michaelkuc6/U2FDevice
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix #6. Fix relying party verification.

Browse Source 
Fix to throw error when relying party uses the wrong application
parameter when requesting a signature.
This commit is contained in:
Michael Kuc
2019-09-11 15:46:23 +01:00
parent c8061d373f
commit ed1add2c60
1 changed files with 12 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
U2F_Authenticate_APDU.cpp
View File

@@ -66,22 +66,14 @@ void U2F_Authenticate_APDU::respond(const uint32_t channelID) const {
auto appMatches = (Storage::appParams.at(keyHB) == appParam); auto appMatches = (Storage::appParams.at(keyHB) == appParam);
U2FMessage msg{}; if (!appMatches) {
msg.cid = channelID; this->error(channelID, APDU_STATUS::SW_WRONG_DATA);
msg.cmd = U2FHID_MSG; return;
}
auto& response = msg.data;
APDU_STATUS statusCode = APDU_STATUS::SW_NO_ERROR;
switch (p1) { switch (p1) {
case ControlCode::CheckOnly: case ControlCode::CheckOnly:
if (appMatches) this->error(channelID, APDU_STATUS::SW_CONDITIONS_NOT_SATISFIED);
statusCode = APDU_STATUS::SW_CONDITIONS_NOT_SATISFIED;
else
statusCode = APDU_STATUS::SW_WRONG_DATA;
response.insert(response.end(), FIELD_BE(statusCode));
msg.write();
return; return;
case ControlCode::EnforcePresenceSign: case ControlCode::EnforcePresenceSign:
// Continue processing // Continue processing
@@ -95,6 +87,13 @@ void U2F_Authenticate_APDU::respond(const uint32_t channelID) const {
return; return;
} }
U2FMessage msg{};
msg.cid = channelID;
msg.cmd = U2FHID_MSG;
auto& response = msg.data;
APDU_STATUS statusCode = APDU_STATUS::SW_NO_ERROR;
const auto& privKey = Storage::privKeys[keyHB]; const auto& privKey = Storage::privKeys[keyHB];
auto& keyCount = Storage::keyCounts[keyHB]; auto& keyCount = Storage::keyCounts[keyHB];
keyCount++; keyCount++;