upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-06-04 22:32:43 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Vendor import of libfido2 0.12.0

Browse source
This commit is contained in:
Ed Maste 2023-04-26 12:40:13 -04:00
parent cd0b1b947d
commit fdfa06d7d3
193 changed files with 4068 additions and 722 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
CMakeLists.txt
View file

@ -1,6 +1,7 @@
# Copyright (c) 2018-2022 Yubico AB. All rights reserved.
# Use of this source code is governed by a BSD-style
# license that can be found in the LICENSE file.
# SPDX-License-Identifier: BSD-2-Clause
# detect AppleClang; needs to come before project()
cmake_policy(SET CMP0025 NEW)
@ -28,7 +29,7 @@ set(CMAKE_POSITION_INDEPENDENT_CODE ON)
set(CMAKE_COLOR_MAKEFILE OFF)
set(CMAKE_VERBOSE_MAKEFILE ON)
set(FIDO_MAJOR "1")
set(FIDO_MINOR "11")
set(FIDO_MINOR "12")
set(FIDO_PATCH "0")
set(FIDO_VERSION ${FIDO_MAJOR}.${FIDO_MINOR}.${FIDO_PATCH})
@ -67,7 +68,7 @@ if(NOT MSVC)
if(APPLE)
set(FIDO_CFLAGS "${FIDO_CFLAGS} -D_DARWIN_C_SOURCE")
set(FIDO_CFLAGS "${FIDO_CFLAGS} -D__STDC_WANT_LIB_EXT1__=1")
elseif(CMAKE_SYSTEM_NAME STREQUAL "Linux")
elseif((CMAKE_SYSTEM_NAME STREQUAL "Linux") OR MINGW OR CYGWIN)
set(FIDO_CFLAGS "${FIDO_CFLAGS} -D_GNU_SOURCE")
set(FIDO_CFLAGS "${FIDO_CFLAGS} -D_DEFAULT_SOURCE")
elseif(CMAKE_SYSTEM_NAME STREQUAL "FreeBSD" OR
@ -277,16 +278,21 @@ else()
add_compile_options(-Wwrite-strings)
add_compile_options(-Wmissing-prototypes)
add_compile_options(-Wbad-function-cast)
add_compile_options(-Wimplicit-fallthrough)
add_compile_options(-pedantic)
add_compile_options(-pedantic-errors)
set(EXTRA_CFLAGS "-Wconversion -Wsign-conversion")
if(WIN32)
add_compile_options(-Wno-type-limits)
add_compile_options(-Wno-cast-function-type)
endif()
if(HAVE_SHORTEN_64_TO_32)
add_compile_options(-Wshorten-64-to-32)
endif()
if(HAVE_STACK_PROTECTOR_ALL)
add_compile_options(-fstack-protector-all)
endif()
@ -301,6 +307,8 @@ else()
if(LIBFUZZER)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=fuzzer-no-link")
else()
set(EXTRA_CFLAGS "${EXTRA_CFLAGS} -Wframe-larger-than=2047")
endif()
endif()

2
LICENSE
View file

@ -22,3 +22,5 @@ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
SPDX-License-Identifier: BSD-2-Clause

22
NEWS
View file

@ -1,3 +1,25 @@
* Version 1.12.0 (2022-09-22)
** Support for COSE_ES384.
** Support for hidraw(4) on FreeBSD; gh#597.
** Improved support for FIDO 2.1 authenticators.
** New API calls:
- es384_pk_free;
- es384_pk_from_EC_KEY;
- es384_pk_from_EVP_PKEY;
- es384_pk_from_ptr;
- es384_pk_new;
- es384_pk_to_EVP_PKEY;
- fido_cbor_info_certs_len;
- fido_cbor_info_certs_name_ptr;
- fido_cbor_info_certs_value_ptr;
- fido_cbor_info_maxrpid_minpinlen;
- fido_cbor_info_minpinlen;
- fido_cbor_info_new_pin_required;
- fido_cbor_info_rk_remaining;
- fido_cbor_info_uv_attempts;
- fido_cbor_info_uv_modality.
** Documentation and reliability fixes.
* Version 1.11.0 (2022-05-03)
** Experimental PCSC support; enable with -DUSE_PCSC.
** Improved OpenSSL 3.0 compatibility.

2
README.adoc
View file

@ -38,7 +38,7 @@ is also available.
=== Releases
The current release of *libfido2* is 1.11.0. Signed release tarballs are
The current release of *libfido2* is 1.12.0. Signed release tarballs are
available at Yubico's
https://developers.yubico.com/libfido2/Releases[release page].

1
examples/CMakeLists.txt
View file

@ -1,6 +1,7 @@
# Copyright (c) 2018 Yubico AB. All rights reserved.
# Use of this source code is governed by a BSD-style
# license that can be found in the LICENSE file.
# SPDX-License-Identifier: BSD-2-Clause
list(APPEND COMPAT_SOURCES
../openbsd-compat/clock_gettime.c

8
examples/README.adoc
View file

@ -48,8 +48,8 @@ The following examples are provided:
Configures <pin> as the new PIN of <device>. If [oldpin] is provided,
the device's PIN is changed from [oldpin] to <pin>.
- cred [-t ecdsa|rsa|eddsa] [-k pubkey] [-ei cred_id] [-P pin] [-T seconds]
[-b blobkey] [-hruv] <device>
- cred [-t es256|es384|rs256|eddsa] [-k pubkey] [-ei cred_id] [-P pin]
[-T seconds] [-b blobkey] [-hruv] <device>
Creates a new credential on <device> and verify that the credential
was signed by the authenticator. The device's attestation certificate
@ -66,8 +66,8 @@ The following examples are provided:
option -b is specified, the credential's "largeBlob" key is stored in
<blobkey>.
- assert [-t ecdsa|rsa|eddsa] [-a cred_id] [-h hmac_secret] [-s hmac_salt]
[-P pin] [-T seconds] [-b blobkey] [-puv] <pubkey> <device>
- assert [-t es256|es384|rs256|eddsa] [-a cred_id] [-h hmac_secret] [-P pin]
[-s hmac_salt] [-T seconds] [-b blobkey] [-puv] <pubkey> <device>
Asks <device> for a FIDO2 assertion corresponding to [cred_id],
which may be omitted for resident keys. The obtained assertion

33
examples/assert.c
View file

@ -1,11 +1,13 @@
/*
* Copyright (c) 2018-2021 Yubico AB. All rights reserved.
* Copyright (c) 2018-2022 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#include <fido.h>
#include <fido/es256.h>
#include <fido/es384.h>
#include <fido/rs256.h>
#include <fido/eddsa.h>
@ -30,9 +32,9 @@ static const unsigned char cd[32] = {
static void
usage(void)
{
fprintf(stderr, "usage: assert [-t ecdsa|rsa|eddsa] [-a cred_id] "
"[-h hmac_secret] [-s hmac_salt] [-P pin] [-T seconds] "
"[-b blobkey] [-puv] <pubkey> <device>\n");
fprintf(stderr, "usage: assert [-t es256|es384|rs256|eddsa] "
"[-a cred_id] [-h hmac_secret] [-s hmac_salt] [-P pin] "
"[-T seconds] [-b blobkey] [-puv] <pubkey> <device>\n");
exit(EXIT_FAILURE);
}
@ -46,6 +48,7 @@ verify_assert(int type, const unsigned char *authdata_ptr, size_t authdata_len,
RSA *rsa = NULL;
EVP_PKEY *eddsa = NULL;
es256_pk_t *es256_pk = NULL;
es384_pk_t *es384_pk = NULL;
rs256_pk_t *rs256_pk = NULL;
eddsa_pk_t *eddsa_pk = NULL;
void *pk;
@ -67,6 +70,21 @@ verify_assert(int type, const unsigned char *authdata_ptr, size_t authdata_len,
EC_KEY_free(ec);
ec = NULL;
break;
case COSE_ES384:
if ((ec = read_ec_pubkey(key)) == NULL)
errx(1, "read_ec_pubkey");
if ((es384_pk = es384_pk_new()) == NULL)
errx(1, "es384_pk_new");
if (es384_pk_from_EC_KEY(es384_pk, ec) != FIDO_OK)
errx(1, "es384_pk_from_EC_KEY");
pk = es384_pk;
EC_KEY_free(ec);
ec = NULL;
break;
case COSE_RS256:
if ((rsa = read_rsa_pubkey(key)) == NULL)
@ -147,6 +165,7 @@ verify_assert(int type, const unsigned char *authdata_ptr, size_t authdata_len,
errx(1, "fido_assert_verify: %s (0x%x)", fido_strerr(r), r);
es256_pk_free(&es256_pk);
es384_pk_free(&es384_pk);
rs256_pk_free(&rs256_pk);
eddsa_pk_free(&eddsa_pk);
@ -219,9 +238,11 @@ main(int argc, char **argv)
body = NULL;
break;
case 't':
if (strcmp(optarg, "ecdsa") == 0)
if (strcmp(optarg, "es256") == 0)
type = COSE_ES256;
else if (strcmp(optarg, "rsa") == 0)
else if (strcmp(optarg, "es384") == 0)
type = COSE_ES384;
else if (strcmp(optarg, "rs256") == 0)
type = COSE_RS256;
else if (strcmp(optarg, "eddsa") == 0)
type = COSE_EDDSA;

29
examples/cred.c
View file

@ -1,7 +1,8 @@
/*
* Copyright (c) 2018-2021 Yubico AB. All rights reserved.
* Copyright (c) 2018-2022 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#include <errno.h>
@ -34,7 +35,7 @@ static const unsigned char user_id[32] = {
static void
usage(void)
{
fprintf(stderr, "usage: cred [-t ecdsa|rsa|eddsa] [-k pubkey] "
fprintf(stderr, "usage: cred [-t es256|es384|rs256|eddsa] [-k pubkey] "
"[-ei cred_id] [-P pin] [-T seconds] [-b blobkey] [-hruv] "
"<device>\n");
exit(EXIT_FAILURE);
@ -107,15 +108,23 @@ out:
if (key_out != NULL) {
/* extract the credential pubkey */
if (type == COSE_ES256) {
if (write_ec_pubkey(key_out, fido_cred_pubkey_ptr(cred),
if (write_es256_pubkey(key_out,
fido_cred_pubkey_ptr(cred),
fido_cred_pubkey_len(cred)) < 0)
errx(1, "write_ec_pubkey");
errx(1, "write_es256_pubkey");
} else if (type == COSE_ES384) {
if (write_es384_pubkey(key_out,
fido_cred_pubkey_ptr(cred),
fido_cred_pubkey_len(cred)) < 0)
errx(1, "write_es384_pubkey");
} else if (type == COSE_RS256) {
if (write_rsa_pubkey(key_out, fido_cred_pubkey_ptr(cred),
if (write_rs256_pubkey(key_out,
fido_cred_pubkey_ptr(cred),
fido_cred_pubkey_len(cred)) < 0)
errx(1, "write_rsa_pubkey");
errx(1, "write_rs256_pubkey");
} else if (type == COSE_EDDSA) {
if (write_eddsa_pubkey(key_out, fido_cred_pubkey_ptr(cred),
if (write_eddsa_pubkey(key_out,
fido_cred_pubkey_ptr(cred),
fido_cred_pubkey_len(cred)) < 0)
errx(1, "write_eddsa_pubkey");
}
@ -193,9 +202,11 @@ main(int argc, char **argv)
rk = true;
break;
case 't':
if (strcmp(optarg, "ecdsa") == 0)
if (strcmp(optarg, "es256") == 0)
type = COSE_ES256;
else if (strcmp(optarg, "rsa") == 0)
else if (strcmp(optarg, "es384") == 0)
type = COSE_ES384;
else if (strcmp(optarg, "rs256") == 0)
type = COSE_RS256;
else if (strcmp(optarg, "eddsa") == 0)
type = COSE_EDDSA;

8
examples/extern.h
View file

@ -1,7 +1,8 @@
/*
* Copyright (c) 2018 Yubico AB. All rights reserved.
* Copyright (c) 2018-2022 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#ifndef _EXTERN_H_
@ -18,8 +19,9 @@ EVP_PKEY *read_eddsa_pubkey(const char *);
int base10(const char *, long long *);
int read_blob(const char *, unsigned char **, size_t *);
int write_blob(const char *, const unsigned char *, size_t);
int write_ec_pubkey(const char *, const void *, size_t);
int write_rsa_pubkey(const char *, const void *, size_t);
int write_es256_pubkey(const char *, const void *, size_t);
int write_es384_pubkey(const char *, const void *, size_t);
int write_rs256_pubkey(const char *, const void *, size_t);
int write_eddsa_pubkey(const char *, const void *, size_t);
#endif /* _EXTERN_H_ */

86
examples/info.c
View file

@ -2,6 +2,7 @@
* Copyright (c) 2018-2022 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#include <fido.h>
@ -103,6 +104,25 @@ print_opt_array(const char *label, char * const *name, const bool *value,
printf("\n");
}
/*
* Auxiliary function to print (char *, uint64_t) pairs on stdout.
*/
static void
print_cert_array(const char *label, char * const *name, const uint64_t *value,
size_t len)
{
if (len == 0)
return;
printf("%s: ", label);
for (size_t i = 0; i < len; i++)
printf("%s%s %llu", i > 0 ? ", " : "", name[i],
(unsigned long long)value[i]);
printf("\n");
}
/*
* Auxiliary function to print a list of supported COSE algorithms on stdout.
*/
@ -120,15 +140,18 @@ print_algorithms(const fido_cbor_info_t *ci)
for (size_t i = 0; i < len; i++) {
cose = type = "unknown";
switch (fido_cbor_info_algorithm_cose(ci, i)) {
case COSE_EDDSA:
cose = "eddsa";
break;
case COSE_ES256:
cose = "es256";
break;
case COSE_ES384:
cose = "es384";
break;
case COSE_RS256:
cose = "rs256";
break;
case COSE_EDDSA:
cose = "eddsa";
break;
}
if (fido_cbor_info_algorithm_type(ci, i) != NULL)
type = fido_cbor_info_algorithm_type(ci, i);
@ -192,6 +215,41 @@ print_maxlargeblob(uint64_t maxlargeblob)
printf("maxlargeblob: %d\n", (int)maxlargeblob);
}
/*
* Auxiliary function to print the authenticator's estimated number of
* remaining resident credentials.
*/
static void
print_rk_remaining(int64_t rk_remaining)
{
printf("remaining rk(s): ");
if (rk_remaining == -1)
printf("undefined\n");
else
printf("%d\n", (int)rk_remaining);
}
/*
* Auxiliary function to print the minimum pin length observed by the
* authenticator.
*/
static void
print_minpinlen(uint64_t minpinlen)
{
printf("minpinlen: %d\n", (int)minpinlen);
}
/*
* Auxiliary function to print the authenticator's preferred (platform)
* UV attempts.
*/
static void
print_uv_attempts(uint64_t uv_attempts)
{
printf("platform uv attempt(s): %d\n", (int)uv_attempts);
}
/*
* Auxiliary function to print an authenticator's firmware version on stdout.
*/
@ -265,6 +323,14 @@ getinfo(const char *path)
fido_cbor_info_options_value_ptr(ci),
fido_cbor_info_options_len(ci));
/* print certifications */
print_cert_array("certifications", fido_cbor_info_certs_name_ptr(ci),
fido_cbor_info_certs_value_ptr(ci),
fido_cbor_info_certs_len(ci));
/* print firmware version */
print_fwversion(fido_cbor_info_fwversion(ci));
/* print maximum message size */
print_maxmsgsiz(fido_cbor_info_maxmsgsiz(ci));
@ -277,13 +343,23 @@ getinfo(const char *path)
/* print maximum length of largeBlob array */
print_maxlargeblob(fido_cbor_info_maxlargeblob(ci));
/* print firmware version */
print_fwversion(fido_cbor_info_fwversion(ci));
/* print number of remaining resident credentials */
print_rk_remaining(fido_cbor_info_rk_remaining(ci));
/* print minimum pin length */
print_minpinlen(fido_cbor_info_minpinlen(ci));
/* print supported pin protocols */
print_byte_array("pin protocols", fido_cbor_info_protocols_ptr(ci),
fido_cbor_info_protocols_len(ci));
/* print whether a new pin is required */
printf("pin change required: %s\n",
fido_cbor_info_new_pin_required(ci) ? "true" : "false");
/* print platform uv attempts */
print_uv_attempts(fido_cbor_info_uv_attempts(ci));
fido_cbor_info_free(&ci);
end:
if ((r = fido_dev_close(dev)) != FIDO_OK)

1
examples/manifest.c
View file

@ -2,6 +2,7 @@
* Copyright (c) 2018 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#include <fido.h>

1
examples/reset.c
View file

@ -2,6 +2,7 @@
* Copyright (c) 2018-2021 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
/*

3
examples/retries.c
View file

@ -2,6 +2,7 @@
* Copyright (c) 2018 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
/*
@ -35,7 +36,7 @@ main(int argc, char **argv)
errx(1, "fido_open: %s (0x%x)", fido_strerr(r), r);
if ((r = fido_dev_get_retry_count(dev, &n)) != FIDO_OK)
errx(1, "fido_get_retries: %s (0x%x)", fido_strerr(r), r);
errx(1, "fido_dev_get_retry_count: %s (0x%x)", fido_strerr(r), r);
if ((r = fido_dev_close(dev)) != FIDO_OK)
errx(1, "fido_close: %s (0x%x)", fido_strerr(r), r);

1
examples/select.c
View file

@ -2,6 +2,7 @@
* Copyright (c) 2020-2022 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#include <errno.h>

1
examples/setpin.c
View file

@ -2,6 +2,7 @@
* Copyright (c) 2018 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
/*

65
examples/util.c
View file

@ -1,7 +1,8 @@
/*
* Copyright (c) 2018 Yubico AB. All rights reserved.
* Copyright (c) 2018-2022 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#include <sys/types.h>
@ -13,6 +14,7 @@
#include <fido.h>
#include <fido/es256.h>
#include <fido/es384.h>
#include <fido/rs256.h>
#include <fido/eddsa.h>
@ -158,7 +160,7 @@ fail:
}
int
write_ec_pubkey(const char *path, const void *ptr, size_t len)
write_es256_pubkey(const char *path, const void *ptr, size_t len)
{
FILE *fp = NULL;
EVP_PKEY *pkey = NULL;
@ -214,6 +216,63 @@ fail:
return (ok);
}
int
write_es384_pubkey(const char *path, const void *ptr, size_t len)
{
FILE *fp = NULL;
EVP_PKEY *pkey = NULL;
es384_pk_t *pk = NULL;
int fd = -1;
int ok = -1;
if ((pk = es384_pk_new()) == NULL) {
warnx("es384_pk_new");
goto fail;
}
if (es384_pk_from_ptr(pk, ptr, len) != FIDO_OK) {
warnx("es384_pk_from_ptr");
goto fail;
}
if ((fd = open(path, O_WRONLY | O_CREAT, 0644)) < 0) {
warn("open %s", path);
goto fail;
}
if ((fp = fdopen(fd, "w")) == NULL) {
warn("fdopen");
goto fail;
}
fd = -1; /* owned by fp now */
if ((pkey = es384_pk_to_EVP_PKEY(pk)) == NULL) {
warnx("es384_pk_to_EVP_PKEY");
goto fail;
}
if (PEM_write_PUBKEY(fp, pkey) == 0) {
warnx("PEM_write_PUBKEY");
goto fail;
}
ok = 0;
fail:
es384_pk_free(&pk);
if (fp != NULL) {
fclose(fp);
}
if (fd != -1) {
close(fd);
}
if (pkey != NULL) {
EVP_PKEY_free(pkey);
}
return (ok);
}
RSA *
read_rsa_pubkey(const char *path)
{
@ -247,7 +306,7 @@ fail:
}
int
write_rsa_pubkey(const char *path, const void *ptr, size_t len)
write_rs256_pubkey(const char *path, const void *ptr, size_t len)
{
FILE *fp = NULL;
EVP_PKEY *pkey = NULL;

1
fuzz/CMakeLists.txt
View file

@ -1,6 +1,7 @@
# Copyright (c) 2019 Yubico AB. All rights reserved.
# Use of this source code is governed by a BSD-style
# license that can be found in the LICENSE file.
# SPDX-License-Identifier: BSD-2-Clause
list(APPEND COMPAT_SOURCES
../openbsd-compat/strlcpy.c

16
fuzz/Dockerfile
View file

@ -1,16 +1,16 @@
# Copyright (c) 2019-2022 Yubico AB. All rights reserved.
# Use of this source code is governed by a BSD-style
# license that can be found in the LICENSE file.
# SPDX-License-Identifier: BSD-2-Clause
FROM ubuntu:focal
ENV DEBIAN_FRONTEND=noninteractive
ENV CC=clang-14
ENV CXX=clang++-14
RUN apt-get update
RUN apt-get install -y cmake git libssl-dev libudev-dev make pkg-config
RUN apt-get install -y libpcsclite-dev zlib1g-dev software-properties-common
FROM alpine:latest
ENV CC=clang
ENV CXX=clang++
RUN apk -q update
RUN apk add build-base clang clang-analyzer cmake compiler-rt coreutils
RUN apk add eudev-dev git linux-headers llvm openssl-dev pcsc-lite-dev
RUN apk add sudo tar zlib-dev
RUN git clone --branch v0.9.0 --depth=1 https://github.com/PJK/libcbor
RUN git clone --depth=1 https://github.com/yubico/libfido2
WORKDIR /libfido2
RUN ./.actions/setup_clang "${CC}"
RUN ./fuzz/build-coverage /libcbor /libfido2

16
fuzz/Makefile
View file

@ -1,11 +1,12 @@
# Copyright (c) 2019-2022 Yubico AB. All rights reserved.
# Use of this source code is governed by a BSD-style
# license that can be found in the LICENSE file.
# SPDX-License-Identifier: BSD-2-Clause
IMAGE := libfido2-coverage:1.11.2
IMAGE := libfido2-coverage:1.12.2
RUNNER := libfido2-runner
PROFDATA := llvm-profdata-14
COV := llvm-cov-14
PROFDATA := llvm-profdata
COV := llvm-cov
TARGETS := fuzz_assert fuzz_bio fuzz_cred fuzz_credman fuzz_hid \
fuzz_largeblob fuzz_netlink fuzz_mgmt fuzz_pcsc
CORPORA := $(foreach f,${TARGETS},${f}/corpus)
@ -75,8 +76,15 @@ ${CORPORA}:
-mkdir -p $@
gsutil -q -m rsync -d -r ${REMOTE}/libFuzzer/libfido2_$(@:/corpus=) $@
corpus.tgz: ${CORPORA}
fetch-oss-fuzz: ${CORPORA}
find ${TARGETS} -type f -size +8192c -print0 | xargs -0 rm
fetch-franz:
ssh franz tar -C corpus -cf- . | tar -xf-
corpus.tgz:
tar zcf $@ ${TARGETS}
.PHONY: build run sync corpus ${TARGETS} ${CORPORA}
.PHONY: report.tgz summary.txt functions.txt
.PHONY: fetch-oss-fuzz fetch-franz corpus.tgz

7
fuzz/README
View file

@ -10,6 +10,13 @@ libFuzzer is better suited for bespoke fuzzers; see fuzz_cred.c, fuzz_credman.c,
fuzz_assert.c, fuzz_hid.c, and fuzz_mgmt.c for examples. To build these
harnesses, use -DFUZZ=ON -DLIBFUZZER=ON.
If -DFUZZ=ON is enabled, symbols listed in wrapped.sym are wrapped in the
resulting shared object. The wrapper functions simulate failure according to a
deterministic RNG and probabilities defined in wrap.c. Harnesses wishing to
use this functionality should call prng_init() with a seed obtained from the
corpus. To mutate only the seed part of a libFuzzer harness's corpora,
use '-reduce_inputs=0 --fido-mutate=seed'.
To run under ASAN/MSAN/UBSAN, libfido2 needs to be linked against flavours of
libcbor and OpenSSL built with the respective sanitiser. In order to keep
memory utilisation at a manageable level, you can either enforce limits at

1
fuzz/build-coverage
View file

@ -3,6 +3,7 @@
# Copyright (c) 2019 Yubico AB. All rights reserved.
# Use of this source code is governed by a BSD-style
# license that can be found in the LICENSE file.
# SPDX-License-Identifier: BSD-2-Clause
LIBCBOR="$1"
LIBFIDO2="$2"

1
fuzz/clock.c
View file

@ -2,6 +2,7 @@
* Copyright (c) 2021 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#include <stdint.h>

1
fuzz/dummy.h
View file

@ -2,6 +2,7 @@
* Copyright (c) 2020-2022 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#ifndef _DUMMY_H

18
fuzz/export.gnu
View file

@ -11,6 +11,12 @@
es256_pk_from_ptr;
es256_pk_new;
es256_pk_to_EVP_PKEY;
es384_pk_free;
es384_pk_from_EC_KEY;
es384_pk_from_EVP_PKEY;
es384_pk_from_ptr;
es384_pk_new;
es384_pk_to_EVP_PKEY;
fido_assert_allow_cred;
fido_assert_authdata_len;
fido_assert_authdata_ptr;
@ -82,23 +88,32 @@
fido_cbor_info_algorithm_cose;
fido_cbor_info_algorithm_count;
fido_cbor_info_algorithm_type;
fido_cbor_info_certs_len;
fido_cbor_info_certs_name_ptr;
fido_cbor_info_certs_value_ptr;
fido_cbor_info_extensions_len;
fido_cbor_info_extensions_ptr;
fido_cbor_info_free;
fido_cbor_info_fwversion;
fido_cbor_info_maxcredbloblen;
fido_cbor_info_maxcredcntlst;
fido_cbor_info_maxcredidlen;
fido_cbor_info_maxlargeblob;
fido_cbor_info_maxmsgsiz;
fido_cbor_info_fwversion;
fido_cbor_info_maxrpid_minpinlen;
fido_cbor_info_minpinlen;
fido_cbor_info_new;
fido_cbor_info_new_pin_required;
fido_cbor_info_options_len;
fido_cbor_info_options_name_ptr;
fido_cbor_info_options_value_ptr;
fido_cbor_info_protocols_len;
fido_cbor_info_protocols_ptr;
fido_cbor_info_rk_remaining;
fido_cbor_info_transports_len;
fido_cbor_info_transports_ptr;
fido_cbor_info_uv_attempts;
fido_cbor_info_uv_modality;
fido_cbor_info_versions_len;
fido_cbor_info_versions_ptr;
fido_cred_attstmt_len;
@ -257,6 +272,7 @@
prng_init;
prng_up;
fuzz_clock_reset;
fuzz_save_corpus;
set_netlink_io_functions;
set_pcsc_parameters;
set_pcsc_io_functions;

236
fuzz/functions.txt
View file

@ -5,20 +5,20 @@ aes256_cbc_enc 4 0 100.00% 4 0 100.00%
aes256_cbc_dec 4 0 100.00% 4 0 100.00%
aes256_gcm_enc 1 0 100.00% 3 0 100.00%
aes256_gcm_dec 1 0 100.00% 3 0 100.00%
aes256.c:aes256_cbc_fips 26 2 92.31% 42 7 83.33%
aes256.c:aes256_cbc_fips 26 1 96.15% 42 4 90.48%
aes256.c:aes256_cbc 29 1 96.55% 36 3 91.67%
aes256.c:aes256_cbc_proto1 1 0 100.00% 5 0 100.00%
aes256.c:aes256_gcm 52 1 98.08% 60 4 93.33%
--------------------------------------------------------------------------------------------------------
TOTAL 118 4 96.61% 157 14 91.08%
TOTAL 118 3 97.46% 157 11 92.99%
File '/libfido2/src/assert.c':
Name Regions Miss Cover Lines Miss Cover
-----------------------------------------------------------------------------------------------------------------
fido_dev_get_assert 40 0 100.00% 35 0 100.00%
fido_check_flags 13 0 100.00% 15 0 100.00%
fido_get_signed_hash 36 0 100.00% 46 0 100.00%
fido_assert_verify 48 4 91.67% 67 7 89.55%
fido_get_signed_hash 20 1 95.00% 34 3 91.18%
fido_assert_verify 50 4 92.00% 70 7 90.00%
fido_assert_set_clientdata 12 12 0.00% 11 11 0.00%
fido_assert_set_clientdata_hash 8 0 100.00% 6 0 100.00%
fido_assert_set_hmac_salt 10 0 100.00% 6 0 100.00%
@ -62,17 +62,20 @@ fido_assert_set_sig 14 0 100.00% 7 0
fido_assert_set_count 10 0 100.00% 17 0 100.00%
assert.c:fido_dev_get_assert_wait 21 0 100.00% 14 0 100.00%
assert.c:fido_dev_get_assert_tx 56 2 96.43% 62 5 91.94%
assert.c:fido_dev_get_assert_rx 19 0 100.00% 27 0 100.00%
assert.c:fido_dev_get_assert_rx 27 0 100.00% 36 0 100.00%
assert.c:adjust_assert_count 24 0 100.00% 26 0 100.00%
assert.c:parse_assert_reply 12 0 100.00% 24 0 100.00%
assert.c:fido_get_next_assert_tx 8 0 100.00% 8 0 100.00%
assert.c:fido_get_next_assert_rx 15 2 86.67% 21 4 80.95%
assert.c:fido_get_next_assert_rx 23 2 91.30% 29 5 82.76%
assert.c:decrypt_hmac_secrets 9 0 100.00% 15 0 100.00%
assert.c:get_es256_hash 16 0 100.00% 17 0 100.00%
assert.c:get_es384_hash 16 0 100.00% 17 0 100.00%
assert.c:get_eddsa_hash 6 0 100.00% 9 0 100.00%
assert.c:check_extensions 5 0 100.00% 9 0 100.00%
assert.c:fido_assert_reset_extattr 1 0 100.00% 5 0 100.00%
assert.c:fido_assert_clean_authdata 1 0 100.00% 5 0 100.00%
-----------------------------------------------------------------------------------------------------------------
TOTAL 565 42 92.57% 694 42 93.95%
TOTAL 605 43 92.89% 745 46 93.83%
File '/libfido2/src/authkey.c':
Name Regions Miss Cover Lines Miss Cover
@ -80,10 +83,10 @@ Name Regions Miss Cover Lines Miss
fido_dev_authkey 1 0 100.00% 3 0 100.00%
authkey.c:fido_dev_authkey_wait 10 0 100.00% 7 0 100.00%
authkey.c:fido_dev_authkey_tx 19 0 100.00% 25 0 100.00%
authkey.c:fido_dev_authkey_rx 6 0 100.00% 14 0 100.00%
authkey.c:fido_dev_authkey_rx 14 0 100.00% 21 0 100.00%
authkey.c:parse_authkey 8 0 100.00% 10 0 100.00%
-----------------------------------------------------------------------------------------------------------------
TOTAL 44 0 100.00% 59 0 100.00%
TOTAL 52 0 100.00% 66 0 100.00%
File '/libfido2/src/bio.c':
Name Regions Miss Cover Lines Miss Cover
@ -117,28 +120,28 @@ fido_bio_enroll_last_status 1 0 100.00% 3 0
bio.c:bio_get_template_array_wait 11 0 100.00% 7 0 100.00%
bio.c:bio_tx 43 0 100.00% 55 0 100.00%
bio.c:bio_prepare_hmac 18 0 100.00% 29 0 100.00%
bio.c:bio_rx_template_array 11 0 100.00% 17 0 100.00%
bio.c:bio_rx_template_array 19 0 100.00% 24 0 100.00%
bio.c:bio_parse_template_array 26 1 96.15% 27 4 85.19%
bio.c:decode_template_array 12 1 91.67% 18 3 83.33%
bio.c:decode_template 9 0 100.00% 15 0 100.00%
bio.c:bio_set_template_name_wait 19 0 100.00% 20 0 100.00%
bio.c:bio_enroll_begin_wait 17 0 100.00% 19 0 100.00%
bio.c:bio_rx_enroll_begin 15 0 100.00% 24 0 100.00%
bio.c:bio_rx_enroll_begin 23 0 100.00% 31 0 100.00%
bio.c:bio_parse_enroll_status 20 0 100.00% 28 0 100.00%
bio.c:bio_parse_template_id 8 0 100.00% 10 0 100.00%
bio.c:bio_enroll_continue_wait 19 0 100.00% 20 0 100.00%
bio.c:bio_rx_enroll_continue 11 0 100.00% 18 0 100.00%
bio.c:bio_rx_enroll_continue 19 0 100.00% 25 0 100.00%
bio.c:bio_enroll_cancel_wait 11 11 0.00% 10 10 0.00%
bio.c:bio_enroll_remove_wait 17 0 100.00% 19 0 100.00%
bio.c:bio_get_info_wait 11 0 100.00% 10 0 100.00%
bio.c:bio_rx_info 11 0 100.00% 17 0 100.00%
bio.c:bio_rx_info 19 0 100.00% 24 0 100.00%
bio.c:bio_reset_info 1 0 100.00% 4 0 100.00%
bio.c:bio_parse_info 20 0 100.00% 28 0 100.00%
bio.c:bio_reset_template_array 4 0 100.00% 7 0 100.00%
bio.c:bio_reset_template 1 0 100.00% 5 0 100.00%
bio.c:bio_reset_enroll 3 0 100.00% 6 0 100.00%
-----------------------------------------------------------------------------------------------------------------
TOTAL 419 20 95.23% 559 24 95.71%
TOTAL 451 20 95.57% 587 24 95.91%
File '/libfido2/src/blob.c':
Name Regions Miss Cover Lines Miss Cover
@ -192,7 +195,7 @@ cbor_encode_pin_opt 4 0 100.00% 8 0
cbor_encode_change_pin_auth 32 1 96.88% 36 3 91.67%
cbor_encode_assert_ext 33 0 100.00% 32 0 100.00%
cbor_decode_fmt 13 0 100.00% 15 0 100.00%
cbor_decode_pubkey 21 1 95.24% 30 2 93.33%
cbor_decode_pubkey 26 1 96.15% 36 2 94.44%
cbor_decode_cred_authdata 31 1 96.77% 35 3 91.43%
cbor_decode_assert_authdata 21 0 100.00% 32 0 100.00%
cbor_decode_attstmt 13 0 100.00% 16 0 100.00%
@ -200,38 +203,39 @@ cbor_decode_uint64 4 0 100.00% 8 0
cbor_decode_cred_id 8 0 100.00% 9 0 100.00%
cbor_decode_user 8 0 100.00% 9 0 100.00%
cbor_decode_rp_entity 8 0 100.00% 9 0 100.00%
cbor_decode_bool 10 0 100.00% 11 0 100.00%
cbor_build_uint 10 1 90.00% 9 1 88.89%
cbor_array_append 17 0 100.00% 21 0 100.00%
cbor_array_drop 18 2 88.89% 17 3 82.35%
cbor_array_drop 18 0 100.00% 17 0 100.00%
cbor.c:ctap_check_cbor 28 0 100.00% 26 0 100.00%
cbor.c:check_key_type 8 0 100.00% 7 0 100.00%
cbor.c:cbor_add_arg 13 0 100.00% 21 0 100.00%
cbor.c:cbor_add_uint8 14 0 100.00% 21 0 100.00%
cbor.c:cbor_encode_largeblob_key_ext 6 0 100.00% 6 0 100.00%
cbor.c:cbor_encode_hmac_secret_param 59 4 93.22% 66 8 87.88%
cbor.c:get_cose_alg 36 0 100.00% 38 0 100.00%
cbor.c:get_cose_alg 46 1 97.83% 45 3 93.33%
cbor.c:find_cose_alg 35 0 100.00% 33 0 100.00%
cbor.c:decode_attcred 25 0 100.00% 44 0 100.00%
cbor.c:decode_cred_extensions 14 0 100.00% 24 0 100.00%
cbor.c:decode_cred_extension 49 10 79.59% 49 17 65.31%
cbor.c:decode_cred_extension 41 1 97.56% 45 3 93.33%
cbor.c:decode_assert_extensions 14 0 100.00% 23 0 100.00%
cbor.c:decode_assert_extension 19 0 100.00% 27 0 100.00%
cbor.c:decode_attstmt_entry 52 0 100.00% 50 0 100.00%
cbor.c:decode_attstmt_entry 56 0 100.00% 51 0 100.00%
cbor.c:decode_x5c 4 0 100.00% 6 0 100.00%
cbor.c:decode_cred_id_entry 10 0 100.00% 19 0 100.00%
cbor.c:decode_user_entry 25 0 100.00% 35 0 100.00%
cbor.c:decode_rp_entity_entry 15 0 100.00% 25 0 100.00%
------------------------------------------------------------------------------------------------------------------
TOTAL 1049 23 97.81% 1237 45 96.36%
TOTAL 1070 13 98.79% 1258 31 97.54%
File '/libfido2/src/compress.c':
Name Regions Miss Cover Lines Miss Cover
------------------------------------------------------------------------------------------------------------------
fido_compress 1 0 100.00% 3 0 100.00%
fido_uncompress 6 0 100.00% 5 0 100.00%
compress.c:rfc1951_deflate 33 2 93.94% 47 3 93.62%
compress.c:rfc1951_deflate 33 4 87.88% 47 6 87.23%
compress.c:rfc1950_inflate 27 2 92.59% 22 4 81.82%
compress.c:rfc1951_inflate 38 10 73.68% 45 17 62.22%
compress.c:rfc1951_inflate 38 8 78.95% 45 14 68.89%
------------------------------------------------------------------------------------------------------------------
TOTAL 105 14 86.67% 122 24 80.33%
@ -244,21 +248,21 @@ fido_dev_set_pin_minlen 1 0 100.00% 4
fido_dev_force_pin_change 1 0 100.00% 4 0 100.00%
fido_dev_set_pin_minlen_rpid 6 0 100.00% 15 0 100.00%
config.c:config_enable_entattest_wait 6 0 100.00% 7 0 100.00%
config.c:config_tx 37 0 100.00% 48 0 100.00%
config.c:config_tx 41 0 100.00% 49 0 100.00%
config.c:config_prepare_hmac 8 0 100.00% 19 0 100.00%
config.c:config_toggle_always_uv_wait 6 0 100.00% 7 0 100.00%
config.c:config_pin_minlen 5 0 100.00% 7 0 100.00%
config.c:config_pin_minlen_tx 36 0 100.00% 32 0 100.00%
-------------------------------------------------------------------------------------------------------------------
TOTAL 108 0 100.00% 151 0 100.00%
TOTAL 112 0 100.00% 152 0 100.00%
File '/libfido2/src/cred.c':
Name Regions Miss Cover Lines Miss Cover
-------------------------------------------------------------------------------------------------------------------
fido_dev_make_cred 12 0 100.00% 10 0 100.00%
fido_check_rp_id 4 0 100.00% 11 0 100.00%
fido_cred_verify 56 2 96.43% 72 4 94.44%
fido_cred_verify_self 58 4 93.10% 83 7 91.57%
fido_cred_verify 59 2 96.61% 75 4 94.67%
fido_cred_verify_self 60 6 90.00% 87 11 87.36%
fido_cred_new 1 0 100.00% 3 0 100.00%
fido_cred_reset_tx 1 0 100.00% 19 0 100.00%
fido_cred_reset_rx 1 0 100.00% 7 0 100.00%
@ -280,9 +284,9 @@ fido_cred_set_rk 2 0 100.00% 4
fido_cred_set_uv 2 0 100.00% 4 0 100.00%
fido_cred_set_prot 21 0 100.00% 14 0 100.00%
fido_cred_set_pin_minlen 7 0 100.00% 8 0 100.00%
fido_cred_set_blob 13 2 84.62% 8 1 87.50%
fido_cred_set_blob 13 0 100.00% 8 0 100.00%
fido_cred_set_fmt 20 4 80.00% 12 2 83.33%
fido_cred_set_type 17 0 100.00% 7 0 100.00%
fido_cred_set_type 23 2 91.30% 9 1 88.89%
fido_cred_type 1 0 100.00% 3 0 100.00%
fido_cred_flags 1 0 100.00% 3 0 100.00%
fido_cred_sigcount 1 0 100.00% 3 0 100.00%
@ -298,8 +302,8 @@ fido_cred_authdata_raw_ptr 1 0 100.00% 3
fido_cred_authdata_raw_len 1 0 100.00% 3 0 100.00%
fido_cred_attstmt_ptr 1 0 100.00% 3 0 100.00%
fido_cred_attstmt_len 1 0 100.00% 3 0 100.00%
fido_cred_pubkey_ptr 9 0 100.00% 18 0 100.00%
fido_cred_pubkey_len 9 0 100.00% 18 0 100.00%
fido_cred_pubkey_ptr 11 0 100.00% 21 0 100.00%
fido_cred_pubkey_len 11 0 100.00% 21 0 100.00%
fido_cred_id_ptr 1 0 100.00% 3 0 100.00%
fido_cred_id_len 1 0 100.00% 3 0 100.00%
fido_cred_aaguid_ptr 1 0 100.00% 3 0 100.00%
@ -320,12 +324,12 @@ cred.c:fido_dev_make_cred_tx 64 0 100.00% 70
cred.c:fido_dev_make_cred_rx 29 0 100.00% 32 0 100.00%
cred.c:parse_makecred_reply 14 0 100.00% 27 0 100.00%
cred.c:check_extensions 2 0 100.00% 6 0 100.00%
cred.c:get_signed_hash_u2f 27 0 100.00% 26 0 100.00%
cred.c:verify_attstmt 23 2 91.30% 40 6 85.00%
cred.c:get_signed_hash_u2f 27 0 100.00% 27 0 100.00%
cred.c:verify_attstmt 25 2 92.00% 43 6 86.05%
cred.c:fido_cred_clean_authdata 1 0 100.00% 8 0 100.00%
cred.c:fido_cred_clean_attstmt 1 0 100.00% 8 0 100.00%
-------------------------------------------------------------------------------------------------------------------
TOTAL 634 36 94.32% 830 39 95.30%
TOTAL 651 38 94.16% 849 43 94.94%
File '/libfido2/src/credman.c':
Name Regions Miss Cover Lines Miss Cover
@ -353,32 +357,32 @@ fido_credman_rp_id_hash_ptr 4 0 100.00% 5
credman.c:credman_get_metadata_wait 11 0 100.00% 8 0 100.00%
credman.c:credman_tx 36 0 100.00% 50 0 100.00%
credman.c:credman_prepare_hmac 31 1 96.77% 50 2 96.00%
credman.c:credman_rx_metadata 11 0 100.00% 17 0 100.00%
credman.c:credman_rx_metadata 19 0 100.00% 24 0 100.00%
credman.c:credman_parse_metadata 9 0 100.00% 17 0 100.00%
credman.c:credman_get_rk_wait 27 0 100.00% 23 0 100.00%
credman.c:credman_rx_rk 19 0 100.00% 27 0 100.00%
credman.c:credman_rx_rk 27 0 100.00% 35 0 100.00%
credman.c:credman_parse_rk_count 16 0 100.00% 20 0 100.00%
credman.c:credman_grow_array 17 2 88.24% 21 5 76.19%
credman.c:credman_parse_rk 23 0 100.00% 31 0 100.00%
credman.c:credman_rx_next_rk 15 2 86.67% 21 4 80.95%
credman.c:credman_rx_next_rk 23 2 91.30% 29 5 82.76%
credman.c:credman_del_rk_wait 16 0 100.00% 15 0 100.00%
credman.c:credman_get_rp_wait 23 0 100.00% 15 0 100.00%
credman.c:credman_rx_rp 19 0 100.00% 27 0 100.00%
credman.c:credman_rx_rp 27 0 100.00% 35 0 100.00%
credman.c:credman_parse_rp_count 16 0 100.00% 20 0 100.00%
credman.c:credman_parse_rp 9 0 100.00% 17 0 100.00%
credman.c:credman_rx_next_rp 15 2 86.67% 21 4 80.95%
credman.c:credman_rx_next_rp 23 2 91.30% 29 5 82.76%
credman.c:credman_set_dev_rk_wait 11 0 100.00% 8 0 100.00%
credman.c:credman_reset_rk 4 0 100.00% 9 0 100.00%
credman.c:credman_reset_rp 4 0 100.00% 12 0 100.00%
-------------------------------------------------------------------------------------------------------------------
TOTAL 382 10 97.38% 518 18 96.53%
TOTAL 422 10 97.63% 557 20 96.41%
File '/libfido2/src/dev.c':
Name Regions Miss Cover Lines Miss Cover
-------------------------------------------------------------------------------------------------------------------
fido_dev_info_manifest 2 0 100.00% 11 0 100.00%
fido_dev_open_with_info 5 5 0.00% 6 6 0.00%
fido_dev_open 13 6 53.85% 16 6 62.50%
fido_dev_open 13 4 69.23% 16 6 62.50%
fido_dev_close 9 2 77.78% 8 1 87.50%
fido_dev_set_sigmask 18 18 0.00% 11 11 0.00%
fido_dev_cancel 11 0 100.00% 8 0 100.00%
@ -410,7 +414,7 @@ fido_dev_maxmsgsize 1 0 100.00% 3
fido_dev_set_timeout 6 2 66.67% 6 1 83.33%
dev.c:run_manifest 10 0 100.00% 13 0 100.00%
dev.c:fido_dev_open_wait 10 0 100.00% 7 0 100.00%
dev.c:fido_dev_open_tx 56 15 73.21% 56 26 53.57%
dev.c:fido_dev_open_tx 56 11 80.36% 56 20 64.29%
dev.c:set_random_report_len 11 0 100.00% 6 0 100.00%
dev.c:fido_dev_open_rx 36 1 97.22% 53 1 98.11%
dev.c:fido_dev_set_flags 1 0 100.00% 5 0 100.00%
@ -418,7 +422,7 @@ dev.c:fido_dev_set_extension_flags 7 0 100.00% 7
dev.c:fido_dev_set_option_flags 31 0 100.00% 20 0 100.00%
dev.c:fido_dev_set_protocol_flags 11 0 100.00% 17 0 100.00%
-------------------------------------------------------------------------------------------------------------------
TOTAL 332 71 78.61% 378 86 77.25%
TOTAL 332 65 80.42% 378 80 78.84%
File '/libfido2/src/ecdh.c':
Name Regions Miss Cover Lines Miss Cover
@ -478,10 +482,31 @@ es256.c:decode_coord 8 0 100.00% 10
-------------------------------------------------------------------------------------------------------------------
TOTAL 315 7 97.78% 372 12 96.77%
File '/libfido2/src/es384.c':
Name Regions Miss Cover Lines Miss Cover
-------------------------------------------------------------------------------------------------------------------
es384_pk_decode 8 0 100.00% 9 0 100.00%
es384_pk_new 1 0 100.00% 3 0 100.00%
es384_pk_free 6 0 100.00% 7 0 100.00%
es384_pk_from_ptr 15 0 100.00% 17 0 100.00%
es384_pk_to_EVP_PKEY 42 0 100.00% 53 0 100.00%
es384_pk_from_EC_KEY 42 2 95.24% 47 4 91.49%
es384_pk_from_EVP_PKEY 8 2 75.00% 7 1 85.71%
es384_verify_sig 12 2 83.33% 19 5 73.68%
es384_pk_verify_sig 7 1 85.71% 13 2 84.62%
es384.c:decode_pubkey_point 9 0 100.00% 13 0 100.00%
es384.c:decode_coord 8 1 87.50% 10 3 70.00%
-------------------------------------------------------------------------------------------------------------------
TOTAL 158 8 94.94% 198 15 92.42%
File '/libfido2/src/extern.h':
Name Regions Miss Cover Lines Miss Cover
-------------------------------------------------------------------------------------------------------------------
File '/libfido2/src/fallthrough.h':
Name Regions Miss Cover Lines Miss Cover
-------------------------------------------------------------------------------------------------------------------
File '/libfido2/src/fido.h':
Name Regions Miss Cover Lines Miss Cover
-------------------------------------------------------------------------------------------------------------------
@ -510,7 +535,7 @@ File '/libfido2/src/hid_linux.c':
Name Regions Miss Cover Lines Miss Cover
-------------------------------------------------------------------------------------------------------------------
fido_hid_manifest 35 4 88.57% 41 2 95.12%
fido_hid_open 27 27 0.00% 40 40 0.00%
fido_hid_open 33 33 0.00% 51 51 0.00%
fido_hid_close 3 3 0.00% 6 6 0.00%
fido_hid_set_sigmask 2 2 0.00% 6 6 0.00%
fido_hid_read 15 15 0.00% 21 21 0.00%
@ -518,13 +543,13 @@ fido_hid_write 12 12 0.00% 17 1
fido_hid_report_in_len 1 1 0.00% 4 4 0.00%
fido_hid_report_out_len 1 1 0.00% 4 4 0.00%
hid_linux.c:copy_info 34 0 100.00% 44 0 100.00%
hid_linux.c:is_fido 10 2 80.00% 14 2 85.71%
hid_linux.c:is_fido 15 1 93.33% 16 1 93.75%
hid_linux.c:get_parent_attr 6 0 100.00% 9 0 100.00%
hid_linux.c:parse_uevent 12 0 100.00% 24 0 100.00%
hid_linux.c:get_usb_attr 1 0 100.00% 3 0 100.00%
hid_linux.c:get_report_descriptor 14 1 92.86% 17 3 82.35%
-------------------------------------------------------------------------------------------------------------------
TOTAL 173 68 60.69% 250 105 58.00%
TOTAL 184 73 60.33% 263 115 56.27%
File '/libfido2/src/hid_unix.c':
Name Regions Miss Cover Lines Miss Cover
@ -539,8 +564,8 @@ Name Regions Miss Cover Lines Mis
-------------------------------------------------------------------------------------------------------------------
fido_dev_get_cbor_info_wait 10 0 100.00% 7 0 100.00%
fido_dev_get_cbor_info 1 0 100.00% 4 0 100.00%
fido_cbor_info_new 1 0 100.00% 3 0 100.00%
fido_cbor_info_reset 1 0 100.00% 8 0 100.00%
fido_cbor_info_new 4 0 100.00% 7 0 100.00%
fido_cbor_info_reset 1 0 100.00% 10 0 100.00%
fido_cbor_info_free 6 0 100.00% 8 0 100.00%
fido_cbor_info_versions_ptr 1 0 100.00% 3 0 100.00%
fido_cbor_info_versions_len 1 0 100.00% 3 0 100.00%
@ -559,33 +584,44 @@ fido_cbor_info_maxcredcntlst 1 0 100.00% 3
fido_cbor_info_maxcredidlen 1 0 100.00% 3 0 100.00%
fido_cbor_info_maxlargeblob 1 0 100.00% 3 0 100.00%
fido_cbor_info_fwversion 1 0 100.00% 3 0 100.00%
fido_cbor_info_minpinlen 1 0 100.00% 3 0 100.00%
fido_cbor_info_maxrpid_minpinlen 1 0 100.00% 3 0 100.00%
fido_cbor_info_uv_attempts 1 0 100.00% 3 0 100.00%
fido_cbor_info_uv_modality 1 0 100.00% 3 0 100.00%
fido_cbor_info_rk_remaining 1 0 100.00% 3 0 100.00%
fido_cbor_info_protocols_ptr 1 0 100.00% 3 0 100.00%
fido_cbor_info_protocols_len 1 0 100.00% 3 0 100.00%
fido_cbor_info_algorithm_count 1 0 100.00% 3 0 100.00%
fido_cbor_info_algorithm_type 4 0 100.00% 5 0 100.00%
fido_cbor_info_algorithm_cose 4 0 100.00% 5 0 100.00%
fido_cbor_info_new_pin_required 1 0 100.00% 3 0 100.00%
fido_cbor_info_certs_name_ptr 1 0 100.00% 3 0 100.00%
fido_cbor_info_certs_value_ptr 1 0 100.00% 3 0 100.00%
fido_cbor_info_certs_len 1 0 100.00% 3 0 100.00%
info.c:fido_dev_get_cbor_info_tx 8 0 100.00% 9 0 100.00%
info.c:fido_dev_get_cbor_info_rx 6 0 100.00% 14 0 100.00%
info.c:parse_reply_element 20 0 100.00% 39 0 100.00%
info.c:fido_dev_get_cbor_info_rx 14 0 100.00% 21 0 100.00%
info.c:parse_reply_element 32 0 100.00% 59 0 100.00%
info.c:decode_string_array 12 0 100.00% 17 0 100.00%
info.c:decode_string 4 0 100.00% 10 0 100.00%
info.c:decode_aaguid 8 0 100.00% 10 0 100.00%
info.c:decode_options 11 0 100.00% 15 0 100.00%
info.c:decode_option 11 0 100.00% 17 0 100.00%
info.c:decode_option 7 0 100.00% 15 0 100.00%
info.c:decode_protocols 12 0 100.00% 17 0 100.00%
info.c:decode_protocol 6 0 100.00% 12 0 100.00%
info.c:decode_algorithms 12 0 100.00% 17 0 100.00%
info.c:decode_algorithm 9 0 100.00% 17 0 100.00%
info.c:decode_algorithm_entry 20 0 100.00% 27 0 100.00%
info.c:decode_certs 11 0 100.00% 15 0 100.00%
info.c:decode_cert 7 0 100.00% 15 0 100.00%
-------------------------------------------------------------------------------------------------------------------
TOTAL 186 0 100.00% 321 0 100.00%
TOTAL 232 0 100.00% 409 0 100.00%
File '/libfido2/src/io.c':
Name Regions Miss Cover Lines Miss Cover
-------------------------------------------------------------------------------------------------------------------
fido_tx 14 0 100.00% 11 0 100.00%
fido_rx 13 1 92.31% 14 3 78.57%
fido_rx_cbor_status 8 0 100.00% 10 0 100.00%
fido_rx_cbor_status 16 0 100.00% 19 0 100.00%
io.c:transport_tx 7 0 100.00% 10 0 100.00%
io.c:tx_empty 9 0 100.00% 14 0 100.00%
io.c:tx_pkt 7 0 100.00% 10 0 100.00%
@ -597,7 +633,7 @@ io.c:rx 40 2 95.00% 52
io.c:rx_preamble 23 2 91.30% 22 5 77.27%
io.c:rx_frame 11 0 100.00% 11 0 100.00%
-------------------------------------------------------------------------------------------------------------------
TOTAL 185 7 96.22% 221 12 94.57%
TOTAL 193 7 96.37% 230 12 94.78%
File '/libfido2/src/iso7816.c':
Name Regions Miss Cover Lines Miss Cover
@ -621,7 +657,7 @@ fido_dev_largeblob_set_array 14 0 100.00% 19
largeblob.c:largeblob_get_array 32 0 100.00% 36 0 100.00%
largeblob.c:get_chunklen 10 1 90.00% 9 1 88.89%
largeblob.c:largeblob_get_tx 19 0 100.00% 24 0 100.00%
largeblob.c:largeblob_get_rx 15 0 100.00% 21 0 100.00%
largeblob.c:largeblob_get_rx 26 0 100.00% 30 0 100.00%
largeblob.c:parse_largeblob_reply 8 0 100.00% 9 0 100.00%
largeblob.c:largeblob_array_check 7 0 100.00% 16 0 100.00%
largeblob.c:largeblob_array_digest 10 0 100.00% 9 0 100.00%
@ -635,7 +671,7 @@ largeblob.c:largeblob_reset 1 0 100.00% 5
largeblob.c:largeblob_encode 16 0 100.00% 21 0 100.00%
largeblob.c:largeblob_new 1 0 100.00% 3 0 100.00%
largeblob.c:largeblob_seal 20 0 100.00% 32 0 100.00%
largeblob.c:largeblob_get_nonce 8 1 87.50% 16 3 81.25%
largeblob.c:largeblob_get_nonce 8 0 100.00% 16 0 100.00%
largeblob.c:largeblob_free 6 0 100.00% 8 0 100.00%
largeblob.c:largeblob_add 27 2 92.59% 35 3 91.43%
largeblob.c:largeblob_drop 21 0 100.00% 27 0 100.00%
@ -644,7 +680,7 @@ largeblob.c:largeblob_get_uv_token 19 0 100.00% 23
largeblob.c:largeblob_set_tx 35 0 100.00% 36 0 100.00%
largeblob.c:prepare_hmac 13 2 84.62% 23 7 69.57%
-------------------------------------------------------------------------------------------------------------------
TOTAL 514 19 96.30% 684 46 93.27%
TOTAL 525 18 96.57% 693 43 93.80%
File '/libfido2/src/log.c':
Name Regions Miss Cover Lines Miss Cover
@ -662,8 +698,8 @@ TOTAL 39 5 87.18% 63
File '/libfido2/src/netlink.c':
Name Regions Miss Cover Lines Miss Cover
-------------------------------------------------------------------------------------------------------------------
fido_nl_power_nfc 18 1 94.44% 24 3 87.50%
fido_nl_get_nfc_target 17 1 94.12% 31 3 90.32%
fido_nl_power_nfc 18 0 100.00% 24 0 100.00%
fido_nl_get_nfc_target 17 0 100.00% 31 0 100.00%
fido_nl_free 10 2 80.00% 9 2 77.78%
fido_nl_new 16 1 93.75% 26 3 88.46%
set_netlink_io_functions 1 0 100.00% 4 0 100.00%
@ -675,7 +711,7 @@ netlink.c:nlmsg_setattr 15 1 93.33% 17
netlink.c:nlmsg_tx 10 1 90.00% 13 3 76.92%
netlink.c:nlmsg_ptr 1 0 100.00% 3 0 100.00%
netlink.c:nlmsg_len 1 0 100.00% 3 0 100.00%
netlink.c:nlmsg_rx 11 3 72.73% 17 9 47.06%
netlink.c:nlmsg_rx 11 2 81.82% 17 6 64.71%
netlink.c:nl_parse_reply 20 0 100.00% 28 0 100.00%
netlink.c:nlmsg_from_buf 15 0 100.00% 17 0 100.00%
netlink.c:nlmsg_type 1 0 100.00% 3 0 100.00%
@ -685,14 +721,14 @@ netlink.c:nlmsg_get_genl 6 0 100.00% 7
netlink.c:nlmsg_iter 6 0 100.00% 13 0 100.00%
netlink.c:nlmsg_getattr 1 0 100.00% 3 0 100.00%
netlink.c:nla_from_buf 17 0 100.00% 21 0 100.00%
netlink.c:nl_nfc_poll 18 1 94.44% 25 3 88.00%
netlink.c:nl_nfc_poll 18 0 100.00% 25 0 100.00%
netlink.c:parse_nfc_event 10 0 100.00% 17 0 100.00%
netlink.c:nla_type 1 0 100.00% 3 0 100.00%
netlink.c:nla_get_u32 1 0 100.00% 3 0 100.00%
netlink.c:nla_read 6 0 100.00% 7 0 100.00%
netlink.c:nl_dump_nfc_target 19 1 94.74% 31 3 90.32%
netlink.c:nl_dump_nfc_target 19 0 100.00% 31 0 100.00%
netlink.c:parse_target 9 0 100.00% 13 0 100.00%
netlink.c:nl_get_nfc_family 23 1 95.65% 33 3 90.91%
netlink.c:nl_get_nfc_family 23 0 100.00% 33 0 100.00%
netlink.c:nlmsg_set_u16 1 0 100.00% 3 0 100.00%
netlink.c:nlmsg_set_str 1 0 100.00% 3 0 100.00%
netlink.c:parse_family 10 0 100.00% 17 0 100.00%
@ -703,15 +739,16 @@ netlink.c:parse_mcastgrps 1 0 100.00% 3
netlink.c:parse_mcastgrp 15 0 100.00% 24 0 100.00%
netlink.c:nla_get_str 10 0 100.00% 11 0 100.00%
-------------------------------------------------------------------------------------------------------------------
TOTAL 329 14 95.74% 498 33 93.37%
TOTAL 329 8 97.57% 498 15 96.99%
File '/libfido2/src/nfc.c':
Name Regions Miss Cover Lines Miss Cover
-------------------------------------------------------------------------------------------------------------------
fido_nfc_tx 28 0 100.00% 43 0 100.00%
fido_nfc_rx 8 0 100.00% 13 0 100.00%
nfc_is_fido 13 1 92.31% 21 3 85.71%
fido_is_nfc 3 0 100.00% 3 0 100.00%
fido_dev_set_nfc 4 4 0.00% 18 18 0.00%
fido_dev_set_nfc 4 1 75.00% 18 3 83.33%
nfc.c:nfc_do_tx 20 0 100.00% 25 0 100.00%
nfc.c:tx_short_apdu 14 0 100.00% 32 0 100.00%
nfc.c:rx_init 25 0 100.00% 27 0 100.00%
@ -720,7 +757,7 @@ nfc.c:rx_msg 18 2 88.89% 23
nfc.c:rx_apdu 14 1 92.86% 22 3 86.36%
nfc.c:tx_get_response 4 0 100.00% 11 0 100.00%
-------------------------------------------------------------------------------------------------------------------
TOTAL 142 7 95.07% 223 27 87.89%
TOTAL 155 5 96.77% 244 15 93.85%
File '/libfido2/src/nfc_linux.c':
Name Regions Miss Cover Lines Miss Cover
@ -731,15 +768,15 @@ fido_nfc_close 1 1 0.00% 4
fido_nfc_set_sigmask 2 2 0.00% 6 6 0.00%
fido_nfc_read 14 14 0.00% 30 30 0.00%
fido_nfc_write 12 12 0.00% 18 18 0.00%
nfc_linux.c:copy_info 41 8 80.49% 47 5 89.36%
nfc_linux.c:get_usb_attr 1 0 100.00% 3 0 100.00%
nfc_linux.c:get_parent_attr 6 0 100.00% 9 0 100.00%
nfc_linux.c:copy_info 39 22 43.59% 44 16 63.64%
nfc_linux.c:get_usb_attr 1 1 0.00% 3 3 0.00%
nfc_linux.c:get_parent_attr 6 6 0.00% 9 9 0.00%
nfc_linux.c:sysnum_from_syspath 15 0 100.00% 17 0 100.00%
nfc_linux.c:nfc_new 6 0 100.00% 11 0 100.00%
nfc_linux.c:nfc_target_connect 9 9 0.00% 21 21 0.00%
nfc_linux.c:nfc_free 12 0 100.00% 11 0 100.00%
-------------------------------------------------------------------------------------------------------------------
TOTAL 174 56 67.82% 245 103 57.96%
TOTAL 172 77 55.23% 242 126 47.93%
File '/libfido2/src/pcsc.c':
Name Regions Miss Cover Lines Miss Cover
@ -754,11 +791,11 @@ fido_pcsc_rx 1 0 100.00% 3
fido_is_pcsc 3 0 100.00% 3 0 100.00%
fido_dev_set_pcsc 4 1 75.00% 18 3 83.33%
pcsc.c:list_readers 24 0 100.00% 24 0 100.00%
pcsc.c:copy_info 27 0 100.00% 37 0 100.00%
pcsc.c:copy_info 30 0 100.00% 41 0 100.00%
pcsc.c:get_reader 25 0 100.00% 28 0 100.00%
pcsc.c:prepare_io_request 11 0 100.00% 17 0 100.00%
-------------------------------------------------------------------------------------------------------------------
TOTAL 201 1 99.50% 278 3 98.92%
TOTAL 204 1 99.51% 282 3 98.94%
File '/libfido2/src/pin.c':
Name Regions Miss Cover Lines Miss Cover
@ -774,30 +811,30 @@ pin.c:ctap21_uv_token_tx 49 0 100.00% 53
pin.c:pin_sha256_enc 19 0 100.00% 24 0 100.00%
pin.c:encode_uv_permission 20 1 95.00% 19 3 84.21%
pin.c:ctap20_uv_token_tx 37 0 100.00% 45 0 100.00%
pin.c:uv_token_rx 20 0 100.00% 30 0 100.00%
pin.c:uv_token_rx 27 0 100.00% 34 0 100.00%
pin.c:parse_uv_token 8 0 100.00% 10 0 100.00%
pin.c:fido_dev_set_pin_wait 21 0 100.00% 24 0 100.00%
pin.c:fido_dev_change_pin_tx 45 0 100.00% 56 0 100.00%
pin.c:pin_pad64_enc 15 0 100.00% 21 0 100.00%
pin.c:pad64 18 0 100.00% 19 0 100.00%
pin.c:pad64 18 0 100.00% 20 0 100.00%
pin.c:fido_dev_set_pin_tx 33 0 100.00% 41 0 100.00%
pin.c:fido_dev_get_pin_retry_count_wait 10 0 100.00% 7 0 100.00%
pin.c:fido_dev_get_retry_count_tx 19 0 100.00% 23 0 100.00%
pin.c:fido_dev_get_pin_retry_count_rx 11 0 100.00% 17 0 100.00%
pin.c:fido_dev_get_pin_retry_count_rx 19 0 100.00% 24 0 100.00%
pin.c:parse_pin_retry_count 1 0 100.00% 3 0 100.00%
pin.c:parse_retry_count 13 0 100.00% 16 0 100.00%
pin.c:fido_dev_get_uv_retry_count_wait 10 0 100.00% 7 0 100.00%
pin.c:fido_dev_get_uv_retry_count_rx 11 0 100.00% 17 0 100.00%
pin.c:fido_dev_get_uv_retry_count_rx 19 0 100.00% 24 0 100.00%
pin.c:parse_uv_retry_count 1 0 100.00% 3 0 100.00%
---------------------------------------------------------------------------------------------------------------------
TOTAL 403 3 99.26% 495 4 99.19%
TOTAL 426 3 99.30% 514 4 99.22%
File '/libfido2/src/random.c':
Name Regions Miss Cover Lines Miss Cover
---------------------------------------------------------------------------------------------------------------------
fido_get_random 6 1 83.33% 6 1 83.33%
fido_get_random 6 0 100.00% 6 0 100.00%
---------------------------------------------------------------------------------------------------------------------
TOTAL 6 1 83.33% 6 1 83.33%
TOTAL 6 0 100.00% 6 0 100.00%
File '/libfido2/src/reset.c':
Name Regions Miss Cover Lines Miss Cover
@ -812,10 +849,10 @@ File '/libfido2/src/rs1.c':
Name Regions Miss Cover Lines Miss Cover
---------------------------------------------------------------------------------------------------------------------
rs1_verify_sig 20 1 95.00% 30 3 90.00%
rs1.c:rs1_get_EVP_MD 4 1 75.00% 6 1 83.33%
rs1.c:rs1_get_EVP_MD 4 0 100.00% 6 0 100.00%
rs1.c:rs1_free_EVP_MD 1 0 100.00% 3 0 100.00%
---------------------------------------------------------------------------------------------------------------------
TOTAL 25 2 92.00% 39 4 89.74%
TOTAL 25 1 96.00% 39 3 92.31%
File '/libfido2/src/rs256.c':
Name Regions Miss Cover Lines Miss Cover
@ -823,10 +860,10 @@ Name Regions Miss Cover Lines M
rs256_pk_decode 8 0 100.00% 9 0 100.00%
rs256_pk_new 1 0 100.00% 3 0 100.00%
rs256_pk_free 6 0 100.00% 7 0 100.00%
rs256_pk_from_ptr 6 0 100.00% 6 0 100.00%
rs256_pk_to_EVP_PKEY 32 0 100.00% 39 0 100.00%
rs256_pk_from_RSA 32 4 87.50% 26 6 76.92%
rs256_pk_from_EVP_PKEY 7 2 71.43% 7 1 85.71%
rs256_pk_from_ptr 10 0 100.00% 12 0 100.00%
rs256_pk_to_EVP_PKEY 35 0 100.00% 43 0 100.00%
rs256_pk_from_RSA 32 6 81.25% 26 9 65.38%
rs256_pk_from_EVP_PKEY 8 2 75.00% 7 1 85.71%
rs256_verify_sig 20 1 95.00% 30 2 93.33%
rs256_pk_verify_sig 7 1 85.71% 13 2 84.62%
rs256.c:decode_rsa_pubkey 9 0 100.00% 13 0 100.00%
@ -834,7 +871,7 @@ rs256.c:decode_bignum 8 0 100.00% 10
rs256.c:rs256_get_EVP_MD 4 0 100.00% 6 0 100.00%
rs256.c:rs256_free_EVP_MD 1 0 100.00% 3 0 100.00%
---------------------------------------------------------------------------------------------------------------------
TOTAL 141 8 94.33% 172 11 93.60%
TOTAL 149 10 93.29% 182 14 92.31%
File '/libfido2/src/time.c':
Name Regions Miss Cover Lines Miss Cover
@ -856,39 +893,40 @@ TOTAL 67 0 100.00% 79
File '/libfido2/src/tpm.c':
Name Regions Miss Cover Lines Miss Cover
---------------------------------------------------------------------------------------------------------------------
fido_get_signed_hash_tpm 25 1 96.00% 39 3 92.31%
tpm.c:check_es256_pubarea 19 1 94.74% 30 3 90.00%
fido_get_signed_hash_tpm 25 0 100.00% 39 0 100.00%
tpm.c:check_es256_pubarea 19 0 100.00% 30 0 100.00%
tpm.c:bswap_es256_pubarea 1 0 100.00% 12 0 100.00%
tpm.c:check_rs256_pubarea 17 1 94.12% 28 3 89.29%
tpm.c:check_rs256_pubarea 17 0 100.00% 28 0 100.00%
tpm.c:bswap_rs256_pubarea 1 0 100.00% 10 0 100.00%
tpm.c:check_sha1_certinfo 15 0 100.00% 38 0 100.00%
tpm.c:get_signed_sha1 17 0 100.00% 19 0 100.00%
tpm.c:get_signed_name 7 0 100.00% 10 0 100.00%
tpm.c:bswap_sha1_certinfo 1 0 100.00% 8 0 100.00%
---------------------------------------------------------------------------------------------------------------------
TOTAL 103 3 97.09% 194 9 95.36%
TOTAL 103 0 100.00% 194 0 100.00%
File '/libfido2/src/types.c':
Name Regions Miss Cover Lines Miss Cover
---------------------------------------------------------------------------------------------------------------------
fido_str_array_free 4 0 100.00% 7 0 100.00%
fido_opt_array_free 4 0 100.00% 8 0 100.00%
fido_opt_array_free 4 0 100.00% 9 0 100.00%
fido_byte_array_free 1 0 100.00% 5 0 100.00%
fido_algo_free 1 0 100.00% 5 0 100.00%
fido_algo_array_free 4 0 100.00% 7 0 100.00%
fido_cert_array_free 4 0 100.00% 9 0 100.00%
fido_str_array_pack 11 0 100.00% 14 0 100.00%
---------------------------------------------------------------------------------------------------------------------
TOTAL 25 0 100.00% 46 0 100.00%
TOTAL 29 0 100.00% 56 0 100.00%
File '/libfido2/src/u2f.c':
Name Regions Miss Cover Lines Miss Cover
---------------------------------------------------------------------------------------------------------------------
u2f_register 69 0 100.00% 75 0 100.00%
u2f_authenticate 32 0 100.00% 36 0 100.00%
u2f_get_touch_begin 30 0 100.00% 39 0 100.00%
u2f_get_touch_status 18 0 100.00% 26 0 100.00%
u2f.c:key_lookup 44 0 100.00% 59 0 100.00%
u2f.c:send_dummy_register 30 0 100.00% 39 0 100.00%
u2f_register 76 0 100.00% 81 0 100.00%
u2f_authenticate 33 0 100.00% 37 0 100.00%
u2f_get_touch_begin 37 0 100.00% 45 0 100.00%
u2f_get_touch_status 26 0 100.00% 36 0 100.00%
u2f.c:key_lookup 51 0 100.00% 65 0 100.00%
u2f.c:send_dummy_register 37 0 100.00% 45 0 100.00%
u2f.c:delay_ms 13 1 92.31% 15 3 80.00%
u2f.c:parse_register_reply 49 0 100.00% 62 0 100.00%
u2f.c:x5c_get 21 1 95.24% 26 3 88.46%
@ -897,11 +935,11 @@ u2f.c:encode_cred_attstmt 45 0 100.00% 52
u2f.c:encode_cred_authdata 33 2 93.94% 61 6 90.16%
u2f.c:cbor_blob_from_ec_point 22 0 100.00% 31 0 100.00%
u2f.c:u2f_authenticate_single 32 0 100.00% 43 0 100.00%
u2f.c:do_auth 49 0 100.00% 61 0 100.00%
u2f.c:do_auth 56 0 100.00% 67 0 100.00%
u2f.c:parse_auth_reply 23 0 100.00% 23 0 100.00%
u2f.c:authdata_fake 12 0 100.00% 27 0 100.00%
---------------------------------------------------------------------------------------------------------------------
TOTAL 528 4 99.24% 685 12 98.25%
TOTAL 572 4 99.30% 726 12 98.35%
File '/libfido2/src/util.c':
Name Regions Miss Cover Lines Miss Cover

41
fuzz/fuzz_assert.c
View file

@ -1,7 +1,8 @@
/*
* Copyright (c) 2019 Yubico AB. All rights reserved.
* Copyright (c) 2019-2022 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#include <assert.h>
@ -163,7 +164,7 @@ size_t
pack_dummy(uint8_t *ptr, size_t len)
{
struct param dummy;
uint8_t blob[4096];
uint8_t blob[MAXCORPUS];
size_t blob_len;
memset(&dummy, 0, sizeof(dummy));
@ -313,6 +314,27 @@ out:
EVP_PKEY_free(pkey);
}
/*
* Do a dummy conversion to exercise es384_pk_from_EVP_PKEY().
*/
static void
es384_convert(const es384_pk_t *k)
{
EVP_PKEY *pkey = NULL;
es384_pk_t *pk = NULL;
int r;
if ((pkey = es384_pk_to_EVP_PKEY(k)) == NULL ||
(pk = es384_pk_new()) == NULL)
goto out;
r = es384_pk_from_EVP_PKEY(pk, pkey);
consume(&r, sizeof(r));
out:
es384_pk_free(&pk);
EVP_PKEY_free(pkey);
}
/*
* Do a dummy conversion to exercise rs256_pk_from_EVP_PKEY().
*/
@ -362,6 +384,7 @@ test(const struct param *p)
{
fido_assert_t *assert = NULL;
es256_pk_t *es256_pk = NULL;
es384_pk_t *es384_pk = NULL;
rs256_pk_t *rs256_pk = NULL;
eddsa_pk_t *eddsa_pk = NULL;
uint8_t flags;
@ -398,6 +421,19 @@ test(const struct param *p)
rs256_convert(pk);
break;
case 2:
cose_alg = COSE_ES384;
if ((es384_pk = es384_pk_new()) == NULL)
return;
/* XXX reuse p->es256 as es384 */
es384_pk_from_ptr(es384_pk, p->es256.body, p->es256.len);
pk = es384_pk;
es384_convert(pk);
break;
default:
cose_alg = COSE_EDDSA;
@ -452,6 +488,7 @@ test(const struct param *p)
out:
es256_pk_free(&es256_pk);
es384_pk_free(&es384_pk);
rs256_pk_free(&rs256_pk);
eddsa_pk_free(&eddsa_pk);

3
fuzz/fuzz_bio.c
View file

@ -2,6 +2,7 @@
* Copyright (c) 2019 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#include <assert.h>
@ -177,7 +178,7 @@ size_t
pack_dummy(uint8_t *ptr, size_t len)
{
struct param dummy;
uint8_t blob[4096];
uint8_t blob[MAXCORPUS];
size_t blob_len;
memset(&dummy, 0, sizeof(dummy));

8
fuzz/fuzz_cred.c
View file

@ -1,7 +1,8 @@
/*
* Copyright (c) 2019-2021 Yubico AB. All rights reserved.
* Copyright (c) 2019-2022 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#include <assert.h>
@ -173,7 +174,7 @@ size_t
pack_dummy(uint8_t *ptr, size_t len)
{
struct param dummy;
uint8_t blob[4096];
uint8_t blob[MAXCORPUS];
size_t blob_len;
memset(&dummy, 0, sizeof(dummy));
@ -361,6 +362,9 @@ test_cred(const struct param *p)
case 1:
cose_alg = COSE_RS256;
break;
case 2:
cose_alg = COSE_ES384;
break;
default:
cose_alg = COSE_EDDSA;
break;

3
fuzz/fuzz_credman.c
View file

@ -2,6 +2,7 @@
* Copyright (c) 2019-2021 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#include <assert.h>
@ -164,7 +165,7 @@ size_t
pack_dummy(uint8_t *ptr, size_t len)
{
struct param dummy;
uint8_t blob[4096];
uint8_t blob[MAXCORPUS];
size_t blob_len;
memset(&dummy, 0, sizeof(dummy));

3
fuzz/fuzz_hid.c
View file

@ -2,6 +2,7 @@
* Copyright (c) 2020-2021 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#include <assert.h>
@ -127,7 +128,7 @@ size_t
pack_dummy(uint8_t *ptr, size_t len)
{
struct param dummy;
uint8_t blob[4096];
uint8_t blob[MAXCORPUS];
size_t blob_len;
memset(&dummy, 0, sizeof(dummy));

3
fuzz/fuzz_largeblob.c
View file

@ -2,6 +2,7 @@
* Copyright (c) 2020 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#include <assert.h>
@ -141,7 +142,7 @@ size_t
pack_dummy(uint8_t *ptr, size_t len)
{
struct param dummy;
uint8_t blob[4096];
uint8_t blob[MAXCORPUS];
size_t blob_len;
memset(&dummy, 0, sizeof(dummy));

29
fuzz/fuzz_mgmt.c
View file

@ -2,6 +2,7 @@
* Copyright (c) 2019-2022 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#include <assert.h>
@ -161,7 +162,7 @@ size_t
pack_dummy(uint8_t *ptr, size_t len)
{
struct param dummy;
uint8_t blob[4096];
uint8_t blob[MAXCORPUS];
size_t blob_len;
memset(&dummy, 0, sizeof(dummy));
@ -223,6 +224,7 @@ dev_get_cbor_info(const struct param *p)
fido_cbor_info_t *ci;
uint64_t n;
uint8_t proto, major, minor, build, flags;
bool v;
set_wire_data(p->info_wire_data.body, p->info_wire_data.len);
@ -276,28 +278,43 @@ dev_get_cbor_info(const struct param *p)
consume(&cose, sizeof(cose));
}
for (size_t i = 0; i < fido_cbor_info_certs_len(ci); i++) {
char * const *na = fido_cbor_info_certs_name_ptr(ci);
const uint64_t *va = fido_cbor_info_certs_value_ptr(ci);
consume(na[i], strlen(na[i]));
consume(&va[i], sizeof(va[i]));
}
n = fido_cbor_info_maxmsgsiz(ci);
consume(&n, sizeof(n));
n = fido_cbor_info_maxcredbloblen(ci);
consume(&n, sizeof(n));
n = fido_cbor_info_maxcredcntlst(ci);
consume(&n, sizeof(n));
n = fido_cbor_info_maxcredidlen(ci);
consume(&n, sizeof(n));
n = fido_cbor_info_maxlargeblob(ci);
consume(&n, sizeof(n));
n = fido_cbor_info_fwversion(ci);
consume(&n, sizeof(n));
n = fido_cbor_info_minpinlen(ci);
consume(&n, sizeof(n));
n = fido_cbor_info_maxrpid_minpinlen(ci);
consume(&n, sizeof(n));
n = fido_cbor_info_uv_attempts(ci);
consume(&n, sizeof(n));
n = fido_cbor_info_uv_modality(ci);
consume(&n, sizeof(n));
n = (uint64_t)fido_cbor_info_rk_remaining(ci);
consume(&n, sizeof(n));
consume(fido_cbor_info_aaguid_ptr(ci), fido_cbor_info_aaguid_len(ci));
consume(fido_cbor_info_protocols_ptr(ci),
fido_cbor_info_protocols_len(ci));
v = fido_cbor_info_new_pin_required(ci);
consume(&v, sizeof(v));
out:
fido_dev_close(dev);
fido_dev_free(&dev);

3
fuzz/fuzz_netlink.c
View file

@ -2,6 +2,7 @@
* Copyright (c) 2020 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#include <assert.h>
@ -98,7 +99,7 @@ size_t
pack_dummy(uint8_t *ptr, size_t len)
{
struct param dummy;
uint8_t blob[4096];
uint8_t blob[MAXCORPUS];
size_t blob_len;
memset(&dummy, 0, sizeof(dummy));

5
fuzz/fuzz_pcsc.c
View file

@ -2,6 +2,7 @@
* Copyright (c) 2022 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#define _FIDO_INTERNAL
@ -116,7 +117,7 @@ size_t
pack_dummy(uint8_t *ptr, size_t len)
{
struct param dummy;
uint8_t blob[4096];
uint8_t blob[MAXCORPUS];
size_t blob_len;
memset(&dummy, 0, sizeof(dummy));
@ -231,7 +232,9 @@ test(const struct param *p)
set_pcsc_parameters(&p->pcsc_list);
set_pcsc_io_functions(nfc_read, nfc_write, consume);
set_wire_data(p->wiredata_init.body, p->wiredata_init.len);
test_manifest();
test_misc();
set_wire_data(p->wiredata_init.body, p->wiredata_init.len);

61
fuzz/libfuzzer.c
View file

@ -1,9 +1,12 @@
/*
* Copyright (c) 2019 Yubico AB. All rights reserved.
* Copyright (c) 2019-2022 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#include <openssl/sha.h>
#include <err.h>
#include <fcntl.h>
#include <stdbool.h>
@ -15,6 +18,8 @@
#include "mutator_aux.h"
extern int fuzz_save_corpus;
static bool debug;
static unsigned int flags = MUTATE_ALL;
static unsigned long long test_fail;
@ -32,7 +37,7 @@ save_seed(const char *opt)
const char *path;
int fd = -1, status = 1;
void *buf = NULL;
const size_t buflen = 4096;
const size_t buflen = MAXCORPUS;
size_t n;
struct param *p = NULL;
@ -73,6 +78,50 @@ fail:
return status;
}
static int
save_corpus(const struct param *p)
{
uint8_t blob[MAXCORPUS], dgst[SHA256_DIGEST_LENGTH];
size_t blob_len;
char path[PATH_MAX];
int r, fd;
if ((blob_len = pack(blob, sizeof(blob), p)) == 0 ||
blob_len > sizeof(blob)) {
warnx("pack");
return -1;
}
if (SHA256(blob, blob_len, dgst) != dgst) {
warnx("sha256");
return -1;
}
if ((r = snprintf(path, sizeof(path), "saved_corpus_%02x%02x%02x%02x"
"%02x%02x%02x%02x", dgst[0], dgst[1], dgst[2], dgst[3], dgst[4],
dgst[5], dgst[6], dgst[7])) < 0 || (size_t)r >= sizeof(path)) {
warnx("snprintf");
return -1;
}
if ((fd = open(path, O_CREAT|O_TRUNC|O_WRONLY, 0644)) == -1) {
warn("open %s", path);
return -1;
}
if (write(fd, blob, blob_len) != (ssize_t)blob_len) {
warn("write");
r = -1;
} else {
warnx("wrote %s", path);
r = 0;
}
close(fd);
return r;
}
static void
parse_mutate_flags(const char *opt, unsigned int *mutate_flags)
{
@ -116,7 +165,7 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
{
struct param *p;
if (size > 4096)
if (size > MAXCORPUS)
return 0;
if (++test_total % 100000 == 0 && debug) {
@ -128,7 +177,11 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
if ((p = unpack(data, size)) == NULL)
test_fail++;
else {
fuzz_save_corpus = 0;
test(p);
if (fuzz_save_corpus && save_corpus(p) < 0)
fprintf(stderr, "%s: failed to save corpus\n",
__func__);
free(p);
}
@ -140,7 +193,7 @@ LLVMFuzzerCustomMutator(uint8_t *data, size_t size, size_t maxsize,
unsigned int seed) NO_MSAN
{
struct param *p;
uint8_t blob[4096];
uint8_t blob[MAXCORPUS];
size_t blob_len;
memset(&p, 0, sizeof(p));

12
fuzz/mutator_aux.c
View file

@ -1,7 +1,8 @@
/*
* Copyright (c) 2019 Yubico AB. All rights reserved.
* Copyright (c) 2019-2022 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#include <assert.h>
@ -19,6 +20,7 @@ int fido_nfc_rx(fido_dev_t *, uint8_t, unsigned char *, size_t, int);
int fido_nfc_tx(fido_dev_t *, uint8_t, const unsigned char *, size_t);
size_t LLVMFuzzerMutate(uint8_t *, size_t, size_t);
extern int prng_up;
static const uint8_t *wire_data_ptr = NULL;
static size_t wire_data_len = 0;
@ -157,7 +159,6 @@ mutate_string(char *s)
s[n] = '\0';
}
/* XXX should fail, but doesn't */
static int
buf_read(unsigned char *ptr, size_t len, int ms)
{
@ -165,6 +166,11 @@ buf_read(unsigned char *ptr, size_t len, int ms)
(void)ms;
if (prng_up && uniform_random(400) < 1) {
errno = EIO;
return -1;
}
if (wire_data_len < len)
n = wire_data_len;
else
@ -183,7 +189,7 @@ buf_write(const unsigned char *ptr, size_t len)
{
consume(ptr, len);
if (uniform_random(400) < 1) {
if (prng_up && uniform_random(400) < 1) {
errno = EIO;
return -1;
}

10
fuzz/mutator_aux.h
View file

@ -2,11 +2,14 @@
* Copyright (c) 2019-2022 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#ifndef _MUTATOR_AUX_H
#define _MUTATOR_AUX_H
#include <sys/types.h>
#include <stddef.h>
#include <stdint.h>
#include <cbor.h>
@ -17,7 +20,7 @@
#include "../src/fido/credman.h"
#include "../src/fido/eddsa.h"
#include "../src/fido/es256.h"
#include "../src/fido/es256.h"
#include "../src/fido/es384.h"
#include "../src/fido/rs256.h"
#include "../src/netlink.h"
@ -48,8 +51,9 @@
#define MUTATE_WIREDATA 0x04
#define MUTATE_ALL (MUTATE_SEED | MUTATE_PARAM | MUTATE_WIREDATA)
#define MAXSTR 1024
#define MAXBLOB 3600
#define MAXSTR 1024
#define MAXBLOB 3600
#define MAXCORPUS 8192
#define HID_DEV_HANDLE 0x68696421
#define NFC_DEV_HANDLE 0x6e666321

1
fuzz/pcsc.c
View file

@ -2,6 +2,7 @@
* Copyright (c) 2022 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#include <assert.h>

1
fuzz/preload-fuzz.c
View file

@ -2,6 +2,7 @@
* Copyright (c) 2019 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
/*

1
fuzz/preload-snoop.c
View file

@ -2,6 +2,7 @@
* Copyright (c) 2019 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
/*

BIN
fuzz/report.tgz
View file

Binary file not shown.

57
fuzz/summary.txt
View file

@ -3,52 +3,52 @@ Filename Regions Missed Regions Cover Funct
fuzz/clock.c 24 1 95.83% 4 0 100.00% 35 1 97.14%
fuzz/pcsc.c 59 0 100.00% 8 0 100.00% 75 12 84.00%
fuzz/prng.c 31 0 100.00% 2 0 100.00% 35 1 97.14%
fuzz/udev.c 109 1 99.08% 17 0 100.00% 126 11 91.27%
fuzz/udev.c 110 2 98.18% 17 0 100.00% 126 12 90.48%
fuzz/uniform_random.c 7 1 85.71% 1 0 100.00% 12 1 91.67%
fuzz/wrap.c 17 0 100.00% 3 0 100.00% 29 0 100.00%
fuzz/wrap.c 23 0 100.00% 3 0 100.00% 29 0 100.00%
openbsd-compat/explicit_bzero.c 4 0 100.00% 1 0 100.00% 7 0 100.00%
openbsd-compat/freezero.c 4 0 100.00% 1 0 100.00% 6 0 100.00%
openbsd-compat/recallocarray.c 41 7 82.93% 1 0 100.00% 36 7 80.56%
openbsd-compat/strlcat.c 12 1 91.67% 1 0 100.00% 21 1 95.24%
openbsd-compat/timingsafe_bcmp.c 4 0 100.00% 1 0 100.00% 7 0 100.00%
src/aes256.c 118 4 96.61% 8 0 100.00% 157 14 91.08%
src/assert.c 565 42 92.57% 56 3 94.64% 694 42 93.95%
src/authkey.c 44 0 100.00% 5 0 100.00% 59 0 100.00%
src/bio.c 419 20 95.23% 49 2 95.92% 559 24 95.71%
src/aes256.c 118 3 97.46% 8 0 100.00% 157 11 92.99%
src/assert.c 605 43 92.89% 59 3 94.92% 745 46 93.83%
src/authkey.c 52 0 100.00% 5 0 100.00% 66 0 100.00%
src/bio.c 451 20 95.57% 49 2 95.92% 587 24 95.91%
src/blob.c 53 2 96.23% 10 0 100.00% 83 4 95.18%
src/buf.c 8 1 87.50% 2 0 100.00% 16 1 93.75%
src/cbor.c 1049 23 97.81% 54 0 100.00% 1237 45 96.36%
src/cbor.c 1070 13 98.79% 55 0 100.00% 1258 31 97.54%
src/compress.c 105 14 86.67% 5 0 100.00% 122 24 80.33%
src/config.c 108 0 100.00% 11 0 100.00% 151 0 100.00%
src/cred.c 634 36 94.32% 69 2 97.10% 830 39 95.30%
src/credman.c 382 10 97.38% 40 0 100.00% 518 18 96.53%
src/dev.c 332 71 78.61% 41 6 85.37% 378 86 77.25%
src/config.c 112 0 100.00% 11 0 100.00% 152 0 100.00%
src/cred.c 651 38 94.16% 69 2 97.10% 849 43 94.94%
src/credman.c 422 10 97.63% 40 0 100.00% 557 20 96.41%
src/dev.c 332 65 80.42% 41 6 85.37% 378 80 78.84%
src/ecdh.c 117 2 98.29% 4 0 100.00% 146 5 96.58%
src/eddsa.c 88 5 94.32% 10 0 100.00% 114 9 92.11%
src/err.c 122 10 91.80% 1 0 100.00% 126 10 92.06%
src/es256.c 315 7 97.78% 19 0 100.00% 372 12 96.77%
src/es384.c 158 8 94.94% 11 0 100.00% 198 15 92.42%
src/hid.c 87 2 97.70% 14 0 100.00% 145 3 97.93%
src/hid_linux.c 173 68 60.69% 14 7 50.00% 250 105 58.00%
src/hid_linux.c 184 73 60.33% 14 7 50.00% 263 115 56.27%
src/hid_unix.c 29 21 27.59% 2 0 100.00% 43 26 39.53%
src/info.c 186 0 100.00% 40 0 100.00% 321 0 100.00%
src/io.c 185 7 96.22% 13 0 100.00% 221 12 94.57%
src/info.c 232 0 100.00% 51 0 100.00% 409 0 100.00%
src/io.c 193 7 96.37% 13 0 100.00% 230 12 94.78%
src/iso7816.c 18 1 94.44% 5 0 100.00% 38 1 97.37%
src/largeblob.c 514 19 96.30% 30 0 100.00% 684 46 93.27%
src/largeblob.c 525 18 96.57% 30 0 100.00% 693 43 93.80%
src/log.c 39 5 87.18% 7 1 85.71% 63 7 88.89%
src/netlink.c 329 14 95.74% 40 0 100.00% 498 33 93.37%
src/nfc.c 142 7 95.07% 11 1 90.91% 223 27 87.89%
src/nfc_linux.c 174 56 67.82% 13 5 61.54% 245 103 57.96%
src/pcsc.c 201 1 99.50% 13 0 100.00% 278 3 98.92%
src/pin.c 403 3 99.26% 26 0 100.00% 495 4 99.19%
src/random.c 6 1 83.33% 1 0 100.00% 6 1 83.33%
src/netlink.c 329 8 97.57% 40 0 100.00% 498 15 96.99%
src/nfc.c 155 5 96.77% 12 0 100.00% 244 15 93.85%
src/nfc_linux.c 172 77 55.23% 13 7 46.15% 242 126 47.93%
src/pcsc.c 204 1 99.51% 13 0 100.00% 282 3 98.94%
src/pin.c 426 3 99.30% 26 0 100.00% 514 4 99.22%
src/random.c 6 0 100.00% 1 0 100.00% 6 0 100.00%
src/reset.c 24 0 100.00% 3 0 100.00% 23 0 100.00%
src/rs1.c 25 2 92.00% 3 0 100.00% 39 4 89.74%
src/rs256.c 141 8 94.33% 13 0 100.00% 172 11 93.60%
src/rs1.c 25 1 96.00% 3 0 100.00% 39 3 92.31%
src/rs256.c 149 10 93.29% 13 0 100.00% 182 14 92.31%
src/time.c 43 3 93.02% 3 0 100.00% 43 2 95.35%
src/touch.c 67 0 100.00% 2 0 100.00% 79 0 100.00%
src/tpm.c 103 3 97.09% 9 0 100.00% 194 9 95.36%
src/types.c 25 0 100.00% 6 0 100.00% 46 0 100.00%
src/u2f.c 528 4 99.24% 17 0 100.00% 685 12 98.25%
src/tpm.c 103 0 100.00% 9 0 100.00% 194 0 100.00%
src/types.c 29 0 100.00% 7 0 100.00% 56 0 100.00%
src/u2f.c 572 4 99.30% 17 0 100.00% 726 12 98.35%
src/util.c 14 1 92.86% 1 0 100.00% 14 1 92.86%
Files which contain no functions:
@ -56,8 +56,9 @@ fuzz/mutator_aux.h 0 0 -
openbsd-compat/openbsd-compat.h 0 0 - 0 0 - 0 0 -
openbsd-compat/time.h 0 0 - 0 0 - 0 0 -
src/extern.h 0 0 - 0 0 - 0 0 -
src/fallthrough.h 0 0 - 0 0 - 0 0 -
src/fido.h 0 0 - 0 0 - 0 0 -
src/fido/err.h 0 0 - 0 0 - 0 0 -
src/fido/param.h 0 0 - 0 0 - 0 0 -
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
TOTAL 8227 484 94.12% 710 27 96.20% 10756 777 92.78%
TOTAL 8711 492 94.35% 737 28 96.20% 11320 771 93.19%

3
fuzz/udev.c
View file

@ -2,6 +2,7 @@
* Copyright (c) 2021 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#include <sys/types.h>
@ -241,7 +242,7 @@ __wrap_ioctl(int fd, unsigned long request, ...)
va_start(ap, request);
switch (request) {
switch (IOCTL_REQ(request)) {
case IOCTL_REQ(HIDIOCGRDESCSIZE):
*va_arg(ap, int *) = (int)report_descriptor->len;
break;

1
fuzz/wiredata_fido2.h
View file

@ -2,6 +2,7 @@
* Copyright (c) 2020-2022 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#ifndef _WIREDATA_FIDO2_H

1
fuzz/wiredata_u2f.h
View file

@ -2,6 +2,7 @@
* Copyright (c) 2020 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#ifndef _WIREDATA_U2F_H

22
fuzz/wrap.c
View file

@ -2,9 +2,11 @@
* Copyright (c) 2019-2022 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#include <sys/types.h>
#include <sys/random.h>
#include <sys/socket.h>
#include <openssl/bn.h>
@ -22,9 +24,13 @@
extern int prng_up;
int fuzz_save_corpus;
/*
* Build wrappers around functions of interest, and have them fail
* in a pseudo-random manner.
* in a pseudo-random manner. A uniform probability of 0.25% (1/400)
* allows for a depth of log(0.5)/log(399/400) > 276 operations
* before simulated errors become statistically more likely.
*/
#define WRAP(type, name, args, retval, param, prob) \
@ -70,6 +76,14 @@ WRAP(char *,
1
)
WRAP(ssize_t,
getrandom,
(void *buf, size_t buflen, unsigned int flags),
-1,
(buf, buflen, flags),
1
)
WRAP(int,
EVP_Cipher,
(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in,
@ -653,11 +667,11 @@ int __real_deflate(z_streamp, int);
int
__wrap_deflate(z_streamp strm, int flush)
{
if (uniform_random(400) < 1) {
if (prng_up && uniform_random(400) < 1) {
return Z_BUF_ERROR;
}
/* should never happen, but we check for it */
if (uniform_random(400) < 1) {
if (prng_up && uniform_random(400) < 1) {
strm->avail_out = UINT_MAX;
return Z_STREAM_END;
}
@ -673,7 +687,7 @@ __wrap_asprintf(char **strp, const char *fmt, ...)
va_list ap;
int r;
if (uniform_random(400) < 1) {
if (prng_up && uniform_random(400) < 1) {
*strp = (void *)0xdeadbeef;
return -1;
}

1
fuzz/wrapped.sym
View file

@ -63,6 +63,7 @@ EVP_PKEY_verify_init
EVP_sha1
EVP_sha256
fido_tx
getrandom
HMAC
HMAC_CTX_new
HMAC_Final

18
man/CMakeLists.txt
View file

@ -1,6 +1,7 @@
# Copyright (c) 2018-2022 Yubico AB. All rights reserved.
# Use of this source code is governed by a BSD-style
# license that can be found in the LICENSE file.
# SPDX-License-Identifier: BSD-2-Clause
find_program(MANDOC_PATH mandoc)
find_program(GZIP_PATH gzip)
@ -11,6 +12,7 @@ message(STATUS "GZIP_PATH: ${GZIP_PATH}")
list(APPEND MAN_SOURCES
eddsa_pk_new.3
es256_pk_new.3
es384_pk_new.3
fido2-assert.1
fido2-cred.1
fido2-token.1
@ -52,6 +54,11 @@ list(APPEND MAN_ALIAS
es256_pk_new es256_pk_from_EVP_PKEY
es256_pk_new es256_pk_from_ptr
es256_pk_new es256_pk_to_EVP_PKEY
es384_pk_new es384_pk_free
es384_pk_new es384_pk_from_EC_KEY
es384_pk_new es384_pk_from_EVP_PKEY
es384_pk_new es384_pk_from_ptr
es384_pk_new es384_pk_to_EVP_PKEY
fido_assert_new fido_assert_authdata_len
fido_assert_new fido_assert_authdata_ptr
fido_assert_new fido_assert_blob_len
@ -114,22 +121,31 @@ list(APPEND MAN_ALIAS
fido_cbor_info_new fido_cbor_info_algorithm_cose
fido_cbor_info_new fido_cbor_info_algorithm_count
fido_cbor_info_new fido_cbor_info_algorithm_type
fido_cbor_info_new fido_cbor_info_certs_len
fido_cbor_info_new fido_cbor_info_certs_name_ptr
fido_cbor_info_new fido_cbor_info_certs_value_ptr
fido_cbor_info_new fido_cbor_info_extensions_len
fido_cbor_info_new fido_cbor_info_extensions_ptr
fido_cbor_info_new fido_cbor_info_free
fido_cbor_info_new fido_cbor_info_fwversion
fido_cbor_info_new fido_cbor_info_maxcredbloblen
fido_cbor_info_new fido_cbor_info_maxcredcntlst
fido_cbor_info_new fido_cbor_info_maxcredidlen
fido_cbor_info_new fido_cbor_info_maxlargeblob
fido_cbor_info_new fido_cbor_info_maxmsgsiz
fido_cbor_info_new fido_cbor_info_fwversion
fido_cbor_info_new fido_cbor_info_maxrpid_minpinlen
fido_cbor_info_new fido_cbor_info_minpinlen
fido_cbor_info_new fido_cbor_info_new_pin_required
fido_cbor_info_new fido_cbor_info_options_len
fido_cbor_info_new fido_cbor_info_options_name_ptr
fido_cbor_info_new fido_cbor_info_options_value_ptr
fido_cbor_info_new fido_cbor_info_protocols_len
fido_cbor_info_new fido_cbor_info_protocols_ptr
fido_cbor_info_new fido_cbor_info_rk_remaining
fido_cbor_info_new fido_cbor_info_transports_len
fido_cbor_info_new fido_cbor_info_transports_ptr
fido_cbor_info_new fido_cbor_info_uv_attempts
fido_cbor_info_new fido_cbor_info_uv_modality
fido_cbor_info_new fido_cbor_info_versions_len
fido_cbor_info_new fido_cbor_info_versions_ptr
fido_cbor_info_new fido_dev_get_cbor_info

1
man/check.sh
View file

@ -3,6 +3,7 @@
# Copyright (c) 2022 Yubico AB. All rights reserved.
# Use of this source code is governed by a BSD-style
# license that can be found in the LICENSE file.
# SPDX-License-Identifier: BSD-2-Clause
T=$(mktemp -d) || exit 1
find . -maxdepth 1 -type f -name '*.3' -print0 > "$T/files"

32
man/eddsa_pk_new.3
View file

@ -1,8 +1,31 @@
.\" Copyright (c) 2019 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\" Copyright (c) 2019-2022 Yubico AB. All rights reserved.
.\"
.Dd $Mdocdate: May 15 2019 $
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: July 15 2022 $
.Dt EDDSA_PK_NEW 3
.Os
.Sh NAME
@ -117,6 +140,7 @@ On error, a different error code defined in
is returned.
.Sh SEE ALSO
.Xr es256_pk_new 3 ,
.Xr es384_pk_new 3 ,
.Xr fido_assert_verify 3 ,
.Xr fido_cred_pubkey_ptr 3 ,
.Xr rs256_pk_new 3

32
man/es256_pk_new.3
View file

@ -1,8 +1,31 @@
.\" Copyright (c) 2018-2021 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\" Copyright (c) 2018-2022 Yubico AB. All rights reserved.
.\"
.Dd $Mdocdate: May 24 2018 $
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: July 15 2022 $
.Dt ES256_PK_NEW 3
.Os
.Sh NAME
@ -135,6 +158,7 @@ On error, a different error code defined in
is returned.
.Sh SEE ALSO
.Xr eddsa_pk_new 3 ,
.Xr es384_pk_new 3 ,
.Xr fido_assert_verify 3 ,
.Xr fido_cred_pubkey_ptr 3 ,
.Xr rs256_pk_new 3

164
man/es384_pk_new.3 Normal file
View file

@ -0,0 +1,164 @@
.\" Copyright (c) 2022 Yubico AB. All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: July 15 2022 $
.Dt ES384_PK_NEW 3
.Os
.Sh NAME
.Nm es384_pk_new ,
.Nm es384_pk_free ,
.Nm es384_pk_from_EC_KEY ,
.Nm es384_pk_from_EVP_PKEY ,
.Nm es384_pk_from_ptr ,
.Nm es384_pk_to_EVP_PKEY
.Nd FIDO2 COSE ES384 API
.Sh SYNOPSIS
.In openssl/ec.h
.In fido/es384.h
.Ft es384_pk_t *
.Fn es384_pk_new "void"
.Ft void
.Fn es384_pk_free "es384_pk_t **pkp"
.Ft int
.Fn es384_pk_from_EC_KEY "es384_pk_t *pk" "const EC_KEY *ec"
.Ft int
.Fn es384_pk_from_EVP_PKEY "es384_pk_t *pk" "const EVP_PKEY *pkey"
.Ft int
.Fn es384_pk_from_ptr "es384_pk_t *pk" "const void *ptr" "size_t len"
.Ft EVP_PKEY *
.Fn es384_pk_to_EVP_PKEY "const es384_pk_t *pk"
.Sh DESCRIPTION
ES384 is the name given in the CBOR Object Signing and Encryption
(COSE) RFC to ECDSA over P-384 with SHA-384.
The COSE ES384 API of
.Em libfido2
is an auxiliary API with routines to convert between the different
ECDSA public key types used in
.Em libfido2
and
.Em OpenSSL .
.Pp
In
.Em libfido2 ,
ES384 public keys are abstracted by the
.Vt es384_pk_t
type.
.Pp
The
.Fn es384_pk_new
function returns a pointer to a newly allocated, empty
.Vt es384_pk_t
type.
If memory cannot be allocated, NULL is returned.
.Pp
The
.Fn es384_pk_free
function releases the memory backing
.Fa *pkp ,
where
.Fa *pkp
must have been previously allocated by
.Fn es384_pk_new .
On return,
.Fa *pkp
is set to NULL.
Either
.Fa pkp
or
.Fa *pkp
may be NULL, in which case
.Fn es384_pk_free
is a NOP.
.Pp
The
.Fn es384_pk_from_EC_KEY
function fills
.Fa pk
with the contents of
.Fa ec .
No references to
.Fa ec
are kept.
.Pp
The
.Fn es384_pk_from_EVP_PKEY
function fills
.Fa pk
with the contents of
.Fa pkey .
No references to
.Fa pkey
are kept.
.Pp
The
.Fn es384_pk_from_ptr
function fills
.Fa pk
with the contents of
.Fa ptr ,
where
.Fa ptr
points to
.Fa len
bytes.
The
.Fa ptr
pointer may point to an uncompressed point, or to the
concatenation of the x and y coordinates.
No references to
.Fa ptr
are kept.
.Pp
The
.Fn es384_pk_to_EVP_PKEY
function converts
.Fa pk
to a newly allocated
.Fa EVP_PKEY
type with a reference count of 1.
No internal references to the returned pointer are kept.
If an error occurs,
.Fn es384_pk_to_EVP_PKEY
returns NULL.
.Sh RETURN VALUES
The
.Fn es384_pk_from_EC_KEY ,
.Fn es384_pk_from_EVP_PKEY ,
and
.Fn es384_pk_from_ptr
functions return
.Dv FIDO_OK
on success.
On error, a different error code defined in
.In fido/err.h
is returned.
.Sh SEE ALSO
.Xr eddsa_pk_new 3 ,
.Xr es256_pk_new 3 ,
.Xr fido_assert_verify 3 ,
.Xr fido_cred_pubkey_ptr 3 ,
.Xr rs256_pk_new 3

27
man/fido2-assert.1
View file

@ -1,6 +1,29 @@
.\" Copyright (c) 2018 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: November 5 2019 $
.Dt FIDO2-ASSERT 1

27
man/fido2-cred.1
View file

@ -1,6 +1,29 @@
.\" Copyright (c) 2018 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: November 5 2019 $
.Dt FIDO2-CRED 1

27
man/fido2-token.1
View file

@ -1,6 +1,29 @@
.\" Copyright (c) 2018-2022 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: April 11 2022 $
.Dt FIDO2-TOKEN 1

27
man/fido_assert_allow_cred.3
View file

@ -1,6 +1,29 @@
.\" Copyright (c) 2018 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: May 23 2018 $
.Dt FIDO_ASSERT_ALLOW_CRED 3

31
man/fido_assert_new.3
View file

@ -1,6 +1,29 @@
.\" Copyright (c) 2018-2022 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: April 27 2022 $
.Dt FIDO_ASSERT_NEW 3
@ -154,6 +177,10 @@ in
.Fa assert .
If not NULL, the values returned by these functions point to
NUL-terminated UTF-8 strings.
The user display name, icon, and name attributes will typically
only be returned by the authenticator if user verification was
performed by the authenticator and multiple resident/discoverable
credentials were involved in the assertion.
.Pp
The
.Fn fido_assert_authdata_ptr ,

27
man/fido_assert_set_authdata.3
View file

@ -1,6 +1,29 @@
.\" Copyright (c) 2018-2022 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: April 27 2022 $
.Dt FIDO_ASSERT_SET_AUTHDATA 3

33
man/fido_assert_verify.3
View file

@ -1,8 +1,31 @@
.\" Copyright (c) 2018 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\" Copyright (c) 2018-2022 Yubico AB. All rights reserved.
.\"
.Dd $Mdocdate: May 24 2018 $
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: July 15 2022 $
.Dt FIDO_ASSERT_VERIFY 3
.Os
.Sh NAME
@ -42,6 +65,7 @@ where
.Fa cose_alg
is
.Dv COSE_ES256 ,
.Dv COSE_ES384 ,
.Dv COSE_RS256 ,
or
.Dv COSE_EDDSA ,
@ -49,6 +73,7 @@ and
.Fa pk
points to a
.Vt es256_pk_t ,
.Vt es384_pk_t ,
.Vt rs256_pk_t ,
or
.Vt eddsa_pk_t

27
man/fido_bio_dev_get_info.3
View file

@ -1,6 +1,29 @@
.\" Copyright (c) 2019 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: September 13 2019 $
.Dt FIDO_BIO_DEV_GET_INFO 3

27
man/fido_bio_enroll_new.3
View file

@ -1,6 +1,29 @@
.\" Copyright (c) 2019 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: September 13 2019 $
.Dt FIDO_BIO_ENROLL_NEW 3

27
man/fido_bio_info_new.3
View file

@ -1,6 +1,29 @@
.\" Copyright (c) 2019 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: September 13 2019 $
.Dt FIDO_BIO_INFO_NEW 3

27
man/fido_bio_template.3
View file

@ -1,6 +1,29 @@
.\" Copyright (c) 2019 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: September 13 2019 $
.Dt FIDO_BIO_TEMPLATE 3

156
man/fido_cbor_info_new.3
View file

@ -1,6 +1,29 @@
.\" Copyright (c) 2018-2022 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: April 22 2022 $
.Dt FIDO_CBOR_INFO_NEW 3
@ -19,6 +42,9 @@
.Nm fido_cbor_info_algorithm_type ,
.Nm fido_cbor_info_algorithm_cose ,
.Nm fido_cbor_info_algorithm_count ,
.Nm fido_cbor_info_certs_name_ptr ,
.Nm fido_cbor_info_certs_value_ptr ,
.Nm fido_cbor_info_certs_len ,
.Nm fido_cbor_info_aaguid_len ,
.Nm fido_cbor_info_extensions_len ,
.Nm fido_cbor_info_protocols_len ,
@ -30,7 +56,13 @@
.Nm fido_cbor_info_maxcredcntlst ,
.Nm fido_cbor_info_maxcredidlen ,
.Nm fido_cbor_info_maxlargeblob ,
.Nm fido_cbor_info_fwversion
.Nm fido_cbor_info_maxrpid_minpinlen ,
.Nm fido_cbor_info_minpinlen ,
.Nm fido_cbor_info_fwversion ,
.Nm fido_cbor_info_uv_attempts ,
.Nm fido_cbor_info_uv_modality ,
.Nm fido_cbor_info_rk_remaining ,
.Nm fido_cbor_info_new_pin_required
.Nd FIDO2 CBOR Info API
.Sh SYNOPSIS
.In fido.h
@ -60,6 +92,12 @@
.Fn fido_cbor_info_algorithm_cose "const fido_cbor_info_t *ci" "size_t idx"
.Ft size_t
.Fn fido_cbor_info_algorithm_count "const fido_cbor_info_t *ci"
.Ft char **
.Fn fido_cbor_info_certs_name_ptr "const fido_cbor_info_t *ci"
.Ft const uint64_t *
.Fn fido_cbor_info_certs_value_ptr "const fido_cbor_info_t *ci"
.Ft size_t
.Fn fido_cbor_info_certs_len "const fido_cbor_info_t *ci"
.Ft size_t
.Fn fido_cbor_info_aaguid_len "const fido_cbor_info_t *ci"
.Ft size_t
@ -83,7 +121,19 @@
.Ft uint64_t
.Fn fido_cbor_info_maxlargeblob "const fido_cbor_info_t *ci"
.Ft uint64_t
.Fn fido_cbor_info_maxrpid_minpinlen "const fido_cbor_info_t *ci"
.Ft uint64_t
.Fn fido_cbor_info_minpinlen "const fido_cbor_info_t *ci"
.Ft uint64_t
.Fn fido_cbor_info_fwversion "const fido_cbor_info_t *ci"
.Ft uint64_t
.Fn fido_cbor_info_uv_attempts "const fido_cbor_info_t *ci"
.Ft uint64_t
.Fn fido_cbor_info_uv_modality "const fido_cbor_info_t *ci"
.Ft int64_t
.Fn fido_cbor_info_rk_remaining "const fido_cbor_info_t *ci"
.Ft bool
.Fn fido_cbor_info_new_pin_required "const fido_cbor_info_t *ci"
.Sh DESCRIPTION
The
.Fn fido_cbor_info_new
@ -180,6 +230,17 @@ has an
(index) value of 0.
.Pp
The
.Fn fido_cbor_info_certs_name_ptr
and
.Fn fido_cbor_info_certs_value_ptr
functions return pointers to the array of certification names and their
respective values
in
.Fa ci .
The length of the certifications array is returned by
.Fn fido_cbor_info_certs_len .
.Pp
The
.Fn fido_cbor_info_maxmsgsiz
function returns the maximum message size attribute of
.Fa ci .
@ -204,16 +265,93 @@ as reported in
.Fa ci .
.Pp
The
.Fn fido_cbor_info_maxrpid_minpinlen
function returns the maximum number of RP IDs that may be passed to
.Xr fido_dev_set_pin_minlen_rpid 3 ,
as reported in
.Fa ci .
The minimum PIN length attribute is a CTAP 2.1 addition.
If the attribute is not advertised by the authenticator, the
.Fn fido_cbor_info_maxrpid_minpinlen
function returns zero.
.Pp
The
.Fn fido_cbor_info_maxlargeblob
function returns the maximum length in bytes of an authenticator's
serialized largeBlob array as reported in
.Fa ci .
.Pp
The
.Fn fido_cbor_info_minpinlen
function returns the minimum PIN length enforced by the
authenticator as reported in
.Fa ci .
The minimum PIN length attribute is a CTAP 2.1 addition.
If the attribute is not advertised by the authenticator, the
.Fn fido_cbor_info_minpinlen
function returns zero.
.Pp
The
.Fn fido_cbor_info_fwversion
function returns the firmware version attribute of
.Fa ci .
.Pp
The
.Fn fido_cbor_info_uv_attempts
function returns the number of UV attempts that the platform may
attempt before falling back to PIN authentication.
If 1, then all
.Xr fido_dev_get_uv_retry_count 3
retries are handled internally by the authenticator and the
platform may only attempt non-PIN UV once.
The UV attempts attribute is a CTAP 2.1 addition.
If the attribute is not advertised by the authenticator,
the
.Fn fido_cbor_info_uv_attempts
function returns zero.
.Pp
The
.Fn fido_cbor_info_uv_modality
function returns a bitmask representing different UV modes
supported by the authenticator, as defined in the FIDO Registry of
Predefined Values and reported in
.Fa ci .
See the
.Em FIDO_UV_MODE_*
definitions in
.In fido/param.h
for the set of values defined by libfido2 and a brief description
of each.
The UV modality attribute is a CTAP 2.1 addition.
If the attribute is not advertised by the authenticator, the
.Fn fido_cbor_info_uv_modality
function returns zero.
.Pp
The
.Fn fido_cbor_info_rk_remaining
function returns the estimated number of additional
resident/discoverable credentials that can be stored on the
authenticator as reported in
.Fa ci .
The estimated number of remaining resident credentials is a
CTAP 2.1 addition.
If the attribute is not advertised by the authenticator, the
.Fn fido_cbor_info_rk_remaining
function returns -1.
.Pp
The
.Fn fido_cbor_info_new_pin_required
function returns whether a new PIN is required by the authenticator
as reported in
.Fa ci .
If
.Fn fido_cbor_info_new_pin_required
returns true, operations requiring PIN authentication will fail
until a new PIN is set on the authenticator.
The
.Xr fido_dev_set_pin 3
function can be used to set a new PIN.
.Pp
A complete example of how to use these functions can be found in the
.Pa example/info.c
file shipped with
@ -238,4 +376,14 @@ without the
.Em const
qualifier is invoked.
.Sh SEE ALSO
.Xr fido_dev_open 3
.Xr fido_dev_get_uv_retry_count 3 ,
.Xr fido_dev_open 3 ,
.Xr fido_dev_set_pin 3 ,
.Xr fido_dev_set_pin_minlen_rpid 3
.Rs
.%D 2021-05-25
.%O Review Draft, Version 2.2
.%Q FIDO Alliance
.%R FIDO Registry of Predefined Values
.%U https://fidoalliance.org/specs/common-specs/fido-registry-v2.2-rd-20210525.html
.Re

27
man/fido_cred_exclude.3
View file

@ -1,6 +1,29 @@
.\" Copyright (c) 2018 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: May 23 2018 $
.Dt FIDO_CRED_EXCLUDE 3

29
man/fido_cred_new.3
View file

@ -1,6 +1,29 @@
.\" Copyright (c) 2018-2021 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: May 23 2018 $
.Dt FIDO_CRED_NEW 3
@ -189,7 +212,7 @@ for the protection policies understood by
The
.Fn fido_cred_fmt
function returns a pointer to a NUL-terminated string containing
the format of
the attestation statement format identifier of
.Fa cred ,
or NULL if
.Fa cred

46
man/fido_cred_set_authdata.3
View file

@ -1,8 +1,31 @@
.\" Copyright (c) 2018-2021 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\" Copyright (c) 2018-2022 Yubico AB. All rights reserved.
.\"
.Dd $Mdocdate: May 23 2018 $
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: July 15 2022 $
.Dt FIDO_CRED_SET_AUTHDATA 3
.Os
.Sh NAME
@ -287,7 +310,7 @@ by default, allowing the authenticator to use its default settings.
.Pp
The
.Fn fido_cred_set_fmt
function sets the attestation format of
function sets the attestation statement format identifier of
.Fa cred
to
.Fa fmt ,
@ -297,15 +320,18 @@ must be
.Vt "packed"
.Pq the format used in FIDO2 ,
.Vt "fido-u2f"
.Pq the format used by U2F ,
.Pq the format used in U2F ,
.Vt "tpm"
.Pq the format used by TPM-based authenticators ,
or
.Vt "none" .
A copy of
.Fa fmt
is made, and no references to the passed pointer are kept.
Note that not all authenticators support FIDO2 and therefore may not
Note that not all authenticators support FIDO2 and therefore may only
be able to generate
.Vt "packed" .
.Vt fido-u2f
attestation statements.
.Pp
The
.Fn fido_cred_set_type
@ -316,11 +342,13 @@ where
.Fa cose_alg
is
.Dv COSE_ES256 ,
.Dv COSE_ES384 ,
.Dv COSE_RS256 ,
or
.Dv COSE_EDDSA .
The type of a credential may only be set once.
Note that not all authenticators support COSE_RS256 or COSE_EDDSA.
Note that not all authenticators support COSE_RS256, COSE_ES384, or
COSE_EDDSA.
.Pp
Use of the
.Nm

27
man/fido_cred_verify.3
View file

@ -1,6 +1,29 @@
.\" Copyright (c) 2018-2021 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: May 23 2018 $
.Dt FIDO_CRED_VERIFY 3

27
man/fido_credman_metadata_new.3
View file

@ -1,6 +1,29 @@
.\" Copyright (c) 2019-2021 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: June 28 2019 $
.Dt FIDO_CREDMAN_METADATA_NEW 3

34
man/fido_dev_enable_entattest.3
View file

@ -1,6 +1,29 @@
.\" Copyright (c) 2020 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\" Copyright (c) 2020-2022 Yubico AB. All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: March 30 2022 $
.Dt FIDO_DEV_ENABLE_ENTATTEST 3
@ -97,6 +120,10 @@ NUL-terminated UTF-8 strings.
A copy of
.Fa rpid
is made, and no reference to it or its contents is kept.
The maximum value of
.Fa n
supported by the authenticator can be obtained using
.Xr fido_cbor_info_maxrpid_minpinlen 3 .
.Pp
Configuration settings are reflected in the payload returned by the
authenticator in response to a
@ -116,6 +143,7 @@ On success,
.Dv FIDO_OK
is returned.
.Sh SEE ALSO
.Xr fido_cbor_info_maxrpid_minpinlen 3 ,
.Xr fido_cred_pin_minlen 3 ,
.Xr fido_dev_get_cbor_info 3 ,
.Xr fido_dev_reset 3

27
man/fido_dev_get_assert.3
View file

@ -1,6 +1,29 @@
.\" Copyright (c) 2018 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: May 24 2018 $
.Dt FIDO_DEV_GET_ASSERT 3

27
man/fido_dev_get_touch_begin.3
View file

@ -1,6 +1,29 @@
.\" Copyright (c) 2020 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: August 5 2020 $
.Dt FIDO_DEV_GET_TOUCH_BEGIN 3

27
man/fido_dev_info_manifest.3
View file

@ -1,6 +1,29 @@
.\" Copyright (c) 2018 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: March 30 2022 $
.Dt FIDO_DEV_INFO_MANIFEST 3

34
man/fido_dev_largeblob_get.3
View file

@ -1,6 +1,29 @@
.\" Copyright (c) 2020 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: October 26 2020 $
.Dt FIDO_LARGEBLOB_GET 3
@ -68,8 +91,7 @@ function retrieves the authenticator's
.Dq largeBlobs
CBOR array and, on success, returns the first blob
.Pq iterating from array index zero
that can be
decrypted by
that can be decrypted by
.Fa key_ptr ,
where
.Fa key_ptr
@ -179,8 +201,8 @@ is returned.
.Xr fido_cred_largeblob_key_len 3 ,
.Xr fido_cred_largeblob_key_ptr 3 ,
.Xr fido_cred_set_extensions 3 ,
.Xr fido_credman_dev_get_rk 3 ,
.Xr fido_credman_dev_get_rp 3 ,
.Xr fido_credman_get_dev_rk 3 ,
.Xr fido_credman_get_dev_rp 3 ,
.Xr fido_dev_get_assert 3 ,
.Xr fido_dev_make_cred 3
.Sh CAVEATS

27
man/fido_dev_make_cred.3
View file

@ -1,6 +1,29 @@
.\" Copyright (c) 2018 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: May 23 2018 $
.Dt FIDO_DEV_MAKE_CRED 3

27
man/fido_dev_open.3
View file

@ -1,6 +1,29 @@
.\" Copyright (c) 2018 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: May 25 2018 $
.Dt FIDO_DEV_OPEN 3

27
man/fido_dev_set_io_functions.3
View file

@ -1,6 +1,29 @@
.\" Copyright (c) 2018-2021 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: May 25 2018 $
.Dt FIDO_DEV_SET_IO_FUNCTIONS 3

29
man/fido_dev_set_pin.3
View file

@ -1,6 +1,29 @@
.\" Copyright (c) 2018 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: May 25 2018 $
.Dt FIDO_DEV_SET_PIN 3
@ -89,6 +112,8 @@ are defined in
On success,
.Dv FIDO_OK
is returned.
.Sh SEE ALSO
.Xr fido_cbor_info_uv_attempts 3
.Sh CAVEATS
Regarding
.Fn fido_dev_reset ,

27
man/fido_init.3
View file

@ -1,6 +1,29 @@
.\" Copyright (c) 2018 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: May 25 2018 $
.Dt FIDO_INIT 3

27
man/fido_strerr.3
View file

@ -1,6 +1,29 @@
.\" Copyright (c) 2018 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: May 25 2018 $
.Dt FIDO_STRERR 3

32
man/rs256_pk_new.3
View file

@ -1,8 +1,31 @@
.\" Copyright (c) 2018-2021 Yubico AB. All rights reserved.
.\" Use of this source code is governed by a BSD-style
.\" license that can be found in the LICENSE file.
.\" Copyright (c) 2018-2022 Yubico AB. All rights reserved.
.\"
.Dd $Mdocdate: May 24 2018 $
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions are
.\" met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" SPDX-License-Identifier: BSD-2-Clause
.\"
.Dd $Mdocdate: July 15 2022 $
.Dt RS256_PK_NEW 3
.Os
.Sh NAME
@ -132,5 +155,6 @@ is returned.
.Sh SEE ALSO
.Xr eddsa_pk_new 3 ,
.Xr es256_pk_new 3 ,
.Xr es384_pk_new 3 ,
.Xr fido_assert_verify 3 ,
.Xr fido_cred_pubkey_ptr 3

1
openbsd-compat/clock_gettime.c
View file

@ -2,6 +2,7 @@
* Copyright (c) 2020 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#include "openbsd-compat.h"

1
openbsd-compat/endian_win32.c
View file

@ -2,6 +2,7 @@
* Copyright (c) 2020 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#include "openbsd-compat.h"

1
openbsd-compat/openbsd-compat.h
View file

@ -2,6 +2,7 @@
* Copyright (c) 2018-2021 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#ifndef _OPENBSD_COMPAT_H

30
regress/CMakeLists.txt
View file

@ -1,14 +1,15 @@
# Copyright (c) 2018-2022 Yubico AB. All rights reserved.
# Use of this source code is governed by a BSD-style
# license that can be found in the LICENSE file.
# SPDX-License-Identifier: BSD-2-Clause
add_custom_target(regress)
macro(add_regress_test NAME SOURCES)
macro(add_regress_test NAME SOURCES LIB)
add_executable(${NAME} ${SOURCES})
target_link_libraries(${NAME} fido2)
add_test(${NAME} ${NAME})
add_dependencies(regress ${NAME})
target_link_libraries(${NAME} ${LIB})
endmacro()
if(MSVC AND BUILD_SHARED_LIBS)
@ -17,6 +18,14 @@ if(MSVC AND BUILD_SHARED_LIBS)
"${CBOR_BIN_DIRS}/${CBOR_LIBRARIES}.dll"
"${CRYPTO_BIN_DIRS}/${CRYPTO_LIBRARIES}.dll"
"${ZLIB_BIN_DIRS}/${ZLIB_LIBRARIES}.dll"
"$<TARGET_FILE:${_FIDO2_LIBRARY}>"
"${CMAKE_CURRENT_BINARY_DIR}")
endif()
if(CYGWIN AND BUILD_SHARED_LIBS)
add_custom_command(TARGET regress POST_BUILD
COMMAND "${CMAKE_COMMAND}" -E copy
"$<TARGET_FILE:${_FIDO2_LIBRARY}>"
"${CMAKE_CURRENT_BINARY_DIR}")
endif()
@ -31,13 +40,16 @@ else()
WORKING_DIRECTORY ${PROJECT_BINARY_DIR})
endif()
add_regress_test(regress_assert assert.c)
add_regress_test(regress_compress compress.c)
add_regress_test(regress_cred cred.c)
add_regress_test(regress_dev dev.c)
add_regress_test(regress_eddsa eddsa.c)
add_regress_test(regress_es256 es256.c)
add_regress_test(regress_rs256 rs256.c)
add_regress_test(regress_assert assert.c ${_FIDO2_LIBRARY})
add_regress_test(regress_cred cred.c ${_FIDO2_LIBRARY})
add_regress_test(regress_dev dev.c ${_FIDO2_LIBRARY})
add_regress_test(regress_eddsa eddsa.c ${_FIDO2_LIBRARY})
add_regress_test(regress_es256 es256.c ${_FIDO2_LIBRARY})
add_regress_test(regress_es384 es384.c ${_FIDO2_LIBRARY})
add_regress_test(regress_rs256 rs256.c ${_FIDO2_LIBRARY})
if(BUILD_STATIC_LIBS)
add_regress_test(regress_compress compress.c fido2)
endif()
if(MINGW)
# needed for nanosleep() in mingw

1
regress/assert.c
View file

@ -2,6 +2,7 @@
* Copyright (c) 2018-2021 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#undef NDEBUG

1
regress/compress.c
View file

@ -2,6 +2,7 @@
* Copyright (c) 2022 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#undef NDEBUG

1
regress/cred.c
View file

@ -2,6 +2,7 @@
* Copyright (c) 2018-2021 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#undef NDEBUG

1
regress/dev.c
View file

@ -2,6 +2,7 @@
* Copyright (c) 2019-2022 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#undef NDEBUG

1
regress/eddsa.c
View file

@ -2,6 +2,7 @@
* Copyright (c) 2022 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#undef NDEBUG

1
regress/es256.c
View file

@ -2,6 +2,7 @@
* Copyright (c) 2022 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#undef NDEBUG

213
regress/es384.c Normal file
View file

@ -0,0 +1,213 @@
/*
* Copyright (c) 2022 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#undef NDEBUG
#include <assert.h>
#include <string.h>
#define _FIDO_INTERNAL
#include <fido.h>
#include <fido/es384.h>
#include <openssl/bio.h>
#include <openssl/pem.h>
#define ASSERT_NOT_NULL(e) assert((e) != NULL)
#define ASSERT_NULL(e) assert((e) == NULL)
#define ASSERT_INVAL(e) assert((e) == FIDO_ERR_INVALID_ARGUMENT)
#define ASSERT_OK(e) assert((e) == FIDO_OK)
static const char short_x[] = \
"-----BEGIN PUBLIC KEY-----\n"
"MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEAAZ/VVCUmFU6aH9kJdDnUHCCglkatFTX\n"
"onMwIvNYyS8BW/HOoZiOQLs2Hg+qifwaP1pHKILzCVfFmWuZMhxhtmjNXFuOPDnS\n"
"Wa1PMdkCoWXA2BbXxnqL9v36gIOcFBil\n"
"-----END PUBLIC KEY-----";
static const char short_y[] = \
"-----BEGIN PUBLIC KEY-----\n"
"MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEuDpRBAg87cnWVhxbWnaWlnj100w9pm5k\n"
"6T4eYToISaIhEK70TnGwULHX0+qHCYEGACOM7B/ZJbqjo6I7MIXaKZLemGi+tqvy\n"
"ajBAsTVSyrYBLQjTMMcaFmYmsxvFx7pK\n"
"-----END PUBLIC KEY-----\n";
static const char brainpoolP384r1[] = \
"-----BEGIN PUBLIC KEY-----\n"
"MHowFAYHKoZIzj0CAQYJKyQDAwIIAQELA2IABFKswbBzqqyZ4h1zz8rivqHzJxAO\n"
"XC2aLyC9x5gwBM7GVu8k6jkX7VypRpg3yyCneiIQ+vVCNXgbDchJ0cPVuhwm3Zru\n"
"AK49dezUPahWF0YiJRFVeV+KyB/MEaaZvinzqw==\n"
"-----END PUBLIC KEY-----\n";
static const char secp384r1[] = \
"-----BEGIN PUBLIC KEY-----\n"
"MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEdJN9DoqPtTNAOmjnECHBIqnJgyBW0rct\n"
"tbUSqQjb6UG2lldmrQJbgCP/ywuXvkkJl4yfXxOr0UP3rgcnqTVA1/46s2TG+R5u\n"
"NSQbCM1JPQuvTyFlAn5mdR8ZJJ8yPBQm\n"
"-----END PUBLIC KEY-----\n";
static const unsigned char brainpoolP384r1_raw[] = {
0x04, 0x52, 0xac, 0xc1, 0xb0, 0x73, 0xaa, 0xac,
0x99, 0xe2, 0x1d, 0x73, 0xcf, 0xca, 0xe2, 0xbe,
0xa1, 0xf3, 0x27, 0x10, 0x0e, 0x5c, 0x2d, 0x9a,
0x2f, 0x20, 0xbd, 0xc7, 0x98, 0x30, 0x04, 0xce,
0xc6, 0x56, 0xef, 0x24, 0xea, 0x39, 0x17, 0xed,
0x5c, 0xa9, 0x46, 0x98, 0x37, 0xcb, 0x20, 0xa7,
0x7a, 0x22, 0x10, 0xfa, 0xf5, 0x42, 0x35, 0x78,
0x1b, 0x0d, 0xc8, 0x49, 0xd1, 0xc3, 0xd5, 0xba,
0x1c, 0x26, 0xdd, 0x9a, 0xee, 0x00, 0xae, 0x3d,
0x75, 0xec, 0xd4, 0x3d, 0xa8, 0x56, 0x17, 0x46,
0x22, 0x25, 0x11, 0x55, 0x79, 0x5f, 0x8a, 0xc8,
0x1f, 0xcc, 0x11, 0xa6, 0x99, 0xbe, 0x29, 0xf3,
0xab,
};
static const unsigned char secp384r1_raw[] = {
0x04, 0x74, 0x93, 0x7d, 0x0e, 0x8a, 0x8f, 0xb5,
0x33, 0x40, 0x3a, 0x68, 0xe7, 0x10, 0x21, 0xc1,
0x22, 0xa9, 0xc9, 0x83, 0x20, 0x56, 0xd2, 0xb7,
0x2d, 0xb5, 0xb5, 0x12, 0xa9, 0x08, 0xdb, 0xe9,
0x41, 0xb6, 0x96, 0x57, 0x66, 0xad, 0x02, 0x5b,
0x80, 0x23, 0xff, 0xcb, 0x0b, 0x97, 0xbe, 0x49,
0x09, 0x97, 0x8c, 0x9f, 0x5f, 0x13, 0xab, 0xd1,
0x43, 0xf7, 0xae, 0x07, 0x27, 0xa9, 0x35, 0x40,
0xd7, 0xfe, 0x3a, 0xb3, 0x64, 0xc6, 0xf9, 0x1e,
0x6e, 0x35, 0x24, 0x1b, 0x08, 0xcd, 0x49, 0x3d,
0x0b, 0xaf, 0x4f, 0x21, 0x65, 0x02, 0x7e, 0x66,
0x75, 0x1f, 0x19, 0x24, 0x9f, 0x32, 0x3c, 0x14,
0x26,
};
static EVP_PKEY *
EVP_PKEY_from_PEM(const char *ptr, size_t len)
{
BIO *bio = NULL;
EVP_PKEY *pkey = NULL;
if ((bio = BIO_new(BIO_s_mem())) == NULL) {
warnx("BIO_new");
goto out;
}
if (len > INT_MAX || BIO_write(bio, ptr, (int)len) != (int)len) {
warnx("BIO_write");
goto out;
}
if ((pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL)) == NULL)
warnx("PEM_read_bio_PUBKEY");
out:
BIO_free(bio);
return pkey;
}
static int
es384_pk_cmp(const char *ptr, size_t len)
{
EVP_PKEY *pkA = NULL;
EVP_PKEY *pkB = NULL;
es384_pk_t *k = NULL;
int r, ok = -1;
if ((pkA = EVP_PKEY_from_PEM(ptr, len)) == NULL) {
warnx("EVP_PKEY_from_PEM");
goto out;
}
if ((k = es384_pk_new()) == NULL) {
warnx("es384_pk_new");
goto out;
}
if ((r = es384_pk_from_EVP_PKEY(k, pkA)) != FIDO_OK) {
warnx("es384_pk_from_EVP_PKEY: 0x%x", r);
goto out;
}
if ((pkB = es384_pk_to_EVP_PKEY(k)) == NULL) {
warnx("es384_pk_to_EVP_PKEY");
goto out;
}
if ((r = EVP_PKEY_cmp(pkA, pkB)) != 1) {
warnx("EVP_PKEY_cmp: %d", r);
goto out;
}
ok = 0;
out:
EVP_PKEY_free(pkA);
EVP_PKEY_free(pkB);
es384_pk_free(&k);
return ok;
}
static void
short_coord(void)
{
assert(es384_pk_cmp(short_x, sizeof(short_x)) == 0);
assert(es384_pk_cmp(short_y, sizeof(short_y)) == 0);
}
static void
invalid_curve(const unsigned char *raw, size_t raw_len)
{
EVP_PKEY *pkey;
es384_pk_t *pk;
pkey = EVP_PKEY_from_PEM(brainpoolP384r1, sizeof(brainpoolP384r1));
if (pkey == NULL)
return; /* assume no brainpool support in libcrypto */
ASSERT_NOT_NULL((pk = es384_pk_new()));
ASSERT_INVAL(es384_pk_from_EVP_PKEY(pk, pkey));
ASSERT_INVAL(es384_pk_from_ptr(pk, raw, raw_len));
ASSERT_NULL(es384_pk_to_EVP_PKEY((const es384_pk_t *)raw));
EVP_PKEY_free(pkey);
es384_pk_free(&pk);
}
static void
full_coord(void)
{
assert(es384_pk_cmp(secp384r1, sizeof(secp384r1)) == 0);
}
static void
valid_curve(const unsigned char *raw, size_t raw_len)
{
EVP_PKEY *pkeyA;
EVP_PKEY *pkeyB;
es384_pk_t *pkA;
es384_pk_t *pkB;
ASSERT_NOT_NULL((pkeyA = EVP_PKEY_from_PEM(secp384r1, sizeof(secp384r1))));
ASSERT_NOT_NULL((pkA = es384_pk_new()));
ASSERT_NOT_NULL((pkB = es384_pk_new()));
ASSERT_OK(es384_pk_from_EVP_PKEY(pkA, pkeyA));
ASSERT_OK(es384_pk_from_ptr(pkB, raw, raw_len));
ASSERT_NOT_NULL((pkeyB = es384_pk_to_EVP_PKEY(pkB)));
assert(EVP_PKEY_cmp(pkeyA, pkeyB) == 1);
EVP_PKEY_free(pkeyA);
EVP_PKEY_free(pkeyB);
es384_pk_free(&pkA);
es384_pk_free(&pkB);
}
int
main(void)
{
fido_init(0);
short_coord();
full_coord();
invalid_curve(brainpoolP384r1_raw, sizeof(brainpoolP384r1_raw)); /* uncompressed */
invalid_curve(brainpoolP384r1_raw + 1, sizeof(brainpoolP384r1_raw) - 1); /* libfido2 */
valid_curve(secp384r1_raw, sizeof(secp384r1_raw)); /* uncompressed */
valid_curve(secp384r1_raw + 1, sizeof(secp384r1_raw) - 1); /* libfido2 */
exit(0);
}

1
regress/rs256.c
View file

@ -2,6 +2,7 @@
* Copyright (c) 2022 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#undef NDEBUG

9
src/CMakeLists.txt
View file

@ -1,6 +1,7 @@
# Copyright (c) 2018-2021 Yubico AB. All rights reserved.
# Copyright (c) 2018-2022 Yubico AB. All rights reserved.
# Use of this source code is governed by a BSD-style
# license that can be found in the LICENSE file.
# SPDX-License-Identifier: BSD-2-Clause
add_definitions(-D_FIDO_INTERNAL)
@ -21,6 +22,7 @@ list(APPEND FIDO_SOURCES
eddsa.c
err.c
es256.c
es384.c
hid.c
info.c
io.c
@ -83,11 +85,12 @@ else()
endif()
if(NOT MSVC)
set_source_files_properties(${FIDO_SOURCES} PROPERTIES COMPILE_FLAGS
"-Wconversion -Wsign-conversion")
set_source_files_properties(${FIDO_SOURCES}
PROPERTIES COMPILE_FLAGS "${EXTRA_CFLAGS}")
endif()
list(APPEND COMPAT_SOURCES
../openbsd-compat/bsd-asprintf.c
../openbsd-compat/bsd-getpagesize.c
../openbsd-compat/clock_gettime.c
../openbsd-compat/endian_win32.c

1
src/aes256.c
View file

@ -2,6 +2,7 @@
* Copyright (c) 2021 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#include "fido.h"

195
src/assert.c
View file

@ -1,7 +1,8 @@
/*
* Copyright (c) 2018-2021 Yubico AB. All rights reserved.
* Copyright (c) 2018-2022 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#include <openssl/sha.h>
@ -160,42 +161,51 @@ fail:
static int
fido_dev_get_assert_rx(fido_dev_t *dev, fido_assert_t *assert, int *ms)
{
unsigned char reply[FIDO_MAXMSG];
int reply_len;
int r;
unsigned char *msg;
int msglen;
int r;
fido_assert_reset_rx(assert);
if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply),
ms)) < 0) {
if ((msg = malloc(FIDO_MAXMSG)) == NULL) {
r = FIDO_ERR_INTERNAL;
goto out;
}
if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
fido_log_debug("%s: fido_rx", __func__);
return (FIDO_ERR_RX);
r = FIDO_ERR_RX;
goto out;
}
/* start with room for a single assertion */
if ((assert->stmt = calloc(1, sizeof(fido_assert_stmt))) == NULL)
return (FIDO_ERR_INTERNAL);
if ((assert->stmt = calloc(1, sizeof(fido_assert_stmt))) == NULL) {
r = FIDO_ERR_INTERNAL;
goto out;
}
assert->stmt_len = 0;
assert->stmt_cnt = 1;
/* adjust as needed */
if ((r = cbor_parse_reply(reply, (size_t)reply_len, assert,
if ((r = cbor_parse_reply(msg, (size_t)msglen, assert,
adjust_assert_count)) != FIDO_OK) {
fido_log_debug("%s: adjust_assert_count", __func__);
return (r);
goto out;
}
/* parse the first assertion */
if ((r = cbor_parse_reply(reply, (size_t)reply_len,
&assert->stmt[assert->stmt_len], parse_assert_reply)) != FIDO_OK) {
if ((r = cbor_parse_reply(msg, (size_t)msglen, &assert->stmt[0],
parse_assert_reply)) != FIDO_OK) {
fido_log_debug("%s: parse_assert_reply", __func__);
return (r);
goto out;
}
assert->stmt_len = 1;
assert->stmt_len++;
r = FIDO_OK;
out:
freezero(msg, FIDO_MAXMSG);
return (FIDO_OK);
return (r);
}
static int
@ -214,30 +224,40 @@ fido_get_next_assert_tx(fido_dev_t *dev, int *ms)
static int
fido_get_next_assert_rx(fido_dev_t *dev, fido_assert_t *assert, int *ms)
{
unsigned char reply[FIDO_MAXMSG];
int reply_len;
int r;
unsigned char *msg;
int msglen;
int r;
if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply),
ms)) < 0) {
if ((msg = malloc(FIDO_MAXMSG)) == NULL) {
r = FIDO_ERR_INTERNAL;
goto out;
}
if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
fido_log_debug("%s: fido_rx", __func__);
return (FIDO_ERR_RX);
r = FIDO_ERR_RX;
goto out;
}
/* sanity check */
if (assert->stmt_len >= assert->stmt_cnt) {
fido_log_debug("%s: stmt_len=%zu, stmt_cnt=%zu", __func__,
assert->stmt_len, assert->stmt_cnt);
return (FIDO_ERR_INTERNAL);
r = FIDO_ERR_INTERNAL;
goto out;
}
if ((r = cbor_parse_reply(reply, (size_t)reply_len,
if ((r = cbor_parse_reply(msg, (size_t)msglen,
&assert->stmt[assert->stmt_len], parse_assert_reply)) != FIDO_OK) {
fido_log_debug("%s: parse_assert_reply", __func__);
return (r);
goto out;
}
return (FIDO_OK);
r = FIDO_OK;
out:
freezero(msg, FIDO_MAXMSG);
return (r);
}
static int
@ -365,59 +385,108 @@ check_extensions(int authdata_ext, int ext)
return (0);
}
static int
get_es256_hash(fido_blob_t *dgst, const fido_blob_t *clientdata,
const fido_blob_t *authdata)
{
const EVP_MD *md;
EVP_MD_CTX *ctx = NULL;
if (dgst->len < SHA256_DIGEST_LENGTH ||
(md = EVP_sha256()) == NULL ||
(ctx = EVP_MD_CTX_new()) == NULL ||
EVP_DigestInit_ex(ctx, md, NULL) != 1 ||
EVP_DigestUpdate(ctx, authdata->ptr, authdata->len) != 1 ||
EVP_DigestUpdate(ctx, clientdata->ptr, clientdata->len) != 1 ||
EVP_DigestFinal_ex(ctx, dgst->ptr, NULL) != 1) {
EVP_MD_CTX_free(ctx);
return (-1);
}
dgst->len = SHA256_DIGEST_LENGTH;
EVP_MD_CTX_free(ctx);
return (0);
}
static int
get_es384_hash(fido_blob_t *dgst, const fido_blob_t *clientdata,
const fido_blob_t *authdata)
{
const EVP_MD *md;
EVP_MD_CTX *ctx = NULL;
if (dgst->len < SHA384_DIGEST_LENGTH ||
(md = EVP_sha384()) == NULL ||
(ctx = EVP_MD_CTX_new()) == NULL ||
EVP_DigestInit_ex(ctx, md, NULL) != 1 ||
EVP_DigestUpdate(ctx, authdata->ptr, authdata->len) != 1 ||
EVP_DigestUpdate(ctx, clientdata->ptr, clientdata->len) != 1 ||
EVP_DigestFinal_ex(ctx, dgst->ptr, NULL) != 1) {
EVP_MD_CTX_free(ctx);
return (-1);
}
dgst->len = SHA384_DIGEST_LENGTH;
EVP_MD_CTX_free(ctx);
return (0);
}
static int
get_eddsa_hash(fido_blob_t *dgst, const fido_blob_t *clientdata,
const fido_blob_t *authdata)
{
if (SIZE_MAX - authdata->len < clientdata->len ||
dgst->len < authdata->len + clientdata->len)
return (-1);
memcpy(dgst->ptr, authdata->ptr, authdata->len);
memcpy(dgst->ptr + authdata->len, clientdata->ptr, clientdata->len);
dgst->len = authdata->len + clientdata->len;
return (0);
}
int
fido_get_signed_hash(int cose_alg, fido_blob_t *dgst,
const fido_blob_t *clientdata, const fido_blob_t *authdata_cbor)
{
cbor_item_t *item = NULL;
unsigned char *authdata_ptr = NULL;
size_t authdata_len;
fido_blob_t authdata;
struct cbor_load_result cbor;
const EVP_MD *md = NULL;
EVP_MD_CTX *ctx = NULL;
int ok = -1;
fido_log_debug("%s: cose_alg=%d", __func__, cose_alg);
if ((item = cbor_load(authdata_cbor->ptr, authdata_cbor->len,
&cbor)) == NULL || cbor_isa_bytestring(item) == false ||
cbor_bytestring_is_definite(item) == false) {
fido_log_debug("%s: authdata", __func__);
goto fail;
}
authdata.ptr = cbor_bytestring_handle(item);
authdata.len = cbor_bytestring_length(item);
authdata_ptr = cbor_bytestring_handle(item);
authdata_len = cbor_bytestring_length(item);
if (cose_alg != COSE_EDDSA) {
if (dgst->len < SHA256_DIGEST_LENGTH ||
(md = EVP_sha256()) == NULL ||
(ctx = EVP_MD_CTX_new()) == NULL ||
EVP_DigestInit_ex(ctx, md, NULL) != 1 ||
EVP_DigestUpdate(ctx, authdata_ptr, authdata_len) != 1 ||
EVP_DigestUpdate(ctx, clientdata->ptr, clientdata->len) != 1 ||
EVP_DigestFinal_ex(ctx, dgst->ptr, NULL) != 1) {
fido_log_debug("%s: sha256", __func__);
goto fail;
}
dgst->len = SHA256_DIGEST_LENGTH;
} else {
if (SIZE_MAX - authdata_len < clientdata->len ||
dgst->len < authdata_len + clientdata->len) {
fido_log_debug("%s: memcpy", __func__);
goto fail;
}
memcpy(dgst->ptr, authdata_ptr, authdata_len);
memcpy(dgst->ptr + authdata_len, clientdata->ptr,
clientdata->len);
dgst->len = authdata_len + clientdata->len;
switch (cose_alg) {
case COSE_ES256:
case COSE_RS256:
ok = get_es256_hash(dgst, clientdata, &authdata);
break;
case COSE_ES384:
ok = get_es384_hash(dgst, clientdata, &authdata);
break;
case COSE_EDDSA:
ok = get_eddsa_hash(dgst, clientdata, &authdata);
break;
default:
fido_log_debug("%s: unknown cose_alg", __func__);
break;
}
ok = 0;
fail:
if (item != NULL)
cbor_decref(&item);
EVP_MD_CTX_free(ctx);
return (ok);
}
@ -481,6 +550,9 @@ fido_assert_verify(const fido_assert_t *assert, size_t idx, int cose_alg,
case COSE_ES256:
ok = es256_pk_verify_sig(&dgst, pk, &stmt->sig);
break;
case COSE_ES384:
ok = es384_pk_verify_sig(&dgst, pk, &stmt->sig);
break;
case COSE_RS256:
ok = rs256_pk_verify_sig(&dgst, pk, &stmt->sig);
break;
@ -676,7 +748,8 @@ fido_assert_reset_tx(fido_assert_t *assert)
assert->uv = FIDO_OPT_OMIT;
}
static void fido_assert_reset_extattr(fido_assert_extattr_t *ext)
static void
fido_assert_reset_extattr(fido_assert_extattr_t *ext)
{
fido_blob_reset(&ext->hmac_secret_enc);
fido_blob_reset(&ext->blob);

28
src/authkey.c
View file

@ -1,7 +1,8 @@
/*
* Copyright (c) 2018 Yubico AB. All rights reserved.
* Copyright (c) 2018-2022 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#include "fido.h"
@ -60,22 +61,31 @@ fail:
static int
fido_dev_authkey_rx(fido_dev_t *dev, es256_pk_t *authkey, int *ms)
{
unsigned char reply[FIDO_MAXMSG];
int reply_len;
unsigned char *msg;
int msglen;
int r;
fido_log_debug("%s: dev=%p, authkey=%p, ms=%d", __func__, (void *)dev,
(void *)authkey, *ms);
memset(authkey, 0, sizeof(*authkey));
if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply),
ms)) < 0) {
fido_log_debug("%s: fido_rx", __func__);
return (FIDO_ERR_RX);
if ((msg = malloc(FIDO_MAXMSG)) == NULL) {
r = FIDO_ERR_INTERNAL;
goto out;
}
return (cbor_parse_reply(reply, (size_t)reply_len, authkey,
parse_authkey));
if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
fido_log_debug("%s: fido_rx", __func__);
r = FIDO_ERR_RX;
goto out;
}
r = cbor_parse_reply(msg, (size_t)msglen, authkey, parse_authkey);
out:
freezero(msg, FIDO_MAXMSG);
return (r);
}
static int

130
src/bio.c
View file

@ -1,7 +1,8 @@
/*
* Copyright (c) 2019 Yubico AB. All rights reserved.
* Copyright (c) 2019-2022 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#include "fido.h"
@ -233,25 +234,34 @@ bio_parse_template_array(const cbor_item_t *key, const cbor_item_t *val,
static int
bio_rx_template_array(fido_dev_t *dev, fido_bio_template_array_t *ta, int *ms)
{
unsigned char reply[FIDO_MAXMSG];
int reply_len;
int r;
unsigned char *msg;
int msglen;
int r;
bio_reset_template_array(ta);
if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply),
ms)) < 0) {
fido_log_debug("%s: fido_rx", __func__);
return (FIDO_ERR_RX);
if ((msg = malloc(FIDO_MAXMSG)) == NULL) {
r = FIDO_ERR_INTERNAL;
goto out;
}
if ((r = cbor_parse_reply(reply, (size_t)reply_len, ta,
if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
fido_log_debug("%s: fido_rx", __func__);
r = FIDO_ERR_RX;
goto out;
}
if ((r = cbor_parse_reply(msg, (size_t)msglen, ta,
bio_parse_template_array)) != FIDO_OK) {
fido_log_debug("%s: bio_parse_template_array" , __func__);
return (r);
goto out;
}
return (FIDO_OK);
r = FIDO_OK;
out:
freezero(msg, FIDO_MAXMSG);
return (r);
}
static int
@ -385,33 +395,43 @@ static int
bio_rx_enroll_begin(fido_dev_t *dev, fido_bio_template_t *t,
fido_bio_enroll_t *e, int *ms)
{
unsigned char reply[FIDO_MAXMSG];
int reply_len;
int r;
unsigned char *msg;
int msglen;
int r;
bio_reset_template(t);
e->remaining_samples = 0;
e->last_status = 0;
if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply),
ms)) < 0) {
fido_log_debug("%s: fido_rx", __func__);
return (FIDO_ERR_RX);
if ((msg = malloc(FIDO_MAXMSG)) == NULL) {
r = FIDO_ERR_INTERNAL;
goto out;
}
if ((r = cbor_parse_reply(reply, (size_t)reply_len, e,
if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
fido_log_debug("%s: fido_rx", __func__);
r = FIDO_ERR_RX;
goto out;
}
if ((r = cbor_parse_reply(msg, (size_t)msglen, e,
bio_parse_enroll_status)) != FIDO_OK) {
fido_log_debug("%s: bio_parse_enroll_status", __func__);
return (r);
}
if ((r = cbor_parse_reply(reply, (size_t)reply_len, &t->id,
bio_parse_template_id)) != FIDO_OK) {
fido_log_debug("%s: bio_parse_template_id", __func__);
return (r);
goto out;
}
return (FIDO_OK);
if ((r = cbor_parse_reply(msg, (size_t)msglen, &t->id,
bio_parse_template_id)) != FIDO_OK) {
fido_log_debug("%s: bio_parse_template_id", __func__);
goto out;
}
r = FIDO_OK;
out:
freezero(msg, FIDO_MAXMSG);
return (r);
}
static int
@ -487,26 +507,35 @@ fail:
static int
bio_rx_enroll_continue(fido_dev_t *dev, fido_bio_enroll_t *e, int *ms)
{
unsigned char reply[FIDO_MAXMSG];
int reply_len;
int r;
unsigned char *msg;
int msglen;
int r;
e->remaining_samples = 0;
e->last_status = 0;
if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply),
ms)) < 0) {
fido_log_debug("%s: fido_rx", __func__);
return (FIDO_ERR_RX);
if ((msg = malloc(FIDO_MAXMSG)) == NULL) {
r = FIDO_ERR_INTERNAL;
goto out;
}
if ((r = cbor_parse_reply(reply, (size_t)reply_len, e,
if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
fido_log_debug("%s: fido_rx", __func__);
r = FIDO_ERR_RX;
goto out;
}
if ((r = cbor_parse_reply(msg, (size_t)msglen, e,
bio_parse_enroll_status)) != FIDO_OK) {
fido_log_debug("%s: bio_parse_enroll_status", __func__);
return (r);
goto out;
}
return (FIDO_OK);
r = FIDO_OK;
out:
freezero(msg, FIDO_MAXMSG);
return (r);
}
static int
@ -654,25 +683,34 @@ bio_parse_info(const cbor_item_t *key, const cbor_item_t *val, void *arg)
static int
bio_rx_info(fido_dev_t *dev, fido_bio_info_t *i, int *ms)
{
unsigned char reply[FIDO_MAXMSG];
int reply_len;
int r;
unsigned char *msg;
int msglen;
int r;
bio_reset_info(i);
if ((reply_len = fido_rx(dev, CTAP_CMD_CBOR, &reply, sizeof(reply),
ms)) < 0) {
fido_log_debug("%s: fido_rx", __func__);
return (FIDO_ERR_RX);
if ((msg = malloc(FIDO_MAXMSG)) == NULL) {
r = FIDO_ERR_INTERNAL;
goto out;
}
if ((r = cbor_parse_reply(reply, (size_t)reply_len, i,
if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
fido_log_debug("%s: fido_rx", __func__);
r = FIDO_ERR_RX;
goto out;
}
if ((r = cbor_parse_reply(msg, (size_t)msglen, i,
bio_parse_info)) != FIDO_OK) {
fido_log_debug("%s: bio_parse_info" , __func__);
return (r);
goto out;
}
return (FIDO_OK);
r = FIDO_OK;
out:
freezero(msg, FIDO_MAXMSG);
return (r);
}
static int

1
src/blob.c
View file

@ -2,6 +2,7 @@
* Copyright (c) 2018 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#include "fido.h"

1
src/blob.h
View file

@ -2,6 +2,7 @@
* Copyright (c) 2018 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
* SPDX-License-Identifier: BSD-2-Clause
*/
#ifndef _BLOB_H

Some files were not shown because too many files have changed in this diff Show more