/libfido2/src/config.c

Source
/*
 * Copyright (c) 2020-2026 Yubico AB. All rights reserved.
 * Use of this source code is governed by a BSD-style
 * license that can be found in the LICENSE file.
 * SPDX-License-Identifier: BSD-2-Clause
 */

#include "fido.h"
#include "fido/config.h"
#include "fido/es256.h"

#define CMD_ENABLE_ENTATTEST    0x01
#define CMD_TOGGLE_ALWAYS_UV    0x02
#define CMD_SET_PIN_MINLEN      0x03

static int
config_prepare_hmac(uint8_t subcmd, const cbor_item_t *item, fido_blob_t *hmac)
{
        uint8_t prefix[32 + 2 * sizeof(uint8_t)], cbor[128];
        size_t cbor_len = 0;

        memset(prefix, 0xff, sizeof(prefix));
        prefix[sizeof(prefix) - 2] = CTAP_CBOR_CONFIG;
        prefix[sizeof(prefix) - 1] = subcmd;

        if (item != NULL) {
                if ((cbor_len = cbor_serialize(item, cbor, sizeof(cbor))) == 0) {
                        fido_log_debug("%s: cbor_serialize", __func__);
                        return -1;
                }
        }
        if ((hmac->ptr = malloc(cbor_len + sizeof(prefix))) == NULL) {
                fido_log_debug("%s: malloc", __func__);
                return -1;
        }
        memcpy(hmac->ptr, prefix, sizeof(prefix));
        memcpy(hmac->ptr + sizeof(prefix), cbor, cbor_len);
        hmac->len = cbor_len + sizeof(prefix);

        return 0;
}

static int
config_tx(fido_dev_t *dev, uint8_t subcmd, cbor_item_t **paramv, size_t paramc,
    const char *pin, int *ms)
{
        cbor_item_t *argv[4];
        es256_pk_t *pk = NULL;
        fido_blob_t *ecdh = NULL, f, hmac;
        const uint8_t cmd = CTAP_CBOR_CONFIG;
        int r = FIDO_ERR_INTERNAL;

        memset(&f, 0, sizeof(f));
        memset(&hmac, 0, sizeof(hmac));
        memset(&argv, 0, sizeof(argv));

        /* subCommand */
        if ((argv[0] = cbor_build_uint8(subcmd)) == NULL) {
                fido_log_debug("%s: cbor encode", __func__);
                goto fail;
        }

        /* subCommandParams */
        if (paramc != 0 &&
            (argv[1] = cbor_flatten_vector(paramv, paramc)) == NULL) {
                fido_log_debug("%s: cbor_flatten_vector", __func__);
                goto fail;
        }

        /* pinProtocol, pinAuth */
        if (pin != NULL || fido_dev_puat_blob(dev) != NULL ||
            (fido_dev_supports_permissions(dev) && fido_dev_has_uv(dev))) {
                if (config_prepare_hmac(subcmd, argv[1], &hmac) < 0) {
                        fido_log_debug("%s: config_prepare_hmac", __func__);
                        goto fail;
                }

                /* If available, prefer cached PUAT */
                if (fido_dev_puat_blob(dev) == NULL &&
                    (r = fido_do_ecdh(dev, &pk, &ecdh, ms)) != FIDO_OK) {
                        fido_log_debug("%s: fido_do_ecdh", __func__);
                        goto fail;
                }

                if ((r = cbor_add_uv_params(dev, cmd, &hmac, pk, ecdh, pin,
                    NULL, &argv[3], &argv[2], ms)) != FIDO_OK) {
                        fido_log_debug("%s: cbor_add_uv_params", __func__);
                        goto fail;
                }
        }

        /* framing and transmission */
        if (cbor_build_frame(cmd, argv, nitems(argv), &f) < 0 ||
            fido_tx(dev, CTAP_CMD_CBOR, f.ptr, f.len, ms) < 0) {
                fido_log_debug("%s: fido_tx", __func__);
                r = FIDO_ERR_TX;
                goto fail;
        }

        r = FIDO_OK;
fail:
        cbor_vector_free(argv, nitems(argv));
        es256_pk_free(&pk);
        fido_blob_free(&ecdh);
        free(f.ptr);
        free(hmac.ptr);

        return r;
}

static int
config_enable_entattest_wait(fido_dev_t *dev, const char *pin, int *ms)
{
        int r;

        if ((r = config_tx(dev, CMD_ENABLE_ENTATTEST, NULL, 0, pin,
            ms)) != FIDO_OK)
                return r;

        return fido_rx_cbor_status(dev, ms);
}

int
fido_dev_enable_entattest(fido_dev_t *dev, const char *pin)
{
        int ms = dev->timeout_ms;

        return (config_enable_entattest_wait(dev, pin, &ms));
}

static int
config_toggle_always_uv_wait(fido_dev_t *dev, const char *pin, int *ms)
{
        int r;

        if ((r = config_tx(dev, CMD_TOGGLE_ALWAYS_UV, NULL, 0, pin,
            ms)) != FIDO_OK)
                return r;

        return (fido_rx_cbor_status(dev, ms));
}

int
fido_dev_toggle_always_uv(fido_dev_t *dev, const char *pin)
{
        int ms = dev->timeout_ms;

        return config_toggle_always_uv_wait(dev, pin, &ms);
}

static int
config_pin_minlen_tx(fido_dev_t *dev, size_t len, bool force,
    const fido_str_array_t *rpid, const char *pin, int *ms)
{
        cbor_item_t *argv[3];
        int r;

        memset(argv, 0, sizeof(argv));

        if ((rpid == NULL && len == 0 && !force) || len > UINT8_MAX) {
                r = FIDO_ERR_INVALID_ARGUMENT;
                goto fail;
        }
        if (len && (argv[0] = cbor_build_uint8((uint8_t)len)) == NULL) {
                fido_log_debug("%s: cbor_encode_uint8", __func__);
                r = FIDO_ERR_INTERNAL;
                goto fail;
        }
        if (rpid != NULL && (argv[1] = cbor_encode_str_array(rpid)) == NULL) {
                fido_log_debug("%s: cbor_encode_str_array", __func__);
                r = FIDO_ERR_INTERNAL;
                goto fail;
        }
        if (force && (argv[2] = cbor_build_bool(true)) == NULL) {
                fido_log_debug("%s: cbor_build_bool", __func__);
                r = FIDO_ERR_INTERNAL;
                goto fail;
        }
        if ((r = config_tx(dev, CMD_SET_PIN_MINLEN, argv, nitems(argv),
            pin, ms)) != FIDO_OK) {
                fido_log_debug("%s: config_tx", __func__);
                goto fail;
        }

fail:
        cbor_vector_free(argv, nitems(argv));

        return r;
}

static int
config_pin_minlen(fido_dev_t *dev, size_t len, bool force,
    const fido_str_array_t *rpid, const char *pin, int *ms)
{
        int r;

        if ((r = config_pin_minlen_tx(dev, len, force, rpid, pin,
            ms)) != FIDO_OK)
                return r;

        return fido_rx_cbor_status(dev, ms);
}

int
fido_dev_set_pin_minlen(fido_dev_t *dev, size_t len, const char *pin)
{
        int ms = dev->timeout_ms;

        return config_pin_minlen(dev, len, false, NULL, pin, &ms);
}

int
fido_dev_force_pin_change(fido_dev_t *dev, const char *pin)
{
        int ms = dev->timeout_ms;

        return config_pin_minlen(dev, 0, true, NULL, pin, &ms);
}

int
fido_dev_set_pin_minlen_rpid(fido_dev_t *dev, const char * const *rpid,
    size_t n, const char *pin)
{
        fido_str_array_t sa;
        int ms = dev->timeout_ms;
        int r;

        memset(&sa, 0, sizeof(sa));
        if (fido_str_array_pack(&sa, rpid, n) < 0) {
                fido_log_debug("%s: fido_str_array_pack", __func__);
                r = FIDO_ERR_INTERNAL;
                goto fail;
        }
        r = config_pin_minlen(dev, 0, false, &sa, pin, &ms);
fail:
        fido_str_array_free(&sa);

        return r;
}

Coverage Report

Created: 2026-04-08 06:32

Line	Count	Source
1		/*
2		* Copyright (c) 2020-2026 Yubico AB. All rights reserved.
3		* Use of this source code is governed by a BSD-style
4		* license that can be found in the LICENSE file.
5		* SPDX-License-Identifier: BSD-2-Clause
6		*/
7
8		#include "fido.h"
9		#include "fido/config.h"
10		#include "fido/es256.h"
11
12	13.3k	#define CMD_ENABLE_ENTATTEST 0x01
13	13.2k	#define CMD_TOGGLE_ALWAYS_UV 0x02
14	33.9k	#define CMD_SET_PIN_MINLEN 0x03
15
16		static int
17		config_prepare_hmac(uint8_t subcmd, const cbor_item_t item, fido_blob_t hmac)
18	46.4k	{
19	46.4k	uint8_t prefix[32 + 2 * sizeof(uint8_t)], cbor[128];
20	46.4k	size_t cbor_len = 0;
21
22	46.4k	memset(prefix, 0xff, sizeof(prefix));
23	46.4k	prefix[sizeof(prefix) - 2] = CTAP_CBOR_CONFIG;
24	46.4k	prefix[sizeof(prefix) - 1] = subcmd;
25
26	46.4k	if (item != NULL) {
27	26.0k	if ((cbor_len = cbor_serialize(item, cbor, sizeof(cbor))) == 0) {
28	5.66k	fido_log_debug("%s: cbor_serialize", __func__);
29	5.66k	return -1;
30	5.66k	}
31	26.0k	}
32	40.7k	if ((hmac->ptr = malloc(cbor_len + sizeof(prefix))) == NULL) {
33	95	fido_log_debug("%s: malloc", __func__);
34	95	return -1;
35	95	}
36	40.6k	memcpy(hmac->ptr, prefix, sizeof(prefix));
37	40.6k	memcpy(hmac->ptr + sizeof(prefix), cbor, cbor_len);
38	40.6k	hmac->len = cbor_len + sizeof(prefix);
39
40	40.6k	return 0;
41	40.7k	}
42
43		static int
44		config_tx(fido_dev_t dev, uint8_t subcmd, cbor_item_t *paramv, size_t paramc,
45		const char pin, int ms)
46	60.5k	{
47	60.5k	cbor_item_t *argv[4];
48	60.5k	es256_pk_t *pk = NULL;
49	60.5k	fido_blob_t *ecdh = NULL, f, hmac;
50	60.5k	const uint8_t cmd = CTAP_CBOR_CONFIG;
51	60.5k	int r = FIDO_ERR_INTERNAL;
52
53	60.5k	memset(&f, 0, sizeof(f));
54	60.5k	memset(&hmac, 0, sizeof(hmac));
55	60.5k	memset(&argv, 0, sizeof(argv));
56
57		/* subCommand */
58	60.5k	if ((argv[0] = cbor_build_uint8(subcmd)) == NULL) {
59	238	fido_log_debug("%s: cbor encode", __func__);
60	238	goto fail;
61	238	}
62
63		/* subCommandParams */
64	60.2k	if (paramc != 0 &&
65	60.2k	(argv[1] = cbor_flatten_vector(paramv, paramc)) == NULL) {
66	307	fido_log_debug("%s: cbor_flatten_vector", __func__);
67	307	goto fail;
68	307	}
69
70		/* pinProtocol, pinAuth */
71	59.9k	if (pin != NULL \|\| fido_dev_puat_blob(dev) != NULL \|\|
72	59.9k	(fido_dev_supports_permissions(dev) && fido_dev_has_uv(dev))) {
73	46.4k	if (config_prepare_hmac(subcmd, argv[1], &hmac) < 0) {
74	5.75k	fido_log_debug("%s: config_prepare_hmac", __func__);
75	5.75k	goto fail;
76	5.75k	}
77
78		/* If available, prefer cached PUAT */
79	40.6k	if (fido_dev_puat_blob(dev) == NULL &&
80	40.6k	(r = fido_do_ecdh(dev, &pk, &ecdh, ms)) != FIDO_OK) {
81	37.2k	fido_log_debug("%s: fido_do_ecdh", __func__);
82	37.2k	goto fail;
83	37.2k	}
84
85	3.46k	if ((r = cbor_add_uv_params(dev, cmd, &hmac, pk, ecdh, pin,
86	3.46k	NULL, &argv[3], &argv[2], ms)) != FIDO_OK) {
87	3.38k	fido_log_debug("%s: cbor_add_uv_params", __func__);
88	3.38k	goto fail;
89	3.38k	}
90	3.46k	}
91
92		/* framing and transmission */
93	13.5k	if (cbor_build_frame(cmd, argv, nitems(argv), &f) < 0 \|\|
94	13.5k	fido_tx(dev, CTAP_CMD_CBOR, f.ptr, f.len, ms) < 0) {
95	881	fido_log_debug("%s: fido_tx", __func__);
96	881	r = FIDO_ERR_TX;
97	881	goto fail;
98	881	}
99
100	12.7k	r = FIDO_OK;
101	60.5k	fail:
102	60.5k	cbor_vector_free(argv, nitems(argv));
103	60.5k	es256_pk_free(&pk);
104	60.5k	fido_blob_free(&ecdh);
105	60.5k	free(f.ptr);
106	60.5k	free(hmac.ptr);
107
108	60.5k	return r;
109	12.7k	}
110
111		static int
112		config_enable_entattest_wait(fido_dev_t dev, const char pin, int *ms)
113	13.3k	{
114	13.3k	int r;
115
116	13.3k	if ((r = config_tx(dev, CMD_ENABLE_ENTATTEST, NULL, 0, pin,
117	13.3k	ms)) != FIDO_OK)
118	10.4k	return r;
119
120	2.93k	return fido_rx_cbor_status(dev, ms);
121	13.3k	}
122
123		int
124		fido_dev_enable_entattest(fido_dev_t dev, const char pin)
125	13.3k	{
126	13.3k	int ms = dev->timeout_ms;
127
128	13.3k	return (config_enable_entattest_wait(dev, pin, &ms));
129	13.3k	}
130
131		static int
132		config_toggle_always_uv_wait(fido_dev_t dev, const char pin, int *ms)
133	13.2k	{
134	13.2k	int r;
135
136	13.2k	if ((r = config_tx(dev, CMD_TOGGLE_ALWAYS_UV, NULL, 0, pin,
137	13.2k	ms)) != FIDO_OK)
138	10.2k	return r;
139
140	2.99k	return (fido_rx_cbor_status(dev, ms));
141	13.2k	}
142
143		int
144		fido_dev_toggle_always_uv(fido_dev_t dev, const char pin)
145	13.2k	{
146	13.2k	int ms = dev->timeout_ms;
147
148	13.2k	return config_toggle_always_uv_wait(dev, pin, &ms);
149	13.2k	}
150
151		static int
152		config_pin_minlen_tx(fido_dev_t *dev, size_t len, bool force,
153		const fido_str_array_t rpid, const char pin, int *ms)
154	39.0k	{
155	39.0k	cbor_item_t *argv[3];
156	39.0k	int r;
157
158	39.0k	memset(argv, 0, sizeof(argv));
159
160	39.0k	if ((rpid == NULL && len == 0 && !force) \|\| len > UINT8_MAX) {
161	3.28k	r = FIDO_ERR_INVALID_ARGUMENT;
162	3.28k	goto fail;
163	3.28k	}
164	35.7k	if (len && (argv[0] = cbor_build_uint8((uint8_t)len)) == NULL) {
165	22	fido_log_debug("%s: cbor_encode_uint8", __func__);
166	22	r = FIDO_ERR_INTERNAL;
167	22	goto fail;
168	22	}
169	35.7k	if (rpid != NULL && (argv[1] = cbor_encode_str_array(rpid)) == NULL) {
170	1.75k	fido_log_debug("%s: cbor_encode_str_array", __func__);
171	1.75k	r = FIDO_ERR_INTERNAL;
172	1.75k	goto fail;
173	1.75k	}
174	33.9k	if (force && (argv[2] = cbor_build_bool(true)) == NULL) {
175	26	fido_log_debug("%s: cbor_build_bool", __func__);
176	26	r = FIDO_ERR_INTERNAL;
177	26	goto fail;
178	26	}
179	33.9k	if ((r = config_tx(dev, CMD_SET_PIN_MINLEN, argv, nitems(argv),
180	33.9k	pin, ms)) != FIDO_OK) {
181	27.1k	fido_log_debug("%s: config_tx", __func__);
182	27.1k	goto fail;
183	27.1k	}
184
185	39.0k	fail:
186	39.0k	cbor_vector_free(argv, nitems(argv));
187
188	39.0k	return r;
189	33.9k	}
190
191		static int
192		config_pin_minlen(fido_dev_t *dev, size_t len, bool force,
193		const fido_str_array_t rpid, const char pin, int *ms)
194	39.0k	{
195	39.0k	int r;
196
197	39.0k	if ((r = config_pin_minlen_tx(dev, len, force, rpid, pin,
198	39.0k	ms)) != FIDO_OK)
199	32.2k	return r;
200
201	6.78k	return fido_rx_cbor_status(dev, ms);
202	39.0k	}
203
204		int
205		fido_dev_set_pin_minlen(fido_dev_t dev, size_t len, const char pin)
206	12.8k	{
207	12.8k	int ms = dev->timeout_ms;
208
209	12.8k	return config_pin_minlen(dev, len, false, NULL, pin, &ms);
210	12.8k	}
211
212		int
213		fido_dev_force_pin_change(fido_dev_t dev, const char pin)
214	13.3k	{
215	13.3k	int ms = dev->timeout_ms;
216
217	13.3k	return config_pin_minlen(dev, 0, true, NULL, pin, &ms);
218	13.3k	}
219
220		int
221		fido_dev_set_pin_minlen_rpid(fido_dev_t dev, const char const *rpid,
222		size_t n, const char *pin)
223	13.5k	{
224	13.5k	fido_str_array_t sa;
225	13.5k	int ms = dev->timeout_ms;
226	13.5k	int r;
227
228	13.5k	memset(&sa, 0, sizeof(sa));
229	13.5k	if (fido_str_array_pack(&sa, rpid, n) < 0) {
230	751	fido_log_debug("%s: fido_str_array_pack", __func__);
231	751	r = FIDO_ERR_INTERNAL;
232	751	goto fail;
233	751	}
234	12.7k	r = config_pin_minlen(dev, 0, false, &sa, pin, &ms);
235	13.5k	fail:
236	13.5k	fido_str_array_free(&sa);
237
238	13.5k	return r;
239	12.7k	}