Skip to content

F
Fido2Applet
Commit b3af23b1 authored by Josh Ji's avatar Josh Ji
Browse files
Options

code review, 

fix hmac problem
parent 0cc5305c
Hide whitespace changes
Inline Side-by-side
Showing with 55 additions and 92 deletions
src/main/java/com/josh/vku2f/CTAP2.java
View file @ b3af23b1
......@@ -444,8 +444,8 @@ public class CTAP2 extends Applet implements ExtendedLength {
// put encryptedCx
cborEncoder.encodeByteString(idSecret.encryptedCx, (short) 0, (short) idSecret.encryptedCx.length);
//for test
// idSecret.getHMAC(scratch, (short) 0);
// generate HMAC
idSecret.generateHMAC(scratch, (short) 0);
apdu.setOutgoing();
apdu.setOutgoingLength(cborEncoder.getCurrentOffset());
......@@ -565,103 +565,66 @@ public class CTAP2 extends Applet implements ExtendedLength {
// Create a map in the buffer
tempVars[0] = cborEncoder.startMap((short) 3); // current offset
// Attestation stuff
// Attestation statement format : 0x01
cborEncoder.writeRawByte((byte) 0x01);
cborEncoder.encodeTextString(Utf8Strings.UTF8_PACKED, (short) 0, (short) 6);
cborEncoder.encodeTextString(Utf8Strings.UTF8_PACKED, (short) 0, (short) 6);
// Put the authenticatorData identifier(0x02) there
// Authenticator Data : 0x02
cborEncoder.writeRawByte((byte) 0x02);
// Allocate some space for the byte string
/**
* add extensions byte string length
*/
// TODO fix the bug on extension byte string
// tempVars[0] = cborEncoder.startByteString((short) (37 + tempCredential.getAttestedLen() + idSecret.getExtensionsLength() ));
// tempVars[0] = cborEncoder.startByteString((short) (37 + tempCredential.getAttestedLen() + Utf8Strings.UTF8_PRLab.length ));
tempVars[0] = cborEncoder.startByteString((short) (37 + tempCredential.getAttestedLen()));
/**
* end
*/
// Stash where it begins
tempVars[7] = tempVars[0];
// Create the SHA256 hash of the RP ID
tempCredential.rpEntity.getRp(scratch, (short) 0);
tempVars[0] += sha256MessageDigest.doFinal(scratch, (short) 0, tempCredential.rpEntity.getRpLen(), dataBuffer, tempVars[0]);
// Set flags - User presence, user verified, attestation present
dataBuffer[tempVars[0]++] = (byte) 0x45;
// Set the signature counter
tempVars[0] += tempCredential.readCounter(dataBuffer, tempVars[0]);
// Read the credential details in
// Just note down where this starts for future ref
tempVars[0] += tempCredential.getAttestedData(dataBuffer, tempVars[0]);
/**
* put extensions here
*/
// TODO fix the bug on this
// tempVars[0] += idSecret.getExtensionsByteString(dataBuffer, tempVars[0]);
// Util.arrayCopy(Utf8Strings.UTF8_PRLab, (short)0, dataBuffer, tempVars[0], (short)Utf8Strings.UTF8_PRLab.length);
/**
* end extensions
*/
// Generate and then attach the attestation.
// get extension length
// byte[] extensionBuffer = null;
// short extensionLength = idSecret.generateExtensions(extensionBuffer);
// Allocate some space for the byte string
// tempVars[0] = cborEncoder.startByteString((short) (37 + tempCredential.getAttestedLen() + extensionLength));
tempVars[0] = cborEncoder.startByteString((short) (37 + tempCredential.getAttestedLen() ));
// Stash where it begins
tempVars[7] = tempVars[0];
// Create the SHA256 hash of the RP ID
tempCredential.rpEntity.getRp(scratch, (short) 0);
tempVars[0] += sha256MessageDigest.doFinal(scratch, (short) 0, tempCredential.rpEntity.getRpLen(), dataBuffer, tempVars[0]);
// Set flags - User presence, user verified, attestation present
dataBuffer[tempVars[0]++] = (byte) 0x45;
// Set the signature counter
tempVars[0] += tempCredential.readCounter(dataBuffer, tempVars[0]);
// Read the credential details in
// Just note down where this starts for future ref
tempVars[0] += tempCredential.getAttestedData(dataBuffer, tempVars[0]);
// extensions 這才是fido指定extension 要放的位置a
// Util.arrayCopy(extensionBuffer, (short)0, dataBuffer, tempVars[0], extensionLength);
// Attestation Statement : 0x03
cborEncoder.writeRawByte((byte) 0x03);
// Start to build into the cbor array manually, to avoid arrayCopy
// Create a map with 3 things
// cborEncoder.startMap((short) 3);
cborEncoder.startMap((short) 4);
// Add the alg label
cborEncoder.encodeTextString(Utf8Strings.UTF8_ALG, (short) 0, (short) 3);
// Add the actual algorithm - -7 is 6 as a negative
cborEncoder.encodeNegativeUInt8((byte) 0x06);
// Add the actual signature, we should generate this
cborEncoder.encodeTextString(Utf8Strings.UTF8_SIG, (short) 0, (short) 3);
// Generate the signature, can't do this directly unfortunately.
// We sign over the client data hash and the attested data.
// AuthenticatorData is first. We noted down where it begins and know how long
// it is.
attestationKeyPair.update(dataBuffer, tempVars[7], (short) (tempCredential.getAttestedLen() + 37));
// The client data hash is next, which we use to finish off the signature.
tempVars[4] = attestationKeyPair.sign(authenticatorMakeCredential.dataHash, (short) 0, (short) authenticatorMakeCredential.dataHash.length, scratch, (short) 0);
// Create the byte string for the signature
cborEncoder.encodeByteString(scratch, (short) 0, tempVars[4]);
// Set the x509 cert now
cborEncoder.encodeTextString(Utf8Strings.UTF8_X5C, (short) 0, (short) 3);
// Supposedly we need an array here
cborEncoder.startArray((short) 1);
cborEncoder.encodeByteString(attestationKeyPair.x509cert, (short) 0, attestationKeyPair.x509len);
/**
* extension
*/
// add extension label
cborEncoder.encodeTextString(Utf8Strings.UTF8_EXTENSIONS, (short) 0, (short) Utf8Strings.UTF8_EXTENSIONS.length);
// add extension element
cborEncoder.startArray((short) 2);
// add HMAC
// cborEncoder.encodeTextString(Utf8Strings.UTF8_HMAC, (short)0, (short)Utf8Strings.UTF8_HMAC.length );
cborEncoder.encodeByteString(idSecret.hmac, (short) 0, (short) idSecret.hmac.length);
// // add Cx
// cborEncoder.encodeTextString(Utf8Strings.UTF8_Cx, (short)0, (short)Utf8Strings.UTF8_Cx.length);
cborEncoder.encodeByteString(idSecret.encryptedCx, (short) 0, (short) idSecret.encryptedCx.length);
/**
* end extension
*/
// Start to build into the cbor array manually, to avoid arrayCopy
// Create a map with 3 things
cborEncoder.startMap((short) 4);
// Add the alg label
cborEncoder.encodeTextString(Utf8Strings.UTF8_ALG, (short) 0, (short) 3);
// Add the actual algorithm - -7 is 6 as a negative
cborEncoder.encodeNegativeUInt8((byte) 0x06);
// Add the actual signature, we should generate this
cborEncoder.encodeTextString(Utf8Strings.UTF8_SIG, (short) 0, (short) 3);
// Generate the signature, can't do this directly unfortunately.
// We sign over the client data hash and the attested data.
// AuthenticatorData is first. We noted down where it begins and know how long
// it is.
attestationKeyPair.update(dataBuffer, tempVars[7], (short) (37 + tempCredential.getAttestedLen()));
// attestationKeyPair.update(dataBuffer, (short)(tempVars[7] + 37 + tempCredential.getAttestedLen()), extensionLength);
// The client data hash is next, which we use to finish off the signature.
tempVars[4] = attestationKeyPair.sign(authenticatorMakeCredential.dataHash, (short) 0, (short) authenticatorMakeCredential.dataHash.length, scratch, (short) 0);
// Create the byte string for the signature
cborEncoder.encodeByteString(scratch, (short) 0, tempVars[4]);
// Set the x509 cert now
cborEncoder.encodeTextString(Utf8Strings.UTF8_X5C, (short) 0, (short) 3);
// Supposedly we need an array here
cborEncoder.startArray((short) 1);
cborEncoder.encodeByteString(attestationKeyPair.x509cert, (short) 0, attestationKeyPair.x509len);
// add extension label 這邊是暫時找個地方放
cborEncoder.encodeTextString(Utf8Strings.UTF8_EXTENSIONS, (short) 0, (short) Utf8Strings.UTF8_EXTENSIONS.length);
// add extension element
cborEncoder.startArray((short) 2);
cborEncoder.encodeByteString(idSecret.hmac, (short) 0, (short) idSecret.hmac.length);
cborEncoder.encodeByteString(idSecret.encryptedCx, (short) 0, (short) idSecret.encryptedCx.length);
// We're actually done, send this out
sendLongChaining(apdu, cborEncoder.getCurrentOffset());
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment