 0x5a, \ + 0x61, 0x73, 0xd8, 0xe0, 0x74, 0x23, 0x46, 0x64, \ + 0x00, 0x15, 0x00, 0x04, 0x02, 0x39, 0x4c, 0xb0, \ + 0xf4, 0x6c, 0x0a, 0x37, 0x72, 0xaa, 0xa8, 0xea, \ + 0x58, 0xd3, 0xd4, 0xe0, 0x51, 0xb2, 0x28, 0x09, \ + 0x05, 0x0a, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x15, 0x00, 0x04, 0x90, 0x00, 0xa0, 0x00, \ + 0xa4, 0x06, 0xa3, 0x62, 0x69, 0x64, 0x58, 0x20, \ + 0x56, 0xa1, 0x3c, 0x06, 0x2b, 0xad, 0xa2, 0x21, \ + 0x7d, 0xcd, 0x91, 0x08, 0x47, 0xa8, 0x8a, 0x06, \ + 0x06, 0xf6, 0x66, 0x91, 0xf6, 0xeb, 0x89, 0xe4, \ + 0xdf, 0x26, 0xbc, 0x46, 0x59, 0xc3, 0x7d, 0xc0, \ + 0x64, 0x6e, 0x61, 0x6d, 0x65, 0x6a, 0x62, 0x6f, \ + 0x62, 0x20, 0x62, 0x61, 0x6e, 0x61, 0x6e, 0x61, \ + 0x00, 0x15, 0x00, 0x04, 0x00, 0x6b, 0x64, 0x69, \ + 0x73, 0x70, 0x6c, 0x61, 0x79, 0x4e, 0x61, 0x6d, \ + 0x65, 0x67, 0x62, 0x62, 0x61, 0x6e, 0x61, 0x6e, \ + 0x61, 0x07, 0xa2, 0x62, 0x69, 0x64, 0x50, 0xd8, \ + 0x27, 0x4b, 0x25, 0xed, 0x19, 0xef, 0x11, 0xaf, \ + 0xa6, 0x89, 0x7b, 0x84, 0x50, 0xe7, 0x62, 0x64, \ + 0x74, 0x79, 0x70, 0x65, 0x6a, 0x70, 0x75, 0x62, \ + 0x6c, 0x69, 0x63, 0x2d, 0x6b, 0x65, 0x79, 0x08, \ + 0x00, 0x15, 0x00, 0x04, 0x01, 0xa4, 0x01, 0x01, \ + 0x03, 0x27, 0x20, 0x06, 0x21, 0x58, 0x20, 0x8d, \ + 0xfe, 0x45, 0xd5, 0x7d, 0xb6, 0x17, 0xab, 0x86, \ + 0x2d, 0x32, 0xf6, 0x85, 0xf0, 0x92, 0x76, 0xb7, \ + 0xce, 0x73, 0xca, 0x4e, 0x0e, 0xfd, 0xd5, 0xdb, \ + 0x2a, 0x1d, 0x55, 0x90, 0x96, 0x52, 0xc2, 0x0a, \ + 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x15, 0x00, 0x04, 0x90, 0x00, 0xa0, 0x00, \ + 0xa4, 0x06, 0xa3, 0x62, 0x69, 0x64, 0x58, 0x20, \ + 0x04, 0x0e, 0x0f, 0xa0, 0xcd, 0x60, 0x35, 0x9a, \ + 0xba, 0x47, 0x0c, 0x10, 0xb6, 0x82, 0x6e, 0x2f, \ + 0x66, 0xb9, 0xa7, 0xcf, 0xd8, 0x47, 0xb4, 0x3d, \ + 0xfd, 0x77, 0x1a, 0x38, 0x22, 0xa1, 0xda, 0xa5, \ + 0x64, 0x6e, 0x61, 0x6d, 0x65, 0x6a, 0x62, 0x6f, \ + 0x62, 0x20, 0x62, 0x61, 0x6e, 0x61, 0x6e, 0x61, \ + 0x00, 0x15, 0x00, 0x04, 0x00, 0x6b, 0x64, 0x69, \ + 0x73, 0x70, 0x6c, 0x61, 0x79, 0x4e, 0x61, 0x6d, \ + 0x65, 0x67, 0x62, 0x62, 0x61, 0x6e, 0x61, 0x6e, \ + 0x61, 0x07, 0xa2, 0x62, 0x69, 0x64, 0x50, 0x00, \ + 0x5d, 0xdf, 0xef, 0xe2, 0xf3, 0x06, 0xb2, 0xa5, \ + 0x46, 0x4d, 0x98, 0xbc, 0x14, 0x65, 0xc1, 0x64, \ + 0x74, 0x79, 0x70, 0x65, 0x6a, 0x70, 0x75, 0x62, \ + 0x6c, 0x69, 0x63, 0x2d, 0x6b, 0x65, 0x79, 0x08, \ + 0x00, 0x15, 0x00, 0x04, 0x01, 0xa4, 0x01, 0x01, \ + 0x03, 0x27, 0x20, 0x06, 0x21, 0x58, 0x20, 0x72, \ + 0x79, 0x14, 0x69, 0xdf, 0xcb, 0x64, 0x75, 0xee, \ + 0xd4, 0x45, 0x94, 0xbc, 0x48, 0x4d, 0x2a, 0x9f, \ + 0xc9, 0xf4, 0xb5, 0x1b, 0x05, 0xa6, 0x5b, 0x54, \ + 0x9a, 0xac, 0x6c, 0x2e, 0xc6, 0x90, 0x62, 0x0a, \ + 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x15, 0x00, 0x04, 0x90, 0x00, 0xc3, 0x00, \ + 0xa4, 0x06, 0xa3, 0x62, 0x69, 0x64, 0x58, 0x20, \ + 0xce, 0x32, 0xd8, 0x79, 0xdd, 0x86, 0xa2, 0x42, \ + 0x7c, 0xc3, 0xe1, 0x95, 0x12, 0x93, 0x1a, 0x03, \ + 0xe6, 0x70, 0xb8, 0xff, 0xcd, 0xa5, 0xdf, 0x15, \ + 0xfc, 0x88, 0x2a, 0xf5, 0x44, 0xf1, 0x33, 0x9c, \ + 0x64, 0x6e, 0x61, 0x6d, 0x65, 0x6a, 0x62, 0x6f, \ + 0x62, 0x20, 0x62, 0x61, 0x6e, 0x61, 0x6e, 0x61, \ + 0x00, 0x15, 0x00, 0x04, 0x00, 0x6b, 0x64, 0x69, \ + 0x73, 0x70, 0x6c, 0x61, 0x79, 0x4e, 0x61, 0x6d, \ + 0x65, 0x67, 0x62, 0x62, 0x61, 0x6e, 0x61, 0x6e, \ + 0x61, 0x07, 0xa2, 0x62, 0x69, 0x64, 0x50, 0x0a, \ + 0x26, 0x5b, 0x7e, 0x1a, 0x2a, 0xba, 0x70, 0x5f, \ + 0x18, 0x26, 0x14, 0xb2, 0x71, 0xca, 0x98, 0x64, \ + 0x74, 0x79, 0x70, 0x65, 0x6a, 0x70, 0x75, 0x62, \ + 0x6c, 0x69, 0x63, 0x2d, 0x6b, 0x65, 0x79, 0x08, \ + 0x00, 0x15, 0x00, 0x04, 0x01, 0xa5, 0x01, 0x02, \ + 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0x8b, \ + 0x48, 0xf0, 0x69, 0xfb, 0x22, 0xfb, 0xf3, 0x86, \ + 0x57, 0x7c, 0xdd, 0x82, 0x2c, 0x1c, 0x0c, 0xdc, \ + 0x27, 0xe2, 0x6a, 0x4c, 0x1a, 0x10, 0x04, 0x27, \ + 0x51, 0x3e, 0x2a, 0x9d, 0x3a, 0xb6, 0xb5, 0x22, \ + 0x58, 0x20, 0x70, 0xfe, 0x91, 0x67, 0x64, 0x53, \ + 0x63, 0x83, 0x72, 0x31, 0xe9, 0xe5, 0x20, 0xb7, \ + 0x00, 0x15, 0x00, 0x04, 0x02, 0xee, 0xc9, 0xfb, \ + 0x63, 0xd7, 0xe4, 0x76, 0x39, 0x80, 0x82, 0x74, \ + 0xb8, 0xfa, 0x67, 0xf5, 0x1b, 0x8f, 0xe0, 0x0a, \ + 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x15, 0x00, 0x04, 0x90, 0x00, 0xc3, 0x00, \ + 0xa4, 0x06, 0xa3, 0x62, 0x69, 0x64, 0x58, 0x20, \ + 0xf9, 0xa3, 0x67, 0xbf, 0x5e, 0x80, 0x95, 0xdb, \ + 0x4c, 0xc5, 0x8f, 0x65, 0x36, 0xc5, 0xaf, 0xdd, \ + 0x90, 0x2e, 0x62, 0x68, 0x67, 0x9c, 0xa2, 0x26, \ + 0x2f, 0x2a, 0xf9, 0x3a, 0xda, 0x15, 0xf2, 0x27, \ + 0x64, 0x6e, 0x61, 0x6d, 0x65, 0x6a, 0x62, 0x6f, \ + 0x62, 0x20, 0x62, 0x61, 0x6e, 0x61, 0x6e, 0x61, \ + 0x00, 0x15, 0x00, 0x04, 0x00, 0x6b, 0x64, 0x69, \ + 0x73, 0x70, 0x6c, 0x61, 0x79, 0x4e, 0x61, 0x6d, \ + 0x65, 0x67, 0x62, 0x62, 0x61, 0x6e, 0x61, 0x6e, \ + 0x61, 0x07, 0xa2, 0x62, 0x69, 0x64, 0x50, 0xfb, \ + 0xa6, 0xbe, 0xc1, 0x01, 0xf6, 0x7a, 0x81, 0xf9, \ + 0xcd, 0x6d, 0x20, 0x41, 0x7a, 0x1c, 0x40, 0x64, \ + 0x74, 0x79, 0x70, 0x65, 0x6a, 0x70, 0x75, 0x62, \ + 0x6c, 0x69, 0x63, 0x2d, 0x6b, 0x65, 0x79, 0x08, \ + 0x00, 0x15, 0x00, 0x04, 0x01, 0xa5, 0x01, 0x02, \ + 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0xda, \ + 0x2b, 0x53, 0xc3, 0xbe, 0x48, 0xf8, 0xab, 0xbd, \ + 0x06, 0x28, 0x46, 0xfa, 0x35, 0xab, 0xf9, 0xc5, \ + 0x2e, 0xfd, 0x3c, 0x38, 0x88, 0xb3, 0xe1, 0xa7, \ + 0xc5, 0xc6, 0xed, 0x72, 0x54, 0x37, 0x93, 0x22, \ + 0x58, 0x20, 0x12, 0x82, 0x32, 0x2d, 0xab, 0xbc, \ + 0x64, 0xb3, 0xed, 0xcc, 0xd5, 0x22, 0xec, 0x79, \ + 0x00, 0x15, 0x00, 0x04, 0x02, 0x4b, 0xe2, 0x4d, \ + 0x0c, 0x4b, 0x8d, 0x31, 0x4c, 0xb4, 0x0f, 0xd4, \ + 0xa9, 0xbe, 0x0c, 0xab, 0x9e, 0x0a, 0xc9, 0x0a, \ + 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + +#define WIREDATA_CTAP_CBOR_BIO_INFO \ + 0x00, 0x10, 0x00, 0x04, 0x90, 0x00, 0x06, 0x00, \ + 0xa2, 0x02, 0x01, 0x03, 0x04, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + +#define WIREDATA_CTAP_CBOR_BIO_ENROLL \ + 0x00, 0x0a, 0x00, 0x05, 0xbb, 0x00, 0x01, 0x02, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x0a, 0x00, 0x05, 0xbb, 0x00, 0x01, 0x02, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x0a, 0x00, 0x05, 0xbb, 0x00, 0x01, 0x02, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x0a, 0x00, 0x05, 0x90, 0x00, 0x0a, 0x00, \ + 0xa3, 0x04, 0x42, 0x68, 0x96, 0x05, 0x00, 0x06, \ + 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x0a, 0x00, 0x05, 0xbb, 0x00, 0x01, 0x02, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x0a, 0x00, 0x05, 0xbb, 0x00, 0x01, 0x02, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x0a, 0x00, 0x05, 0x90, 0x00, 0x06, 0x00, \ + 0xa2, 0x05, 0x00, 0x06, 0x01, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x0a, 0x00, 0x05, 0xbb, 0x00, 0x01, 0x02, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x0a, 0x00, 0x05, 0x90, 0x00, 0x06, 0x00, \ + 0xa2, 0x05, 0x00, 0x06, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + +#define WIREDATA_CTAP_CBOR_BIO_ENUM \ + 0x00, 0x10, 0x00, 0x0f, 0x90, 0x00, 0x2e, 0x00, \ + 0xa1, 0x07, 0x83, 0xa2, 0x01, 0x42, 0xce, 0xa3, \ + 0x02, 0x67, 0x66, 0x69, 0x6e, 0x67, 0x65, 0x72, \ + 0x31, 0xa2, 0x01, 0x42, 0xbf, 0x5e, 0x02, 0x67, \ + 0x66, 0x69, 0x6e, 0x67, 0x65, 0x72, 0x32, 0xa2, \ + 0x01, 0x42, 0x5e, 0xd2, 0x02, 0x67, 0x66, 0x69, \ + 0x6e, 0x67, 0x65, 0x72, 0x33, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + +#endif /* _WIREDATA_FIDO2_H */ diff --git a/fuzz/wiredata_u2f.h b/fuzz/wiredata_u2f.h new file mode 100644 index 0000000..afe418f --- /dev/null +++ b/fuzz/wiredata_u2f.h @@ -0,0 +1,152 @@ +/* + * Copyright (c) 2020 Yubico AB. All rights reserved. + * Use of this source code is governed by a BSD-style + * license that can be found in the LICENSE file. + */ + +#ifndef _WIREDATA_U2F_H +#define _WIREDATA_U2F_H + +#define WIREDATA_CTAP_U2F_6985 \ + 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x02, 0x69, \ + 0x85, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + +#define WIREDATA_CTAP_U2F_AUTH \ + 0x00, 0x00, 0x99, 0x01, 0x83, 0x00, 0x4e, 0x01, \ + 0x00, 0x00, 0x00, 0x2c, 0x30, 0x45, 0x02, 0x20, \ + 0x1c, 0xf5, 0x7c, 0xf6, 0xde, 0xbe, 0xe9, 0x86, \ + 0xee, 0x97, 0xb7, 0x64, 0xa3, 0x4e, 0x7a, 0x70, \ + 0x85, 0xd0, 0x66, 0xf9, 0xf0, 0xcd, 0x04, 0x5d, \ + 0x97, 0xf2, 0x3c, 0x22, 0xe3, 0x0e, 0x61, 0xc8, \ + 0x02, 0x21, 0x00, 0x97, 0xef, 0xae, 0x36, 0xe6, \ + 0x17, 0x9f, 0x5e, 0x2d, 0xd7, 0x8c, 0x34, 0xa7, \ + 0x00, 0x00, 0x99, 0x01, 0x00, 0xa1, 0xe9, 0xfb, \ + 0x8f, 0x86, 0x8c, 0xe3, 0x1e, 0xde, 0x3f, 0x4e, \ + 0x1b, 0xe1, 0x2f, 0x8f, 0x2f, 0xca, 0x42, 0x26, \ + 0x90, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + +#define WIREDATA_CTAP_U2F_REGISTER \ + 0x00, 0x00, 0x99, 0x01, 0x83, 0x03, 0x1e, 0x05, \ + 0x04, 0x9f, 0xa0, 0xf9, 0x0d, 0x4c, 0xf4, 0xae, \ + 0x96, 0x3c, 0xb7, 0x46, 0xb7, 0x5c, 0x9d, 0x8b, \ + 0x48, 0x19, 0xdf, 0xc4, 0xad, 0xea, 0xb2, 0x70, \ + 0x58, 0x72, 0xd9, 0xce, 0x75, 0xf5, 0xe6, 0x8e, \ + 0x0f, 0x9c, 0x0e, 0x2e, 0x62, 0x3e, 0x91, 0xd3, \ + 0x7b, 0x97, 0x46, 0x60, 0xb9, 0x57, 0x13, 0x97, \ + 0x26, 0xae, 0x0f, 0xb3, 0x8f, 0x2e, 0x9b, 0x3f, \ + 0x00, 0x00, 0x99, 0x01, 0x00, 0xa5, 0x55, 0xec, \ + 0x8c, 0x25, 0x7c, 0x65, 0xb7, 0x09, 0x40, 0x48, \ + 0xae, 0xa8, 0xcb, 0xa1, 0x91, 0xac, 0x40, 0x24, \ + 0xf2, 0x34, 0x6e, 0x3a, 0x8f, 0xa5, 0xb7, 0x48, \ + 0x54, 0x6e, 0xfb, 0xf4, 0x37, 0x88, 0x69, 0x79, \ + 0x6f, 0x12, 0xc1, 0x32, 0xdf, 0x15, 0x5d, 0x6e, \ + 0x82, 0x54, 0xc0, 0x6e, 0x56, 0x4f, 0x3a, 0x9c, \ + 0xc3, 0x96, 0x7a, 0xde, 0xa5, 0xfe, 0xec, 0xd1, \ + 0x00, 0x00, 0x99, 0x01, 0x01, 0x5a, 0x21, 0x85, \ + 0x0e, 0x25, 0x7b, 0x8d, 0x6e, 0x1d, 0x32, 0x29, \ + 0xdb, 0x21, 0xb0, 0xa3, 0x30, 0x82, 0x02, 0x4f, \ + 0x30, 0x82, 0x01, 0x37, 0xa0, 0x03, 0x02, 0x01, \ + 0x02, 0x02, 0x04, 0x2a, 0xd9, 0x6a, 0xf3, 0x30, \ + 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, \ + 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x2e, \ + 0x31, 0x2c, 0x30, 0x2a, 0x06, 0x03, 0x55, 0x04, \ + 0x00, 0x00, 0x99, 0x01, 0x02, 0x03, 0x13, 0x23, \ + 0x59, 0x75, 0x62, 0x69, 0x63, 0x6f, 0x20, 0x55, \ + 0x32, 0x46, 0x20, 0x52, 0x6f, 0x6f, 0x74, 0x20, \ + 0x43, 0x41, 0x20, 0x53, 0x65, 0x72, 0x69, 0x61, \ + 0x6c, 0x20, 0x34, 0x35, 0x37, 0x32, 0x30, 0x30, \ + 0x36, 0x33, 0x31, 0x30, 0x20, 0x17, 0x0d, 0x31, \ + 0x34, 0x30, 0x38, 0x30, 0x31, 0x30, 0x30, 0x30, \ + 0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x32, 0x30, \ + 0x00, 0x00, 0x99, 0x01, 0x03, 0x35, 0x30, 0x30, \ + 0x39, 0x30, 0x34, 0x30, 0x30, 0x30, 0x30, 0x30, \ + 0x30, 0x5a, 0x30, 0x31, 0x31, 0x2f, 0x30, 0x2d, \ + 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x26, 0x59, \ + 0x75, 0x62, 0x69, 0x63, 0x6f, 0x20, 0x55, 0x32, \ + 0x46, 0x20, 0x45, 0x45, 0x20, 0x53, 0x65, 0x72, \ + 0x69, 0x61, 0x6c, 0x20, 0x32, 0x33, 0x39, 0x32, \ + 0x35, 0x37, 0x33, 0x34, 0x35, 0x31, 0x36, 0x35, \ + 0x00, 0x00, 0x99, 0x01, 0x04, 0x35, 0x30, 0x33, \ + 0x38, 0x37, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, \ + 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, \ + 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, \ + 0x07, 0x03, 0x42, 0x00, 0x04, 0x2f, 0xe1, 0xa2, \ + 0x3e, 0xbf, 0xa5, 0x5b, 0x3e, 0x46, 0x1d, 0x59, \ + 0xa4, 0x35, 0x22, 0xd7, 0x97, 0x48, 0x98, 0x1c, \ + 0xba, 0x6d, 0x28, 0x9a, 0x98, 0xf1, 0xbd, 0x7d, \ + 0x00, 0x00, 0x99, 0x01, 0x05, 0xff, 0x65, 0x66, \ + 0x80, 0xdb, 0xbb, 0xed, 0xbc, 0x2b, 0xae, 0x60, \ + 0x7e, 0x6e, 0xf7, 0x72, 0xf5, 0x76, 0xb0, 0x4d, \ + 0x54, 0xc4, 0xe5, 0xf3, 0x2f, 0x59, 0x6f, 0x26, \ + 0xe6, 0x11, 0x15, 0xc7, 0x27, 0x2c, 0xf6, 0xca, \ + 0x75, 0x94, 0xa3, 0x3b, 0x30, 0x39, 0x30, 0x22, \ + 0x06, 0x09, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, \ + 0xc4, 0x0a, 0x02, 0x04, 0x15, 0x31, 0x2e, 0x33, \ + 0x00, 0x00, 0x99, 0x01, 0x06, 0x2e, 0x36, 0x2e, \ + 0x31, 0x2e, 0x34, 0x2e, 0x31, 0x2e, 0x34, 0x31, \ + 0x34, 0x38, 0x32, 0x2e, 0x31, 0x2e, 0x32, 0x30, \ + 0x13, 0x06, 0x0b, 0x2b, 0x06, 0x01, 0x04, 0x01, \ + 0x82, 0xe5, 0x1c, 0x02, 0x01, 0x01, 0x04, 0x04, \ + 0x03, 0x02, 0x04, 0x30, 0x30, 0x0d, 0x06, 0x09, \ + 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, \ + 0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, \ + 0x00, 0x00, 0x99, 0x01, 0x07, 0x85, 0x6a, 0xfa, \ + 0x8b, 0xcf, 0x4f, 0x3f, 0x62, 0x5f, 0x29, 0x1b, \ + 0xc1, 0x15, 0x8e, 0x3c, 0x7e, 0xbd, 0x25, 0x52, \ + 0xbc, 0xf7, 0x57, 0x07, 0x53, 0xf5, 0x12, 0x1d, \ + 0xa6, 0xa5, 0x4d, 0x24, 0xcc, 0xcf, 0xae, 0x27, \ + 0xce, 0xd6, 0xab, 0x31, 0x12, 0x8c, 0x29, 0x7e, \ + 0x5b, 0x5b, 0x89, 0x05, 0xdd, 0xa0, 0x20, 0x17, \ + 0x93, 0x1f, 0x1f, 0x5f, 0x59, 0x25, 0x93, 0x59, \ + 0x00, 0x00, 0x99, 0x01, 0x08, 0x51, 0xfc, 0x00, \ + 0x4b, 0xcb, 0xe2, 0x0a, 0xdd, 0x7d, 0x8d, 0x05, \ + 0x2f, 0x95, 0x43, 0xb3, 0x49, 0x6c, 0x15, 0xb8, \ + 0x31, 0x0e, 0x10, 0xcb, 0xd9, 0xbb, 0x05, 0x38, \ + 0x27, 0x4f, 0x58, 0x3e, 0xad, 0x1f, 0x45, 0x12, \ + 0x88, 0xc3, 0xea, 0x76, 0xd0, 0x70, 0xad, 0x44, \ + 0xe5, 0x3a, 0xfe, 0xa8, 0xf2, 0x2d, 0x1f, 0x73, \ + 0x62, 0x5f, 0xf2, 0xd5, 0x89, 0xfe, 0x30, 0xdf, \ + 0x00, 0x00, 0x99, 0x01, 0x09, 0x26, 0x62, 0xcb, \ + 0x7c, 0xbb, 0x7c, 0x99, 0x61, 0x80, 0xad, 0xcf, \ + 0xa9, 0x8a, 0x4d, 0x01, 0x2c, 0xf3, 0x13, 0x46, \ + 0xcd, 0x11, 0x74, 0x6a, 0x58, 0x48, 0xe8, 0xbe, \ + 0xed, 0xf3, 0xe3, 0x0c, 0xcb, 0xd9, 0xc1, 0xdd, \ + 0x22, 0x16, 0x71, 0xb2, 0x83, 0x88, 0x61, 0xf6, \ + 0x5a, 0x45, 0x36, 0x23, 0xb5, 0x18, 0xd5, 0x56, \ + 0x7f, 0xa8, 0xf0, 0xa3, 0xce, 0x10, 0x5d, 0xf4, \ + 0x00, 0x00, 0x99, 0x01, 0x0a, 0xf1, 0x39, 0x53, \ + 0xe1, 0x14, 0xea, 0x59, 0xe0, 0xa7, 0xf2, 0xfe, \ + 0x66, 0x88, 0x67, 0x43, 0x2e, 0x52, 0xfd, 0x6a, \ + 0x2f, 0x64, 0xf7, 0x3c, 0x48, 0xcd, 0x9b, 0x38, \ + 0xf2, 0xdf, 0xba, 0x2c, 0x7a, 0x4b, 0x3b, 0x11, \ + 0x28, 0xdf, 0x26, 0xd6, 0x6a, 0x24, 0xf8, 0x95, \ + 0xdd, 0xa0, 0xb6, 0x11, 0x80, 0xf4, 0x14, 0x4f, \ + 0x6b, 0x70, 0x75, 0xc3, 0x18, 0xa4, 0x9a, 0xe0, \ + 0x00, 0x00, 0x99, 0x01, 0x0b, 0x8b, 0x58, 0xd3, \ + 0x6a, 0xdb, 0x1e, 0x30, 0x53, 0x67, 0x2b, 0x17, \ + 0xc5, 0xa1, 0x9f, 0x7f, 0x0a, 0x22, 0xf1, 0x0e, \ + 0x94, 0x30, 0x44, 0x02, 0x20, 0x07, 0x5c, 0x4f, \ + 0xd2, 0x83, 0xb6, 0x9f, 0x0a, 0x4a, 0x4d, 0x4b, \ + 0x08, 0x35, 0xeb, 0xc0, 0x7e, 0x4a, 0x14, 0x2e, \ + 0xc7, 0x8c, 0xd6, 0x64, 0x2f, 0xd3, 0x1e, 0xcc, \ + 0xb5, 0xe8, 0x42, 0xea, 0xf6, 0x02, 0x20, 0x6b, \ + 0x00, 0x00, 0x99, 0x01, 0x0c, 0x5a, 0xba, 0x4a, \ + 0xc8, 0xd7, 0x89, 0xcc, 0x77, 0xe6, 0xb9, 0xa3, \ + 0x34, 0xea, 0x06, 0x85, 0x72, 0xc6, 0x28, 0xa8, \ + 0x7a, 0xaa, 0x19, 0x88, 0x34, 0xbb, 0xdc, 0x64, \ + 0x90, 0x0a, 0xdb, 0x39, 0x90, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + +#endif /* !_WIREDATA_U2F_H */ diff --git a/fuzz/wrap.c b/fuzz/wrap.c index 8ff7ee7..c030231 100644 --- a/fuzz/wrap.c +++ b/fuzz/wrap.c @@ -18,6 +18,8 @@ #include "mutator_aux.h" +extern int prng_up; + /* * Build wrappers around functions of interest, and have them fail * in a pseudo-random manner. @@ -27,7 +29,7 @@ extern type __wrap_##name args; \ extern type __real_##name args; \ type __wrap_##name args { \ - if (uniform_random(400) < (prob)) { \ + if (prng_up && uniform_random(400) < (prob)) { \ return (retval); \ } \ \ @@ -141,6 +143,22 @@ WRAP(RSA *, 1 ) +WRAP(EC_KEY *, + EVP_PKEY_get0_EC_KEY, + (EVP_PKEY *pkey), + NULL, + (pkey), + 1 +) + +WRAP(int, + EVP_PKEY_get_raw_public_key, + (const EVP_PKEY *pkey, unsigned char *pub, size_t *len), + 0, + (pkey, pub, len), + 1 +) + WRAP(EVP_MD_CTX *, EVP_MD_CTX_new, (void), @@ -166,6 +184,14 @@ WRAP(BIGNUM *, 1 ) +WRAP(int, + BN_bn2bin, + (const BIGNUM *a, unsigned char *to), + -1, + (a, to), + 1 +) + WRAP(BIGNUM *, BN_CTX_get, (BN_CTX *ctx), @@ -214,6 +240,14 @@ WRAP(const EC_GROUP *, 1 ) +WRAP(const BIGNUM *, + EC_KEY_get0_private_key, + (const EC_KEY *key), + NULL, + (key), + 1 +) + WRAP(EC_POINT *, EC_POINT_new, (const EC_GROUP *group), @@ -222,6 +256,14 @@ WRAP(EC_POINT *, 1 ) +WRAP(int, + EC_POINT_get_affine_coordinates_GFp, + (const EC_GROUP *group, const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx), + 0, + (group, p, x, y, ctx), + 1 +) + WRAP(EVP_PKEY *, EVP_PKEY_new, (void), @@ -238,6 +280,38 @@ WRAP(int, 1 ) +WRAP(int, + EVP_PKEY_keygen_init, + (EVP_PKEY_CTX *ctx), + 0, + (ctx), + 1 +) + +WRAP(int, + EVP_PKEY_keygen, + (EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey), + 0, + (ctx, ppkey), + 1 +) + +WRAP(int, + EVP_PKEY_paramgen_init, + (EVP_PKEY_CTX *ctx), + 0, + (ctx), + 1 +) + +WRAP(int, + EVP_PKEY_paramgen, + (EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey), + 0, + (ctx, ppkey), + 1 +) + WRAP(EVP_PKEY *, EVP_PKEY_new_raw_public_key, (int type, ENGINE *e, const unsigned char *key, size_t keylen), @@ -254,6 +328,14 @@ WRAP(EVP_PKEY_CTX *, 1 ) +WRAP(EVP_PKEY_CTX *, + EVP_PKEY_CTX_new_id, + (int id, ENGINE *e), + NULL, + (id, e), + 1 +) + WRAP(int, EVP_PKEY_derive_init, (EVP_PKEY_CTX *ctx), @@ -345,6 +427,30 @@ WRAP(cbor_item_t *, 1 ) +WRAP(cbor_item_t *, + cbor_build_bool, + (bool value), + NULL, + (value), + 1 +) + +WRAP(cbor_item_t *, + cbor_build_negint8, + (uint8_t value), + NULL, + (value), + 1 +) + +WRAP(cbor_item_t *, + cbor_build_negint16, + (uint16_t value), + NULL, + (value), + 1 +) + WRAP(cbor_item_t *, cbor_load, (cbor_data source, size_t source_size, struct cbor_load_result *result), @@ -361,6 +467,14 @@ WRAP(cbor_item_t *, 1 ) +WRAP(cbor_item_t *, + cbor_build_uint32, + (uint32_t value), + NULL, + (value), + 1 +) + WRAP(struct cbor_pair *, cbor_map_handle, (const cbor_item_t *item), @@ -377,6 +491,14 @@ WRAP(cbor_item_t **, 1 ) +WRAP(bool, + cbor_array_push, + (cbor_item_t *array, cbor_item_t *pushee), + false, + (array, pushee), + 1 +) + WRAP(bool, cbor_map_add, (cbor_item_t *item, struct cbor_pair pair), @@ -393,6 +515,14 @@ WRAP(cbor_item_t *, 1 ) +WRAP(cbor_item_t *, + cbor_new_definite_array, + (size_t size), + NULL, + (size), + 1 +) + WRAP(size_t, cbor_serialize_alloc, (const cbor_item_t *item, cbor_mutable_data *buffer, diff --git a/fuzz/wrapped.sym b/fuzz/wrapped.sym index 3679f91..3df4f12 100644 --- a/fuzz/wrapped.sym +++ b/fuzz/wrapped.sym @@ -1,19 +1,28 @@ BN_bin2bn +BN_bn2bin BN_CTX_get BN_CTX_new BN_new calloc cbor_array_handle +cbor_array_push +cbor_build_bool cbor_build_bytestring +cbor_build_negint16 +cbor_build_negint8 cbor_build_string +cbor_build_uint32 cbor_build_uint8 cbor_load cbor_map_add cbor_map_handle +cbor_new_definite_array cbor_new_definite_map cbor_serialize_alloc EC_KEY_get0_group +EC_KEY_get0_private_key EC_KEY_new_by_curve_name +EC_POINT_get_affine_coordinates_GFp EC_POINT_new EVP_CIPHER_CTX_new EVP_CIPHER_CTX_set_padding @@ -25,11 +34,18 @@ EVP_EncryptUpdate EVP_MD_CTX_new EVP_PKEY_assign EVP_PKEY_CTX_new +EVP_PKEY_CTX_new_id EVP_PKEY_derive_init EVP_PKEY_derive_set_peer +EVP_PKEY_get0_EC_KEY EVP_PKEY_get0_RSA +EVP_PKEY_get_raw_public_key +EVP_PKEY_keygen +EVP_PKEY_keygen_init EVP_PKEY_new EVP_PKEY_new_raw_public_key +EVP_PKEY_paramgen +EVP_PKEY_paramgen_init EVP_sha256 fido_tx HMAC diff --git a/man/CMakeLists.txt b/man/CMakeLists.txt index c903ab8..44e4a96 100644 --- a/man/CMakeLists.txt +++ b/man/CMakeLists.txt @@ -5,7 +5,7 @@ find_program(MANDOC_PATH mandoc) message(STATUS "MANDOC_PATH: ${MANDOC_PATH}") -if(CMAKE_SYSTEM_NAME STREQUAL "Linux") +if(CMAKE_SYSTEM_NAME STREQUAL "FreeBSD" OR CMAKE_SYSTEM_NAME STREQUAL "Linux") find_program(GZIP_PATH gzip) message(STATUS "GZIP_PATH: ${GZIP_PATH}") endif() @@ -101,6 +101,7 @@ list(APPEND MAN_ALIAS fido_cbor_info_new fido_cbor_info_extensions_ptr fido_cbor_info_new fido_cbor_info_free fido_cbor_info_new fido_cbor_info_maxmsgsiz + fido_cbor_info_new fido_cbor_info_fwversion fido_cbor_info_new fido_cbor_info_options_len fido_cbor_info_new fido_cbor_info_options_name_ptr fido_cbor_info_new fido_cbor_info_options_value_ptr @@ -117,6 +118,7 @@ list(APPEND MAN_ALIAS fido_cred_new fido_cred_free fido_cred_new fido_cred_id_len fido_cred_new fido_cred_id_ptr + fido_cred_new fido_cred_prot fido_cred_new fido_cred_pubkey_len fido_cred_new fido_cred_pubkey_ptr fido_cred_new fido_cred_sig_len @@ -145,6 +147,7 @@ list(APPEND MAN_ALIAS fido_cred_set_authdata fido_cred_set_clientdata_hash fido_cred_set_authdata fido_cred_set_extensions fido_cred_set_authdata fido_cred_set_fmt + fido_cred_set_authdata fido_cred_set_prot fido_cred_set_authdata fido_cred_set_rk fido_cred_set_authdata fido_cred_set_rp fido_cred_set_authdata fido_cred_set_sig @@ -261,17 +264,17 @@ if(MANDOC_PATH) add_dependencies(man man_symlink_html) add_dependencies(man_gzip man_lint) install(FILES ${CMAKE_SOURCE_DIR}/man/style.css - DESTINATION ${CMAKE_INSTALL_PREFIX}/share/doc/libfido2) + DESTINATION "${CMAKE_INSTALL_DOCDIR}/html") foreach(f ${MAN_SOURCES}) string(REGEX REPLACE ".[13]" "" f ${f}) install(FILES ${CMAKE_BINARY_DIR}/man/${f}.html - DESTINATION ${CMAKE_INSTALL_PREFIX}/share/doc/libfido2) + DESTINATION "${CMAKE_INSTALL_DOCDIR}/html") endforeach() foreach(i RANGE 0 ${MAN_ALIAS_MAX} 2) math(EXPR j "${i} + 1") list(GET MAN_ALIAS ${j} DST) install(FILES ${CMAKE_BINARY_DIR}/man/${DST}.html - DESTINATION ${CMAKE_INSTALL_PREFIX}/share/doc/libfido2) + DESTINATION "${CMAKE_INSTALL_DOCDIR}/html") endforeach() endif() @@ -282,33 +285,33 @@ if(GZIP_PATH) foreach(f ${MAN_SOURCES}) if (${f} MATCHES ".1$") install(FILES ${CMAKE_BINARY_DIR}/man/${f}.gz - DESTINATION "${CMAKE_INSTALL_PREFIX}/share/man/man1") + DESTINATION "${CMAKE_INSTALL_MANDIR}/man1") elseif(${f} MATCHES ".3$") install(FILES ${CMAKE_BINARY_DIR}/man/${f}.gz - DESTINATION "${CMAKE_INSTALL_PREFIX}/share/man/man3") + DESTINATION "${CMAKE_INSTALL_MANDIR}/man3") endif() endforeach() foreach(i RANGE 0 ${MAN_ALIAS_MAX} 2) math(EXPR j "${i} + 1") list(GET MAN_ALIAS ${j} DST) install(FILES ${CMAKE_BINARY_DIR}/man/${DST}.3.gz - DESTINATION ${CMAKE_INSTALL_PREFIX}/share/man/man3) + DESTINATION "${CMAKE_INSTALL_MANDIR}/man3") endforeach() elseif(NOT MSVC) add_dependencies(man man_symlink) foreach(f ${MAN_SOURCES}) if (${f} MATCHES ".1$") install(FILES ${CMAKE_BINARY_DIR}/man/${f} - DESTINATION "${CMAKE_INSTALL_PREFIX}/man/man1") + DESTINATION "${CMAKE_INSTALL_MANDIR}/man1") elseif(${f} MATCHES ".3$") install(FILES ${CMAKE_BINARY_DIR}/man/${f} - DESTINATION "${CMAKE_INSTALL_PREFIX}/man/man3") + DESTINATION "${CMAKE_INSTALL_MANDIR}/man3") endif() endforeach() foreach(i RANGE 0 ${MAN_ALIAS_MAX} 2) math(EXPR j "${i} + 1") list(GET MAN_ALIAS ${j} DST) install(FILES ${CMAKE_BINARY_DIR}/man/${DST}.3 - DESTINATION ${CMAKE_INSTALL_PREFIX}/man/man3) + DESTINATION "${CMAKE_INSTALL_MANDIR}/man3") endforeach() endif() diff --git a/man/es256_pk_new.3 b/man/es256_pk_new.3 index 48eda0b..54439cd 100644 --- a/man/es256_pk_new.3 +++ b/man/es256_pk_new.3 @@ -89,6 +89,10 @@ where points to .Fa len bytes. +The +.Fa ptr +pointer may point to an uncompressed point, or to the +concatenation of the x and y coordinates. No references to .Fa ptr are kept. diff --git a/man/fido2-token.1 b/man/fido2-token.1 index d5a5734..b59463a 100644 --- a/man/fido2-token.1 +++ b/man/fido2-token.1 @@ -156,3 +156,5 @@ authenticator. Yubico authenticators do not allow resets after 5 seconds from power-up, and expect a reset to be confirmed by the user through touch within 30 seconds. +.Pp +An authenticator's path may contain spaces. diff --git a/man/fido_bio_dev_get_info.3 b/man/fido_bio_dev_get_info.3 index bde1396..d18c9ec 100644 --- a/man/fido_bio_dev_get_info.3 +++ b/man/fido_bio_dev_get_info.3 @@ -35,6 +35,8 @@ The functions described in this page allow biometric templates on a FIDO2 authenticator to be listed, created, removed, and customised. +Please note that not all FIDO2 authenticators support biometric +enrollment. For a description of the types involved, please refer to .Xr fido_bio_info_new 3 , .Xr fido_bio_enroll_new 3 , @@ -118,3 +120,11 @@ is returned. .Xr fido_bio_enroll_new 3 , .Xr fido_bio_info_new 3 , .Xr fido_bio_template 3 +.Sh CAVEATS +Biometric enrollment is a tentative feature of FIDO 2.1. +Applications willing to strictly abide by FIDO 2.0 should refrain +from using biometric enrollment. +Applications using biometric enrollment should ensure it is +supported by the authenticator prior to using the API. +Since FIDO 2.1 hasn't been finalised, there is a chance the +functionality and associated data structures may change. diff --git a/man/fido_bio_template.3 b/man/fido_bio_template.3 index 6140926..8414937 100644 --- a/man/fido_bio_template.3 +++ b/man/fido_bio_template.3 @@ -38,11 +38,11 @@ .Ft fido_bio_template_array_t * .Fn fido_bio_template_array_new "void" .Ft void -.Fn fido_bio_template_array_free "fido_bio_template_array_t **template_array_p" +.Fn fido_bio_template_array_free "fido_bio_template_array_t **array_p" .Ft size_t -.Fn fido_bio_template_array_count "const fido_bio_template_array_t *template_array" +.Fn fido_bio_template_array_count "const fido_bio_template_array_t *array" .Ft const fido_bio_template_t * -.Fn fido_bio_template "const fido_bio_template_array_t *template_array" "size_t idx" +.Fn fido_bio_template "const fido_bio_template_array_t *array" "size_t idx" .Sh DESCRIPTION Existing FIDO 2 biometric enrollments are abstracted in .Em libfido2 @@ -132,18 +132,18 @@ If memory cannot be allocated, NULL is returned. The .Fn fido_bio_template_array_free function releases the memory backing -.Fa *template_array_p , +.Fa *array_p , where -.Fa *template_array_p +.Fa *array_p must have been previously allocated by .Fn fido_bio_template_array_new . On return, -.Fa *template_array_p +.Fa *array_p is set to NULL. Either -.Fa template_array_p +.Fa array_p or -.Fa *template_array_p +.Fa *array_p may be NULL, in which case .Fn fido_bio_template_array_free is a NOP. @@ -151,16 +151,16 @@ is a NOP. The .Fn fido_bio_template_array_count function returns the number of templates in -.Fa template_array . +.Fa array . .Pp The .Fn fido_bio_template function returns a pointer to the template at index .Fa idx in -.Fa template_array . +.Fa array . Please note that the first template in -.Fa template_array +.Fa array has an .Fa idx (index) value of 0. diff --git a/man/fido_cbor_info_new.3 b/man/fido_cbor_info_new.3 index d1e4c41..3e7de1f 100644 --- a/man/fido_cbor_info_new.3 +++ b/man/fido_cbor_info_new.3 @@ -20,7 +20,8 @@ .Nm fido_cbor_info_protocols_len , .Nm fido_cbor_info_versions_len , .Nm fido_cbor_info_options_len , -.Nm fido_cbor_info_maxmsgsiz +.Nm fido_cbor_info_maxmsgsiz , +.Nm fido_cbor_info_fwversion .Nd FIDO 2 CBOR Info API .Sh SYNOPSIS .In fido.h @@ -54,6 +55,8 @@ .Fn fido_cbor_info_options_len "const fido_cbor_info_t *ci" .Ft uint64_t .Fn fido_cbor_info_maxmsgsiz "const fido_cbor_info_t *ci" +.Ft uint64_t +.Fn fido_cbor_info_fwversion "const fido_cbor_info_t *ci" .Sh DESCRIPTION The .Fn fido_cbor_info_new @@ -124,7 +127,12 @@ The length of the options array is returned by .Pp The .Fn fido_cbor_info_maxmsgsiz -function returns the maximum message size of +function returns the maximum message size attribute of +.Fa ci . +.Pp +The +.Fn fido_cbor_info_fwversion +function returns the firmware version attribute of .Fa ci . .Pp A complete example of how to use these functions can be found in the diff --git a/man/fido_cred_new.3 b/man/fido_cred_new.3 index 47eeba8..22af60c 100644 --- a/man/fido_cred_new.3 +++ b/man/fido_cred_new.3 @@ -8,6 +8,7 @@ .Sh NAME .Nm fido_cred_new , .Nm fido_cred_free , +.Nm fido_cred_prot , .Nm fido_cred_fmt , .Nm fido_cred_authdata_ptr , .Nm fido_cred_clientdata_hash_ptr , @@ -28,6 +29,8 @@ .Fn fido_cred_new "void" .Ft void .Fn fido_cred_free "fido_cred_t **cred_p" +.Ft int +.Fn fido_cred_prot "fido_cred_t *cred" .Ft const char * .Fn fido_cred_fmt "const fido_cred_t *cred" .Ft const unsigned char * @@ -99,6 +102,15 @@ may be NULL, in which case is a NOP. .Pp The +.Fn fido_cred_prot +function returns the protection of +.Fa cred . +See +.Xr fido_cred_set_prot 3 +for the values understood by +.Em libfido2 . +.Pp +The .Fn fido_cred_fmt function returns a pointer to a NUL-terminated string containing the format of diff --git a/man/fido_cred_set_authdata.3 b/man/fido_cred_set_authdata.3 index 8b087fa..d28c61e 100644 --- a/man/fido_cred_set_authdata.3 +++ b/man/fido_cred_set_authdata.3 @@ -14,6 +14,7 @@ .Nm fido_cred_set_rp , .Nm fido_cred_set_user , .Nm fido_cred_set_extensions , +.Nm fido_cred_set_prot , .Nm fido_cred_set_rk , .Nm fido_cred_set_uv , .Nm fido_cred_set_fmt , @@ -45,6 +46,8 @@ typedef enum { .Ft int .Fn fido_cred_set_extensions "fido_cred_t *cred" "int flags" .Ft int +.Fn fido_cred_set_prot "fido_cred_t *cred" "int prot" +.Ft int .Fn fido_cred_set_rk "fido_cred_t *cred" "fido_opt_t rk" .Ft int .Fn fido_cred_set_uv "fido_cred_t *cred" "fido_opt_t uv" @@ -149,7 +152,9 @@ to the bitmask .Fa flags . At the moment, only the .Dv FIDO_EXT_HMAC_SECRET -extension is supported. +and +.Dv FIDO_EXT_CRED_PROTECT +extensions are supported. If .Fa flags is zero, the extensions of @@ -157,6 +162,24 @@ is zero, the extensions of are cleared. .Pp The +.Fn fido_cred_set_prot +function sets the protection of +.Fa cred +to the scalar +.Fa prot . +At the moment, only the +.Dv FIDO_CRED_PROT_UV_OPTIONAL , +.Dv FIDO_CRED_PROT_UV_OPTIONAL_WITH_ID , +and +.Dv FIDO_CRED_PROT_UV_REQUIRED +protections are supported. +If +.Fa prot +is zero, the protection of +.Fa cred +is cleared. +.Pp +The .Fn fido_cred_set_rk and .Fn fido_cred_set_uv diff --git a/man/fido_credman_metadata_new.3 b/man/fido_credman_metadata_new.3 index 16f0192..1a65978 100644 --- a/man/fido_credman_metadata_new.3 +++ b/man/fido_credman_metadata_new.3 @@ -72,7 +72,8 @@ The credential management API of .Em libfido2 allows resident credentials on a FIDO2 authenticator to be listed, inspected, and removed. -Please note that not all authenticators support credential management. +Please note that not all FIDO2 authenticators support credential +management. To obtain information on what an authenticator supports, please refer to .Xr fido_cbor_info_new 3 . @@ -297,3 +298,11 @@ should have their return values checked for NULL. .Sh SEE ALSO .Xr fido_cbor_info_new 3 , .Xr fido_cred_new 3 +.Sh CAVEATS +Credential management is a tentative feature of FIDO 2.1. +Applications willing to strictly abide by FIDO 2.0 should refrain +from using credential management. +Applications using credential management should ensure it is +supported by the authenticator prior to using the API. +Since FIDO 2.1 hasn't been finalised, there is a chance the +functionality and associated data structures may change. diff --git a/man/fido_dev_set_io_functions.3 b/man/fido_dev_set_io_functions.3 index adc4a9e..67bc6d0 100644 --- a/man/fido_dev_set_io_functions.3 +++ b/man/fido_dev_set_io_functions.3 @@ -15,12 +15,16 @@ typedef void *fido_dev_io_open_t(const char *); typedef void fido_dev_io_close_t(void *); typedef int fido_dev_io_read_t(void *, unsigned char *, size_t, int); typedef int fido_dev_io_write_t(void *, const unsigned char *, size_t); +typedef int fido_dev_io_rx_t(struct fido_dev *, uint8_t, unsigned char *, size_t, int); +typedef int fido_dev_io_tx_t(struct fido_dev *, uint8_t, const unsigned char *, size_t); typedef struct fido_dev_io { fido_dev_io_open_t *open; fido_dev_io_close_t *close; fido_dev_io_read_t *read; fido_dev_io_write_t *write; + fido_dev_io_rx_t *rx; + fido_dev_io_tx_t *tx; } fido_dev_io_t; .Ed .Ft int @@ -28,12 +32,12 @@ typedef struct fido_dev_io { .Sh DESCRIPTION The .Nm -interface defines the I/O handlers used to talk to +interface defines the I/O and transmission handlers used to talk to .Fa dev . Its usage is optional. By default, .Em libfido2 -will use the operating system's native HID interface to talk to +will use the operating system's native HID interface to talk CTAP2 to a FIDO device. .Pp A @@ -51,13 +55,13 @@ It is not expected to be idempotent. .Pp A .Vt fido_dev_io_read_t -function reads from +function reads a single HID report from .Fa dev . The first parameter taken is the opaque handle obtained from .Vt fido_dev_io_open_t . The read buffer is pointed to by the second parameter, and the third parameter holds its size. -Finally, the last argument passed to +The last argument passed to .Vt fido_dev_io_read_t is the number of milliseconds the caller is willing to sleep, should the call need to block. @@ -67,9 +71,9 @@ may block indefinitely. The number of bytes read is returned. On error, -1 is returned. .Pp -Conversely, a +A .Vt fido_dev_io_write_t -function writes to +function writes a single HID report to .Fa dev . The first parameter taken is the opaque handle returned by .Vt fido_dev_io_open_t . @@ -81,6 +85,59 @@ function may block. The number of bytes written is returned. On error, -1 is returned. .Pp +A +.Vt fido_dev_io_rx_t +function receives a complete CTAP2 message from +.Fa dev . +The first parameter taken is a pointer to +.Fa dev . +The second parameter holds the expected CTAP2 command byte. +The read buffer is pointed to by the third parameter, and the +fourth parameter holds its size. +The last argument passed to +.Vt fido_dev_io_rx_t +is the number of milliseconds the caller is willing to sleep, +should the call need to block. +If this value holds -1, +.Vt fido_dev_io_rx_t +may block indefinitely. +The number of bytes read is returned. +On error, -1 is returned. +.Pp +A +.Vt fido_dev_io_tx_t +function transmits a complete CTAP2 message to +.Fa dev . +The first parameter taken is a pointer to +.Fa dev . +The second parameter holds the CTAP2 command byte. +The write buffer is pointed to by the third parameter, and the +fourth parameter holds its size. +A +.Vt fido_dev_io_tx_t +function may block. +On success, 0 is returned. +On error, -1 is returned. +.Pp +When calling +.Fn fido_dev_set_io_functions , +the +.Fa open , +.Fa close , +.Fa read +and +.Fa write +fields of +.Fa io +may not be NULL. +Either +.Fa rx +or +.Fa tx +may be NULL, in which case +.Em libfido2 +uses its corresponding CTAP2 HID transport method. +.Pp No references to .Fa io are held by diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h index bee126c..30d80b3 100644 --- a/openbsd-compat/openbsd-compat.h +++ b/openbsd-compat/openbsd-compat.h @@ -32,6 +32,10 @@ #define be32toh(x) ntohl((x)) #endif /* _WIN32 && !HAVE_ENDIAN_H */ +#if defined(__FreeBSD__) && !defined(HAVE_ENDIAN_H) +#include +#endif + #include #if !defined(HAVE_STRLCAT) diff --git a/openbsd-compat/readpassphrase.c b/openbsd-compat/readpassphrase.c index dfb3065..8b84190 100644 --- a/openbsd-compat/readpassphrase.c +++ b/openbsd-compat/readpassphrase.c @@ -52,7 +52,7 @@ # define _POSIX_VDISABLE VDISABLE #endif -static volatile sig_atomic_t signo[_NSIG]; +static volatile sig_atomic_t signo[NSIG]; static void handler(int); @@ -73,7 +73,7 @@ readpassphrase(const char *prompt, char *buf, size_t bufsiz, int flags) } restart: - for (i = 0; i < _NSIG; i++) + for (i = 0; i < NSIG; i++) signo[i] = 0; need_restart = 0; /* @@ -177,7 +177,7 @@ restart: * If we were interrupted by a signal, resend it to ourselves * now that we have restored the signal handlers. */ - for (i = 0; i < _NSIG; i++) { + for (i = 0; i < NSIG; i++) { if (signo[i]) { kill(getpid(), i); switch (i) { diff --git a/openbsd-compat/readpassphrase.h b/openbsd-compat/readpassphrase.h index 0c4a59e..e4451f3 100644 --- a/openbsd-compat/readpassphrase.h +++ b/openbsd-compat/readpassphrase.h @@ -27,6 +27,8 @@ #ifndef HAVE_READPASSPHRASE +#include + #define RPP_ECHO_OFF 0x00 /* Turn off echo (default). */ #define RPP_ECHO_ON 0x01 /* Leave echo on. */ #define RPP_REQUIRE_TTY 0x02 /* Fail if there is no tty. */ diff --git a/regress/CMakeLists.txt b/regress/CMakeLists.txt index b8fea64..0314c38 100644 --- a/regress/CMakeLists.txt +++ b/regress/CMakeLists.txt @@ -2,17 +2,15 @@ # Use of this source code is governed by a BSD-style # license that can be found in the LICENSE file. -# cred -add_executable(regress_cred cred.c) -target_link_libraries(regress_cred fido2_shared) -add_custom_command(TARGET regress_cred POST_BUILD COMMAND regress_cred) +add_custom_target(regress ALL) -# assert -add_executable(regress_assert assert.c) -target_link_libraries(regress_assert fido2_shared) -add_custom_command(TARGET regress_assert POST_BUILD COMMAND regress_assert) +macro(add_regress_test NAME SOURCES) + add_executable(${NAME} ${SOURCES}) + target_link_libraries(${NAME} fido2_shared) + add_custom_command(TARGET regress POST_BUILD COMMAND ${NAME} + DEPENDS ${NAME}) +endmacro() -# dev -add_executable(regress_dev dev.c) -target_link_libraries(regress_dev fido2_shared) -add_custom_command(TARGET regress_dev POST_BUILD COMMAND regress_dev) +add_regress_test(regress_cred cred.c) +add_regress_test(regress_assert assert.c) +add_regress_test(regress_dev dev.c) diff --git a/regress/assert.c b/regress/assert.c index ebf0652..caa5725 100644 --- a/regress/assert.c +++ b/regress/assert.c @@ -216,12 +216,16 @@ empty_assert_tests(void) fido_dev_io_t io_f; int i; + memset(&io_f, 0, sizeof(io_f)); + a = alloc_assert(); d = alloc_dev(); + io_f.open = dummy_open; io_f.close = dummy_close; io_f.read = dummy_read; io_f.write = dummy_write; + assert(fido_dev_set_io_functions(d, &io_f) == FIDO_OK); empty_assert(d, a, 0); diff --git a/regress/cred.c b/regress/cred.c index 4998649..f8c08a4 100644 --- a/regress/cred.c +++ b/regress/cred.c @@ -333,10 +333,13 @@ empty_cred(void) assert(fido_cred_x5c_ptr(c) == NULL); assert(fido_cred_verify(c) == FIDO_ERR_INVALID_ARGUMENT); + memset(&io_f, 0, sizeof(io_f)); + io_f.open = dummy_open; io_f.close = dummy_close; io_f.read = dummy_read; io_f.write = dummy_write; + d = alloc_dev(); fido_dev_force_u2f(d); diff --git a/regress/dev.c b/regress/dev.c index 39b3584..84a45cc 100644 --- a/regress/dev.c +++ b/regress/dev.c @@ -6,6 +6,7 @@ #include #include +#include #define FAKE_DEV_HANDLE ((void *)0xdeadbeef) #define REPORT_LEN (64 + 1) @@ -53,6 +54,8 @@ open_iff_ok(void) fido_dev_t *dev = NULL; fido_dev_io_t io; + memset(&io, 0, sizeof(io)); + io.open = dummy_open; io.close = dummy_close; io.read = dummy_read; diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 926e7f2..3cf62e8 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -31,11 +31,14 @@ list(APPEND FIDO_SOURCES ) if(FUZZ) + list(APPEND FIDO_SOURCES ../fuzz/prng.c) list(APPEND FIDO_SOURCES ../fuzz/uniform_random.c) list(APPEND FIDO_SOURCES ../fuzz/wrap.c) endif() -if(WIN32) +if(USE_HIDAPI) + list(APPEND COMPAT_SOURCES hid_hidapi.c) +elseif(WIN32) list(APPEND COMPAT_SOURCES hid_win.c) elseif(APPLE) list(APPEND COMPAT_SOURCES hid_osx.c) @@ -43,6 +46,8 @@ elseif(CMAKE_SYSTEM_NAME STREQUAL "Linux") list(APPEND COMPAT_SOURCES hid_linux.c) elseif(CMAKE_SYSTEM_NAME STREQUAL "OpenBSD") list(APPEND COMPAT_SOURCES hid_openbsd.c) +else() + message(FATAL_ERROR "please define a hid backend for your platform") endif() list(APPEND COMPAT_SOURCES @@ -50,13 +55,14 @@ list(APPEND COMPAT_SOURCES ../openbsd-compat/explicit_bzero.c ../openbsd-compat/explicit_bzero_win32.c ../openbsd-compat/recallocarray.c + ../openbsd-compat/strlcat.c ../openbsd-compat/timingsafe_bcmp.c ) # static library add_library(fido2 STATIC ${FIDO_SOURCES} ${COMPAT_SOURCES}) target_link_libraries(fido2 ${CBOR_LIBRARIES} ${CRYPTO_LIBRARIES} - ${UDEV_LIBRARIES} ${BASE_LIBRARIES}) + ${UDEV_LIBRARIES} ${BASE_LIBRARIES} ${HIDAPI_LIBRARIES}) if(WIN32) if (MINGW) target_link_libraries(fido2 wsock32 ws2_32 bcrypt setupapi hid) @@ -74,7 +80,7 @@ install(TARGETS fido2 ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR} # dynamic library add_library(fido2_shared SHARED ${FIDO_SOURCES} ${COMPAT_SOURCES}) target_link_libraries(fido2_shared ${CBOR_LIBRARIES} ${CRYPTO_LIBRARIES} - ${UDEV_LIBRARIES} ${BASE_LIBRARIES}) + ${UDEV_LIBRARIES} ${BASE_LIBRARIES} ${HIDAPI_LIBRARIES}) if(WIN32) if (MINGW) target_link_libraries(fido2_shared wsock32 ws2_32 bcrypt diff --git a/src/assert.c b/src/assert.c index a21b308..b71d00e 100644 --- a/src/assert.c +++ b/src/assert.c @@ -152,8 +152,8 @@ fido_dev_get_assert_tx(fido_dev_t *dev, fido_assert_t *assert, } /* frame and transmit */ - if (cbor_build_frame(CTAP_CBOR_ASSERT, argv, 7, &f) < 0 || - fido_tx(dev, CTAP_FRAME_INIT | CTAP_CMD_CBOR, f.ptr, f.len) < 0) { + if (cbor_build_frame(CTAP_CBOR_ASSERT, argv, nitems(argv), &f) < 0 || + fido_tx(dev, CTAP_CMD_CBOR, f.ptr, f.len) < 0) { fido_log_debug("%s: fido_tx", __func__); r = FIDO_ERR_TX; goto fail; @@ -170,14 +170,14 @@ fail: static int fido_dev_get_assert_rx(fido_dev_t *dev, fido_assert_t *assert, int ms) { - const uint8_t cmd = CTAP_FRAME_INIT | CTAP_CMD_CBOR; - unsigned char reply[2048]; + unsigned char reply[FIDO_MAXMSG]; int reply_len; int r; fido_assert_reset_rx(assert); - if ((reply_len = fido_rx(dev, cmd, &reply, sizeof(reply), ms)) < 0) { + if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply), + ms)) < 0) { fido_log_debug("%s: fido_rx", __func__); return (FIDO_ERR_RX); } @@ -211,10 +211,9 @@ fido_dev_get_assert_rx(fido_dev_t *dev, fido_assert_t *assert, int ms) static int fido_get_next_assert_tx(fido_dev_t *dev) { - const unsigned char cbor[] = { CTAP_CBOR_NEXT_ASSERT }; - const uint8_t cmd = CTAP_FRAME_INIT | CTAP_CMD_CBOR; + const unsigned char cbor[] = { CTAP_CBOR_NEXT_ASSERT }; - if (fido_tx(dev, cmd, cbor, sizeof(cbor)) < 0) { + if (fido_tx(dev, CTAP_CMD_CBOR, cbor, sizeof(cbor)) < 0) { fido_log_debug("%s: fido_tx", __func__); return (FIDO_ERR_TX); } @@ -225,12 +224,12 @@ fido_get_next_assert_tx(fido_dev_t *dev) static int fido_get_next_assert_rx(fido_dev_t *dev, fido_assert_t *assert, int ms) { - const uint8_t cmd = CTAP_FRAME_INIT | CTAP_CMD_CBOR; - unsigned char reply[2048]; + unsigned char reply[FIDO_MAXMSG]; int reply_len; int r; - if ((reply_len = fido_rx(dev, cmd, &reply, sizeof(reply), ms)) < 0) { + if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply), + ms)) < 0) { fido_log_debug("%s: fido_rx", __func__); return (FIDO_ERR_RX); } @@ -363,8 +362,8 @@ check_extensions(int authdata_ext, int ext) return (0); } -static int -get_signed_hash(int cose_alg, fido_blob_t *dgst, const fido_blob_t *clientdata, +int +fido_get_signed_hash(int cose_alg, fido_blob_t *dgst, const fido_blob_t *clientdata, const fido_blob_t *authdata_cbor) { cbor_item_t *item = NULL; @@ -534,7 +533,7 @@ int fido_assert_verify(const fido_assert_t *assert, size_t idx, int cose_alg, const void *pk) { - unsigned char buf[1024]; + unsigned char buf[1024]; /* XXX */ fido_blob_t dgst; const fido_assert_stmt *stmt = NULL; int ok = -1; @@ -579,9 +578,9 @@ fido_assert_verify(const fido_assert_t *assert, size_t idx, int cose_alg, goto out; } - if (get_signed_hash(cose_alg, &dgst, &assert->cdh, + if (fido_get_signed_hash(cose_alg, &dgst, &assert->cdh, &stmt->authdata_cbor) < 0) { - fido_log_debug("%s: get_signed_hash", __func__); + fido_log_debug("%s: fido_get_signed_hash", __func__); r = FIDO_ERR_INTERNAL; goto out; } diff --git a/src/authkey.c b/src/authkey.c index 9de37f1..83c2564 100644 --- a/src/authkey.c +++ b/src/authkey.c @@ -43,8 +43,8 @@ fido_dev_authkey_tx(fido_dev_t *dev) } /* frame and transmit */ - if (cbor_build_frame(CTAP_CBOR_CLIENT_PIN, argv, 2, &f) < 0 || - fido_tx(dev, CTAP_FRAME_INIT | CTAP_CMD_CBOR, f.ptr, f.len) < 0) { + if (cbor_build_frame(CTAP_CBOR_CLIENT_PIN, argv, nitems(argv), + &f) < 0 || fido_tx(dev, CTAP_CMD_CBOR, f.ptr, f.len) < 0) { fido_log_debug("%s: fido_tx", __func__); r = FIDO_ERR_TX; goto fail; @@ -61,8 +61,7 @@ fail: static int fido_dev_authkey_rx(fido_dev_t *dev, es256_pk_t *authkey, int ms) { - const uint8_t cmd = CTAP_FRAME_INIT | CTAP_CMD_CBOR; - unsigned char reply[2048]; + unsigned char reply[FIDO_MAXMSG]; int reply_len; fido_log_debug("%s: dev=%p, authkey=%p, ms=%d", __func__, (void *)dev, @@ -70,7 +69,8 @@ fido_dev_authkey_rx(fido_dev_t *dev, es256_pk_t *authkey, int ms) memset(authkey, 0, sizeof(*authkey)); - if ((reply_len = fido_rx(dev, cmd, &reply, sizeof(reply), ms)) < 0) { + if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply), + ms)) < 0) { fido_log_debug("%s: fido_rx", __func__); return (FIDO_ERR_RX); } diff --git a/src/bio.c b/src/bio.c index 74814b9..c1032d8 100644 --- a/src/bio.c +++ b/src/bio.c @@ -109,8 +109,8 @@ bio_tx(fido_dev_t *dev, uint8_t cmd, cbor_item_t **sub_argv, size_t sub_argc, } /* framing and transmission */ - if (cbor_build_frame(CTAP_CBOR_BIO_ENROLL_PRE, argv, 5, &f) < 0 || - fido_tx(dev, CTAP_FRAME_INIT | CTAP_CMD_CBOR, f.ptr, f.len) < 0) { + if (cbor_build_frame(CTAP_CBOR_BIO_ENROLL_PRE, argv, nitems(argv), + &f) < 0 || fido_tx(dev, CTAP_CMD_CBOR, f.ptr, f.len) < 0) { fido_log_debug("%s: fido_tx", __func__); r = FIDO_ERR_TX; goto fail; @@ -235,14 +235,14 @@ bio_parse_template_array(const cbor_item_t *key, const cbor_item_t *val, static int bio_rx_template_array(fido_dev_t *dev, fido_bio_template_array_t *ta, int ms) { - const uint8_t cmd = CTAP_FRAME_INIT | CTAP_CMD_CBOR; - unsigned char reply[2048]; + unsigned char reply[FIDO_MAXMSG]; int reply_len; int r; bio_reset_template_array(ta); - if ((reply_len = fido_rx(dev, cmd, &reply, sizeof(reply), ms)) < 0) { + if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply), + ms)) < 0) { fido_log_debug("%s: fido_rx", __func__); return (FIDO_ERR_RX); } @@ -382,8 +382,7 @@ static int bio_rx_enroll_begin(fido_dev_t *dev, fido_bio_template_t *t, fido_bio_enroll_t *e, int ms) { - const uint8_t cmd = CTAP_FRAME_INIT | CTAP_CMD_CBOR; - unsigned char reply[2048]; + unsigned char reply[FIDO_MAXMSG]; int reply_len; int r; @@ -392,7 +391,8 @@ bio_rx_enroll_begin(fido_dev_t *dev, fido_bio_template_t *t, e->remaining_samples = 0; e->last_status = 0; - if ((reply_len = fido_rx(dev, cmd, &reply, sizeof(reply), ms)) < 0) { + if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply), + ms)) < 0) { fido_log_debug("%s: fido_rx", __func__); return (FIDO_ERR_RX); } @@ -407,7 +407,7 @@ bio_rx_enroll_begin(fido_dev_t *dev, fido_bio_template_t *t, fido_log_debug("%s: bio_parse_template_id", __func__); return (r); } - + return (FIDO_OK); } @@ -482,15 +482,15 @@ fail: static int bio_rx_enroll_continue(fido_dev_t *dev, fido_bio_enroll_t *e, int ms) { - const uint8_t cmd = CTAP_FRAME_INIT | CTAP_CMD_CBOR; - unsigned char reply[2048]; + unsigned char reply[FIDO_MAXMSG]; int reply_len; int r; e->remaining_samples = 0; e->last_status = 0; - if ((reply_len = fido_rx(dev, cmd, &reply, sizeof(reply), ms)) < 0) { + if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply), + ms)) < 0) { fido_log_debug("%s: fido_rx", __func__); return (FIDO_ERR_RX); } @@ -500,7 +500,7 @@ bio_rx_enroll_continue(fido_dev_t *dev, fido_bio_enroll_t *e, int ms) fido_log_debug("%s: bio_parse_enroll_status", __func__); return (r); } - + return (FIDO_OK); } @@ -643,14 +643,14 @@ bio_parse_info(const cbor_item_t *key, const cbor_item_t *val, void *arg) static int bio_rx_info(fido_dev_t *dev, fido_bio_info_t *i, int ms) { - const uint8_t cmd = CTAP_FRAME_INIT | CTAP_CMD_CBOR; - unsigned char reply[2048]; + unsigned char reply[FIDO_MAXMSG]; int reply_len; int r; bio_reset_info(i); - if ((reply_len = fido_rx(dev, cmd, &reply, sizeof(reply), ms)) < 0) { + if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply), + ms)) < 0) { fido_log_debug("%s: fido_rx", __func__); return (FIDO_ERR_RX); } diff --git a/src/blob.h b/src/blob.h index 24fdc23..9e98d03 100644 --- a/src/blob.h +++ b/src/blob.h @@ -7,6 +7,13 @@ #ifndef _BLOB_H #define _BLOB_H +#include +#include + +#ifdef __cplusplus +extern "C" { +#endif /* __cplusplus */ + typedef struct fido_blob { unsigned char *ptr; size_t len; @@ -25,4 +32,8 @@ int fido_blob_set(fido_blob_t *, const unsigned char *, size_t); void fido_blob_free(fido_blob_t **); void fido_free_blob_array(fido_blob_array_t *); +#ifdef __cplusplus +} /* extern "C" */ +#endif /* __cplusplus */ + #endif /* !_BLOB_H */ diff --git a/src/cbor.c b/src/cbor.c index 3e03592..3928325 100644 --- a/src/cbor.c +++ b/src/cbor.c @@ -313,6 +313,35 @@ fail: return (ok); } +static int +cbor_add_uint8(cbor_item_t *item, const char *key, uint8_t value) +{ + struct cbor_pair pair; + int ok = -1; + + memset(&pair, 0, sizeof(pair)); + + if ((pair.key = cbor_build_string(key)) == NULL || + (pair.value = cbor_build_uint8(value)) == NULL) { + fido_log_debug("%s: cbor_build", __func__); + goto fail; + } + + if (!cbor_map_add(item, pair)) { + fido_log_debug("%s: cbor_map_add", __func__); + goto fail; + } + + ok = 0; +fail: + if (pair.key) + cbor_decref(&pair.key); + if (pair.value) + cbor_decref(&pair.value); + + return (ok); +} + static int cbor_add_arg(cbor_item_t *item, uint8_t n, cbor_item_t *arg) { @@ -535,19 +564,29 @@ fail: } cbor_item_t * -cbor_encode_extensions(int ext) +cbor_encode_extensions(const fido_cred_ext_t *ext) { cbor_item_t *item = NULL; + size_t size = 0; - if (ext == 0 || ext != FIDO_EXT_HMAC_SECRET) - return (NULL); - - if ((item = cbor_new_definite_map(1)) == NULL) + if (ext->mask & FIDO_EXT_HMAC_SECRET) + size++; + if (ext->mask & FIDO_EXT_CRED_PROTECT) + size++; + if (size == 0 || (item = cbor_new_definite_map(size)) == NULL) return (NULL); - if (cbor_add_bool(item, "hmac-secret", FIDO_OPT_TRUE) < 0) { - cbor_decref(&item); - return (NULL); + if (ext->mask & FIDO_EXT_HMAC_SECRET) { + if (cbor_add_bool(item, "hmac-secret", FIDO_OPT_TRUE) < 0) { + cbor_decref(&item); + return (NULL); + } + } + if (ext->mask & FIDO_EXT_CRED_PROTECT) { + if (cbor_add_uint8(item, "credProtect", ext->prot) < 0) { + cbor_decref(&item); + return (NULL); + } } return (item); @@ -1082,26 +1121,35 @@ fail: static int decode_extension(const cbor_item_t *key, const cbor_item_t *val, void *arg) { - int *authdata_ext = arg; - char *type = NULL; - int ok = -1; + fido_cred_ext_t *authdata_ext = arg; + char *type = NULL; + int ok = -1; - if (cbor_string_copy(key, &type) < 0 || strcmp(type, "hmac-secret")) { + if (cbor_string_copy(key, &type) < 0) { fido_log_debug("%s: cbor type", __func__); ok = 0; /* ignore */ goto out; } - if (cbor_isa_float_ctrl(val) == false || - cbor_float_get_width(val) != CBOR_FLOAT_0 || - cbor_is_bool(val) == false || *authdata_ext != 0) { - fido_log_debug("%s: cbor type", __func__); - goto out; + if (strcmp(type, "hmac-secret") == 0) { + if (cbor_isa_float_ctrl(val) == false || + cbor_float_get_width(val) != CBOR_FLOAT_0 || + cbor_is_bool(val) == false) { + fido_log_debug("%s: cbor type", __func__); + goto out; + } + if (cbor_ctrl_value(val) == CBOR_CTRL_TRUE) + authdata_ext->mask |= FIDO_EXT_HMAC_SECRET; + } else if (strcmp(type, "credProtect") == 0) { + if (cbor_isa_uint(val) == false || + cbor_int_get_width(val) != CBOR_INT_8) { + fido_log_debug("%s: cbor type", __func__); + goto out; + } + authdata_ext->mask |= FIDO_EXT_CRED_PROTECT; + authdata_ext->prot = cbor_get_uint8(val); } - if (cbor_ctrl_value(val) == CBOR_CTRL_TRUE) - *authdata_ext |= FIDO_EXT_HMAC_SECRET; - ok = 0; out: free(type); @@ -1110,7 +1158,8 @@ out: } static int -decode_extensions(const unsigned char **buf, size_t *len, int *authdata_ext) +decode_extensions(const unsigned char **buf, size_t *len, + fido_cred_ext_t *authdata_ext) { cbor_item_t *item = NULL; struct cbor_load_result cbor; @@ -1118,8 +1167,9 @@ decode_extensions(const unsigned char **buf, size_t *len, int *authdata_ext) fido_log_debug("%s: buf=%p, len=%zu", __func__, (const void *)*buf, *len); + fido_log_xxd(*buf, *len); - *authdata_ext = 0; + memset(authdata_ext, 0, sizeof(*authdata_ext)); if ((item = cbor_load(*buf, *len, &cbor)) == NULL) { fido_log_debug("%s: cbor_load", __func__); @@ -1129,7 +1179,6 @@ decode_extensions(const unsigned char **buf, size_t *len, int *authdata_ext) if (cbor_isa_map(item) == false || cbor_map_is_definite(item) == false || - cbor_map_size(item) != 1 || cbor_map_iter(item, authdata_ext, decode_extension) < 0) { fido_log_debug("%s: cbor type", __func__); goto fail; @@ -1204,7 +1253,7 @@ fail: int cbor_decode_cred_authdata(const cbor_item_t *item, int cose_alg, fido_blob_t *authdata_cbor, fido_authdata_t *authdata, - fido_attcred_t *attcred, int *authdata_ext) + fido_attcred_t *attcred, fido_cred_ext_t *authdata_ext) { const unsigned char *buf = NULL; size_t len; @@ -1227,6 +1276,7 @@ cbor_decode_cred_authdata(const cbor_item_t *item, int cose_alg, len = cbor_bytestring_length(item); fido_log_debug("%s: buf=%p, len=%zu", __func__, (const void *)buf, len); + fido_log_xxd(buf, len); if (fido_buf_read(&buf, &len, authdata, sizeof(*authdata)) < 0) { fido_log_debug("%s: fido_buf_read", __func__); @@ -1316,6 +1366,7 @@ decode_attstmt_entry(const cbor_item_t *key, const cbor_item_t *val, void *arg) { fido_attstmt_t *attstmt = arg; char *name = NULL; + int cose_alg = 0; int ok = -1; if (cbor_string_copy(key, &name) < 0) { @@ -1326,11 +1377,16 @@ decode_attstmt_entry(const cbor_item_t *key, const cbor_item_t *val, void *arg) if (!strcmp(name, "alg")) { if (cbor_isa_negint(val) == false || - cbor_int_get_width(val) != CBOR_INT_8 || - cbor_get_uint8(val) != -COSE_ES256 - 1) { + cbor_get_int(val) > UINT16_MAX) { fido_log_debug("%s: alg", __func__); goto out; } + if ((cose_alg = -(int)cbor_get_int(val) - 1) != COSE_ES256 && + cose_alg != COSE_RS256 && cose_alg != COSE_EDDSA) { + fido_log_debug("%s: unsupported cose_alg=%d", __func__, + cose_alg); + goto out; + } } else if (!strcmp(name, "sig")) { if (cbor_bytestring_copy(val, &attstmt->sig.ptr, &attstmt->sig.len) < 0) { diff --git a/src/cred.c b/src/cred.c index c4e1edb..4ecbba8 100644 --- a/src/cred.c +++ b/src/cred.c @@ -76,8 +76,8 @@ fido_dev_make_cred_tx(fido_dev_t *dev, fido_cred_t *cred, const char *pin) } /* extensions */ - if (cred->ext) - if ((argv[5] = cbor_encode_extensions(cred->ext)) == NULL) { + if (cred->ext.mask) + if ((argv[5] = cbor_encode_extensions(&cred->ext)) == NULL) { fido_log_debug("%s: cbor_encode_extensions", __func__); r = FIDO_ERR_INTERNAL; goto fail; @@ -106,8 +106,8 @@ fido_dev_make_cred_tx(fido_dev_t *dev, fido_cred_t *cred, const char *pin) } /* framing and transmission */ - if (cbor_build_frame(CTAP_CBOR_MAKECRED, argv, 9, &f) < 0 || - fido_tx(dev, CTAP_FRAME_INIT | CTAP_CMD_CBOR, f.ptr, f.len) < 0) { + if (cbor_build_frame(CTAP_CBOR_MAKECRED, argv, nitems(argv), &f) < 0 || + fido_tx(dev, CTAP_CMD_CBOR, f.ptr, f.len) < 0) { fido_log_debug("%s: fido_tx", __func__); r = FIDO_ERR_TX; goto fail; @@ -126,14 +126,14 @@ fail: static int fido_dev_make_cred_rx(fido_dev_t *dev, fido_cred_t *cred, int ms) { - const uint8_t cmd = CTAP_FRAME_INIT | CTAP_CMD_CBOR; - unsigned char reply[2048]; + unsigned char reply[FIDO_MAXMSG]; int reply_len; int r; fido_cred_reset_rx(cred); - if ((reply_len = fido_rx(dev, cmd, &reply, sizeof(reply), ms)) < 0) { + if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply), + ms)) < 0) { fido_log_debug("%s: fido_rx", __func__); return (FIDO_ERR_RX); } @@ -170,7 +170,8 @@ int fido_dev_make_cred(fido_dev_t *dev, fido_cred_t *cred, const char *pin) { if (fido_dev_is_fido2(dev) == false) { - if (pin != NULL || cred->rk == FIDO_OPT_TRUE || cred->ext != 0) + if (pin != NULL || cred->rk == FIDO_OPT_TRUE || + cred->ext.mask != 0) return (FIDO_ERR_UNSUPPORTED_OPTION); return (u2f_register(dev, cred, -1)); } @@ -179,15 +180,9 @@ fido_dev_make_cred(fido_dev_t *dev, fido_cred_t *cred, const char *pin) } static int -check_extensions(int authdata_ext, int ext) +check_extensions(const fido_cred_ext_t *authdata_ext, const fido_cred_ext_t *ext) { - if (authdata_ext != ext) { - fido_log_debug("%s: authdata_ext=0x%x != ext=0x%x", __func__, - authdata_ext, ext); - return (-1); - } - - return (0); + return (timingsafe_bcmp(authdata_ext, ext, sizeof(*authdata_ext))); } int @@ -207,48 +202,6 @@ fido_check_rp_id(const char *id, const unsigned char *obtained_hash) SHA256_DIGEST_LENGTH)); } -static int -get_signed_hash_packed(fido_blob_t *dgst, const fido_blob_t *clientdata, - const fido_blob_t *authdata_cbor) -{ - cbor_item_t *item = NULL; - unsigned char *authdata_ptr = NULL; - size_t authdata_len; - struct cbor_load_result cbor; - SHA256_CTX ctx; - int ok = -1; - - if ((item = cbor_load(authdata_cbor->ptr, authdata_cbor->len, - &cbor)) == NULL) { - fido_log_debug("%s: cbor_load", __func__); - goto fail; - } - - if (cbor_isa_bytestring(item) == false || - cbor_bytestring_is_definite(item) == false) { - fido_log_debug("%s: cbor type", __func__); - goto fail; - } - - authdata_ptr = cbor_bytestring_handle(item); - authdata_len = cbor_bytestring_length(item); - - if (dgst->len != SHA256_DIGEST_LENGTH || SHA256_Init(&ctx) == 0 || - SHA256_Update(&ctx, authdata_ptr, authdata_len) == 0 || - SHA256_Update(&ctx, clientdata->ptr, clientdata->len) == 0 || - SHA256_Final(dgst->ptr, &ctx) == 0) { - fido_log_debug("%s: sha256", __func__); - goto fail; - } - - ok = 0; -fail: - if (item != NULL) - cbor_decref(&item); - - return (ok); -} - static int get_signed_hash_u2f(fido_blob_t *dgst, const unsigned char *rp_id, size_t rp_id_len, const fido_blob_t *clientdata, const fido_blob_t *id, @@ -356,16 +309,16 @@ fido_cred_verify(const fido_cred_t *cred) goto out; } - if (check_extensions(cred->authdata_ext, cred->ext) < 0) { + if (check_extensions(&cred->authdata_ext, &cred->ext) != 0) { fido_log_debug("%s: check_extensions", __func__); r = FIDO_ERR_INVALID_PARAM; goto out; } if (!strcmp(cred->fmt, "packed")) { - if (get_signed_hash_packed(&dgst, &cred->cdh, + if (fido_get_signed_hash(COSE_ES256, &dgst, &cred->cdh, &cred->authdata_cbor) < 0) { - fido_log_debug("%s: get_signed_hash_packed", __func__); + fido_log_debug("%s: fido_get_signed_hash", __func__); r = FIDO_ERR_INTERNAL; goto out; } @@ -395,7 +348,7 @@ out: int fido_cred_verify_self(const fido_cred_t *cred) { - unsigned char buf[SHA256_DIGEST_LENGTH]; + unsigned char buf[1024]; /* XXX */ fido_blob_t dgst; int ok = -1; int r; @@ -431,16 +384,16 @@ fido_cred_verify_self(const fido_cred_t *cred) goto out; } - if (check_extensions(cred->authdata_ext, cred->ext) < 0) { + if (check_extensions(&cred->authdata_ext, &cred->ext) != 0) { fido_log_debug("%s: check_extensions", __func__); r = FIDO_ERR_INVALID_PARAM; goto out; } if (!strcmp(cred->fmt, "packed")) { - if (get_signed_hash_packed(&dgst, &cred->cdh, + if (fido_get_signed_hash(cred->attcred.type, &dgst, &cred->cdh, &cred->authdata_cbor) < 0) { - fido_log_debug("%s: get_signed_hash_packed", __func__); + fido_log_debug("%s: fido_get_signed_hash", __func__); r = FIDO_ERR_INTERNAL; goto out; } @@ -519,9 +472,9 @@ fido_cred_reset_tx(fido_cred_t *cred) memset(&cred->rp, 0, sizeof(cred->rp)); memset(&cred->user, 0, sizeof(cred->user)); memset(&cred->excl, 0, sizeof(cred->excl)); + memset(&cred->ext, 0, sizeof(cred->ext)); cred->type = 0; - cred->ext = 0; cred->rk = FIDO_OPT_OMIT; cred->uv = FIDO_OPT_OMIT; } @@ -810,10 +763,14 @@ fail: int fido_cred_set_extensions(fido_cred_t *cred, int ext) { - if (ext != 0 && ext != FIDO_EXT_HMAC_SECRET) - return (FIDO_ERR_INVALID_ARGUMENT); - - cred->ext = ext; + if (ext == 0) + cred->ext.mask = 0; + else { + if (ext != FIDO_EXT_HMAC_SECRET && + ext != FIDO_EXT_CRED_PROTECT) + return (FIDO_ERR_INVALID_ARGUMENT); + cred->ext.mask |= ext; + } return (FIDO_OK); } @@ -843,6 +800,25 @@ fido_cred_set_uv(fido_cred_t *cred, fido_opt_t uv) return (FIDO_OK); } +int +fido_cred_set_prot(fido_cred_t *cred, int prot) +{ + if (prot == 0) { + cred->ext.mask &= ~FIDO_EXT_CRED_PROTECT; + cred->ext.prot = 0; + } else { + if (prot != FIDO_CRED_PROT_UV_OPTIONAL && + prot != FIDO_CRED_PROT_UV_OPTIONAL_WITH_ID && + prot != FIDO_CRED_PROT_UV_REQUIRED) + return (FIDO_ERR_INVALID_ARGUMENT); + + cred->ext.mask |= FIDO_EXT_CRED_PROTECT; + cred->ext.prot = prot; + } + + return (FIDO_OK); +} + int fido_cred_set_fmt(fido_cred_t *cred, const char *fmt) { @@ -991,6 +967,12 @@ fido_cred_id_len(const fido_cred_t *cred) return (cred->attcred.id.len); } +int +fido_cred_prot(const fido_cred_t *cred) +{ + return (cred->ext.prot); +} + const char * fido_cred_fmt(const fido_cred_t *cred) { diff --git a/src/credman.c b/src/credman.c index 76327e5..a382185 100644 --- a/src/credman.c +++ b/src/credman.c @@ -137,8 +137,8 @@ credman_tx(fido_dev_t *dev, uint8_t cmd, const fido_blob_t *param, } /* framing and transmission */ - if (cbor_build_frame(CTAP_CBOR_CRED_MGMT_PRE, argv, 4, &f) < 0 || - fido_tx(dev, CTAP_FRAME_INIT | CTAP_CMD_CBOR, f.ptr, f.len) < 0) { + if (cbor_build_frame(CTAP_CBOR_CRED_MGMT_PRE, argv, nitems(argv), + &f) < 0 || fido_tx(dev, CTAP_CMD_CBOR, f.ptr, f.len) < 0) { fido_log_debug("%s: fido_tx", __func__); r = FIDO_ERR_TX; goto fail; @@ -181,14 +181,14 @@ credman_parse_metadata(const cbor_item_t *key, const cbor_item_t *val, static int credman_rx_metadata(fido_dev_t *dev, fido_credman_metadata_t *metadata, int ms) { - const uint8_t cmd = CTAP_FRAME_INIT | CTAP_CMD_CBOR; - unsigned char reply[512]; + unsigned char reply[FIDO_MAXMSG]; int reply_len; int r; memset(metadata, 0, sizeof(*metadata)); - if ((reply_len = fido_rx(dev, cmd, &reply, sizeof(reply), ms)) < 0) { + if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply), + ms)) < 0) { fido_log_debug("%s: fido_rx", __func__); return (FIDO_ERR_RX); } @@ -300,14 +300,14 @@ credman_parse_rk_count(const cbor_item_t *key, const cbor_item_t *val, static int credman_rx_rk(fido_dev_t *dev, fido_credman_rk_t *rk, int ms) { - const uint8_t cmd = CTAP_FRAME_INIT | CTAP_CMD_CBOR; - unsigned char reply[2048]; + unsigned char reply[FIDO_MAXMSG]; int reply_len; int r; credman_reset_rk(rk); - if ((reply_len = fido_rx(dev, cmd, &reply, sizeof(reply), ms)) < 0) { + if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply), + ms)) < 0) { fido_log_debug("%s: fido_rx", __func__); return (FIDO_ERR_RX); } @@ -339,12 +339,12 @@ credman_rx_rk(fido_dev_t *dev, fido_credman_rk_t *rk, int ms) static int credman_rx_next_rk(fido_dev_t *dev, fido_credman_rk_t *rk, int ms) { - const uint8_t cmd = CTAP_FRAME_INIT | CTAP_CMD_CBOR; - unsigned char reply[2048]; + unsigned char reply[FIDO_MAXMSG]; int reply_len; int r; - if ((reply_len = fido_rx(dev, cmd, &reply, sizeof(reply), ms)) < 0) { + if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply), + ms)) < 0) { fido_log_debug("%s: fido_rx", __func__); return (FIDO_ERR_RX); } @@ -514,14 +514,14 @@ credman_parse_rp_count(const cbor_item_t *key, const cbor_item_t *val, static int credman_rx_rp(fido_dev_t *dev, fido_credman_rp_t *rp, int ms) { - const uint8_t cmd = CTAP_FRAME_INIT | CTAP_CMD_CBOR; - unsigned char reply[2048]; + unsigned char reply[FIDO_MAXMSG]; int reply_len; int r; credman_reset_rp(rp); - if ((reply_len = fido_rx(dev, cmd, &reply, sizeof(reply), ms)) < 0) { + if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply), + ms)) < 0) { fido_log_debug("%s: fido_rx", __func__); return (FIDO_ERR_RX); } @@ -553,12 +553,12 @@ credman_rx_rp(fido_dev_t *dev, fido_credman_rp_t *rp, int ms) static int credman_rx_next_rp(fido_dev_t *dev, fido_credman_rp_t *rp, int ms) { - const uint8_t cmd = CTAP_FRAME_INIT | CTAP_CMD_CBOR; - unsigned char reply[2048]; + unsigned char reply[FIDO_MAXMSG]; int reply_len; int r; - if ((reply_len = fido_rx(dev, cmd, &reply, sizeof(reply), ms)) < 0) { + if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply), + ms)) < 0) { fido_log_debug("%s: fido_rx", __func__); return (FIDO_ERR_RX); } diff --git a/src/dev.c b/src/dev.c index d0efac7..51b9935 100644 --- a/src/dev.c +++ b/src/dev.c @@ -6,6 +6,9 @@ #include #include +#ifdef HAVE_SYS_RANDOM_H +#include +#endif #include #include @@ -39,7 +42,22 @@ obtain_nonce(uint64_t *nonce) return (0); } -#elif defined(HAS_DEV_URANDOM) +#elif defined(HAVE_ARC4RANDOM_BUF) +static int +obtain_nonce(uint64_t *nonce) +{ + arc4random_buf(nonce, sizeof(*nonce)); + return (0); +} +#elif defined(HAVE_GETRANDOM) +static int +obtain_nonce(uint64_t *nonce) +{ + if (getrandom(nonce, sizeof(*nonce), 0) < 0) + return (-1); + return (0); +} +#elif defined(HAVE_DEV_URANDOM) static int obtain_nonce(uint64_t *nonce) { @@ -64,10 +82,34 @@ fail: #error "please provide an implementation of obtain_nonce() for your platform" #endif /* _WIN32 */ +#ifndef TLS +#define TLS +#endif + +typedef struct dev_manifest_func_node { + dev_manifest_func_t manifest_func; + struct dev_manifest_func_node *next; +} dev_manifest_func_node_t; + +static TLS dev_manifest_func_node_t *manifest_funcs = NULL; + +static void +find_manifest_func_node(dev_manifest_func_t f, dev_manifest_func_node_t **curr, + dev_manifest_func_node_t **prev) +{ + *prev = NULL; + *curr = manifest_funcs; + + while (*curr != NULL && (*curr)->manifest_func != f) { + *prev = *curr; + *curr = (*curr)->next; + } +} + static int fido_dev_open_tx(fido_dev_t *dev, const char *path) { - const uint8_t cmd = CTAP_FRAME_INIT | CTAP_CMD_INIT; + const uint8_t cmd = CTAP_CMD_INIT; if (dev->io_handle != NULL) { fido_log_debug("%s: handle=%p", __func__, dev->io_handle); @@ -102,11 +144,14 @@ fido_dev_open_tx(fido_dev_t *dev, const char *path) static int fido_dev_open_rx(fido_dev_t *dev, int ms) { - const uint8_t cmd = CTAP_FRAME_INIT | CTAP_CMD_INIT; - int n; + fido_cbor_info_t *info = NULL; + int reply_len; + int r; - if ((n = fido_rx(dev, cmd, &dev->attr, sizeof(dev->attr), ms)) < 0) { + if ((reply_len = fido_rx(dev, CTAP_CMD_INIT, &dev->attr, + sizeof(dev->attr), ms)) < 0) { fido_log_debug("%s: fido_rx", __func__); + r = FIDO_ERR_RX; goto fail; } @@ -114,19 +159,42 @@ fido_dev_open_rx(fido_dev_t *dev, int ms) dev->attr.nonce = dev->nonce; #endif - if ((size_t)n != sizeof(dev->attr) || dev->attr.nonce != dev->nonce) { + if ((size_t)reply_len != sizeof(dev->attr) || + dev->attr.nonce != dev->nonce) { fido_log_debug("%s: invalid nonce", __func__); + r = FIDO_ERR_RX; goto fail; } dev->cid = dev->attr.cid; - return (FIDO_OK); + if (fido_dev_is_fido2(dev)) { + if ((info = fido_cbor_info_new()) == NULL) { + fido_log_debug("%s: fido_cbor_info_new", __func__); + r = FIDO_ERR_INTERNAL; + goto fail; + } + if (fido_dev_get_cbor_info_wait(dev, info, ms) != FIDO_OK) { + fido_log_debug("%s: falling back to u2f", __func__); + fido_dev_force_u2f(dev); + } + } + + if (fido_dev_is_fido2(dev) && info != NULL) { + fido_log_debug("%s: FIDO_MAXMSG=%d, maxmsgsiz=%lu", __func__, + FIDO_MAXMSG, (unsigned long)fido_cbor_info_maxmsgsiz(info)); + } + + r = FIDO_OK; fail: - dev->io.close(dev->io_handle); - dev->io_handle = NULL; + fido_cbor_info_free(&info); + + if (r != FIDO_OK) { + dev->io.close(dev->io_handle); + dev->io_handle = NULL; + } - return (FIDO_ERR_RX); + return (r); } static int @@ -141,6 +209,79 @@ fido_dev_open_wait(fido_dev_t *dev, const char *path, int ms) return (FIDO_OK); } +int +fido_dev_register_manifest_func(const dev_manifest_func_t f) +{ + dev_manifest_func_node_t *prev, *curr, *n; + + find_manifest_func_node(f, &curr, &prev); + if (curr != NULL) + return (FIDO_OK); + + if ((n = calloc(1, sizeof(*n))) == NULL) { + fido_log_debug("%s: calloc", __func__); + return (FIDO_ERR_INTERNAL); + } + + n->manifest_func = f; + n->next = manifest_funcs; + manifest_funcs = n; + + return (FIDO_OK); +} + +void +fido_dev_unregister_manifest_func(const dev_manifest_func_t f) +{ + dev_manifest_func_node_t *prev, *curr; + + find_manifest_func_node(f, &curr, &prev); + if (curr == NULL) + return; + if (prev != NULL) + prev->next = curr->next; + else + manifest_funcs = curr->next; + + free(curr); +} + +int +fido_dev_info_manifest(fido_dev_info_t *devlist, size_t ilen, size_t *olen) +{ + dev_manifest_func_node_t *curr = NULL; + dev_manifest_func_t m_func; + size_t curr_olen; + int r; + + *olen = 0; + + if (fido_dev_register_manifest_func(fido_hid_manifest) != FIDO_OK) + return (FIDO_ERR_INTERNAL); + + for (curr = manifest_funcs; curr != NULL; curr = curr->next) { + curr_olen = 0; + m_func = curr->manifest_func; + r = m_func(devlist + *olen, ilen - *olen, &curr_olen); + if (r != FIDO_OK) + return (r); + *olen += curr_olen; + if (*olen == ilen) + break; + } + + return (FIDO_OK); +} + +int +fido_dev_open_with_info(fido_dev_t *dev) +{ + if (dev->path == NULL) + return (FIDO_ERR_INVALID_ARGUMENT); + + return (fido_dev_open_wait(dev, dev->path, -1)); +} + int fido_dev_open(fido_dev_t *dev, const char *path) { @@ -162,7 +303,7 @@ fido_dev_close(fido_dev_t *dev) int fido_dev_cancel(fido_dev_t *dev) { - if (fido_tx(dev, CTAP_FRAME_INIT | CTAP_CMD_CANCEL, NULL, 0) < 0) + if (fido_tx(dev, CTAP_CMD_CANCEL, NULL, 0) < 0) return (FIDO_ERR_TX); return (FIDO_OK); @@ -172,7 +313,7 @@ int fido_dev_set_io_functions(fido_dev_t *dev, const fido_dev_io_t *io) { if (dev->io_handle != NULL) { - fido_log_debug("%s: NULL handle", __func__); + fido_log_debug("%s: non-NULL handle", __func__); return (FIDO_ERR_INVALID_ARGUMENT); } @@ -182,10 +323,20 @@ fido_dev_set_io_functions(fido_dev_t *dev, const fido_dev_io_t *io) return (FIDO_ERR_INVALID_ARGUMENT); } - dev->io.open = io->open; - dev->io.close = io->close; - dev->io.read = io->read; - dev->io.write = io->write; + dev->io = *io; + + return (FIDO_OK); +} + +int +fido_dev_set_transport_functions(fido_dev_t *dev, const fido_dev_transport_t *t) +{ + if (dev->io_handle != NULL) { + fido_log_debug("%s: non-NULL handle", __func__); + return (FIDO_ERR_INVALID_ARGUMENT); + } + + dev->transport = *t; return (FIDO_OK); } @@ -200,21 +351,44 @@ fido_init(int flags) fido_dev_t * fido_dev_new(void) { - fido_dev_t *dev; - fido_dev_io_t io; + fido_dev_t *dev; if ((dev = calloc(1, sizeof(*dev))) == NULL) return (NULL); dev->cid = CTAP_CID_BROADCAST; + dev->io = (fido_dev_io_t) { + &fido_hid_open, + &fido_hid_close, + &fido_hid_read, + &fido_hid_write, + }; + + return (dev); +} + +fido_dev_t * +fido_dev_new_with_info(const fido_dev_info_t *di) +{ + fido_dev_t *dev; + + if ((dev = calloc(1, sizeof(*dev))) == NULL) + return (NULL); + + dev->cid = CTAP_CID_BROADCAST; + + if (di->io.open == NULL || di->io.close == NULL || + di->io.read == NULL || di->io.write == NULL) { + fido_log_debug("%s: NULL function", __func__); + fido_dev_free(&dev); + return (NULL); + } - io.open = fido_hid_open; - io.close = fido_hid_close; - io.read = fido_hid_read; - io.write = fido_hid_write; + dev->io = di->io; + dev->transport = di->transport; - if (fido_dev_set_io_functions(dev, &io) != FIDO_OK) { - fido_log_debug("%s: fido_dev_set_io_functions", __func__); + if ((dev->path = strdup(di->path)) == NULL) { + fido_log_debug("%s: strdup", __func__); fido_dev_free(&dev); return (NULL); } @@ -230,6 +404,7 @@ fido_dev_free(fido_dev_t **dev_p) if (dev_p == NULL || (dev = *dev_p) == NULL) return; + free(dev->path); free(dev); *dev_p = NULL; diff --git a/src/eddsa.c b/src/eddsa.c index 92a0222..44a5563 100644 --- a/src/eddsa.c +++ b/src/eddsa.c @@ -23,6 +23,8 @@ EVP_PKEY_new_raw_public_key(int type, ENGINE *e, const unsigned char *key, (void)key; (void)keylen; + fido_log_debug("%s: unimplemented", __func__); + return (NULL); } @@ -34,6 +36,8 @@ EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, unsigned char *pub, (void)pub; (void)len; + fido_log_debug("%s: unimplemented", __func__); + return (0); } @@ -47,6 +51,8 @@ EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret, size_t siglen, (void)tbs; (void)tbslen; + fido_log_debug("%s: unimplemented", __func__); + return (0); } #endif /* LIBRESSL_VERSION_NUMBER || OPENSSL_VERSION_NUMBER < 0x10101000L */ @@ -55,6 +61,8 @@ EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret, size_t siglen, EVP_MD_CTX * EVP_MD_CTX_new(void) { + fido_log_debug("%s: unimplemented", __func__); + return (NULL); } diff --git a/src/err.c b/src/err.c index 5d3efd4..6261bfc 100644 --- a/src/err.c +++ b/src/err.c @@ -29,7 +29,7 @@ fido_strerr(int n) case FIDO_ERR_INVALID_CHANNEL: return "FIDO_ERR_INVALID_CHANNEL"; case FIDO_ERR_CBOR_UNEXPECTED_TYPE: - return "FIDO_ERR_UNEXPECTED_TYPE"; + return "FIDO_ERR_CBOR_UNEXPECTED_TYPE"; case FIDO_ERR_INVALID_CBOR: return "FIDO_ERR_INVALID_CBOR"; case FIDO_ERR_MISSING_PARAMETER: @@ -45,7 +45,7 @@ fido_strerr(int n) case FIDO_ERR_INVALID_CREDENTIAL: return "FIDO_ERR_INVALID_CREDENTIAL"; case FIDO_ERR_USER_ACTION_PENDING: - return "FIDO_ERR_ACTION_PENDING"; + return "FIDO_ERR_USER_ACTION_PENDING"; case FIDO_ERR_OPERATION_PENDING: return "FIDO_ERR_OPERATION_PENDING"; case FIDO_ERR_NO_OPERATIONS: @@ -55,11 +55,11 @@ fido_strerr(int n) case FIDO_ERR_OPERATION_DENIED: return "FIDO_ERR_OPERATION_DENIED"; case FIDO_ERR_KEY_STORE_FULL: - return "FIDO_ERR_STORE_FULL"; + return "FIDO_ERR_KEY_STORE_FULL"; case FIDO_ERR_NOT_BUSY: return "FIDO_ERR_NOT_BUSY"; case FIDO_ERR_NO_OPERATION_PENDING: - return "FIDO_ERR_OPERATION_PENDING"; + return "FIDO_ERR_NO_OPERATION_PENDING"; case FIDO_ERR_UNSUPPORTED_OPTION: return "FIDO_ERR_UNSUPPORTED_OPTION"; case FIDO_ERR_INVALID_OPTION: @@ -69,7 +69,7 @@ fido_strerr(int n) case FIDO_ERR_NO_CREDENTIALS: return "FIDO_ERR_NO_CREDENTIALS"; case FIDO_ERR_USER_ACTION_TIMEOUT: - return "FIDO_ERR_ACTION_TIMEOUT"; + return "FIDO_ERR_USER_ACTION_TIMEOUT"; case FIDO_ERR_NOT_ALLOWED: return "FIDO_ERR_NOT_ALLOWED"; case FIDO_ERR_PIN_INVALID: @@ -77,25 +77,25 @@ fido_strerr(int n) case FIDO_ERR_PIN_BLOCKED: return "FIDO_ERR_PIN_BLOCKED"; case FIDO_ERR_PIN_AUTH_INVALID: - return "FIDO_ERR_AUTH_INVALID"; + return "FIDO_ERR_PIN_AUTH_INVALID"; case FIDO_ERR_PIN_AUTH_BLOCKED: - return "FIDO_ERR_AUTH_BLOCKED"; + return "FIDO_ERR_PIN_AUTH_BLOCKED"; case FIDO_ERR_PIN_NOT_SET: - return "FIDO_ERR_NOT_SET"; + return "FIDO_ERR_PIN_NOT_SET"; case FIDO_ERR_PIN_REQUIRED: return "FIDO_ERR_PIN_REQUIRED"; case FIDO_ERR_PIN_POLICY_VIOLATION: - return "FIDO_ERR_POLICY_VIOLATION"; + return "FIDO_ERR_PIN_POLICY_VIOLATION"; case FIDO_ERR_PIN_TOKEN_EXPIRED: - return "FIDO_ERR_TOKEN_EXPIRED"; + return "FIDO_ERR_PIN_TOKEN_EXPIRED"; case FIDO_ERR_REQUEST_TOO_LARGE: - return "FIDO_ERR_TOO_LARGE"; + return "FIDO_ERR_REQUEST_TOO_LARGE"; case FIDO_ERR_ACTION_TIMEOUT: return "FIDO_ERR_ACTION_TIMEOUT"; case FIDO_ERR_UP_REQUIRED: return "FIDO_ERR_UP_REQUIRED"; case FIDO_ERR_ERR_OTHER: - return "FIDO_ERR_OTHER"; + return "FIDO_ERR_ERR_OTHER"; case FIDO_ERR_SPEC_LAST: return "FIDO_ERR_SPEC_LAST"; case FIDO_ERR_TX: diff --git a/src/es256.c b/src/es256.c index c8fd9f4..020ecaa 100644 --- a/src/es256.c +++ b/src/es256.c @@ -176,10 +176,15 @@ es256_pk_free(es256_pk_t **pkp) int es256_pk_from_ptr(es256_pk_t *pk, const void *ptr, size_t len) { + const uint8_t *p = ptr; + if (len < sizeof(*pk)) return (FIDO_ERR_INVALID_ARGUMENT); - memcpy(pk, ptr, sizeof(*pk)); + if (len == sizeof(*pk) + 1 && *p == 0x04) + memcpy(pk, ++p, sizeof(*pk)); /* uncompressed format */ + else + memcpy(pk, ptr, sizeof(*pk)); /* libfido2 x||y format */ return (FIDO_OK); } @@ -262,8 +267,12 @@ es256_pk_to_EVP_PKEY(const es256_pk_t *k) const int nid = NID_X9_62_prime256v1; int ok = -1; - if ((bnctx = BN_CTX_new()) == NULL || - (x = BN_CTX_get(bnctx)) == NULL || + if ((bnctx = BN_CTX_new()) == NULL) + goto fail; + + BN_CTX_start(bnctx); + + if ((x = BN_CTX_get(bnctx)) == NULL || (y = BN_CTX_get(bnctx)) == NULL) goto fail; @@ -296,12 +305,16 @@ es256_pk_to_EVP_PKEY(const es256_pk_t *k) ok = 0; fail: - if (bnctx != NULL) + if (bnctx != NULL) { + BN_CTX_end(bnctx); BN_CTX_free(bnctx); + } + if (ec != NULL) EC_KEY_free(ec); if (q != NULL) EC_POINT_free(q); + if (ok < 0 && pkey != NULL) { EVP_PKEY_free(pkey); pkey = NULL; @@ -313,7 +326,7 @@ fail: int es256_pk_from_EC_KEY(es256_pk_t *pk, const EC_KEY *ec) { - BN_CTX *ctx = NULL; + BN_CTX *bnctx = NULL; BIGNUM *x = NULL; BIGNUM *y = NULL; const EC_POINT *q = NULL; @@ -322,15 +335,17 @@ es256_pk_from_EC_KEY(es256_pk_t *pk, const EC_KEY *ec) int n; if ((q = EC_KEY_get0_public_key(ec)) == NULL || - (g = EC_KEY_get0_group(ec)) == NULL) + (g = EC_KEY_get0_group(ec)) == NULL || + (bnctx = BN_CTX_new()) == NULL) goto fail; - if ((ctx = BN_CTX_new()) == NULL || - (x = BN_CTX_get(ctx)) == NULL || - (y = BN_CTX_get(ctx)) == NULL) + BN_CTX_start(bnctx); + + if ((x = BN_CTX_get(bnctx)) == NULL || + (y = BN_CTX_get(bnctx)) == NULL) goto fail; - if (EC_POINT_get_affine_coordinates_GFp(g, q, x, y, ctx) == 0 || + if (EC_POINT_get_affine_coordinates_GFp(g, q, x, y, bnctx) == 0 || (n = BN_num_bytes(x)) < 0 || (size_t)n > sizeof(pk->x) || (n = BN_num_bytes(y)) < 0 || (size_t)n > sizeof(pk->y)) { fido_log_debug("%s: EC_POINT_get_affine_coordinates_GFp", @@ -346,8 +361,10 @@ es256_pk_from_EC_KEY(es256_pk_t *pk, const EC_KEY *ec) ok = FIDO_OK; fail: - if (ctx != NULL) - BN_CTX_free(ctx); + if (bnctx != NULL) { + BN_CTX_end(bnctx); + BN_CTX_free(bnctx); + } return (ok); } @@ -362,7 +379,12 @@ es256_sk_to_EVP_PKEY(const es256_sk_t *k) const int nid = NID_X9_62_prime256v1; int ok = -1; - if ((bnctx = BN_CTX_new()) == NULL || (d = BN_CTX_get(bnctx)) == NULL || + if ((bnctx = BN_CTX_new()) == NULL) + goto fail; + + BN_CTX_start(bnctx); + + if ((d = BN_CTX_get(bnctx)) == NULL || BN_bin2bn(k->d, sizeof(k->d), d) == NULL) { fido_log_debug("%s: BN_bin2bn", __func__); goto fail; @@ -384,10 +406,14 @@ es256_sk_to_EVP_PKEY(const es256_sk_t *k) ok = 0; fail: - if (bnctx != NULL) + if (bnctx != NULL) { + BN_CTX_end(bnctx); BN_CTX_free(bnctx); + } + if (ec != NULL) EC_KEY_free(ec); + if (ok < 0 && pkey != NULL) { EVP_PKEY_free(pkey); pkey = NULL; diff --git a/src/export.gnu b/src/export.gnu index f111e33..cbfa69f 100644 --- a/src/export.gnu +++ b/src/export.gnu @@ -76,6 +76,7 @@ fido_cbor_info_extensions_ptr; fido_cbor_info_free; fido_cbor_info_maxmsgsiz; + fido_cbor_info_fwversion; fido_cbor_info_new; fido_cbor_info_options_len; fido_cbor_info_options_name_ptr; @@ -115,6 +116,7 @@ fido_credman_rp_name; fido_credman_rp_new; fido_cred_new; + fido_cred_prot; fido_cred_pubkey_len; fido_cred_pubkey_ptr; fido_cred_rp_id; @@ -125,6 +127,7 @@ fido_cred_set_extensions; fido_cred_set_fmt; fido_cred_set_options; + fido_cred_set_prot; fido_cred_set_rk; fido_cred_set_rp; fido_cred_set_sig; @@ -171,7 +174,9 @@ fido_dev_reset; fido_dev_set_io_functions; fido_dev_set_pin; + fido_dev_set_transport_functions; fido_init; + fido_set_log_handler; fido_strerr; rs256_pk_free; rs256_pk_from_ptr; diff --git a/src/export.llvm b/src/export.llvm index ef99a26..abde2e9 100644 --- a/src/export.llvm +++ b/src/export.llvm @@ -74,6 +74,7 @@ _fido_cbor_info_extensions_len _fido_cbor_info_extensions_ptr _fido_cbor_info_free _fido_cbor_info_maxmsgsiz +_fido_cbor_info_fwversion _fido_cbor_info_new _fido_cbor_info_options_len _fido_cbor_info_options_name_ptr @@ -113,6 +114,7 @@ _fido_credman_rp_id_hash_ptr _fido_credman_rp_name _fido_credman_rp_new _fido_cred_new +_fido_cred_prot _fido_cred_pubkey_len _fido_cred_pubkey_ptr _fido_cred_rp_id @@ -123,6 +125,7 @@ _fido_cred_set_clientdata_hash _fido_cred_set_extensions _fido_cred_set_fmt _fido_cred_set_options +_fido_cred_set_prot _fido_cred_set_rk _fido_cred_set_rp _fido_cred_set_sig @@ -169,7 +172,9 @@ _fido_dev_protocol _fido_dev_reset _fido_dev_set_io_functions _fido_dev_set_pin +_fido_dev_set_transport_functions _fido_init +_fido_set_log_handler _fido_strerr _rs256_pk_free _rs256_pk_from_ptr diff --git a/src/export.msvc b/src/export.msvc index ff5425a..06ec69a 100644 --- a/src/export.msvc +++ b/src/export.msvc @@ -75,6 +75,7 @@ fido_cbor_info_extensions_len fido_cbor_info_extensions_ptr fido_cbor_info_free fido_cbor_info_maxmsgsiz +fido_cbor_info_fwversion fido_cbor_info_new fido_cbor_info_options_len fido_cbor_info_options_name_ptr @@ -114,6 +115,7 @@ fido_credman_rp_id_hash_ptr fido_credman_rp_name fido_credman_rp_new fido_cred_new +fido_cred_prot fido_cred_pubkey_len fido_cred_pubkey_ptr fido_cred_rp_id @@ -124,6 +126,7 @@ fido_cred_set_clientdata_hash fido_cred_set_extensions fido_cred_set_fmt fido_cred_set_options +fido_cred_set_prot fido_cred_set_rk fido_cred_set_rp fido_cred_set_sig @@ -170,7 +173,9 @@ fido_dev_protocol fido_dev_reset fido_dev_set_io_functions fido_dev_set_pin +fido_dev_set_transport_functions fido_init +fido_set_log_handler fido_strerr rs256_pk_free rs256_pk_from_ptr diff --git a/src/extern.h b/src/extern.h index c35af58..fc0a49d 100644 --- a/src/extern.h +++ b/src/extern.h @@ -7,6 +7,15 @@ #ifndef _EXTERN_H #define _EXTERN_H +#include + +#include "fido/types.h" +#include "blob.h" + +#ifdef __cplusplus +extern "C" { +#endif /* __cplusplus */ + /* aes256 */ int aes256_cbc_dec(const fido_blob_t *, const fido_blob_t *, fido_blob_t *); int aes256_cbc_enc(const fido_blob_t *, const fido_blob_t *, fido_blob_t *); @@ -16,7 +25,7 @@ cbor_item_t *cbor_flatten_vector(cbor_item_t **, size_t); cbor_item_t *cbor_encode_assert_options(fido_opt_t, fido_opt_t); cbor_item_t *cbor_encode_change_pin_auth(const fido_blob_t *, const fido_blob_t *, const fido_blob_t *); -cbor_item_t *cbor_encode_extensions(int); +cbor_item_t *cbor_encode_extensions(const fido_cred_ext_t *); cbor_item_t *cbor_encode_hmac_secret_param(const fido_blob_t *, const es256_pk_t *, const fido_blob_t *); cbor_item_t *cbor_encode_options(fido_opt_t, fido_opt_t); @@ -35,7 +44,7 @@ cbor_item_t *es256_pk_encode(const es256_pk_t *, int); /* cbor decoding functions */ int cbor_decode_attstmt(const cbor_item_t *, fido_attstmt_t *); int cbor_decode_cred_authdata(const cbor_item_t *, int, fido_blob_t *, - fido_authdata_t *, fido_attcred_t *, int *); + fido_authdata_t *, fido_attcred_t *, fido_cred_ext_t *); int cbor_decode_assert_authdata(const cbor_item_t *, fido_blob_t *, fido_authdata_t *, int *, fido_blob_t *); int cbor_decode_cred_id(const cbor_item_t *, fido_blob_t *); @@ -77,8 +86,8 @@ int fido_buf_write(unsigned char **, size_t *, const void *, size_t); /* hid i/o */ void *fido_hid_open(const char *); void fido_hid_close(void *); -int fido_hid_read(void *, unsigned char *, size_t, int); -int fido_hid_write(void *, const unsigned char *, size_t); +int fido_hid_read(void *, unsigned char *, size_t, int); +int fido_hid_write(void *, const unsigned char *, size_t); /* generic i/o */ int fido_rx_cbor_status(fido_dev_t *, int); @@ -109,6 +118,7 @@ int u2f_authenticate(fido_dev_t *, fido_assert_t *, int); /* unexposed fido ops */ int fido_dev_authkey(fido_dev_t *, es256_pk_t *); +int fido_dev_get_cbor_info_wait(fido_dev_t *, fido_cbor_info_t *, int); int fido_dev_get_pin_token(fido_dev_t *, const char *, const fido_blob_t *, const es256_pk_t *, fido_blob_t *); int fido_do_ecdh(fido_dev_t *, es256_pk_t **, fido_blob_t **); @@ -128,5 +138,19 @@ int fido_verify_sig_rs256(const fido_blob_t *, const rs256_pk_t *, const fido_blob_t *); int fido_verify_sig_eddsa(const fido_blob_t *, const eddsa_pk_t *, const fido_blob_t *); +int fido_get_signed_hash(int, fido_blob_t *, const fido_blob_t *, + const fido_blob_t *); + +/* hid device manifest */ +int fido_hid_manifest(fido_dev_info_t *, size_t, size_t *); + +/* device manifest registration */ +typedef int (*dev_manifest_func_t)(fido_dev_info_t *, size_t, size_t *); +int fido_dev_register_manifest_func(const dev_manifest_func_t); +void fido_dev_unregister_manifest_func(const dev_manifest_func_t); + +#ifdef __cplusplus +} /* extern "C" */ +#endif /* __cplusplus */ #endif /* !_EXTERN_H */ diff --git a/src/fido.h b/src/fido.h index f85a41a..e41de89 100644 --- a/src/fido.h +++ b/src/fido.h @@ -14,24 +14,6 @@ #include #include -typedef void *fido_dev_io_open_t(const char *); -typedef void fido_dev_io_close_t(void *); -typedef int fido_dev_io_read_t(void *, unsigned char *, size_t, int); -typedef int fido_dev_io_write_t(void *, const unsigned char *, size_t); - -typedef struct fido_dev_io { - fido_dev_io_open_t *open; - fido_dev_io_close_t *close; - fido_dev_io_read_t *read; - fido_dev_io_write_t *write; -} fido_dev_io_t; - -typedef enum { - FIDO_OPT_OMIT = 0, /* use authenticator's default */ - FIDO_OPT_FALSE, /* explicitly set option to false */ - FIDO_OPT_TRUE, /* explicitly set option to true */ -} fido_opt_t; - #ifdef _FIDO_INTERNAL #include #include @@ -39,28 +21,21 @@ typedef enum { #include "blob.h" #include "../openbsd-compat/openbsd-compat.h" #include "iso7816.h" -#include "types.h" #include "extern.h" #endif #include "fido/err.h" #include "fido/param.h" +#include "fido/types.h" -#ifndef _FIDO_INTERNAL -typedef struct fido_assert fido_assert_t; -typedef struct fido_cbor_info fido_cbor_info_t; -typedef struct fido_cred fido_cred_t; -typedef struct fido_dev fido_dev_t; -typedef struct fido_dev_info fido_dev_info_t; -typedef struct es256_pk es256_pk_t; -typedef struct es256_sk es256_sk_t; -typedef struct rs256_pk rs256_pk_t; -typedef struct eddsa_pk eddsa_pk_t; -#endif +#ifdef __cplusplus +extern "C" { +#endif /* __cplusplus */ fido_assert_t *fido_assert_new(void); fido_cred_t *fido_cred_new(void); fido_dev_t *fido_dev_new(void); +fido_dev_t *fido_dev_new_with_info(const fido_dev_info_t *); fido_dev_info_t *fido_dev_info_new(size_t); fido_cbor_info_t *fido_cbor_info_new(void); @@ -76,6 +51,7 @@ void fido_dev_info_free(fido_dev_info_t **, size_t); #define FIDO_DEBUG 0x01 void fido_init(int); +void fido_set_log_handler(fido_log_handler_t *); const unsigned char *fido_assert_authdata_ptr(const fido_assert_t *, size_t); const unsigned char *fido_assert_clientdata_hash_ptr(const fido_assert_t *); @@ -121,19 +97,23 @@ int fido_assert_set_clientdata_hash(fido_assert_t *, const unsigned char *, int fido_assert_set_count(fido_assert_t *, size_t); int fido_assert_set_extensions(fido_assert_t *, int); int fido_assert_set_hmac_salt(fido_assert_t *, const unsigned char *, size_t); -int fido_assert_set_options(fido_assert_t *, bool, bool) __attribute__((__deprecated__)); +int fido_assert_set_options(fido_assert_t *, bool, bool) + __attribute__((__deprecated__("use fido_assert_set_up/fido_assert_set_uv"))); int fido_assert_set_rp(fido_assert_t *, const char *); int fido_assert_set_up(fido_assert_t *, fido_opt_t); int fido_assert_set_uv(fido_assert_t *, fido_opt_t); int fido_assert_set_sig(fido_assert_t *, size_t, const unsigned char *, size_t); int fido_assert_verify(const fido_assert_t *, size_t, int, const void *); int fido_cred_exclude(fido_cred_t *, const unsigned char *, size_t); +int fido_cred_prot(const fido_cred_t *); int fido_cred_set_authdata(fido_cred_t *, const unsigned char *, size_t); int fido_cred_set_authdata_raw(fido_cred_t *, const unsigned char *, size_t); int fido_cred_set_clientdata_hash(fido_cred_t *, const unsigned char *, size_t); int fido_cred_set_extensions(fido_cred_t *, int); int fido_cred_set_fmt(fido_cred_t *, const char *); -int fido_cred_set_options(fido_cred_t *, bool, bool) __attribute__((__deprecated__)); +int fido_cred_set_options(fido_cred_t *, bool, bool) + __attribute__((__deprecated__("use fido_cred_set_rk/fido_cred_set_uv"))); +int fido_cred_set_prot(fido_cred_t *, int); int fido_cred_set_rk(fido_cred_t *, fido_opt_t); int fido_cred_set_rp(fido_cred_t *, const char *, const char *); int fido_cred_set_sig(fido_cred_t *, const unsigned char *, size_t); @@ -152,10 +132,12 @@ int fido_dev_get_cbor_info(fido_dev_t *, fido_cbor_info_t *); int fido_dev_get_retry_count(fido_dev_t *, int *); int fido_dev_info_manifest(fido_dev_info_t *, size_t, size_t *); int fido_dev_make_cred(fido_dev_t *, fido_cred_t *, const char *); +int fido_dev_open_with_info(fido_dev_t *); int fido_dev_open(fido_dev_t *, const char *); int fido_dev_reset(fido_dev_t *); int fido_dev_set_io_functions(fido_dev_t *, const fido_dev_io_t *); int fido_dev_set_pin(fido_dev_t *, const char *, const char *); +int fido_dev_set_transport_functions(fido_dev_t *, const fido_dev_transport_t *); size_t fido_assert_authdata_len(const fido_assert_t *, size_t); size_t fido_assert_clientdata_hash_len(const fido_assert_t *); @@ -178,7 +160,7 @@ size_t fido_cred_sig_len(const fido_cred_t *); size_t fido_cred_x5c_len(const fido_cred_t *); uint8_t fido_assert_flags(const fido_assert_t *, size_t); -uint32_t fido_assert_sigcount(const fido_assert_t *, size_t); +uint32_t fido_assert_sigcount(const fido_assert_t *, size_t); uint8_t fido_cred_flags(const fido_cred_t *); uint8_t fido_dev_protocol(const fido_dev_t *); uint8_t fido_dev_major(const fido_dev_t *); @@ -188,7 +170,12 @@ uint8_t fido_dev_flags(const fido_dev_t *); int16_t fido_dev_info_vendor(const fido_dev_info_t *); int16_t fido_dev_info_product(const fido_dev_info_t *); uint64_t fido_cbor_info_maxmsgsiz(const fido_cbor_info_t *); +uint64_t fido_cbor_info_fwversion(const fido_cbor_info_t *); bool fido_dev_is_fido2(const fido_dev_t *); +#ifdef __cplusplus +} /* extern "C" */ +#endif /* __cplusplus */ + #endif /* !_FIDO_H */ diff --git a/src/fido/bio.h b/src/fido/bio.h index 31dffe4..afe9ca4 100644 --- a/src/fido/bio.h +++ b/src/fido/bio.h @@ -10,8 +10,20 @@ #include #include +#ifdef _FIDO_INTERNAL +#include "blob.h" #include "fido/err.h" #include "fido/param.h" +#include "fido/types.h" +#else +#include +#include +#include +#endif + +#ifdef __cplusplus +extern "C" { +#endif /* __cplusplus */ #ifdef _FIDO_INTERNAL struct fido_bio_template { @@ -92,4 +104,8 @@ void fido_bio_info_free(fido_bio_info_t **); void fido_bio_template_array_free(fido_bio_template_array_t **); void fido_bio_template_free(fido_bio_template_t **); +#ifdef __cplusplus +} /* extern "C" */ +#endif /* __cplusplus */ + #endif /* !_FIDO_BIO_H */ diff --git a/src/fido/credman.h b/src/fido/credman.h index 1c7cafe..eaffd65 100644 --- a/src/fido/credman.h +++ b/src/fido/credman.h @@ -10,8 +10,20 @@ #include #include +#ifdef _FIDO_INTERNAL +#include "blob.h" #include "fido/err.h" #include "fido/param.h" +#include "fido/types.h" +#else +#include +#include +#include +#endif + +#ifdef __cplusplus +extern "C" { +#endif /* __cplusplus */ #ifdef _FIDO_INTERNAL struct fido_credman_metadata { @@ -71,4 +83,8 @@ void fido_credman_metadata_free(fido_credman_metadata_t **); void fido_credman_rk_free(fido_credman_rk_t **); void fido_credman_rp_free(fido_credman_rp_t **); +#ifdef __cplusplus +} /* extern "C" */ +#endif /* __cplusplus */ + #endif /* !_FIDO_CREDMAN_H */ diff --git a/src/fido/eddsa.h b/src/fido/eddsa.h index 9de272d..4a81017 100644 --- a/src/fido/eddsa.h +++ b/src/fido/eddsa.h @@ -12,6 +12,16 @@ #include #include +#ifdef _FIDO_INTERNAL +#include "types.h" +#else +#include +#endif + +#ifdef __cplusplus +extern "C" { +#endif /* __cplusplus */ + eddsa_pk_t *eddsa_pk_new(void); void eddsa_pk_free(eddsa_pk_t **); EVP_PKEY *eddsa_pk_to_EVP_PKEY(const eddsa_pk_t *); @@ -37,4 +47,8 @@ void EVP_MD_CTX_free(EVP_MD_CTX *); #endif /* _FIDO_INTERNAL */ +#ifdef __cplusplus +} /* extern "C" */ +#endif /* __cplusplus */ + #endif /* !_FIDO_EDDSA_H */ diff --git a/src/fido/err.h b/src/fido/err.h index 11f52bc..d7453fc 100644 --- a/src/fido/err.h +++ b/src/fido/err.h @@ -64,6 +64,14 @@ #define FIDO_ERR_USER_PRESENCE_REQUIRED -8 #define FIDO_ERR_INTERNAL -9 +#ifdef __cplusplus +extern "C" { +#endif /* __cplusplus */ + const char *fido_strerr(int); +#ifdef __cplusplus +} /* extern "C" */ +#endif /* __cplusplus */ + #endif /* _FIDO_ERR_H */ diff --git a/src/fido/es256.h b/src/fido/es256.h index d3d13dd..80f4db3 100644 --- a/src/fido/es256.h +++ b/src/fido/es256.h @@ -12,6 +12,16 @@ #include #include +#ifdef _FIDO_INTERNAL +#include "types.h" +#else +#include +#endif + +#ifdef __cplusplus +extern "C" { +#endif /* __cplusplus */ + es256_pk_t *es256_pk_new(void); void es256_pk_free(es256_pk_t **); EVP_PKEY *es256_pk_to_EVP_PKEY(const es256_pk_t *); @@ -31,4 +41,8 @@ int es256_pk_set_x(es256_pk_t *, const unsigned char *); int es256_pk_set_y(es256_pk_t *, const unsigned char *); #endif +#ifdef __cplusplus +} /* extern "C" */ +#endif /* __cplusplus */ + #endif /* !_FIDO_ES256_H */ diff --git a/src/fido/param.h b/src/fido/param.h index 9e12ac6..7d3c0cc 100644 --- a/src/fido/param.h +++ b/src/fido/param.h @@ -58,6 +58,11 @@ #define FIDO_RANDOM_DEV "/dev/urandom" #endif +/* Maximum message size in bytes. */ +#ifndef FIDO_MAXMSG +#define FIDO_MAXMSG 1200 +#endif + /* CTAP capability bits. */ #define FIDO_CAP_WINK 0x01 /* if set, device supports CTAP_CMD_WINK */ #define FIDO_CAP_CBOR 0x04 /* if set, device supports CTAP_CMD_CBOR */ @@ -80,5 +85,11 @@ /* Supported extensions. */ #define FIDO_EXT_HMAC_SECRET 0x01 +#define FIDO_EXT_CRED_PROTECT 0x02 + +/* Supported credential protection policies. */ +#define FIDO_CRED_PROT_UV_OPTIONAL 0x01 +#define FIDO_CRED_PROT_UV_OPTIONAL_WITH_ID 0x02 +#define FIDO_CRED_PROT_UV_REQUIRED 0x03 #endif /* !_FIDO_PARAM_H */ diff --git a/src/fido/rs256.h b/src/fido/rs256.h index d2fa162..2b08d59 100644 --- a/src/fido/rs256.h +++ b/src/fido/rs256.h @@ -12,6 +12,16 @@ #include #include +#ifdef _FIDO_INTERNAL +#include "types.h" +#else +#include +#endif + +#ifdef __cplusplus +extern "C" { +#endif /* __cplusplus */ + rs256_pk_t *rs256_pk_new(void); void rs256_pk_free(rs256_pk_t **); EVP_PKEY *rs256_pk_to_EVP_PKEY(const rs256_pk_t *); @@ -19,4 +29,8 @@ EVP_PKEY *rs256_pk_to_EVP_PKEY(const rs256_pk_t *); int rs256_pk_from_RSA(rs256_pk_t *, const RSA *); int rs256_pk_from_ptr(rs256_pk_t *, const void *, size_t); +#ifdef __cplusplus +} /* extern "C" */ +#endif /* __cplusplus */ + #endif /* !_FIDO_RS256_H */ diff --git a/src/fido/types.h b/src/fido/types.h new file mode 100644 index 0000000..5df5e36 --- /dev/null +++ b/src/fido/types.h @@ -0,0 +1,235 @@ +/* + * Copyright (c) 2018 Yubico AB. All rights reserved. + * Use of this source code is governed by a BSD-style + * license that can be found in the LICENSE file. + */ + +#ifndef _FIDO_TYPES_H +#define _FIDO_TYPES_H + +#include +#include + +#ifdef __cplusplus +extern "C" { +#endif /* __cplusplus */ + +struct fido_dev; + +typedef void *fido_dev_io_open_t(const char *); +typedef void fido_dev_io_close_t(void *); +typedef int fido_dev_io_read_t(void *, unsigned char *, size_t, int); +typedef int fido_dev_io_write_t(void *, const unsigned char *, size_t); +typedef int fido_dev_rx_t(struct fido_dev *, uint8_t, unsigned char *, size_t, int); +typedef int fido_dev_tx_t(struct fido_dev *, uint8_t, const unsigned char *, size_t); + +typedef struct fido_dev_io { + fido_dev_io_open_t *open; + fido_dev_io_close_t *close; + fido_dev_io_read_t *read; + fido_dev_io_write_t *write; +} fido_dev_io_t; + +typedef struct fido_dev_transport { + fido_dev_rx_t *rx; + fido_dev_tx_t *tx; +} fido_dev_transport_t; + +typedef enum { + FIDO_OPT_OMIT = 0, /* use authenticator's default */ + FIDO_OPT_FALSE, /* explicitly set option to false */ + FIDO_OPT_TRUE, /* explicitly set option to true */ +} fido_opt_t; + +typedef void fido_log_handler_t(const char *); + +#ifdef _FIDO_INTERNAL +#include "packed.h" +#include "blob.h" + +/* COSE ES256 (ECDSA over P-256 with SHA-256) public key */ +typedef struct es256_pk { + unsigned char x[32]; + unsigned char y[32]; +} es256_pk_t; + +/* COSE ES256 (ECDSA over P-256 with SHA-256) (secret) key */ +typedef struct es256_sk { + unsigned char d[32]; +} es256_sk_t; + +/* COSE RS256 (2048-bit RSA with PKCS1 padding and SHA-256) public key */ +typedef struct rs256_pk { + unsigned char n[256]; + unsigned char e[3]; +} rs256_pk_t; + +/* COSE EDDSA (ED25519) */ +typedef struct eddsa_pk { + unsigned char x[32]; +} eddsa_pk_t; + +PACKED_TYPE(fido_authdata_t, +struct fido_authdata { + unsigned char rp_id_hash[32]; /* sha256 of fido_rp.id */ + uint8_t flags; /* user present/verified */ + uint32_t sigcount; /* signature counter */ + /* actually longer */ +}) + +PACKED_TYPE(fido_attcred_raw_t, +struct fido_attcred_raw { + unsigned char aaguid[16]; /* credential's aaguid */ + uint16_t id_len; /* credential id length */ + uint8_t body[]; /* credential id + pubkey */ +}) + +typedef struct fido_attcred { + unsigned char aaguid[16]; /* credential's aaguid */ + fido_blob_t id; /* credential id */ + int type; /* credential's cose algorithm */ + union { /* credential's public key */ + es256_pk_t es256; + rs256_pk_t rs256; + eddsa_pk_t eddsa; + } pubkey; +} fido_attcred_t; + +typedef struct fido_attstmt { + fido_blob_t x5c; /* attestation certificate */ + fido_blob_t sig; /* attestation signature */ +} fido_attstmt_t; + +typedef struct fido_rp { + char *id; /* relying party id */ + char *name; /* relying party name */ +} fido_rp_t; + +typedef struct fido_user { + fido_blob_t id; /* required */ + char *icon; /* optional */ + char *name; /* optional */ + char *display_name; /* required */ +} fido_user_t; + +typedef struct fido_cred_ext { + int mask; /* enabled extensions */ + int prot; /* protection policy */ +} fido_cred_ext_t; + +typedef struct fido_cred { + fido_blob_t cdh; /* client data hash */ + fido_rp_t rp; /* relying party */ + fido_user_t user; /* user entity */ + fido_blob_array_t excl; /* list of credential ids to exclude */ + fido_opt_t rk; /* resident key */ + fido_opt_t uv; /* user verification */ + fido_cred_ext_t ext; /* extensions */ + int type; /* cose algorithm */ + char *fmt; /* credential format */ + fido_cred_ext_t authdata_ext; /* decoded extensions */ + fido_blob_t authdata_cbor; /* raw cbor payload */ + fido_authdata_t authdata; /* decoded authdata payload */ + fido_attcred_t attcred; /* returned credential (key + id) */ + fido_attstmt_t attstmt; /* attestation statement (x509 + sig) */ +} fido_cred_t; + +typedef struct _fido_assert_stmt { + fido_blob_t id; /* credential id */ + fido_user_t user; /* user attributes */ + fido_blob_t hmac_secret_enc; /* hmac secret, encrypted */ + fido_blob_t hmac_secret; /* hmac secret */ + int authdata_ext; /* decoded extensions */ + fido_blob_t authdata_cbor; /* raw cbor payload */ + fido_authdata_t authdata; /* decoded authdata payload */ + fido_blob_t sig; /* signature of cdh + authdata */ +} fido_assert_stmt; + +typedef struct fido_assert { + char *rp_id; /* relying party id */ + fido_blob_t cdh; /* client data hash */ + fido_blob_t hmac_salt; /* optional hmac-secret salt */ + fido_blob_array_t allow_list; /* list of allowed credentials */ + fido_opt_t up; /* user presence */ + fido_opt_t uv; /* user verification */ + int ext; /* enabled extensions */ + fido_assert_stmt *stmt; /* array of expected assertions */ + size_t stmt_cnt; /* number of allocated assertions */ + size_t stmt_len; /* number of received assertions */ +} fido_assert_t; + +typedef struct fido_opt_array { + char **name; + bool *value; + size_t len; +} fido_opt_array_t; + +typedef struct fido_str_array { + char **ptr; + size_t len; +} fido_str_array_t; + +typedef struct fido_byte_array { + uint8_t *ptr; + size_t len; +} fido_byte_array_t; + +typedef struct fido_cbor_info { + fido_str_array_t versions; /* supported versions: fido2|u2f */ + fido_str_array_t extensions; /* list of supported extensions */ + unsigned char aaguid[16]; /* aaguid */ + fido_opt_array_t options; /* list of supported options */ + uint64_t maxmsgsiz; /* maximum message size */ + fido_byte_array_t protocols; /* supported pin protocols */ + uint64_t fwversion; /* firmware version */ +} fido_cbor_info_t; + +typedef struct fido_dev_info { + char *path; /* device path */ + int16_t vendor_id; /* 2-byte vendor id */ + int16_t product_id; /* 2-byte product id */ + char *manufacturer; /* manufacturer string */ + char *product; /* product string */ + fido_dev_io_t io; /* i/o functions */ + fido_dev_transport_t transport; /* transport functions */ +} fido_dev_info_t; + +PACKED_TYPE(fido_ctap_info_t, +/* defined in section 8.1.9.1.3 (CTAPHID_INIT) of the fido2 ctap spec */ +struct fido_ctap_info { + uint64_t nonce; /* echoed nonce */ + uint32_t cid; /* channel id */ + uint8_t protocol; /* ctaphid protocol id */ + uint8_t major; /* major version number */ + uint8_t minor; /* minor version number */ + uint8_t build; /* build version number */ + uint8_t flags; /* capabilities flags; see FIDO_CAP_* */ +}) + +typedef struct fido_dev { + uint64_t nonce; /* issued nonce */ + fido_ctap_info_t attr; /* device attributes */ + uint32_t cid; /* assigned channel id */ + char *path; /* device path */ + void *io_handle; /* abstract i/o handle */ + fido_dev_io_t io; /* i/o functions */ + fido_dev_transport_t transport; /* transport functions */ +} fido_dev_t; + +#else +typedef struct fido_assert fido_assert_t; +typedef struct fido_cbor_info fido_cbor_info_t; +typedef struct fido_cred fido_cred_t; +typedef struct fido_dev fido_dev_t; +typedef struct fido_dev_info fido_dev_info_t; +typedef struct es256_pk es256_pk_t; +typedef struct es256_sk es256_sk_t; +typedef struct rs256_pk rs256_pk_t; +typedef struct eddsa_pk eddsa_pk_t; +#endif /* _FIDO_INTERNAL */ + +#ifdef __cplusplus +} /* extern "C" */ +#endif /* __cplusplus */ + +#endif /* !_FIDO_TYPES_H */ diff --git a/src/hid_hidapi.c b/src/hid_hidapi.c new file mode 100644 index 0000000..915621f --- /dev/null +++ b/src/hid_hidapi.c @@ -0,0 +1,138 @@ +/* + * Copyright (c) 2019 Google LLC. All rights reserved. + * Use of this source code is governed by a BSD-style + * license that can be found in the LICENSE file. + */ + +#include + +#include +#include +#include + +#include "fido.h" + +static size_t +fido_wcslen(const wchar_t *wcs) +{ + size_t l = 0; + while (*wcs++ != L'\0') + l++; + return l; +} + +static char * +wcs_to_cs(const wchar_t *wcs) +{ + char *cs; + size_t i; + + if (wcs == NULL || (cs = calloc(fido_wcslen(wcs) + 1, 1)) == NULL) + return NULL; + + for (i = 0; i < fido_wcslen(wcs); i++) { + if (wcs[i] >= 128) { + /* give up on parsing non-ASCII text */ + free(cs); + return strdup("hidapi device"); + } + cs[i] = (char)wcs[i]; + } + + return cs; +} + +static int +copy_info(fido_dev_info_t *di, const struct hid_device_info *d) +{ + memset(di, 0, sizeof(*di)); + + if (d->path != NULL) + di->path = strdup(d->path); + else + di->path = strdup(""); + + if (d->manufacturer_string != NULL) + di->manufacturer = wcs_to_cs(d->manufacturer_string); + else + di->manufacturer = strdup(""); + + if (d->product_string != NULL) + di->product = wcs_to_cs(d->product_string); + else + di->product = strdup(""); + + if (di->path == NULL || + di->manufacturer == NULL || + di->product == NULL) { + free(di->path); + free(di->manufacturer); + free(di->product); + return -1; + } + + di->product_id = d->product_id; + di->vendor_id = d->vendor_id; + di->io = (fido_dev_io_t) { + &fido_hid_open, + &fido_hid_close, + &fido_hid_read, + &fido_hid_write, + }; + + return 0; +} + +void * +fido_hid_open(const char *path) +{ + return hid_open_path(path); +} + +void +fido_hid_close(void *hid_dev_handle) +{ + hid_close(hid_dev_handle); +} + +int +fido_hid_read(void *hid_dev_handle, unsigned char *buf, size_t len, int ms) +{ + return hid_read_timeout(hid_dev_handle, buf, len, ms); +} + +int +fido_hid_write(void *hid_dev_handle, const unsigned char *buf, size_t len) +{ + return hid_write(hid_dev_handle, buf, len); +} + +int +fido_hid_manifest(fido_dev_info_t *devlist, size_t ilen, size_t *olen) +{ + struct hid_device_info *hdi; + + *olen = 0; + + if (ilen == 0) + return FIDO_OK; /* nothing to do */ + if (devlist == NULL) + return FIDO_ERR_INVALID_ARGUMENT; + if ((hdi = hid_enumerate(0, 0)) == NULL) + return FIDO_OK; /* nothing to do */ + + for (struct hid_device_info *d = hdi; d != NULL; d = d->next) { +#if defined(_WIN32) || defined(__APPLE__) + if (d->usage_page != 0xf1d0) + continue; +#endif + if (copy_info(&devlist[*olen], d) == 0) { + if (++(*olen) == ilen) + break; + } + } + + hid_free_enumeration(hdi); + + return FIDO_OK; +} diff --git a/src/hid_linux.c b/src/hid_linux.c index c7cabc9..99c5afb 100644 --- a/src/hid_linux.c +++ b/src/hid_linux.c @@ -13,6 +13,7 @@ #include #include #include +#include #include "fido.h" @@ -98,7 +99,6 @@ get_usage_info(const struct hidraw_report_descriptor *hrd, uint32_t *usage_page, static int get_report_descriptor(const char *path, struct hidraw_report_descriptor *hrd) { - int r; int s = -1; int fd; int ok = -1; @@ -108,7 +108,7 @@ get_report_descriptor(const char *path, struct hidraw_report_descriptor *hrd) return (-1); } - if ((r = ioctl(fd, HIDIOCGRDESCSIZE, &s)) < 0 || s < 0 || + if (ioctl(fd, HIDIOCGRDESCSIZE, &s) < 0 || s < 0 || (unsigned)s > HID_MAX_DESCRIPTOR_SIZE) { fido_log_debug("%s: ioctl HIDIOCGRDESCSIZE", __func__); goto fail; @@ -116,7 +116,7 @@ get_report_descriptor(const char *path, struct hidraw_report_descriptor *hrd) hrd->size = s; - if ((r = ioctl(fd, HIDIOCGRDESC, hrd)) < 0) { + if (ioctl(fd, HIDIOCGRDESC, hrd) < 0) { fido_log_debug("%s: ioctl HIDIOCGRDESC", __func__); goto fail; } @@ -240,7 +240,7 @@ fail: } int -fido_dev_info_manifest(fido_dev_info_t *devlist, size_t ilen, size_t *olen) +fido_hid_manifest(fido_dev_info_t *devlist, size_t ilen, size_t *olen) { struct udev *udev = NULL; struct udev_enumerate *udev_enum = NULL; @@ -267,6 +267,12 @@ fido_dev_info_manifest(fido_dev_info_t *devlist, size_t ilen, size_t *olen) udev_list_entry_foreach(udev_entry, udev_list) { if (copy_info(&devlist[*olen], udev, udev_entry) == 0) { + devlist[*olen].io = (fido_dev_io_t) { + fido_hid_open, + fido_hid_close, + fido_hid_read, + fido_hid_write, + }; if (++(*olen) == ilen) break; } diff --git a/src/hid_openbsd.c b/src/hid_openbsd.c index 8b92bd6..2b31dba 100644 --- a/src/hid_openbsd.c +++ b/src/hid_openbsd.c @@ -29,7 +29,7 @@ struct hid_openbsd { }; int -fido_dev_info_manifest(fido_dev_info_t *devlist, size_t ilen, size_t *olen) +fido_hid_manifest(fido_dev_info_t *devlist, size_t ilen, size_t *olen) { size_t i; char path[64]; @@ -101,6 +101,12 @@ fido_dev_info_manifest(fido_dev_info_t *devlist, size_t ilen, size_t *olen) di = &devlist[*olen]; memset(di, 0, sizeof(*di)); + di->io = (fido_dev_io_t) { + fido_hid_open, + fido_hid_close, + fido_hid_read, + fido_hid_write, + }; if ((di->path = strdup(path)) == NULL || (di->manufacturer = strdup(udi.udi_vendor)) == NULL || (di->product = strdup(udi.udi_product)) == NULL) { diff --git a/src/hid_osx.c b/src/hid_osx.c index b705b43..5c40747 100644 --- a/src/hid_osx.c +++ b/src/hid_osx.c @@ -197,7 +197,7 @@ copy_info(fido_dev_info_t *di, IOHIDDeviceRef dev) } int -fido_dev_info_manifest(fido_dev_info_t *devlist, size_t ilen, size_t *olen) +fido_hid_manifest(fido_dev_info_t *devlist, size_t ilen, size_t *olen) { IOHIDManagerRef manager = NULL; CFSetRef devset = NULL; @@ -240,6 +240,12 @@ fido_dev_info_manifest(fido_dev_info_t *devlist, size_t ilen, size_t *olen) for (CFIndex i = 0; i < devcnt; i++) { if (copy_info(&devlist[*olen], devs[i]) == 0) { + devlist[*olen].io = (fido_dev_io_t) { + fido_hid_open, + fido_hid_close, + fido_hid_read, + fido_hid_write, + }; if (++(*olen) == ilen) break; } @@ -378,15 +384,18 @@ fido_hid_read(void *handle, unsigned char *buf, size_t len, int ms) IOHIDDeviceScheduleWithRunLoop(dev->ref, CFRunLoopGetCurrent(), dev->loop_id); - do - r = CFRunLoopRunInMode(dev->loop_id, 0.003, true); - while (r != kCFRunLoopRunHandledSource); + r = CFRunLoopRunInMode(dev->loop_id, 0.3, true); IOHIDDeviceRegisterInputReportCallback(dev->ref, buf, len, NULL, NULL); IOHIDDeviceRegisterRemovalCallback(dev->ref, NULL, NULL); IOHIDDeviceUnscheduleFromRunLoop(dev->ref, CFRunLoopGetCurrent(), dev->loop_id); + if (r != kCFRunLoopRunHandledSource) { + fido_log_debug("%s: CFRunLoopRunInMode=%d", __func__, (int)r); + return (-1); + } + return (REPORT_LEN - 1); } diff --git a/src/hid_win.c b/src/hid_win.c index 6d93778..f970589 100644 --- a/src/hid_win.c +++ b/src/hid_win.c @@ -172,7 +172,7 @@ fail: } int -fido_dev_info_manifest(fido_dev_info_t *devlist, size_t ilen, size_t *olen) +fido_hid_manifest(fido_dev_info_t *devlist, size_t ilen, size_t *olen) { GUID hid_guid = GUID_DEVINTERFACE_HID; HDEVINFO devinfo = INVALID_HANDLE_VALUE; @@ -234,6 +234,12 @@ fido_dev_info_manifest(fido_dev_info_t *devlist, size_t ilen, size_t *olen) } if (copy_info(&devlist[*olen], ifdetail->DevicePath) == 0) { + devlist[*olen].io = (fido_dev_io_t) { + fido_hid_open, + fido_hid_close, + fido_hid_read, + fido_hid_write, + }; if (++(*olen) == ilen) break; } diff --git a/src/info.c b/src/info.c index e896503..8e256fa 100644 --- a/src/info.c +++ b/src/info.c @@ -217,6 +217,8 @@ parse_reply_element(const cbor_item_t *key, const cbor_item_t *val, void *arg) return (cbor_decode_uint64(val, &ci->maxmsgsiz)); case 6: /* pinProtocols */ return (decode_protocols(val, &ci->protocols)); + case 14: /* fwVersion */ + return (cbor_decode_uint64(val, &ci->fwversion)); default: /* ignore */ fido_log_debug("%s: cbor type", __func__); return (0); @@ -226,12 +228,11 @@ parse_reply_element(const cbor_item_t *key, const cbor_item_t *val, void *arg) static int fido_dev_get_cbor_info_tx(fido_dev_t *dev) { - const unsigned char cbor[] = { CTAP_CBOR_GETINFO }; - const uint8_t cmd = CTAP_FRAME_INIT | CTAP_CMD_CBOR; + const unsigned char cbor[] = { CTAP_CBOR_GETINFO }; fido_log_debug("%s: dev=%p", __func__, (void *)dev); - if (fido_tx(dev, cmd, cbor, sizeof(cbor)) < 0) { + if (fido_tx(dev, CTAP_CMD_CBOR, cbor, sizeof(cbor)) < 0) { fido_log_debug("%s: fido_tx", __func__); return (FIDO_ERR_TX); } @@ -242,8 +243,7 @@ fido_dev_get_cbor_info_tx(fido_dev_t *dev) static int fido_dev_get_cbor_info_rx(fido_dev_t *dev, fido_cbor_info_t *ci, int ms) { - const uint8_t cmd = CTAP_FRAME_INIT | CTAP_CMD_CBOR; - unsigned char reply[512]; + unsigned char reply[FIDO_MAXMSG]; int reply_len; fido_log_debug("%s: dev=%p, ci=%p, ms=%d", __func__, (void *)dev, @@ -251,7 +251,8 @@ fido_dev_get_cbor_info_rx(fido_dev_t *dev, fido_cbor_info_t *ci, int ms) memset(ci, 0, sizeof(*ci)); - if ((reply_len = fido_rx(dev, cmd, &reply, sizeof(reply), ms)) < 0) { + if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply), + ms)) < 0) { fido_log_debug("%s: fido_rx", __func__); return (FIDO_ERR_RX); } @@ -260,7 +261,7 @@ fido_dev_get_cbor_info_rx(fido_dev_t *dev, fido_cbor_info_t *ci, int ms) parse_reply_element)); } -static int +int fido_dev_get_cbor_info_wait(fido_dev_t *dev, fido_cbor_info_t *ci, int ms) { int r; @@ -397,6 +398,12 @@ fido_cbor_info_maxmsgsiz(const fido_cbor_info_t *ci) return (ci->maxmsgsiz); } +uint64_t +fido_cbor_info_fwversion(const fido_cbor_info_t *ci) +{ + return (ci->fwversion); +} + const uint8_t * fido_cbor_info_protocols_ptr(const fido_cbor_info_t *ci) { diff --git a/src/io.c b/src/io.c index aa88720..af2f49a 100644 --- a/src/io.c +++ b/src/io.c @@ -33,25 +33,40 @@ struct frame { #define MIN(x, y) ((x) > (y) ? (y) : (x)) #endif -static size_t -tx_preamble(fido_dev_t *d, uint8_t cmd, const void *buf, size_t count) +static int +tx_empty(fido_dev_t *d, uint8_t cmd) { struct frame *fp; - unsigned char pkt[sizeof(*fp) + 1]; - int n; + unsigned char pkt[sizeof(*fp) + 1]; + int n; - if (d->io.write == NULL || (cmd & 0x80) == 0) - return (0); + memset(&pkt, 0, sizeof(pkt)); + fp = (struct frame *)(pkt + 1); + fp->cid = d->cid; + fp->body.init.cmd = CTAP_FRAME_INIT | cmd; + + n = d->io.write(d->io_handle, pkt, sizeof(pkt)); + if (n < 0 || (size_t)n != sizeof(pkt)) + return (-1); + + return (0); +} + +static size_t +tx_preamble(fido_dev_t *d, uint8_t cmd, const void *buf, size_t count) +{ + struct frame *fp; + unsigned char pkt[sizeof(*fp) + 1]; + int n; memset(&pkt, 0, sizeof(pkt)); fp = (struct frame *)(pkt + 1); fp->cid = d->cid; - fp->body.init.cmd = 0x80 | cmd; + fp->body.init.cmd = CTAP_FRAME_INIT | cmd; fp->body.init.bcnth = (count >> 8) & 0xff; fp->body.init.bcntl = count & 0xff; count = MIN(count, sizeof(fp->body.init.data)); - if (count) - memcpy(&fp->body.init.data, buf, count); + memcpy(&fp->body.init.data, buf, count); n = d->io.write(d->io_handle, pkt, sizeof(pkt)); if (n < 0 || (size_t)n != sizeof(pkt)) @@ -61,19 +76,16 @@ tx_preamble(fido_dev_t *d, uint8_t cmd, const void *buf, size_t count) } static size_t -tx_frame(fido_dev_t *d, int seq, const void *buf, size_t count) +tx_frame(fido_dev_t *d, uint8_t seq, const void *buf, size_t count) { struct frame *fp; unsigned char pkt[sizeof(*fp) + 1]; int n; - if (d->io.write == NULL || seq < 0 || seq > UINT8_MAX) - return (0); - memset(&pkt, 0, sizeof(pkt)); fp = (struct frame *)(pkt + 1); fp->cid = d->cid; - fp->body.cont.seq = (uint8_t)seq; + fp->body.cont.seq = seq; count = MIN(count, sizeof(fp->body.cont.data)); memcpy(&fp->body.cont.data, buf, count); @@ -84,52 +96,56 @@ tx_frame(fido_dev_t *d, int seq, const void *buf, size_t count) return (count); } -int -fido_tx(fido_dev_t *d, uint8_t cmd, const void *buf, size_t count) +static int +tx(fido_dev_t *d, uint8_t cmd, const unsigned char *buf, size_t count) { - int seq = 0; - size_t sent; - - fido_log_debug("%s: d=%p, cmd=0x%02x, buf=%p, count=%zu", __func__, - (void *)d, cmd, buf, count); - fido_log_xxd(buf, count); - - if (d->io_handle == NULL || count > UINT16_MAX) { - fido_log_debug("%s: invalid argument (%p, %zu)", __func__, - d->io_handle, count); - return (-1); - } + size_t n, sent; if ((sent = tx_preamble(d, cmd, buf, count)) == 0) { fido_log_debug("%s: tx_preamble", __func__); return (-1); } - while (sent < count) { + for (uint8_t seq = 0; sent < count; sent += n) { if (seq & 0x80) { fido_log_debug("%s: seq & 0x80", __func__); return (-1); } - const uint8_t *p = (const uint8_t *)buf + sent; - size_t n = tx_frame(d, seq++, p, count - sent); - if (n == 0) { + if ((n = tx_frame(d, seq++, buf + sent, count - sent)) == 0) { fido_log_debug("%s: tx_frame", __func__); return (-1); } - sent += n; } return (0); } +int +fido_tx(fido_dev_t *d, uint8_t cmd, const void *buf, size_t count) +{ + fido_log_debug("%s: d=%p, cmd=0x%02x, buf=%p, count=%zu", __func__, + (void *)d, cmd, (const void *)buf, count); + fido_log_xxd(buf, count); + + if (d->transport.tx != NULL) + return (d->transport.tx(d, cmd, buf, count)); + + if (d->io_handle == NULL || d->io.write == NULL || count > UINT16_MAX) { + fido_log_debug("%s: invalid argument", __func__); + return (-1); + } + + if (count == 0) + return (tx_empty(d, cmd)); + + return (tx(d, cmd, buf, count)); +} + static int rx_frame(fido_dev_t *d, struct frame *fp, int ms) { int n; - if (d->io.read == NULL) - return (-1); - n = d->io.read(d->io_handle, (unsigned char *)fp, sizeof(*fp), ms); if (n < 0 || (size_t)n != sizeof(*fp)) return (-1); @@ -138,7 +154,7 @@ rx_frame(fido_dev_t *d, struct frame *fp, int ms) } static int -rx_preamble(fido_dev_t *d, struct frame *fp, int ms) +rx_preamble(fido_dev_t *d, uint8_t cmd, struct frame *fp, int ms) { do { if (rx_frame(d, fp, ms) < 0) @@ -149,66 +165,57 @@ rx_preamble(fido_dev_t *d, struct frame *fp, int ms) } while (fp->cid == d->cid && fp->body.init.cmd == (CTAP_FRAME_INIT | CTAP_KEEPALIVE)); + fido_log_debug("%s: initiation frame at %p", __func__, (void *)fp); + fido_log_xxd(fp, sizeof(*fp)); + +#ifdef FIDO_FUZZ + fp->body.init.cmd = (CTAP_FRAME_INIT | cmd); +#endif + + if (fp->cid != d->cid || fp->body.init.cmd != (CTAP_FRAME_INIT | cmd)) { + fido_log_debug("%s: cid (0x%x, 0x%x), cmd (0x%02x, 0x%02x)", + __func__, fp->cid, d->cid, fp->body.init.cmd, cmd); + return (-1); + } + return (0); } -int -fido_rx(fido_dev_t *d, uint8_t cmd, void *buf, size_t count, int ms) +static int +rx(fido_dev_t *d, uint8_t cmd, unsigned char *buf, size_t count, int ms) { - struct frame f; - uint16_t r; - uint16_t flen; - int seq; - - if (d->io_handle == NULL || (cmd & 0x80) == 0) { - fido_log_debug("%s: invalid argument (%p, 0x%02x)", __func__, - d->io_handle, cmd); - return (-1); - } + struct frame f; + uint16_t r, payload_len; - if (rx_preamble(d, &f, ms) < 0) { + if (rx_preamble(d, cmd, &f, ms) < 0) { fido_log_debug("%s: rx_preamble", __func__); return (-1); } - fido_log_debug("%s: initiation frame at %p, len %zu", __func__, - (void *)&f, sizeof(f)); - fido_log_xxd(&f, sizeof(f)); + payload_len = (f.body.init.bcnth << 8) | f.body.init.bcntl; + fido_log_debug("%s: payload_len=%zu", __func__, (size_t)payload_len); -#ifdef FIDO_FUZZ - f.cid = d->cid; - f.body.init.cmd = cmd; -#endif - - if (f.cid != d->cid || f.body.init.cmd != cmd) { - fido_log_debug("%s: cid (0x%x, 0x%x), cmd (0x%02x, 0x%02x)", - __func__, f.cid, d->cid, f.body.init.cmd, cmd); + if (count < (size_t)payload_len) { + fido_log_debug("%s: count < payload_len", __func__); return (-1); } - flen = (f.body.init.bcnth << 8) | f.body.init.bcntl; - if (count < (size_t)flen) { - fido_log_debug("%s: count < flen (%zu, %zu)", __func__, count, - (size_t)flen); - return (-1); - } - if (flen < sizeof(f.body.init.data)) { - memcpy(buf, f.body.init.data, flen); - return (flen); + if (payload_len < sizeof(f.body.init.data)) { + memcpy(buf, f.body.init.data, payload_len); + return (payload_len); } memcpy(buf, f.body.init.data, sizeof(f.body.init.data)); r = sizeof(f.body.init.data); - seq = 0; - while ((size_t)r < flen) { + for (int seq = 0; (size_t)r < payload_len; seq++) { if (rx_frame(d, &f, ms) < 0) { fido_log_debug("%s: rx_frame", __func__); return (-1); } - fido_log_debug("%s: continuation frame at %p, len %zu", - __func__, (void *)&f, sizeof(f)); + fido_log_debug("%s: continuation frame at %p", __func__, + (void *)&f); fido_log_xxd(&f, sizeof(f)); #ifdef FIDO_FUZZ @@ -216,38 +223,57 @@ fido_rx(fido_dev_t *d, uint8_t cmd, void *buf, size_t count, int ms) f.body.cont.seq = seq; #endif - if (f.cid != d->cid || f.body.cont.seq != seq++) { + if (f.cid != d->cid || f.body.cont.seq != seq) { fido_log_debug("%s: cid (0x%x, 0x%x), seq (%d, %d)", __func__, f.cid, d->cid, f.body.cont.seq, seq); return (-1); } - uint8_t *p = (uint8_t *)buf + r; - - if ((size_t)(flen - r) > sizeof(f.body.cont.data)) { - memcpy(p, f.body.cont.data, sizeof(f.body.cont.data)); + if ((size_t)(payload_len - r) > sizeof(f.body.cont.data)) { + memcpy(buf + r, f.body.cont.data, + sizeof(f.body.cont.data)); r += sizeof(f.body.cont.data); } else { - memcpy(p, f.body.cont.data, flen - r); - r += (flen - r); /* break */ + memcpy(buf + r, f.body.cont.data, payload_len - r); + r += (payload_len - r); /* break */ } } - fido_log_debug("%s: payload at %p, len %zu", __func__, buf, (size_t)r); - fido_log_xxd(buf, r); - return (r); } +int +fido_rx(fido_dev_t *d, uint8_t cmd, void *buf, size_t count, int ms) +{ + int n; + + fido_log_debug("%s: d=%p, cmd=0x%02x, buf=%p, count=%zu, ms=%d", + __func__, (void *)d, cmd, (const void *)buf, count, ms); + + if (d->transport.rx != NULL) + return (d->transport.rx(d, cmd, buf, count, ms)); + + if (d->io_handle == NULL || d->io.read == NULL || count > UINT16_MAX) { + fido_log_debug("%s: invalid argument", __func__); + return (-1); + } + + if ((n = rx(d, cmd, buf, count, ms)) >= 0) { + fido_log_debug("%s: buf=%p, len=%d", __func__, (void *)buf, n); + fido_log_xxd(buf, n); + } + + return (n); +} + int fido_rx_cbor_status(fido_dev_t *d, int ms) { - const uint8_t cmd = CTAP_FRAME_INIT | CTAP_CMD_CBOR; - unsigned char reply[2048]; + unsigned char reply[FIDO_MAXMSG]; int reply_len; - if ((reply_len = fido_rx(d, cmd, &reply, sizeof(reply), ms)) < 0 || - (size_t)reply_len < 1) { + if ((reply_len = fido_rx(d, CTAP_CMD_CBOR, &reply, sizeof(reply), + ms)) < 0 || (size_t)reply_len < 1) { fido_log_debug("%s: fido_rx", __func__); return (FIDO_ERR_RX); } diff --git a/src/iso7816.h b/src/iso7816.h index 426cd97..563243f 100644 --- a/src/iso7816.h +++ b/src/iso7816.h @@ -7,8 +7,15 @@ #ifndef _ISO7816_H #define _ISO7816_H +#include +#include + #include "packed.h" +#ifdef __cplusplus +extern "C" { +#endif /* __cplusplus */ + PACKED_TYPE(iso7816_header_t, struct iso7816_header { uint8_t cla; @@ -35,4 +42,8 @@ iso7816_apdu_t *iso7816_new(uint8_t, uint8_t, uint16_t); size_t iso7816_len(const iso7816_apdu_t *); void iso7816_free(iso7816_apdu_t **); +#ifdef __cplusplus +} /* extern "C" */ +#endif /* __cplusplus */ + #endif /* !_ISO7816_H */ diff --git a/src/log.c b/src/log.c index 982bdb7..d6f0934 100644 --- a/src/log.c +++ b/src/log.c @@ -7,57 +7,86 @@ #include #include #include +#include + #include "fido.h" #ifndef FIDO_NO_DIAGNOSTIC +#define XXDLEN 32 +#define XXDROW 128 +#define LINELEN 256 + #ifndef TLS #define TLS #endif static TLS int logging; +static TLS fido_log_handler_t *log_handler; + +static void +log_on_stderr(const char *str) +{ + fprintf(stderr, "%s", str); +} void fido_log_init(void) { logging = 1; + log_handler = log_on_stderr; } void -fido_log_xxd(const void *buf, size_t count) +fido_log_debug(const char *fmt, ...) { - const uint8_t *ptr = buf; - size_t i; + char line[LINELEN]; + va_list ap; + int r; - if (!logging) + if (!logging || log_handler == NULL) return; - fprintf(stderr, " "); - - for (i = 0; i < count; i++) { - fprintf(stderr, "%02x ", *ptr++); - if ((i + 1) % 16 == 0 && i + 1 < count) - fprintf(stderr, "\n "); - } - - fprintf(stderr, "\n"); - fflush(stderr); + va_start(ap, fmt); + r = vsnprintf(line, sizeof(line) - 1, fmt, ap); + va_end(ap); + if (r < 0 || (size_t)r >= sizeof(line) - 1) + return; + strlcat(line, "\n", sizeof(line)); + log_handler(line); } void -fido_log_debug(const char *fmt, ...) +fido_log_xxd(const void *buf, size_t count) { - va_list ap; + const uint8_t *ptr = buf; + char row[XXDROW]; + char xxd[XXDLEN]; - if (!logging) + if (!logging || log_handler == NULL || count == 0) return; - va_start(ap, fmt); - vfprintf(stderr, fmt, ap); - va_end(ap); + *row = '\0'; - fprintf(stderr, "\n"); - fflush(stderr); + for (size_t i = 0; i < count; i++) { + *xxd = '\0'; + if (i % 16 == 0) + snprintf(xxd, sizeof(xxd), "%04zu: %02x", i, *ptr++); + else + snprintf(xxd, sizeof(xxd), " %02x", *ptr++); + strlcat(row, xxd, sizeof(row)); + if (i % 16 == 15 || i == count - 1) { + fido_log_debug("%s", row); + *row = '\0'; + } + } +} + +void +fido_set_log_handler(fido_log_handler_t *handler) +{ + if (handler != NULL) + log_handler = handler; } #endif /* !FIDO_NO_DIAGNOSTIC */ diff --git a/src/pin.c b/src/pin.c index 1ed555c..36acbe4 100644 --- a/src/pin.c +++ b/src/pin.c @@ -5,6 +5,7 @@ */ #include + #include "fido.h" #include "fido/es256.h" @@ -23,6 +24,14 @@ parse_pintoken(const cbor_item_t *key, const cbor_item_t *val, void *arg) return (fido_blob_decode(val, token)); } +#ifdef FIDO_UVTOKEN +static int +parse_uvtoken(const cbor_item_t *key, const cbor_item_t *val, void *arg) +{ + return (parse_pintoken(key, val, arg)); +} +#endif /* FIDO_UVTOKEN */ + static int fido_dev_get_pin_token_tx(fido_dev_t *dev, const char *pin, const fido_blob_t *ecdh, const es256_pk_t *pk) @@ -51,8 +60,8 @@ fido_dev_get_pin_token_tx(fido_dev_t *dev, const char *pin, goto fail; } - if (cbor_build_frame(CTAP_CBOR_CLIENT_PIN, argv, 6, &f) < 0 || - fido_tx(dev, CTAP_FRAME_INIT | CTAP_CMD_CBOR, f.ptr, f.len) < 0) { + if (cbor_build_frame(CTAP_CBOR_CLIENT_PIN, argv, nitems(argv), + &f) < 0 || fido_tx(dev, CTAP_CMD_CBOR, f.ptr, f.len) < 0) { fido_log_debug("%s: fido_tx", __func__); r = FIDO_ERR_TX; goto fail; @@ -67,13 +76,47 @@ fail: return (r); } +#ifdef FIDO_UVTOKEN +static int +fido_dev_get_uv_token_tx(fido_dev_t *dev, const es256_pk_t *pk) +{ + fido_blob_t f; + cbor_item_t *argv[3]; + int r; + + memset(&f, 0, sizeof(f)); + memset(argv, 0, sizeof(argv)); + + if ((argv[0] = cbor_build_uint8(1)) == NULL || + (argv[1] = cbor_build_uint8(6)) == NULL || + (argv[2] = es256_pk_encode(pk, 0)) == NULL) { + fido_log_debug("%s: cbor encode", __func__); + r = FIDO_ERR_INTERNAL; + goto fail; + } + + if (cbor_build_frame(CTAP_CBOR_CLIENT_PIN, argv, nitems(argv), + &f) < 0 || fido_tx(dev, CTAP_CMD_CBOR, f.ptr, f.len) < 0) { + fido_log_debug("%s: fido_tx", __func__); + r = FIDO_ERR_TX; + goto fail; + } + + r = FIDO_OK; +fail: + cbor_vector_free(argv, nitems(argv)); + free(f.ptr); + + return (r); +} +#endif /* FIDO_UVTOKEN */ + static int fido_dev_get_pin_token_rx(fido_dev_t *dev, const fido_blob_t *ecdh, fido_blob_t *token, int ms) { - const uint8_t cmd = CTAP_FRAME_INIT | CTAP_CMD_CBOR; fido_blob_t *aes_token = NULL; - unsigned char reply[2048]; + unsigned char reply[FIDO_MAXMSG]; int reply_len; int r; @@ -82,7 +125,8 @@ fido_dev_get_pin_token_rx(fido_dev_t *dev, const fido_blob_t *ecdh, goto fail; } - if ((reply_len = fido_rx(dev, cmd, &reply, sizeof(reply), ms)) < 0) { + if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply), + ms)) < 0) { fido_log_debug("%s: fido_rx", __func__); r = FIDO_ERR_RX; goto fail; @@ -107,15 +151,69 @@ fail: return (r); } +#ifdef FIDO_UVTOKEN +static int +fido_dev_get_uv_token_rx(fido_dev_t *dev, const fido_blob_t *ecdh, + fido_blob_t *token, int ms) +{ + fido_blob_t *aes_token = NULL; + unsigned char reply[FIDO_MAXMSG]; + int reply_len; + int r; + + if ((aes_token = fido_blob_new()) == NULL) { + r = FIDO_ERR_INTERNAL; + goto fail; + } + + if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply), + ms)) < 0) { + fido_log_debug("%s: fido_rx", __func__); + r = FIDO_ERR_RX; + goto fail; + } + + if ((r = cbor_parse_reply(reply, (size_t)reply_len, aes_token, + parse_uvtoken)) != FIDO_OK) { + fido_log_debug("%s: parse_uvtoken", __func__); + goto fail; + } + + if (aes256_cbc_dec(ecdh, aes_token, token) < 0) { + fido_log_debug("%s: aes256_cbc_dec", __func__); + r = FIDO_ERR_RX; + goto fail; + } + + r = FIDO_OK; +fail: + fido_blob_free(&aes_token); + + return (r); +} +#endif /* FIDO_UVTOKEN */ + static int fido_dev_get_pin_token_wait(fido_dev_t *dev, const char *pin, const fido_blob_t *ecdh, const es256_pk_t *pk, fido_blob_t *token, int ms) { int r; +#ifdef FIDO_UVTOKEN + if (getenv("FIDO_UVTOKEN") != NULL) { + if ((r = fido_dev_get_uv_token_tx(dev, pk)) != FIDO_OK || + (r = fido_dev_get_uv_token_rx(dev, ecdh, token, ms)) != FIDO_OK) + return (r); + } else { + if ((r = fido_dev_get_pin_token_tx(dev, pin, ecdh, pk)) != FIDO_OK || + (r = fido_dev_get_pin_token_rx(dev, ecdh, token, ms)) != FIDO_OK) + return (r); + } +#else if ((r = fido_dev_get_pin_token_tx(dev, pin, ecdh, pk)) != FIDO_OK || (r = fido_dev_get_pin_token_rx(dev, ecdh, token, ms)) != FIDO_OK) return (r); +#endif return (FIDO_OK); } @@ -196,8 +294,8 @@ fido_dev_change_pin_tx(fido_dev_t *dev, const char *pin, const char *oldpin) goto fail; } - if (cbor_build_frame(CTAP_CBOR_CLIENT_PIN, argv, 6, &f) < 0 || - fido_tx(dev, CTAP_FRAME_INIT | CTAP_CMD_CBOR, f.ptr, f.len) < 0) { + if (cbor_build_frame(CTAP_CBOR_CLIENT_PIN, argv, nitems(argv), + &f) < 0 || fido_tx(dev, CTAP_CMD_CBOR, f.ptr, f.len) < 0) { fido_log_debug("%s: fido_tx", __func__); r = FIDO_ERR_TX; goto fail; @@ -249,8 +347,8 @@ fido_dev_set_pin_tx(fido_dev_t *dev, const char *pin) goto fail; } - if (cbor_build_frame(CTAP_CBOR_CLIENT_PIN, argv, 5, &f) < 0 || - fido_tx(dev, CTAP_FRAME_INIT | CTAP_CMD_CBOR, f.ptr, f.len) < 0) { + if (cbor_build_frame(CTAP_CBOR_CLIENT_PIN, argv, nitems(argv), + &f) < 0 || fido_tx(dev, CTAP_CMD_CBOR, f.ptr, f.len) < 0) { fido_log_debug("%s: fido_tx", __func__); r = FIDO_ERR_TX; goto fail; @@ -338,8 +436,8 @@ fido_dev_get_retry_count_tx(fido_dev_t *dev) goto fail; } - if (cbor_build_frame(CTAP_CBOR_CLIENT_PIN, argv, 2, &f) < 0 || - fido_tx(dev, CTAP_FRAME_INIT | CTAP_CMD_CBOR, f.ptr, f.len) < 0) { + if (cbor_build_frame(CTAP_CBOR_CLIENT_PIN, argv, nitems(argv), + &f) < 0 || fido_tx(dev, CTAP_CMD_CBOR, f.ptr, f.len) < 0) { fido_log_debug("%s: fido_tx", __func__); r = FIDO_ERR_TX; goto fail; @@ -356,14 +454,14 @@ fail: static int fido_dev_get_retry_count_rx(fido_dev_t *dev, int *retries, int ms) { - const uint8_t cmd = CTAP_FRAME_INIT | CTAP_CMD_CBOR; - unsigned char reply[512]; + unsigned char reply[FIDO_MAXMSG]; int reply_len; int r; *retries = 0; - if ((reply_len = fido_rx(dev, cmd, &reply, sizeof(reply), ms)) < 0) { + if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply), + ms)) < 0) { fido_log_debug("%s: fido_rx", __func__); return (FIDO_ERR_RX); } diff --git a/src/reset.c b/src/reset.c index 4b2c88a..ebda1cd 100644 --- a/src/reset.c +++ b/src/reset.c @@ -10,10 +10,9 @@ static int fido_dev_reset_tx(fido_dev_t *dev) { - const unsigned char cbor[] = { CTAP_CBOR_RESET }; - const uint8_t cmd = CTAP_FRAME_INIT | CTAP_CMD_CBOR; + const unsigned char cbor[] = { CTAP_CBOR_RESET }; - if (fido_tx(dev, cmd, cbor, sizeof(cbor)) < 0) { + if (fido_tx(dev, CTAP_CMD_CBOR, cbor, sizeof(cbor)) < 0) { fido_log_debug("%s: fido_tx", __func__); return (FIDO_ERR_TX); } diff --git a/src/types.h b/src/types.h deleted file mode 100644 index 42ed1b7..0000000 --- a/src/types.h +++ /dev/null @@ -1,171 +0,0 @@ -/* - * Copyright (c) 2018 Yubico AB. All rights reserved. - * Use of this source code is governed by a BSD-style - * license that can be found in the LICENSE file. - */ - -#ifndef _TYPES_H -#define _TYPES_H - -#include "packed.h" - -/* COSE ES256 (ECDSA over P-256 with SHA-256) public key */ -typedef struct es256_pk { - unsigned char x[32]; - unsigned char y[32]; -} es256_pk_t; - -/* COSE ES256 (ECDSA over P-256 with SHA-256) (secret) key */ -typedef struct es256_sk { - unsigned char d[32]; -} es256_sk_t; - -/* COSE RS256 (2048-bit RSA with PKCS1 padding and SHA-256) public key */ -typedef struct rs256_pk { - unsigned char n[256]; - unsigned char e[3]; -} rs256_pk_t; - -/* COSE EDDSA (ED25519) */ -typedef struct eddsa_pk { - unsigned char x[32]; -} eddsa_pk_t; - -PACKED_TYPE(fido_authdata_t, -struct fido_authdata { - unsigned char rp_id_hash[32]; /* sha256 of fido_rp.id */ - uint8_t flags; /* user present/verified */ - uint32_t sigcount; /* signature counter */ - /* actually longer */ -}) - -PACKED_TYPE(fido_attcred_raw_t, -struct fido_attcred_raw { - unsigned char aaguid[16]; /* credential's aaguid */ - uint16_t id_len; /* credential id length */ - uint8_t body[]; /* credential id + pubkey */ -}) - -typedef struct fido_attcred { - unsigned char aaguid[16]; /* credential's aaguid */ - fido_blob_t id; /* credential id */ - int type; /* credential's cose algorithm */ - union { /* credential's public key */ - es256_pk_t es256; - rs256_pk_t rs256; - eddsa_pk_t eddsa; - } pubkey; -} fido_attcred_t; - -typedef struct fido_attstmt { - fido_blob_t x5c; /* attestation certificate */ - fido_blob_t sig; /* attestation signature */ -} fido_attstmt_t; - -typedef struct fido_rp { - char *id; /* relying party id */ - char *name; /* relying party name */ -} fido_rp_t; - -typedef struct fido_user { - fido_blob_t id; /* required */ - char *icon; /* optional */ - char *name; /* optional */ - char *display_name; /* required */ -} fido_user_t; - -typedef struct fido_cred { - fido_blob_t cdh; /* client data hash */ - fido_rp_t rp; /* relying party */ - fido_user_t user; /* user entity */ - fido_blob_array_t excl; /* list of credential ids to exclude */ - fido_opt_t rk; /* resident key */ - fido_opt_t uv; /* user verification */ - int ext; /* enabled extensions */ - int type; /* cose algorithm */ - char *fmt; /* credential format */ - int authdata_ext; /* decoded extensions */ - fido_blob_t authdata_cbor; /* raw cbor payload */ - fido_authdata_t authdata; /* decoded authdata payload */ - fido_attcred_t attcred; /* returned credential (key + id) */ - fido_attstmt_t attstmt; /* attestation statement (x509 + sig) */ -} fido_cred_t; - -typedef struct _fido_assert_stmt { - fido_blob_t id; /* credential id */ - fido_user_t user; /* user attributes */ - fido_blob_t hmac_secret_enc; /* hmac secret, encrypted */ - fido_blob_t hmac_secret; /* hmac secret */ - int authdata_ext; /* decoded extensions */ - fido_blob_t authdata_cbor; /* raw cbor payload */ - fido_authdata_t authdata; /* decoded authdata payload */ - fido_blob_t sig; /* signature of cdh + authdata */ -} fido_assert_stmt; - -typedef struct fido_assert { - char *rp_id; /* relying party id */ - fido_blob_t cdh; /* client data hash */ - fido_blob_t hmac_salt; /* optional hmac-secret salt */ - fido_blob_array_t allow_list; /* list of allowed credentials */ - fido_opt_t up; /* user presence */ - fido_opt_t uv; /* user verification */ - int ext; /* enabled extensions */ - fido_assert_stmt *stmt; /* array of expected assertions */ - size_t stmt_cnt; /* number of allocated assertions */ - size_t stmt_len; /* number of received assertions */ -} fido_assert_t; - -typedef struct fido_opt_array { - char **name; - bool *value; - size_t len; -} fido_opt_array_t; - -typedef struct fido_str_array { - char **ptr; - size_t len; -} fido_str_array_t; - -typedef struct fido_byte_array { - uint8_t *ptr; - size_t len; -} fido_byte_array_t; - -typedef struct fido_cbor_info { - fido_str_array_t versions; /* supported versions: fido2|u2f */ - fido_str_array_t extensions; /* list of supported extensions */ - unsigned char aaguid[16]; /* aaguid */ - fido_opt_array_t options; /* list of supported options */ - uint64_t maxmsgsiz; /* maximum message size */ - fido_byte_array_t protocols; /* supported pin protocols */ -} fido_cbor_info_t; - -typedef struct fido_dev_info { - char *path; /* device path */ - int16_t vendor_id; /* 2-byte vendor id */ - int16_t product_id; /* 2-byte product id */ - char *manufacturer; /* manufacturer string */ - char *product; /* product string */ -} fido_dev_info_t; - -PACKED_TYPE(fido_ctap_info_t, -/* defined in section 8.1.9.1.3 (CTAPHID_INIT) of the fido2 ctap spec */ -struct fido_ctap_info { - uint64_t nonce; /* echoed nonce */ - uint32_t cid; /* channel id */ - uint8_t protocol; /* ctaphid protocol id */ - uint8_t major; /* major version number */ - uint8_t minor; /* minor version number */ - uint8_t build; /* build version number */ - uint8_t flags; /* capabilities flags; see FIDO_CAP_* */ -}) - -typedef struct fido_dev { - uint64_t nonce; /* issued nonce */ - fido_ctap_info_t attr; /* device attributes */ - uint32_t cid; /* assigned channel id */ - void *io_handle; /* abstract i/o handle */ - fido_dev_io_t io; /* i/o functions & data */ -} fido_dev_t; - -#endif /* !_TYPES_H */ diff --git a/src/u2f.c b/src/u2f.c index 82b289f..19a959d 100644 --- a/src/u2f.c +++ b/src/u2f.c @@ -125,11 +125,10 @@ authdata_fake(const char *rp_id, uint8_t flags, uint32_t sigcount, static int send_dummy_register(fido_dev_t *dev, int ms) { - const uint8_t cmd = CTAP_FRAME_INIT | CTAP_CMD_MSG; iso7816_apdu_t *apdu = NULL; unsigned char challenge[SHA256_DIGEST_LENGTH]; unsigned char application[SHA256_DIGEST_LENGTH]; - unsigned char reply[2048]; + unsigned char reply[FIDO_MAXMSG]; int r; #ifdef FIDO_FUZZ @@ -150,13 +149,13 @@ send_dummy_register(fido_dev_t *dev, int ms) } do { - if (fido_tx(dev, cmd, iso7816_ptr(apdu), + if (fido_tx(dev, CTAP_CMD_MSG, iso7816_ptr(apdu), iso7816_len(apdu)) < 0) { fido_log_debug("%s: fido_tx", __func__); r = FIDO_ERR_TX; goto fail; } - if (fido_rx(dev, cmd, &reply, sizeof(reply), ms) < 2) { + if (fido_rx(dev, CTAP_CMD_MSG, &reply, sizeof(reply), ms) < 2) { fido_log_debug("%s: fido_rx", __func__); r = FIDO_ERR_RX; goto fail; @@ -179,11 +178,10 @@ static int key_lookup(fido_dev_t *dev, const char *rp_id, const fido_blob_t *key_id, int *found, int ms) { - const uint8_t cmd = CTAP_FRAME_INIT | CTAP_CMD_MSG; iso7816_apdu_t *apdu = NULL; unsigned char challenge[SHA256_DIGEST_LENGTH]; unsigned char rp_id_hash[SHA256_DIGEST_LENGTH]; - unsigned char reply[8]; + unsigned char reply[FIDO_MAXMSG]; uint8_t key_id_len; int r; @@ -217,12 +215,13 @@ key_lookup(fido_dev_t *dev, const char *rp_id, const fido_blob_t *key_id, goto fail; } - if (fido_tx(dev, cmd, iso7816_ptr(apdu), iso7816_len(apdu)) < 0) { + if (fido_tx(dev, CTAP_CMD_MSG, iso7816_ptr(apdu), + iso7816_len(apdu)) < 0) { fido_log_debug("%s: fido_tx", __func__); r = FIDO_ERR_TX; goto fail; } - if (fido_rx(dev, cmd, &reply, sizeof(reply), ms) != 2) { + if (fido_rx(dev, CTAP_CMD_MSG, &reply, sizeof(reply), ms) != 2) { fido_log_debug("%s: fido_rx", __func__); r = FIDO_ERR_RX; goto fail; @@ -285,10 +284,9 @@ static int do_auth(fido_dev_t *dev, const fido_blob_t *cdh, const char *rp_id, const fido_blob_t *key_id, fido_blob_t *sig, fido_blob_t *ad, int ms) { - const uint8_t cmd = CTAP_FRAME_INIT | CTAP_CMD_MSG; iso7816_apdu_t *apdu = NULL; unsigned char rp_id_hash[SHA256_DIGEST_LENGTH]; - unsigned char reply[128]; + unsigned char reply[FIDO_MAXMSG]; int reply_len; uint8_t key_id_len; int r; @@ -326,14 +324,14 @@ do_auth(fido_dev_t *dev, const fido_blob_t *cdh, const char *rp_id, } do { - if (fido_tx(dev, cmd, iso7816_ptr(apdu), + if (fido_tx(dev, CTAP_CMD_MSG, iso7816_ptr(apdu), iso7816_len(apdu)) < 0) { fido_log_debug("%s: fido_tx", __func__); r = FIDO_ERR_TX; goto fail; } - if ((reply_len = fido_rx(dev, cmd, &reply, sizeof(reply), - ms)) < 2) { + if ((reply_len = fido_rx(dev, CTAP_CMD_MSG, &reply, + sizeof(reply), ms)) < 2) { fido_log_debug("%s: fido_rx", __func__); r = FIDO_ERR_RX; goto fail; @@ -575,10 +573,9 @@ fail: int u2f_register(fido_dev_t *dev, fido_cred_t *cred, int ms) { - const uint8_t cmd = CTAP_FRAME_INIT | CTAP_CMD_MSG; iso7816_apdu_t *apdu = NULL; unsigned char rp_id_hash[SHA256_DIGEST_LENGTH]; - unsigned char reply[2048]; + unsigned char reply[FIDO_MAXMSG]; int reply_len; int found; int r; @@ -634,14 +631,14 @@ u2f_register(fido_dev_t *dev, fido_cred_t *cred, int ms) } do { - if (fido_tx(dev, cmd, iso7816_ptr(apdu), + if (fido_tx(dev, CTAP_CMD_MSG, iso7816_ptr(apdu), iso7816_len(apdu)) < 0) { fido_log_debug("%s: fido_tx", __func__); r = FIDO_ERR_TX; goto fail; } - if ((reply_len = fido_rx(dev, cmd, &reply, sizeof(reply), - ms)) < 2) { + if ((reply_len = fido_rx(dev, CTAP_CMD_MSG, &reply, + sizeof(reply), ms)) < 2) { fido_log_debug("%s: fido_rx", __func__); r = FIDO_ERR_RX; goto fail; @@ -687,6 +684,12 @@ u2f_authenticate_single(fido_dev_t *dev, const fido_blob_t *key_id, goto fail; } + if (fido_blob_set(&fa->stmt[idx].id, key_id->ptr, key_id->len) < 0) { + fido_log_debug("%s: fido_blob_set", __func__); + r = FIDO_ERR_INTERNAL; + goto fail; + } + if (fa->up == FIDO_OPT_FALSE) { fido_log_debug("%s: checking for key existence only", __func__); r = FIDO_ERR_USER_PRESENCE_REQUIRED; @@ -699,8 +702,7 @@ u2f_authenticate_single(fido_dev_t *dev, const fido_blob_t *key_id, goto fail; } - if (fido_blob_set(&fa->stmt[idx].id, key_id->ptr, key_id->len) < 0 || - fido_assert_set_authdata(fa, idx, ad.ptr, ad.len) != FIDO_OK || + if (fido_assert_set_authdata(fa, idx, ad.ptr, ad.len) != FIDO_OK || fido_assert_set_sig(fa, idx, sig.ptr, sig.len) != FIDO_OK) { fido_log_debug("%s: fido_assert_set", __func__); r = FIDO_ERR_INTERNAL; @@ -724,6 +726,7 @@ fail: int u2f_authenticate(fido_dev_t *dev, fido_assert_t *fa, int ms) { + int nfound = 0; int nauth_ok = 0; int r; @@ -739,20 +742,30 @@ u2f_authenticate(fido_dev_t *dev, fido_assert_t *fa, int ms) } for (size_t i = 0; i < fa->allow_list.len; i++) { - if ((r = u2f_authenticate_single(dev, &fa->allow_list.ptr[i], - fa, nauth_ok, ms)) == FIDO_OK) { + switch ((r = u2f_authenticate_single(dev, + &fa->allow_list.ptr[i], fa, nfound, ms))) { + case FIDO_OK: nauth_ok++; - } else if (r != FIDO_ERR_CREDENTIAL_EXCLUDED) { - fido_log_debug("%s: u2f_authenticate_single", __func__); - return (r); + /* FALLTHROUGH */ + case FIDO_ERR_USER_PRESENCE_REQUIRED: + nfound++; + break; + default: + if (r != FIDO_ERR_CREDENTIAL_EXCLUDED) { + fido_log_debug("%s: u2f_authenticate_single", + __func__); + return (r); + } + /* ignore credentials that don't exist */ } - /* ignore credentials that don't exist */ } - fa->stmt_len = nauth_ok; + fa->stmt_len = nfound; - if (nauth_ok == 0) + if (nfound == 0) return (FIDO_ERR_NO_CREDENTIALS); + if (nauth_ok == 0) + return (FIDO_ERR_USER_PRESENCE_REQUIRED); return (FIDO_OK); } diff --git a/tools/CMakeLists.txt b/tools/CMakeLists.txt index 4b8ef32..274a799 100644 --- a/tools/CMakeLists.txt +++ b/tools/CMakeLists.txt @@ -8,7 +8,7 @@ list(APPEND COMPAT_SOURCES ../openbsd-compat/strlcat.c ) -if(WIN32) +if(WIN32 AND NOT CYGWIN AND NOT MSYS) list(APPEND COMPAT_SOURCES ../openbsd-compat/bsd-getline.c ../openbsd-compat/explicit_bzero_win32.c @@ -49,7 +49,6 @@ add_executable(fido2-token ${COMPAT_SOURCES} ) - target_link_libraries(fido2-cred ${CRYPTO_LIBRARIES} fido2_shared) target_link_libraries(fido2-assert ${CRYPTO_LIBRARIES} fido2_shared) target_link_libraries(fido2-token ${CRYPTO_LIBRARIES} fido2_shared) diff --git a/tools/bio.c b/tools/bio.c index b8f9b38..135b055 100644 --- a/tools/bio.c +++ b/tools/bio.c @@ -253,11 +253,10 @@ void bio_info(fido_dev_t *dev) { fido_bio_info_t *i = NULL; - int r; if ((i = fido_bio_info_new()) == NULL) errx(1, "fido_bio_info_new"); - if ((r = fido_bio_dev_get_info(dev, i)) != FIDO_OK) { + if (fido_bio_dev_get_info(dev, i) != FIDO_OK) { fido_bio_info_free(&i); return; } diff --git a/tools/credman.c b/tools/credman.c index 08c9eb8..6eda245 100644 --- a/tools/credman.c +++ b/tools/credman.c @@ -37,7 +37,7 @@ credman_get_metadata(fido_dev_t *dev, const char *path) printf("existing rk(s): %u\n", (unsigned)fido_credman_rk_existing(metadata)); - printf("possible rk(s): %u\n", + printf("remaining rk(s): %u\n", (unsigned)fido_credman_rk_remaining(metadata)); fido_credman_metadata_free(&metadata); diff --git a/tools/extern.h b/tools/extern.h index e79e6f0..be01046 100644 --- a/tools/extern.h +++ b/tools/extern.h @@ -7,6 +7,12 @@ #ifndef _EXTERN_H_ #define _EXTERN_H_ +#include +#include + +#include +#include + struct blob { unsigned char *ptr; size_t len; diff --git a/tools/include_check.sh b/tools/include_check.sh new file mode 100755 index 0000000..9958c9a --- /dev/null +++ b/tools/include_check.sh @@ -0,0 +1,21 @@ +#!/bin/bash +# +# Copyright (c) 2019 Yubico AB. All rights reserved. +# Use of this source code is governed by a BSD-style +# license that can be found in the LICENSE file. + +check() { + for f in $(find $1 -maxdepth 1 -name '*.h'); do + echo "#include \"$f\"" | \ + cc $CFLAGS -Isrc -xc -c - -o /dev/null 2>&1 + echo $f $CFLAGS $? + done +} + +check examples +check fuzz +check openbsd-compat +CFLAGS=-D_FIDO_INTERNAL check src +check src/fido.h +check src/fido +check tools diff --git a/tools/macos_pkg.sh b/tools/macos_pkg.sh new file mode 100755 index 0000000..4313c27 --- /dev/null +++ b/tools/macos_pkg.sh @@ -0,0 +1,44 @@ +#!/bin/bash -e +# Copyright (c) 2019 Yubico AB. All rights reserved. +# Use of this source code is governed by a BSD-style +# license that can be found in the LICENSE file. + +if [[ "$#" -ne 2 ]]; then + echo usage: $0 version directory 1>&2 + exit 1 +fi + +V=$1 +D=$2 + +FIDO_PATH=$(realpath ${D}/lib/libfido2.${V}.dylib) +CBOR_PATH=$(otool -L "${FIDO_PATH}" | grep cbor | awk '{ print $1 }') +CRYPTO_PATH=$(otool -L "${FIDO_PATH}" | grep crypto | awk '{ print $1 }') + +cp -p "${CBOR_PATH}" "${CRYPTO_PATH}" "${D}/lib" +chmod 755 "${D}/lib/"*dylib +rm "${D}/lib/pkgconfig/libfido2.pc" +rmdir "${D}/lib/pkgconfig" + +CBOR_NAME=$(echo "${CBOR_PATH}" | grep -o 'libcbor.*dylib') +CRYPTO_NAME=$(echo "${CRYPTO_PATH}" | grep -o 'libcrypto.*dylib') +FIDO_NAME="libfido2.${V}.dylib" + +install_name_tool -id "@loader_path/${CBOR_NAME}" "${D}/lib/${CBOR_NAME}" +install_name_tool -id "@loader_path/${CRYPTO_NAME}" "${D}/lib/${CRYPTO_NAME}" +install_name_tool -id "@loader_path/libfido2.${V}.dylib" "${FIDO_PATH}" + +install_name_tool -change "${CBOR_PATH}" "@loader_path/${CBOR_NAME}" \ + "${FIDO_PATH}" +install_name_tool -change "${CRYPTO_PATH}" "@loader_path/${CRYPTO_NAME}" \ + "${FIDO_PATH}" + +for f in $(find "${D}/bin" -type f); do + FIDO_PATH=$(otool -L "${f}" | grep libfido2 | awk '{ print $1 }') + install_name_tool -change "${CBOR_PATH}" \ + "@executable_path/../lib/${CBOR_NAME}" "${f}" + install_name_tool -change "${CRYPTO_PATH}" \ + "@executable_path/../lib/${CRYPTO_NAME}" "${f}" + install_name_tool -change "${FIDO_PATH}" \ + "@executable_path/../lib/${FIDO_NAME}" "${f}" +done diff --git a/tools/token.c b/tools/token.c index b149208..e65f09f 100644 --- a/tools/token.c +++ b/tools/token.c @@ -111,6 +111,12 @@ print_maxmsgsiz(uint64_t maxmsgsiz) printf("maxmsgsiz: %d\n", (int)maxmsgsiz); } +static void +print_fwversion(uint64_t fwversion) +{ + printf("fwversion: 0x%x\n", (int)fwversion); +} + static void print_byte_array(const char *label, const uint8_t *ba, size_t len) { @@ -166,7 +172,7 @@ token_info(int argc, char **argv, char *path) return (credman_print_rk(dev, path, rp_id, cred_id)); if (cred_id || rp_id) usage(); - + print_attr(dev); if (fido_dev_is_fido2(dev) == false) @@ -196,11 +202,14 @@ token_info(int argc, char **argv, char *path) /* print maximum message size */ print_maxmsgsiz(fido_cbor_info_maxmsgsiz(ci)); + /* print firmware version */ + print_fwversion(fido_cbor_info_fwversion(ci)); + /* print supported pin protocols */ print_byte_array("pin protocols", fido_cbor_info_protocols_ptr(ci), fido_cbor_info_protocols_len(ci)); - if ((r = fido_dev_get_retry_count(dev, &retrycnt)) != FIDO_OK) + if (fido_dev_get_retry_count(dev, &retrycnt) != FIDO_OK) printf("pin retries: undefined\n"); else printf("pin retries: %d\n", retrycnt); diff --git a/udev/70-u2f.rules b/udev/70-u2f.rules index 3932270..22b47c9 100644 --- a/udev/70-u2f.rules +++ b/udev/70-u2f.rules @@ -35,11 +35,8 @@ KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="2abe", ATTRS{idProduct # Thetis Key KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="1ea8", ATTRS{idProduct}=="f025", TAG+="uaccess", GROUP="plugdev", MODE="0660" -# Nitrokey FIDO U2F, Nitrokey FIDO2 -KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="20a0", ATTRS{idProduct}=="4287|42b1", TAG+="uaccess", GROUP="plugdev", MODE="0660" - -# Safetech SafeKey -KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="20a0", ATTRS{idProduct}=="42b3", TAG+="uaccess", GROUP="plugdev", MODE="0660" +# Nitrokey FIDO U2F, Nitrokey FIDO2, Safetech SafeKey +KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="20a0", ATTRS{idProduct}=="4287|42b1|42b3", TAG+="uaccess", GROUP="plugdev", MODE="0660" # Google Titan U2F KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="18d1", ATTRS{idProduct}=="5026", TAG+="uaccess", GROUP="plugdev", MODE="0660" @@ -72,4 +69,7 @@ KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="311f", ATTRS{idProduct # OnlyKey (FIDO2 / U2F) KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="1d50", ATTRS{idProduct}=="60fc", TAG+="uaccess", GROUP="plugdev", MODE="0660" +# GoTrust Idem Key +KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="1fc9", ATTRS{idProduct}=="f143", TAG+="uaccess", GROUP="plugdev", MODE="0660" + LABEL="u2f_end" -- cgit v1.2.3