shaba/systemd-stable
1
1
Fork 0
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-10 01:17:44 +03:00
Code

libfido2-util: Commonize FIDO2 basic property settings

Browse Source 
These properties are repeatedly set across multiple functions.
This commit is contained in:
MkfsSion 2022-10-29 14:14:22 -04:00 committed by Peter Cai
parent 7f77b40011
commit 098f72ceee
1 changed files with 36 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
src/shared/libfido2-util.c
View File

@ -194,6 +194,36 @@ static int verify_features(
return 0;
}
static int fido2_assert_set_basic_properties(
fido_assert_t *a,
const char *rp_id,
const void *cid,
size_t cid_size) {
int r;
assert(a);
assert(rp_id);
assert(cid);
assert(cid_size > 0);
r = sym_fido_assert_set_rp(a, rp_id);
if (r != FIDO_OK)
return log_error_errno(SYNTHETIC_ERRNO(EIO),
"Failed to set FIDO2 assertion ID: %s", sym_fido_strerr(r));
r = sym_fido_assert_set_clientdata_hash(a, (const unsigned char[32]) {}, 32);
if (r != FIDO_OK)
return log_error_errno(SYNTHETIC_ERRNO(EIO),
"Failed to set FIDO2 assertion client data hash: %s", sym_fido_strerr(r));
r = sym_fido_assert_allow_cred(a, cid, cid_size);
if (r != FIDO_OK)
return log_error_errno(SYNTHETIC_ERRNO(EIO),
"Failed to add FIDO2 assertion credential ID: %s", sym_fido_strerr(r));
return 0;
}
static int fido2_use_hmac_hash_specific_token(
const char *path,
const char *rp_id,
@ -263,20 +293,9 @@ static int fido2_use_hmac_hash_specific_token(
return log_error_errno(SYNTHETIC_ERRNO(EIO),
"Failed to set salt on FIDO2 assertion: %s", sym_fido_strerr(r));
r = sym_fido_assert_set_rp(a, rp_id);
if (r != FIDO_OK)
return log_error_errno(SYNTHETIC_ERRNO(EIO),
"Failed to set FIDO2 assertion ID: %s", sym_fido_strerr(r));
r = sym_fido_assert_set_clientdata_hash(a, (const unsigned char[32]) {}, 32);
if (r != FIDO_OK)
return log_error_errno(SYNTHETIC_ERRNO(EIO),
"Failed to set FIDO2 assertion client data hash: %s", sym_fido_strerr(r));
r = sym_fido_assert_allow_cred(a, cid, cid_size);
if (r != FIDO_OK)
return log_error_errno(SYNTHETIC_ERRNO(EIO),
"Failed to add FIDO2 assertion credential ID: %s", sym_fido_strerr(r));
r = fido2_assert_set_basic_properties(a, rp_id, cid, cid_size);
if (r < 0)
return r;
log_info("Asking FIDO2 token for authentication.");
@ -762,20 +781,9 @@ int fido2_generate_hmac_hash(
return log_error_errno(SYNTHETIC_ERRNO(EIO),
"Failed to set salt on FIDO2 assertion: %s", sym_fido_strerr(r));
r = sym_fido_assert_set_rp(a, rp_id);
if (r != FIDO_OK)
return log_error_errno(SYNTHETIC_ERRNO(EIO),
"Failed to set FIDO2 assertion ID: %s", sym_fido_strerr(r));
r = sym_fido_assert_set_clientdata_hash(a, (const unsigned char[32]) {}, 32);
if (r != FIDO_OK)
return log_error_errno(SYNTHETIC_ERRNO(EIO),
"Failed to set FIDO2 assertion client data hash: %s", sym_fido_strerr(r));
r = sym_fido_assert_allow_cred(a, cid, cid_size);
if (r != FIDO_OK)
return log_error_errno(SYNTHETIC_ERRNO(EIO),
"Failed to add FIDO2 assertion credential ID: %s", sym_fido_strerr(r));
r = fido2_assert_set_basic_properties(a, rp_id, cid, cid_size);
if (r < 0)
return r;
log_info("Generating secret key on FIDO2 security token.");