Add missing get/set for multiple cred type

Yubico · Jan 4, 2024 · 64ed45d · 64ed45d
1 parent dfdebb8
commit 64ed45d
Show file tree

Hide file tree

Showing 3 changed files with 37 additions and 13 deletions.
diff --git a/src/cred.c b/src/cred.c
@@ -556,7 +556,6 @@ fido_cred_reset_tx(fido_cred_t *cred)
 	fido_blob_reset(&cred->cdh);
 	fido_blob_reset(&cred->user.id);
 	fido_blob_reset(&cred->blob);
-    fido_blob_reset(&cred->type_winhello);
 
 	free(cred->rp.id);
 	free(cred->rp.name);
@@ -998,25 +997,51 @@ fido_cred_set_type(fido_cred_t *cred, int cose_alg)
     return (FIDO_OK);
 }
 
+int
+fido_cred_set_type_array(fido_cred_t* cred, int *cose_alg_array, size_t count)
+{
+	if (cose_alg_array == NULL || count == 0)
+		return (FIDO_ERR_INVALID_ARGUMENT);
+
+	for (size_t i = 0; i < count; i++) {
+		int cose_alg = cose_alg_array[i];
+
+		if (cose_alg != COSE_ES256 && cose_alg != COSE_ES384 &&
+			cose_alg != COSE_RS256 && cose_alg != COSE_EDDSA)
+			return (FIDO_ERR_INVALID_ARGUMENT);
+	}
+
+	if (fido_int_array_set(&cred->type, cose_alg_array, count) != 0)
+		return (FIDO_ERR_INTERNAL);
+
+	return (FIDO_OK);
+}
+
 int
 fido_cred_type(const fido_cred_t *cred)
 {
     if (fido_int_array_is_empty(&cred->type))
         return 0;
-
+	/* return only the first, to ensure backwards compatibility */
     return cred->type.ptr[0];
 }
 
-const unsigned char *
-fido_cred_type_winhello_ptr(const fido_cred_t *cred)
+const int *
+fido_cred_type_array_ptr(const fido_cred_t* cred)
 {
-	return (cred->type_winhello.ptr);
+	if (fido_int_array_is_empty(&cred->type))
+		return 0;
+
+	return (cred->type.ptr);
 }
 
 size_t
-fido_cred_type_winhello_len(const fido_cred_t *cred)
+fido_cred_type_array_len(const fido_cred_t* cred)
 {
-	return (cred->type_winhello.len);
+	if (fido_int_array_is_empty(&cred->type))
+		return 0;
+
+	return (cred->type.count);
 }
 
 uint8_t

diff --git a/src/fido.h b/src/fido.h
@@ -111,6 +111,7 @@ const char *fido_dev_info_manufacturer_string(const fido_dev_info_t *);
 const char *fido_dev_info_path(const fido_dev_info_t *);
 const char *fido_dev_info_product_string(const fido_dev_info_t *);
 const fido_dev_info_t *fido_dev_info_ptr(const fido_dev_info_t *, size_t);
+const int *fido_cred_type_array_ptr(const fido_cred_t* cred);
 const uint8_t *fido_cbor_info_protocols_ptr(const fido_cbor_info_t *);
 const uint64_t *fido_cbor_info_certs_value_ptr(const fido_cbor_info_t *);
 const unsigned char *fido_cbor_info_aaguid_ptr(const fido_cbor_info_t *);
@@ -123,7 +124,6 @@ const unsigned char *fido_cred_id_ptr(const fido_cred_t *);
 const unsigned char *fido_cred_largeblob_key_ptr(const fido_cred_t *);
 const unsigned char *fido_cred_pubkey_ptr(const fido_cred_t *);
 const unsigned char *fido_cred_sig_ptr(const fido_cred_t *);
-const unsigned char *fido_cred_type_winhello_ptr(const fido_cred_t *cred);
 const unsigned char *fido_cred_user_id_ptr(const fido_cred_t *);
 const unsigned char *fido_cred_x5c_ptr(const fido_cred_t *);
 
@@ -168,7 +168,7 @@ int fido_cred_set_rk(fido_cred_t *, fido_opt_t);
 int fido_cred_set_rp(fido_cred_t *, const char *, const char *);
 int fido_cred_set_sig(fido_cred_t *, const unsigned char *, size_t);
 int fido_cred_set_type(fido_cred_t *, int);
-int fido_cred_set_type_winhello(fido_cred_t *cred, const unsigned char *ptr, size_t len);
+int fido_cred_set_type_array(fido_cred_t* cred, int* cose_alg_array, size_t count);
 int fido_cred_set_uv(fido_cred_t *, fido_opt_t);
 int fido_cred_type(const fido_cred_t *);
 int fido_cred_set_user(fido_cred_t *, const unsigned char *, size_t,
@@ -226,8 +226,8 @@ size_t fido_cred_id_len(const fido_cred_t *);
 size_t fido_cred_largeblob_key_len(const fido_cred_t *);
 size_t fido_cred_pin_minlen(const fido_cred_t *);
 size_t fido_cred_pubkey_len(const fido_cred_t *);
-size_t fido_cred_sig_len(const fido_cred_t *);
-size_t fido_cred_type_winhello_len(const fido_cred_t *cred);
+size_t fido_cred_sig_len(const fido_cred_t*);
+size_t fido_cred_type_array_len(const fido_cred_t* cred);
 size_t fido_cred_user_id_len(const fido_cred_t *);
 size_t fido_cred_x5c_len(const fido_cred_t *);
 

diff --git a/src/fido/types.h b/src/fido/types.h
@@ -175,7 +175,7 @@ typedef struct fido_cred {
 	fido_opt_t        rk;             /* resident key */
 	fido_opt_t        uv;             /* user verification */
 	fido_cred_ext_t   ext;            /* extensions */
-	fido_int_array_t  type;           /* cose algorithm */
+	fido_int_array_t  type;           /* cose algorithm array */
 	char             *fmt;            /* credential format */
 	fido_cred_ext_t   authdata_ext;   /* decoded extensions */
 	fido_blob_t       authdata_cbor;  /* cbor-encoded payload */
@@ -185,7 +185,6 @@ typedef struct fido_cred {
 	fido_attstmt_t    attstmt;        /* attestation statement (x509 + sig) */
 	fido_blob_t       largeblob_key;  /* decoded large blob key */
 	fido_blob_t       blob;           /* CTAP 2.1 credBlob */
-    fido_blob_t       type_winhello;  /* list of cose algorithms, windows hello supports multiple */
 } fido_cred_t;
 
 typedef struct fido_assert_extattr {