cred: adopt fido_int_array_t in cred type

Co-Authored-By: Mofidul Jamal <[email protected]>

src/cbor.c

@@ -1094,8 +1094,8 @@ cbor_decode_pubkey(const cbor_item_t *item, int *type, void *key)
 }
 
 static int
-decode_attcred(const unsigned char **buf, size_t *len, int cose_alg,
-    fido_attcred_t *attcred)
+decode_attcred(const unsigned char **buf, size_t *len,
+    const fido_int_array_t *algs, fido_attcred_t *attcred)
 {
 	cbor_item_t		*item = NULL;
 	struct cbor_load_result	 cbor;
@@ -1136,9 +1136,9 @@ decode_attcred(const unsigned char **buf, size_t *len, int cose_alg,
 		goto fail;
 	}
 
-	if (attcred->type != cose_alg) {
-		fido_log_debug("%s: cose_alg mismatch (%d != %d)", __func__,
-		    attcred->type, cose_alg);
+	if (!fido_int_array_contains(algs, attcred->type)) {
+		fido_log_debug("%s: unexpected cose alg (%d)", __func__,
+		    attcred->type);
 		goto fail;
 	}
 
@@ -1181,7 +1181,7 @@ decode_attobj(const cbor_item_t *key, const cbor_item_t *val, void *arg)
 			fido_log_debug("%s: fido_blob_decode", __func__);
 			goto fail;
 		}
-		if (cbor_decode_cred_authdata(val, cred->type,
+		if (cbor_decode_cred_authdata(val, &cred->type,
 		    &cred->authdata_cbor, &cred->authdata, &cred->attcred,
 		    &cred->authdata_ext) < 0) {
 			fido_log_debug("%s: cbor_decode_cred_authdata",
@@ -1367,7 +1367,7 @@ decode_assert_extensions(const unsigned char **buf, size_t *len,
 }
 
 int
-cbor_decode_cred_authdata(const cbor_item_t *item, int cose_alg,
+cbor_decode_cred_authdata(const cbor_item_t *item, const fido_int_array_t *algs,
     fido_blob_t *authdata_cbor, fido_authdata_t *authdata,
     fido_attcred_t *attcred, fido_cred_ext_t *authdata_ext)
 {
@@ -1401,7 +1401,7 @@ cbor_decode_cred_authdata(const cbor_item_t *item, int cose_alg,
 
 	if (attcred != NULL) {
 		if ((authdata->flags & CTAP_AUTHDATA_ATT_CRED) == 0 ||
-		    decode_attcred(&buf, &len, cose_alg, attcred) < 0)
+		    decode_attcred(&buf, &len, algs, attcred) < 0)
 			return (-1);
 	}
 

src/cred.c

@@ -34,7 +34,7 @@ parse_makecred_reply(const cbor_item_t *key, const cbor_item_t *val, void *arg)
 			fido_log_debug("%s: fido_blob_decode", __func__);
 			return (-1);
 		}
-		return (cbor_decode_cred_authdata(val, cred->type,
+		return (cbor_decode_cred_authdata(val, &cred->type,
 		    &cred->authdata_cbor, &cred->authdata, &cred->attcred,
 		    &cred->authdata_ext));
 	case 3: /* attestation statement */
@@ -58,24 +58,23 @@ fido_dev_make_cred_tx(fido_dev_t *dev, fido_cred_t *cred, const char *pin,
 	fido_opt_t	 uv = cred->uv;
 	es256_pk_t	*pk = NULL;
 	cbor_item_t	*argv[10];
-	const fido_int_array_t algs = { &cred->type, 1 };
 	const uint8_t	 cmd = CTAP_CBOR_MAKECRED;
 	int		 r;
 
 	memset(&f, 0, sizeof(f));
 	memset(argv, 0, sizeof(argv));
 
-	if (cred->cdh.ptr == NULL || cred->type == 0) {
-		fido_log_debug("%s: cdh=%p, type=%d", __func__,
-		    (void *)cred->cdh.ptr, cred->type);
+	if (cred->cdh.ptr == NULL || cred->type.len == 0) {
+		fido_log_debug("%s: cdh=%p, type.len=%zu", __func__,
+		    (void *)cred->cdh.ptr, cred->type.len);
 		r = FIDO_ERR_INVALID_ARGUMENT;
 		goto fail;
 	}
 
 	if ((argv[0] = fido_blob_encode(&cred->cdh)) == NULL ||
 	    (argv[1] = cbor_encode_rp_entity(&cred->rp)) == NULL ||
 	    (argv[2] = cbor_encode_user_entity(&cred->user)) == NULL ||
-	    (argv[3] = cbor_encode_pubkey_param_array(&algs)) == NULL) {
+	    (argv[3] = cbor_encode_pubkey_param_array(&cred->type)) == NULL) {
 		fido_log_debug("%s: cbor encode", __func__);
 		r = FIDO_ERR_INTERNAL;
 		goto fail;
@@ -589,13 +588,14 @@ fido_cred_reset_tx(fido_cred_t *cred)
 	free(cred->user.icon);
 	free(cred->user.name);
 	free(cred->user.display_name);
+	free(cred->type.ptr);
 	fido_cred_empty_exclude_list(cred);
 
 	memset(&cred->rp, 0, sizeof(cred->rp));
 	memset(&cred->user, 0, sizeof(cred->user));
 	memset(&cred->ext, 0, sizeof(cred->ext));
+	memset(&cred->type, 0, sizeof(cred->type));
 
-	cred->type = 0;
 	cred->rk = FIDO_OPT_OMIT;
 	cred->uv = FIDO_OPT_OMIT;
 	cred->ea.mode = 0;
@@ -644,7 +644,7 @@ fido_cred_set_authdata(fido_cred_t *cred, const unsigned char *ptr, size_t len)
 		goto fail;
 	}
 
-	if (cbor_decode_cred_authdata(item, cred->type, &cred->authdata_cbor,
+	if (cbor_decode_cred_authdata(item, &cred->type, &cred->authdata_cbor,
 	    &cred->authdata, &cred->attcred, &cred->authdata_ext) < 0) {
 		fido_log_debug("%s: cbor_decode_cred_authdata", __func__);
 		goto fail;
@@ -685,7 +685,7 @@ fido_cred_set_authdata_raw(fido_cred_t *cred, const unsigned char *ptr,
 		goto fail;
 	}
 
-	if (cbor_decode_cred_authdata(item, cred->type, &cred->authdata_cbor,
+	if (cbor_decode_cred_authdata(item, &cred->type, &cred->authdata_cbor,
 	    &cred->authdata, &cred->attcred, &cred->authdata_ext) < 0) {
 		fido_log_debug("%s: cbor_decode_cred_authdata", __func__);
 		goto fail;
@@ -1071,27 +1071,44 @@ fido_cred_set_fmt(fido_cred_t *cred, const char *fmt)
 	return (FIDO_OK);
 }
 
-int
-fido_cred_set_type(fido_cred_t *cred, int cose_alg)
+static int
+fido_cred_append_type(fido_cred_t *cred, int cose_alg)
 {
-	if (cred->type != 0)
-		return (FIDO_ERR_INVALID_ARGUMENT);
+	int *list_ptr;
+
 	if (cose_alg != COSE_ES256 && cose_alg != COSE_ES384 &&
 	    cose_alg != COSE_RS256 && cose_alg != COSE_EDDSA)
 		return (FIDO_ERR_INVALID_ARGUMENT);
 
-	cred->type = cose_alg;
+	if (cred->type.len == SIZE_MAX)
+		return (FIDO_ERR_INVALID_ARGUMENT);
+
+	if ((list_ptr = recallocarray(cred->type.ptr, cred->type.len,
+	     cred->type.len + 1, sizeof(*list_ptr))) == NULL)
+		return (FIDO_ERR_INTERNAL);
+
+	list_ptr[cred->type.len++] = cose_alg;
+	cred->type.ptr = list_ptr;
 
 	return (FIDO_OK);
 }
 
+int
+fido_cred_set_type(fido_cred_t *cred, int cose_alg)
+{
+	if (cred->type.len != 0)
+		return (FIDO_ERR_INVALID_ARGUMENT);
+
+	return (fido_cred_append_type(cred, cose_alg));
+}
+
 int
 fido_cred_type(const fido_cred_t *cred)
 {
-	if (cred->attcred.type != 0)
+	if (cred->attcred.type != 0 || cred->type.len == 0)
 		return (cred->attcred.type);
 
-	return (cred->type); /* compat: return requested type */
+	return (cred->type.ptr[0]); /* compat: return (first) requested type */
 }
 
 uint8_t

src/extern.h

@@ -60,8 +60,8 @@ cbor_item_t *es256_pk_encode(const es256_pk_t *, int);
 int cbor_decode_attstmt(const cbor_item_t *, fido_attstmt_t *);
 int cbor_decode_attobj(const cbor_item_t *, fido_cred_t *);
 int cbor_decode_bool(const cbor_item_t *, bool *);
-int cbor_decode_cred_authdata(const cbor_item_t *, int, fido_blob_t *,
-    fido_authdata_t *, fido_attcred_t *, fido_cred_ext_t *);
+int cbor_decode_cred_authdata(const cbor_item_t *, const fido_int_array_t *,
+    fido_blob_t *, fido_authdata_t *, fido_attcred_t *, fido_cred_ext_t *);
 int cbor_decode_assert_authdata(const cbor_item_t *, fido_blob_t *,
     fido_authdata_t *, fido_assert_extattr_t *);
 int cbor_decode_cred_id(const cbor_item_t *, fido_blob_t *);

src/fido/types.h

@@ -185,7 +185,7 @@ typedef struct fido_cred {
 	fido_opt_t        rk;            /* resident key */
 	fido_opt_t        uv;            /* user verification */
 	fido_cred_ext_t   ext;           /* extensions */
-	int               type;          /* cose algorithm */
+	fido_int_array_t  type;          /* cose algorithm(s) */
 	char             *fmt;           /* credential format */
 	fido_cred_ext_t   authdata_ext;  /* decoded extensions */
 	fido_blob_t       authdata_cbor; /* cbor-encoded payload */

src/u2f.c

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2018-2022 Yubico AB. All rights reserved.
+ * Copyright (c) 2018-2024 Yubico AB. All rights reserved.
  * Use of this source code is governed by a BSD-style
  * license that can be found in the LICENSE file.
  * SPDX-License-Identifier: BSD-2-Clause
@@ -678,10 +678,15 @@ u2f_register(fido_dev_t *dev, fido_cred_t *cred, int *ms)
 		return (FIDO_ERR_UNSUPPORTED_OPTION);
 	}
 
-	if (cred->type != COSE_ES256 || cred->cdh.ptr == NULL ||
-	    cred->rp.id == NULL || cred->cdh.len != SHA256_DIGEST_LENGTH) {
-		fido_log_debug("%s: type=%d, cdh=(%p,%zu)" , __func__,
-		    cred->type, (void *)cred->cdh.ptr, cred->cdh.len);
+	if (!fido_int_array_contains(&cred->type, COSE_ES256)) {
+		fido_log_debug("%s: type", __func__);
+		return (FIDO_ERR_INVALID_ARGUMENT);
+	}
+
+	if (cred->cdh.ptr == NULL || cred->rp.id == NULL ||
+	    cred->cdh.len != SHA256_DIGEST_LENGTH) {
+		fido_log_debug("%s: cdh=(%p,%zu)" , __func__,
+		    (void *)cred->cdh.ptr, cred->cdh.len);
 		return (FIDO_ERR_INVALID_ARGUMENT);
 	}
 

src/winhello.c

@@ -716,7 +716,6 @@ translate_fido_cred(struct winhello_cred *ctx, const fido_cred_t *cred,
     const char *pin, int ms)
 {
 	WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS *opt;
-	const fido_int_array_t algs = { &cred->type, 1 };
 
 	if (pack_rp(&ctx->rp_id, &ctx->rp_name, &ctx->rp, &cred->rp) < 0) {
 		fido_log_debug("%s: pack_rp", __func__);
@@ -727,7 +726,7 @@ translate_fido_cred(struct winhello_cred *ctx, const fido_cred_t *cred,
 		fido_log_debug("%s: pack_user", __func__);
 		return FIDO_ERR_INTERNAL;
 	}
-	if (pack_cose_array(&ctx->cose, &algs) < 0) {
+	if (pack_cose_array(&ctx->cose, &cred->type) < 0) {
 		fido_log_debug("%s: pack_cose_array", __func__);
 		return FIDO_ERR_INTERNAL;
 	}