arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-02-17 01:52:02 +00:00
Code Issues Releases Wiki Activity

apps.fido_u2f: use exact sizes in response descriptor

Browse Source
This commit is contained in:
Jan Pochyla 2017-05-29 17:50:13 +02:00
parent 89e18c4d52
commit ce915749de
1 changed files with 13 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
src/apps/fido_u2f/__init__.py
View File

@ -119,22 +119,25 @@ def resp_cmd_init() -> dict:
} }
def resp_cmd_register() -> dict: def resp_cmd_register(khlen: int, certlen: int, siglen: int) -> dict:
cert_ofs = 67 + khlen
sig_ofs = cert_ofs + certlen
status_ofs = sig_ofs + siglen
# uint8_t registerId; // Registration identifier (U2F_REGISTER_ID) # uint8_t registerId; // Registration identifier (U2F_REGISTER_ID)
# uint8_t pubKey[65]; // Generated public key # uint8_t pubKey[65]; // Generated public key
# uint8_t keyHandleLen; // Length of key handle # uint8_t keyHandleLen; // Length of key handle
# uint8_t keyHandle[128]; // Key handle # uint8_t keyHandle[128]; // Key handle
# uint8_t cert[1024]; // Attestation certificate # uint8_t cert[1024]; // Attestation certificate
# uint8_t sig[72]; // Registration signature # uint8_t sig[siglen]; // Registration signature
# uint16_t status; # uint16_t status;
return { return {
'registerId': 0 | uctypes.UINT8, 'registerId': 0 | uctypes.UINT8,
'pubKey': (1 | uctypes.ARRAY, 65 | uctypes.UINT8), 'pubKey': (1 | uctypes.ARRAY, 65 | uctypes.UINT8),
'keyHandleLen': 66 | uctypes.UINT8, 'keyHandleLen': 66 | uctypes.UINT8,
'keyHandle': (67 | uctypes.ARRAY, 128 | uctypes.UINT8), 'keyHandle': (67 | uctypes.ARRAY, khlen | uctypes.UINT8),
'cert': (195 | uctypes.ARRAY, 1024 | uctypes.UINT8), 'cert': (cert_ofs | uctypes.ARRAY, certlen | uctypes.UINT8),
'sig': (1219 | uctypes.ARRAY, 72 | uctypes.UINT8), 'sig': (sig_ofs | uctypes.ARRAY, siglen | uctypes.UINT8),
'status': 1291 | uctypes.UINT16, 'status': status_ofs | uctypes.UINT16,
} }
@ -402,7 +405,7 @@ def msg_register_sign(challenge: bytes, app_id: bytes, cert: bytes) -> bytes:
sig = der.encode_seq((sig[1:33], sig[33:])) sig = der.encode_seq((sig[1:33], sig[33:]))
# pack to a response # pack to a response
buf, resp = make_struct(resp_cmd_register()) buf, resp = make_struct(resp_cmd_register(len(keybuf) + len(keybase), len(cert), len(sig)))
resp.registerId = _U2F_REGISTER_ID resp.registerId = _U2F_REGISTER_ID
resp.status = _SW_NO_ERROR resp.status = _SW_NO_ERROR
resp.keyHandleLen = len(keybuf) + len(keybase) resp.keyHandleLen = len(keybuf) + len(keybase)