Coverage Report

Created: 2023-09-23 17:42

/libfido2/src/largeblob.c
Line
Count
Source (jump to first uncovered line)
1
/*
2
 * Copyright (c) 2020-2022 Yubico AB. All rights reserved.
3
 * Use of this source code is governed by a BSD-style
4
 * license that can be found in the LICENSE file.
5
 * SPDX-License-Identifier: BSD-2-Clause
6
 */
7
8
#include <openssl/sha.h>
9
10
#include "fido.h"
11
#include "fido/es256.h"
12
13
1.42k
#define LARGEBLOB_DIGEST_LENGTH 16
14
648
#define LARGEBLOB_NONCE_LENGTH  12
15
657
#define LARGEBLOB_TAG_LENGTH    16
16
17
typedef struct largeblob {
18
        size_t origsiz;
19
        fido_blob_t ciphertext;
20
        fido_blob_t nonce;
21
} largeblob_t;
22
23
static largeblob_t *
24
largeblob_new(void)
25
636
{
26
636
        return calloc(1, sizeof(largeblob_t));
27
636
}
28
29
static void
30
largeblob_reset(largeblob_t *blob)
31
1.29k
{
32
1.29k
        fido_blob_reset(&blob->ciphertext);
33
1.29k
        fido_blob_reset(&blob->nonce);
34
1.29k
        blob->origsiz = 0;
35
1.29k
}
36
37
static void
38
largeblob_free(largeblob_t **blob_ptr)
39
636
{
40
636
        largeblob_t *blob;
41
42
636
        if (blob_ptr == NULL || (blob = *blob_ptr) == NULL)
43
6
                return;
44
630
        largeblob_reset(blob);
45
630
        free(blob);
46
630
        *blob_ptr = NULL;
47
630
}
48
49
static int
50
largeblob_aad(fido_blob_t *aad, uint64_t size)
51
1.25k
{
52
1.25k
        uint8_t buf[4 + sizeof(uint64_t)];
53
54
1.25k
        buf[0] = 0x62; /* b */
55
1.25k
        buf[1] = 0x6c; /* l */
56
1.25k
        buf[2] = 0x6f; /* o */
57
1.25k
        buf[3] = 0x62; /* b */
58
1.25k
        size = htole64(size);
59
1.25k
        memcpy(&buf[4], &size, sizeof(uint64_t));
60
61
1.25k
        return fido_blob_set(aad, buf, sizeof(buf));
62
1.25k
}
63
64
static fido_blob_t *
65
largeblob_decrypt(const largeblob_t *blob, const fido_blob_t *key)
66
648
{
67
648
        fido_blob_t *plaintext = NULL, *aad = NULL;
68
648
        int ok = -1;
69
70
648
        if ((plaintext = fido_blob_new()) == NULL ||
71
648
            (aad = fido_blob_new()) == NULL) {
72
15
                fido_log_debug("%s: fido_blob_new", __func__);
73
15
                goto fail;
74
15
        }
75
633
        if (largeblob_aad(aad, blob->origsiz) < 0) {
76
11
                fido_log_debug("%s: largeblob_aad", __func__);
77
11
                goto fail;
78
11
        }
79
622
        if (aes256_gcm_dec(key, &blob->nonce, aad, &blob->ciphertext,
80
622
            plaintext) < 0) {
81
301
                fido_log_debug("%s: aes256_gcm_dec", __func__);
82
301
                goto fail;
83
301
        }
84
85
321
        ok = 0;
86
648
fail:
87
648
        fido_blob_free(&aad);
88
89
648
        if (ok < 0)
90
327
                fido_blob_free(&plaintext);
91
92
648
        return plaintext;
93
321
}
94
95
static int
96
largeblob_get_nonce(largeblob_t *blob)
97
621
{
98
621
        uint8_t buf[LARGEBLOB_NONCE_LENGTH];
99
621
        int ok = -1;
100
101
621
        if (fido_get_random(buf, sizeof(buf)) < 0) {
102
4
                fido_log_debug("%s: fido_get_random", __func__);
103
4
                goto fail;
104
4
        }
105
617
        if (fido_blob_set(&blob->nonce, buf, sizeof(buf)) < 0) {
106
2
                fido_log_debug("%s: fido_blob_set", __func__);
107
2
                goto fail;
108
2
        }
109
110
615
        ok = 0;
111
621
fail:
112
621
        explicit_bzero(buf, sizeof(buf));
113
114
621
        return ok;
115
615
}
116
117
static int
118
largeblob_seal(largeblob_t *blob, const fido_blob_t *body,
119
    const fido_blob_t *key)
120
630
{
121
630
        fido_blob_t *plaintext = NULL, *aad = NULL;
122
630
        int ok = -1;
123
124
630
        if ((plaintext = fido_blob_new()) == NULL ||
125
630
            (aad = fido_blob_new()) == NULL) {
126
2
                fido_log_debug("%s: fido_blob_new", __func__);
127
2
                goto fail;
128
2
        }
129
628
        if (fido_compress(plaintext, body) != FIDO_OK) {
130
5
                fido_log_debug("%s: fido_compress", __func__);
131
5
                goto fail;
132
5
        }
133
623
        if (largeblob_aad(aad, body->len) < 0) {
134
2
                fido_log_debug("%s: largeblob_aad", __func__);
135
2
                goto fail;
136
2
        }
137
621
        if (largeblob_get_nonce(blob) < 0) {
138
6
                fido_log_debug("%s: largeblob_get_nonce", __func__);
139
6
                goto fail;
140
6
        }
141
615
        if (aes256_gcm_enc(key, &blob->nonce, aad, plaintext,
142
615
            &blob->ciphertext) < 0) {
143
142
                fido_log_debug("%s: aes256_gcm_enc", __func__);
144
142
                goto fail;
145
142
        }
146
473
        blob->origsiz = body->len;
147
148
473
        ok = 0;
149
630
fail:
150
630
        fido_blob_free(&plaintext);
151
630
        fido_blob_free(&aad);
152
153
630
        return ok;
154
473
}
155
156
static int
157
largeblob_get_tx(fido_dev_t *dev, size_t offset, size_t count, int *ms)
158
844
{
159
844
        fido_blob_t f;
160
844
        cbor_item_t *argv[3];
161
844
        int r;
162
163
844
        memset(argv, 0, sizeof(argv));
164
844
        memset(&f, 0, sizeof(f));
165
166
844
        if ((argv[0] = cbor_build_uint(count)) == NULL ||
167
844
            (argv[2] = cbor_build_uint(offset)) == NULL) {
168
10
                fido_log_debug("%s: cbor encode", __func__);
169
10
                r = FIDO_ERR_INTERNAL;
170
10
                goto fail;
171
10
        }
172
834
        if (cbor_build_frame(CTAP_CBOR_LARGEBLOB, argv, nitems(argv), &f) < 0 ||
173
834
            fido_tx(dev, CTAP_CMD_CBOR, f.ptr, f.len, ms) < 0) {
174
24
                fido_log_debug("%s: fido_tx", __func__);
175
24
                r = FIDO_ERR_TX;
176
24
                goto fail;
177
24
        }
178
179
810
        r = FIDO_OK;
180
844
fail:
181
844
        cbor_vector_free(argv, nitems(argv));
182
844
        free(f.ptr);
183
184
844
        return r;
185
810
}
186
187
static int
188
parse_largeblob_reply(const cbor_item_t *key, const cbor_item_t *val,
189
    void *arg)
190
843
{
191
843
        if (cbor_isa_uint(key) == false ||
192
843
            cbor_int_get_width(key) != CBOR_INT_8 ||
193
843
            cbor_get_uint8(key) != 1) {
194
183
                fido_log_debug("%s: cbor type", __func__);
195
183
                return 0; /* ignore */
196
183
        }
197
198
660
        return fido_blob_decode(val, arg);
199
843
}
200
201
static int
202
largeblob_get_rx(fido_dev_t *dev, fido_blob_t **chunk, int *ms)
203
810
{
204
810
        unsigned char *msg;
205
810
        int msglen, r;
206
207
810
        *chunk = NULL;
208
810
        if ((msg = malloc(FIDO_MAXMSG)) == NULL) {
209
3
                r = FIDO_ERR_INTERNAL;
210
3
                goto out;
211
3
        }
212
807
        if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
213
65
                fido_log_debug("%s: fido_rx", __func__);
214
65
                r = FIDO_ERR_RX;
215
65
                goto out;
216
65
        }
217
742
        if ((*chunk = fido_blob_new()) == NULL) {
218
3
                fido_log_debug("%s: fido_blob_new", __func__);
219
3
                r = FIDO_ERR_INTERNAL;
220
3
                goto out;
221
3
        }
222
739
        if ((r = cbor_parse_reply(msg, (size_t)msglen, *chunk,
223
739
            parse_largeblob_reply)) != FIDO_OK) {
224
70
                fido_log_debug("%s: parse_largeblob_reply", __func__);
225
70
                goto out;
226
70
        }
227
228
669
        r = FIDO_OK;
229
810
out:
230
810
        if (r != FIDO_OK)
231
141
                fido_blob_free(chunk);
232
233
810
        freezero(msg, FIDO_MAXMSG);
234
235
810
        return r;
236
669
}
237
238
static cbor_item_t *
239
largeblob_array_load(const uint8_t *ptr, size_t len)
240
409
{
241
409
        struct cbor_load_result cbor;
242
409
        cbor_item_t *item;
243
244
409
        if (len < LARGEBLOB_DIGEST_LENGTH) {
245
0
                fido_log_debug("%s: len", __func__);
246
0
                return NULL;
247
0
        }
248
409
        len -= LARGEBLOB_DIGEST_LENGTH;
249
409
        if ((item = cbor_load(ptr, len, &cbor)) == NULL) {
250
3
                fido_log_debug("%s: cbor_load", __func__);
251
3
                return NULL;
252
3
        }
253
406
        if (!cbor_isa_array(item) || !cbor_array_is_definite(item)) {
254
0
                fido_log_debug("%s: cbor type", __func__);
255
0
                cbor_decref(&item);
256
0
                return NULL;
257
0
        }
258
259
406
        return item;
260
406
}
261
262
static size_t
263
get_chunklen(fido_dev_t *dev)
264
2.87k
{
265
2.87k
        uint64_t maxchunklen;
266
267
2.87k
        if ((maxchunklen = fido_dev_maxmsgsize(dev)) > SIZE_MAX)
268
0
                maxchunklen = SIZE_MAX;
269
2.87k
        if (maxchunklen > FIDO_MAXMSG)
270
412
                maxchunklen = FIDO_MAXMSG;
271
2.87k
        maxchunklen = maxchunklen > 64 ? maxchunklen - 64 : 0;
272
273
2.87k
        return (size_t)maxchunklen;
274
2.87k
}
275
276
static int
277
largeblob_do_decode(const cbor_item_t *key, const cbor_item_t *val, void *arg)
278
1.97k
{
279
1.97k
        largeblob_t *blob = arg;
280
1.97k
        uint64_t origsiz;
281
282
1.97k
        if (cbor_isa_uint(key) == false ||
283
1.97k
            cbor_int_get_width(key) != CBOR_INT_8) {
284
0
                fido_log_debug("%s: cbor type", __func__);
285
0
                return 0; /* ignore */
286
0
        }
287
288
1.97k
        switch (cbor_get_uint8(key)) {
289
665
        case 1: /* ciphertext */
290
665
                if (fido_blob_decode(val, &blob->ciphertext) < 0 ||
291
665
                    blob->ciphertext.len < LARGEBLOB_TAG_LENGTH)
292
8
                        return -1;
293
657
                return 0;
294
657
        case 2: /* nonce */
295
657
                if (fido_blob_decode(val, &blob->nonce) < 0 ||
296
657
                    blob->nonce.len != LARGEBLOB_NONCE_LENGTH)
297
9
                        return -1;
298
648
                return 0;
299
648
        case 3: /* origSize */
300
648
                if (!cbor_isa_uint(val) ||
301
648
                    (origsiz = cbor_get_int(val)) > SIZE_MAX)
302
0
                        return -1;
303
648
                blob->origsiz = (size_t)origsiz;
304
648
                return 0;
305
0
        default: /* ignore */
306
0
                fido_log_debug("%s: cbor type", __func__);
307
0
                return 0;
308
1.97k
        }
309
1.97k
}
310
311
static int
312
largeblob_decode(largeblob_t *blob, const cbor_item_t *item)
313
668
{
314
668
        if (!cbor_isa_map(item) || !cbor_map_is_definite(item)) {
315
0
                fido_log_debug("%s: cbor type", __func__);
316
0
                return -1;
317
0
        }
318
668
        if (cbor_map_iter(item, blob, largeblob_do_decode) < 0) {
319
20
                fido_log_debug("%s: cbor_map_iter", __func__);
320
20
                return -1;
321
20
        }
322
648
        if (fido_blob_is_empty(&blob->ciphertext) ||
323
648
            fido_blob_is_empty(&blob->nonce) || blob->origsiz == 0) {
324
0
                fido_log_debug("%s: incomplete blob", __func__);
325
0
                return -1;
326
0
        }
327
328
648
        return 0;
329
648
}
330
331
static cbor_item_t *
332
largeblob_encode(const fido_blob_t *body, const fido_blob_t *key)
333
636
{
334
636
        largeblob_t *blob;
335
636
        cbor_item_t *argv[3], *item = NULL;
336
337
636
        memset(argv, 0, sizeof(argv));
338
636
        if ((blob = largeblob_new()) == NULL ||
339
636
            largeblob_seal(blob, body, key) < 0) {
340
163
                fido_log_debug("%s: largeblob_seal", __func__);
341
163
                goto fail;
342
163
        }
343
473
        if ((argv[0] = fido_blob_encode(&blob->ciphertext)) == NULL ||
344
473
            (argv[1] = fido_blob_encode(&blob->nonce)) == NULL ||
345
473
            (argv[2] = cbor_build_uint(blob->origsiz)) == NULL) {
346
3
                fido_log_debug("%s: cbor encode", __func__);
347
3
                goto fail;
348
3
        }
349
470
        item = cbor_flatten_vector(argv, nitems(argv));
350
636
fail:
351
636
        cbor_vector_free(argv, nitems(argv));
352
636
        largeblob_free(&blob);
353
354
636
        return item;
355
470
}
356
357
static int
358
largeblob_array_lookup(fido_blob_t *out, size_t *idx, const cbor_item_t *item,
359
    const fido_blob_t *key)
360
594
{
361
594
        cbor_item_t **v;
362
594
        fido_blob_t *plaintext = NULL;
363
594
        largeblob_t blob;
364
594
        int r;
365
366
594
        memset(&blob, 0, sizeof(blob));
367
594
        if (idx != NULL)
368
566
                *idx = 0;
369
594
        if ((v = cbor_array_handle(item)) == NULL)
370
5
                return FIDO_ERR_INVALID_ARGUMENT;
371
936
        for (size_t i = 0; i < cbor_array_size(item); i++) {
372
668
                if (largeblob_decode(&blob, v[i]) < 0 ||
373
668
                    (plaintext = largeblob_decrypt(&blob, key)) == NULL) {
374
347
                        fido_log_debug("%s: largeblob_decode", __func__);
375
347
                        largeblob_reset(&blob);
376
347
                        continue;
377
347
                }
378
321
                if (idx != NULL)
379
313
                        *idx = i;
380
321
                break;
381
668
        }
382
589
        if (plaintext == NULL) {
383
268
                fido_log_debug("%s: not found", __func__);
384
268
                return FIDO_ERR_NOTFOUND;
385
268
        }
386
321
        if (out != NULL)
387
8
                r = fido_uncompress(out, plaintext, blob.origsiz);
388
313
        else
389
313
                r = FIDO_OK;
390
391
321
        fido_blob_free(&plaintext);
392
321
        largeblob_reset(&blob);
393
394
321
        return r;
395
589
}
396
397
static int
398
largeblob_array_digest(u_char out[LARGEBLOB_DIGEST_LENGTH], const u_char *data,
399
    size_t len)
400
610
{
401
610
        u_char dgst[SHA256_DIGEST_LENGTH];
402
403
610
        if (data == NULL || len == 0)
404
3
                return -1;
405
607
        if (SHA256(data, len, dgst) != dgst)
406
3
                return -1;
407
604
        memcpy(out, dgst, LARGEBLOB_DIGEST_LENGTH);
408
409
604
        return 0;
410
607
}
411
412
static int
413
largeblob_array_check(const fido_blob_t *array)
414
618
{
415
618
        u_char expected_hash[LARGEBLOB_DIGEST_LENGTH];
416
618
        size_t body_len;
417
418
618
        fido_log_xxd(array->ptr, array->len, __func__);
419
618
        if (array->len < sizeof(expected_hash)) {
420
8
                fido_log_debug("%s: len %zu", __func__, array->len);
421
8
                return -1;
422
8
        }
423
610
        body_len = array->len - sizeof(expected_hash);
424
610
        if (largeblob_array_digest(expected_hash, array->ptr, body_len) < 0) {
425
6
                fido_log_debug("%s: largeblob_array_digest", __func__);
426
6
                return -1;
427
6
        }
428
429
604
        return timingsafe_bcmp(expected_hash, array->ptr + body_len,
430
604
            sizeof(expected_hash));
431
610
}
432
433
static int
434
largeblob_get_array(fido_dev_t *dev, cbor_item_t **item, int *ms)
435
1.60k
{
436
1.60k
        fido_blob_t *array, *chunk = NULL;
437
1.60k
        size_t n;
438
1.60k
        int r;
439
440
1.60k
        *item = NULL;
441
1.60k
        if ((n = get_chunklen(dev)) == 0)
442
785
                return FIDO_ERR_INVALID_ARGUMENT;
443
818
        if ((array = fido_blob_new()) == NULL)
444
3
                return FIDO_ERR_INTERNAL;
445
844
        do {
446
844
                fido_blob_free(&chunk);
447
844
                if ((r = largeblob_get_tx(dev, array->len, n, ms)) != FIDO_OK ||
448
844
                    (r = largeblob_get_rx(dev, &chunk, ms)) != FIDO_OK) {
449
175
                        fido_log_debug("%s: largeblob_get_wait %zu/%zu",
450
175
                            __func__, array->len, n);
451
175
                        goto fail;
452
175
                }
453
669
                if (fido_blob_append(array, chunk->ptr, chunk->len) < 0) {
454
22
                        fido_log_debug("%s: fido_blob_append", __func__);
455
22
                        r = FIDO_ERR_INTERNAL;
456
22
                        goto fail;
457
22
                }
458
669
        } while (chunk->len == n);
459
460
618
        if (largeblob_array_check(array) != 0)
461
209
                *item = cbor_new_definite_array(0); /* per spec */
462
409
        else
463
409
                *item = largeblob_array_load(array->ptr, array->len);
464
618
        if (*item == NULL)
465
6
                r = FIDO_ERR_INTERNAL;
466
612
        else
467
612
                r = FIDO_OK;
468
815
fail:
469
815
        fido_blob_free(&array);
470
815
        fido_blob_free(&chunk);
471
472
815
        return r;
473
618
}
474
475
static int
476
prepare_hmac(size_t offset, const u_char *data, size_t len, fido_blob_t *hmac)
477
63
{
478
63
        uint8_t buf[32 + 2 + sizeof(uint32_t) + SHA256_DIGEST_LENGTH];
479
63
        uint32_t u32_offset;
480
481
63
        if (data == NULL || len == 0) {
482
0
                fido_log_debug("%s: invalid data=%p, len=%zu", __func__,
483
0
                    (const void *)data, len);
484
0
                return -1;
485
0
        }
486
63
        if (offset > UINT32_MAX) {
487
0
                fido_log_debug("%s: invalid offset=%zu", __func__, offset);
488
0
                return -1;
489
0
        }
490
491
63
        memset(buf, 0xff, 32);
492
63
        buf[32] = CTAP_CBOR_LARGEBLOB;
493
63
        buf[33] = 0x00;
494
63
        u32_offset = htole32((uint32_t)offset);
495
63
        memcpy(&buf[34], &u32_offset, sizeof(uint32_t));
496
63
        if (SHA256(data, len, &buf[38]) != &buf[38]) {
497
2
                fido_log_debug("%s: SHA256", __func__);
498
2
                return -1;
499
2
        }
500
501
61
        return fido_blob_set(hmac, buf, sizeof(buf));
502
63
}
503
504
static int
505
largeblob_set_tx(fido_dev_t *dev, const fido_blob_t *token, const u_char *chunk,
506
    size_t chunk_len, size_t offset, size_t totalsiz, int *ms)
507
357
{
508
357
        fido_blob_t *hmac = NULL, f;
509
357
        cbor_item_t *argv[6];
510
357
        int r;
511
512
357
        memset(argv, 0, sizeof(argv));
513
357
        memset(&f, 0, sizeof(f));
514
515
357
        if ((argv[1] = cbor_build_bytestring(chunk, chunk_len)) == NULL ||
516
357
            (argv[2] = cbor_build_uint(offset)) == NULL ||
517
357
            (offset == 0 && (argv[3] = cbor_build_uint(totalsiz)) == NULL)) {
518
4
                fido_log_debug("%s: cbor encode", __func__);
519
4
                r = FIDO_ERR_INTERNAL;
520
4
                goto fail;
521
4
        }
522
353
        if (token != NULL) {
523
64
                if ((hmac = fido_blob_new()) == NULL ||
524
64
                    prepare_hmac(offset, chunk, chunk_len, hmac) < 0 ||
525
64
                    (argv[4] = cbor_encode_pin_auth(dev, token, hmac)) == NULL ||
526
64
                    (argv[5] = cbor_encode_pin_opt(dev)) == NULL) {
527
7
                        fido_log_debug("%s: cbor_encode_pin_auth", __func__);
528
7
                        r = FIDO_ERR_INTERNAL;
529
7
                        goto fail;
530
7
                }
531
64
        }
532
346
        if (cbor_build_frame(CTAP_CBOR_LARGEBLOB, argv, nitems(argv), &f) < 0 ||
533
346
            fido_tx(dev, CTAP_CMD_CBOR, f.ptr, f.len, ms) < 0) {
534
44
                fido_log_debug("%s: fido_tx", __func__);
535
44
                r = FIDO_ERR_TX;
536
44
                goto fail;
537
44
        }
538
539
302
        r = FIDO_OK;
540
357
fail:
541
357
        cbor_vector_free(argv, nitems(argv));
542
357
        fido_blob_free(&hmac);
543
357
        free(f.ptr);
544
545
357
        return r;
546
302
}
547
548
static int
549
largeblob_get_uv_token(fido_dev_t *dev, const char *pin, fido_blob_t **token,
550
    int *ms)
551
547
{
552
547
        es256_pk_t *pk = NULL;
553
547
        fido_blob_t *ecdh = NULL;
554
547
        int r;
555
556
547
        if ((*token = fido_blob_new()) == NULL)
557
3
                return FIDO_ERR_INTERNAL;
558
544
        if ((r = fido_do_ecdh(dev, &pk, &ecdh, ms)) != FIDO_OK) {
559
318
                fido_log_debug("%s: fido_do_ecdh", __func__);
560
318
                goto fail;
561
318
        }
562
226
        if ((r = fido_dev_get_uv_token(dev, CTAP_CBOR_LARGEBLOB, pin, ecdh, pk,
563
226
            NULL, *token, ms)) != FIDO_OK) {
564
181
                fido_log_debug("%s: fido_dev_get_uv_token", __func__);
565
181
                goto fail;
566
181
        }
567
568
45
        r = FIDO_OK;
569
544
fail:
570
544
        if (r != FIDO_OK)
571
499
                fido_blob_free(token);
572
573
544
        fido_blob_free(&ecdh);
574
544
        es256_pk_free(&pk);
575
576
544
        return r;
577
45
}
578
579
static int
580
largeblob_set_array(fido_dev_t *dev, const cbor_item_t *item, const char *pin,
581
    int *ms)
582
1.27k
{
583
1.27k
        unsigned char dgst[SHA256_DIGEST_LENGTH];
584
1.27k
        fido_blob_t cbor, *token = NULL;
585
1.27k
        size_t chunklen, maxchunklen, totalsize;
586
1.27k
        int r;
587
588
1.27k
        memset(&cbor, 0, sizeof(cbor));
589
590
1.27k
        if ((maxchunklen = get_chunklen(dev)) == 0) {
591
405
                fido_log_debug("%s: maxchunklen=%zu", __func__, maxchunklen);
592
405
                r = FIDO_ERR_INVALID_ARGUMENT;
593
405
                goto fail;
594
405
        }
595
866
        if (!cbor_isa_array(item) || !cbor_array_is_definite(item)) {
596
88
                fido_log_debug("%s: cbor type", __func__);
597
88
                r = FIDO_ERR_INVALID_ARGUMENT;
598
88
                goto fail;
599
88
        }
600
778
        if ((fido_blob_serialise(&cbor, item)) < 0) {
601
4
                fido_log_debug("%s: fido_blob_serialise", __func__);
602
4
                r = FIDO_ERR_INTERNAL;
603
4
                goto fail;
604
4
        }
605
774
        if (cbor.len > SIZE_MAX - sizeof(dgst)) {
606
0
                fido_log_debug("%s: cbor.len=%zu", __func__, cbor.len);
607
0
                r = FIDO_ERR_INVALID_ARGUMENT;
608
0
                goto fail;
609
0
        }
610
774
        if (SHA256(cbor.ptr, cbor.len, dgst) != dgst) {
611
4
                fido_log_debug("%s: SHA256", __func__);
612
4
                r = FIDO_ERR_INTERNAL;
613
4
                goto fail;
614
4
        }
615
770
        totalsize = cbor.len + sizeof(dgst) - 16; /* the first 16 bytes only */
616
770
        if (pin != NULL || fido_dev_supports_permissions(dev)) {
617
547
                if ((r = largeblob_get_uv_token(dev, pin, &token,
618
547
                    ms)) != FIDO_OK) {
619
502
                        fido_log_debug("%s: largeblob_get_uv_token", __func__);
620
502
                        goto fail;
621
502
                }
622
547
        }
623
357
        for (size_t offset = 0; offset < cbor.len; offset += chunklen) {
624
296
                if ((chunklen = cbor.len - offset) > maxchunklen)
625
54
                        chunklen = maxchunklen;
626
296
                if ((r = largeblob_set_tx(dev, token, cbor.ptr + offset,
627
296
                    chunklen, offset, totalsize, ms)) != FIDO_OK ||
628
296
                    (r = fido_rx_cbor_status(dev, ms)) != FIDO_OK) {
629
207
                        fido_log_debug("%s: body", __func__);
630
207
                        goto fail;
631
207
                }
632
296
        }
633
61
        if ((r = largeblob_set_tx(dev, token, dgst, sizeof(dgst) - 16, cbor.len,
634
61
            totalsize, ms)) != FIDO_OK ||
635
61
            (r = fido_rx_cbor_status(dev, ms)) != FIDO_OK) {
636
53
                fido_log_debug("%s: dgst", __func__);
637
53
                goto fail;
638
53
        }
639
640
8
        r = FIDO_OK;
641
1.27k
fail:
642
1.27k
        fido_blob_free(&token);
643
1.27k
        fido_blob_reset(&cbor);
644
645
1.27k
        return r;
646
8
}
647
648
static int
649
largeblob_add(fido_dev_t *dev, const fido_blob_t *key, cbor_item_t *item,
650
    const char *pin, int *ms)
651
463
{
652
463
        cbor_item_t *array = NULL;
653
463
        size_t idx;
654
463
        int r;
655
656
463
        if ((r = largeblob_get_array(dev, &array, ms)) != FIDO_OK) {
657
137
                fido_log_debug("%s: largeblob_get_array", __func__);
658
137
                goto fail;
659
137
        }
660
661
326
        switch (r = largeblob_array_lookup(NULL, &idx, array, key)) {
662
121
        case FIDO_OK:
663
121
                if (!cbor_array_replace(array, idx, item)) {
664
0
                        r = FIDO_ERR_INTERNAL;
665
0
                        goto fail;
666
0
                }
667
121
                break;
668
204
        case FIDO_ERR_NOTFOUND:
669
204
                if (cbor_array_append(&array, item) < 0) {
670
7
                        r = FIDO_ERR_INTERNAL;
671
7
                        goto fail;
672
7
                }
673
197
                break;
674
197
        default:
675
1
                fido_log_debug("%s: largeblob_array_lookup", __func__);
676
1
                goto fail;
677
326
        }
678
679
318
        if ((r = largeblob_set_array(dev, array, pin, ms)) != FIDO_OK) {
680
316
                fido_log_debug("%s: largeblob_set_array", __func__);
681
316
                goto fail;
682
316
        }
683
684
2
        r = FIDO_OK;
685
463
fail:
686
463
        if (array != NULL)
687
326
                cbor_decref(&array);
688
689
463
        return r;
690
2
}
691
692
static int
693
largeblob_drop(fido_dev_t *dev, const fido_blob_t *key, const char *pin,
694
    int *ms)
695
543
{
696
543
        cbor_item_t *array = NULL;
697
543
        size_t idx;
698
543
        int r;
699
700
543
        if ((r = largeblob_get_array(dev, &array, ms)) != FIDO_OK) {
701
303
                fido_log_debug("%s: largeblob_get_array", __func__);
702
303
                goto fail;
703
303
        }
704
240
        if ((r = largeblob_array_lookup(NULL, &idx, array, key)) != FIDO_OK) {
705
48
                fido_log_debug("%s: largeblob_array_lookup", __func__);
706
48
                goto fail;
707
48
        }
708
192
        if (cbor_array_drop(&array, idx) < 0) {
709
6
                fido_log_debug("%s: cbor_array_drop", __func__);
710
6
                r = FIDO_ERR_INTERNAL;
711
6
                goto fail;
712
6
        }
713
186
        if ((r = largeblob_set_array(dev, array, pin, ms)) != FIDO_OK) {
714
183
                fido_log_debug("%s: largeblob_set_array", __func__);
715
183
                goto fail;
716
183
        }
717
718
3
        r = FIDO_OK;
719
543
fail:
720
543
        if (array != NULL)
721
240
                cbor_decref(&array);
722
723
543
        return r;
724
3
}
725
726
int
727
fido_dev_largeblob_get(fido_dev_t *dev, const unsigned char *key_ptr,
728
    size_t key_len, unsigned char **blob_ptr, size_t *blob_len)
729
365
{
730
365
        cbor_item_t *item = NULL;
731
365
        fido_blob_t key, body;
732
365
        int ms = dev->timeout_ms;
733
365
        int r;
734
735
365
        memset(&key, 0, sizeof(key));
736
365
        memset(&body, 0, sizeof(body));
737
738
365
        if (key_len != 32) {
739
123
                fido_log_debug("%s: invalid key len %zu", __func__, key_len);
740
123
                return FIDO_ERR_INVALID_ARGUMENT;
741
123
        }
742
242
        if (blob_ptr == NULL || blob_len == NULL) {
743
0
                fido_log_debug("%s: invalid blob_ptr=%p, blob_len=%p", __func__,
744
0
                    (const void *)blob_ptr, (const void *)blob_len);
745
0
                return FIDO_ERR_INVALID_ARGUMENT;
746
0
        }
747
242
        *blob_ptr = NULL;
748
242
        *blob_len = 0;
749
242
        if (fido_blob_set(&key, key_ptr, key_len) < 0) {
750
2
                fido_log_debug("%s: fido_blob_set", __func__);
751
2
                return FIDO_ERR_INTERNAL;
752
2
        }
753
240
        if ((r = largeblob_get_array(dev, &item, &ms)) != FIDO_OK) {
754
212
                fido_log_debug("%s: largeblob_get_array", __func__);
755
212
                goto fail;
756
212
        }
757
28
        if ((r = largeblob_array_lookup(&body, NULL, item, &key)) != FIDO_OK)
758
22
                fido_log_debug("%s: largeblob_array_lookup", __func__);
759
6
        else {
760
6
                *blob_ptr = body.ptr;
761
6
                *blob_len = body.len;
762
6
        }
763
240
fail:
764
240
        if (item != NULL)
765
28
                cbor_decref(&item);
766
767
240
        fido_blob_reset(&key);
768
769
240
        return r;
770
28
}
771
772
int
773
fido_dev_largeblob_set(fido_dev_t *dev, const unsigned char *key_ptr,
774
    size_t key_len, const unsigned char *blob_ptr, size_t blob_len,
775
    const char *pin)
776
1.62k
{
777
1.62k
        cbor_item_t *item = NULL;
778
1.62k
        fido_blob_t key, body;
779
1.62k
        int ms = dev->timeout_ms;
780
1.62k
        int r;
781
782
1.62k
        memset(&key, 0, sizeof(key));
783
1.62k
        memset(&body, 0, sizeof(body));
784
785
1.62k
        if (key_len != 32) {
786
988
                fido_log_debug("%s: invalid key len %zu", __func__, key_len);
787
988
                return FIDO_ERR_INVALID_ARGUMENT;
788
988
        }
789
641
        if (blob_ptr == NULL || blob_len == 0) {
790
2
                fido_log_debug("%s: invalid blob_ptr=%p, blob_len=%zu", __func__,
791
2
                    (const void *)blob_ptr, blob_len);
792
2
                return FIDO_ERR_INVALID_ARGUMENT;
793
2
        }
794
639
        if (fido_blob_set(&key, key_ptr, key_len) < 0 ||
795
639
            fido_blob_set(&body, blob_ptr, blob_len) < 0) {
796
3
                fido_log_debug("%s: fido_blob_set", __func__);
797
3
                r = FIDO_ERR_INTERNAL;
798
3
                goto fail;
799
3
        }
800
636
        if ((item = largeblob_encode(&body, &key)) == NULL) {
801
173
                fido_log_debug("%s: largeblob_encode", __func__);
802
173
                r = FIDO_ERR_INTERNAL;
803
173
                goto fail;
804
173
        }
805
463
        if ((r = largeblob_add(dev, &key, item, pin, &ms)) != FIDO_OK)
806
461
                fido_log_debug("%s: largeblob_add", __func__);
807
639
fail:
808
639
        if (item != NULL)
809
463
                cbor_decref(&item);
810
811
639
        fido_blob_reset(&key);
812
639
        fido_blob_reset(&body);
813
814
639
        return r;
815
463
}
816
817
int
818
fido_dev_largeblob_remove(fido_dev_t *dev, const unsigned char *key_ptr,
819
    size_t key_len, const char *pin)
820
1.54k
{
821
1.54k
        fido_blob_t key;
822
1.54k
        int ms = dev->timeout_ms;
823
1.54k
        int r;
824
825
1.54k
        memset(&key, 0, sizeof(key));
826
827
1.54k
        if (key_len != 32) {
828
998
                fido_log_debug("%s: invalid key len %zu", __func__, key_len);
829
998
                return FIDO_ERR_INVALID_ARGUMENT;
830
998
        }
831
546
        if (fido_blob_set(&key, key_ptr, key_len) < 0) {
832
3
                fido_log_debug("%s: fido_blob_set", __func__);
833
3
                return FIDO_ERR_INTERNAL;
834
3
        }
835
543
        if ((r = largeblob_drop(dev, &key, pin, &ms)) != FIDO_OK)
836
540
                fido_log_debug("%s: largeblob_drop", __func__);
837
838
543
        fido_blob_reset(&key);
839
840
543
        return r;
841
546
}
842
843
int
844
fido_dev_largeblob_get_array(fido_dev_t *dev, unsigned char **cbor_ptr,
845
    size_t *cbor_len)
846
357
{
847
357
        cbor_item_t *item = NULL;
848
357
        fido_blob_t cbor;
849
357
        int ms = dev->timeout_ms;
850
357
        int r;
851
852
357
        memset(&cbor, 0, sizeof(cbor));
853
854
357
        if (cbor_ptr == NULL || cbor_len == NULL) {
855
0
                fido_log_debug("%s: invalid cbor_ptr=%p, cbor_len=%p", __func__,
856
0
                    (const void *)cbor_ptr, (const void *)cbor_len);
857
0
                return FIDO_ERR_INVALID_ARGUMENT;
858
0
        }
859
357
        *cbor_ptr = NULL;
860
357
        *cbor_len = 0;
861
357
        if ((r = largeblob_get_array(dev, &item, &ms)) != FIDO_OK) {
862
339
                fido_log_debug("%s: largeblob_get_array", __func__);
863
339
                return r;
864
339
        }
865
18
        if (fido_blob_serialise(&cbor, item) < 0) {
866
2
                fido_log_debug("%s: fido_blob_serialise", __func__);
867
2
                r = FIDO_ERR_INTERNAL;
868
16
        } else {
869
16
                *cbor_ptr = cbor.ptr;
870
16
                *cbor_len = cbor.len;
871
16
        }
872
873
18
        cbor_decref(&item);
874
875
18
        return r;
876
357
}
877
878
int
879
fido_dev_largeblob_set_array(fido_dev_t *dev, const unsigned char *cbor_ptr,
880
    size_t cbor_len, const char *pin)
881
1.59k
{
882
1.59k
        cbor_item_t *item = NULL;
883
1.59k
        struct cbor_load_result cbor_result;
884
1.59k
        int ms = dev->timeout_ms;
885
1.59k
        int r;
886
887
1.59k
        if (cbor_ptr == NULL || cbor_len == 0) {
888
2
                fido_log_debug("%s: invalid cbor_ptr=%p, cbor_len=%zu", __func__,
889
2
                    (const void *)cbor_ptr, cbor_len);
890
2
                return FIDO_ERR_INVALID_ARGUMENT;
891
2
        }
892
1.58k
        if ((item = cbor_load(cbor_ptr, cbor_len, &cbor_result)) == NULL) {
893
822
                fido_log_debug("%s: cbor_load", __func__);
894
822
                return FIDO_ERR_INVALID_ARGUMENT;
895
822
        }
896
767
        if ((r = largeblob_set_array(dev, item, pin, &ms)) != FIDO_OK)
897
764
                fido_log_debug("%s: largeblob_set_array", __func__);
898
899
767
        cbor_decref(&item);
900
901
767
        return r;
902
1.58k
}