Coverage Report

Created: 2024-06-03 09:43

/libfido2/src/largeblob.c
Line
Count
Source (jump to first uncovered line)
1
/*
2
 * Copyright (c) 2020-2022 Yubico AB. All rights reserved.
3
 * Use of this source code is governed by a BSD-style
4
 * license that can be found in the LICENSE file.
5
 * SPDX-License-Identifier: BSD-2-Clause
6
 */
7
8
#include <openssl/sha.h>
9
10
#include "fido.h"
11
#include "fido/es256.h"
12
13
2.04k
#define LARGEBLOB_DIGEST_LENGTH 16
14
819
#define LARGEBLOB_NONCE_LENGTH  12
15
827
#define LARGEBLOB_TAG_LENGTH    16
16
17
typedef struct largeblob {
18
        size_t origsiz;
19
        fido_blob_t ciphertext;
20
        fido_blob_t nonce;
21
} largeblob_t;
22
23
static largeblob_t *
24
largeblob_new(void)
25
1.63k
{
26
1.63k
        return calloc(1, sizeof(largeblob_t));
27
1.63k
}
28
29
static void
30
largeblob_reset(largeblob_t *blob)
31
2.46k
{
32
2.46k
        fido_blob_reset(&blob->ciphertext);
33
2.46k
        fido_blob_reset(&blob->nonce);
34
2.46k
        blob->origsiz = 0;
35
2.46k
}
36
37
static void
38
largeblob_free(largeblob_t **blob_ptr)
39
1.63k
{
40
1.63k
        largeblob_t *blob;
41
42
1.63k
        if (blob_ptr == NULL || (blob = *blob_ptr) == NULL)
43
6
                return;
44
1.62k
        largeblob_reset(blob);
45
1.62k
        free(blob);
46
1.62k
        *blob_ptr = NULL;
47
1.62k
}
48
49
static int
50
largeblob_aad(fido_blob_t *aad, uint64_t size)
51
2.42k
{
52
2.42k
        uint8_t buf[4 + sizeof(uint64_t)];
53
54
2.42k
        buf[0] = 0x62; /* b */
55
2.42k
        buf[1] = 0x6c; /* l */
56
2.42k
        buf[2] = 0x6f; /* o */
57
2.42k
        buf[3] = 0x62; /* b */
58
2.42k
        size = htole64(size);
59
2.42k
        memcpy(&buf[4], &size, sizeof(uint64_t));
60
61
2.42k
        return fido_blob_set(aad, buf, sizeof(buf));
62
2.42k
}
63
64
static fido_blob_t *
65
largeblob_decrypt(const largeblob_t *blob, const fido_blob_t *key)
66
819
{
67
819
        fido_blob_t *plaintext = NULL, *aad = NULL;
68
819
        int ok = -1;
69
70
819
        if ((plaintext = fido_blob_new()) == NULL ||
71
819
            (aad = fido_blob_new()) == NULL) {
72
16
                fido_log_debug("%s: fido_blob_new", __func__);
73
16
                goto fail;
74
16
        }
75
803
        if (largeblob_aad(aad, blob->origsiz) < 0) {
76
11
                fido_log_debug("%s: largeblob_aad", __func__);
77
11
                goto fail;
78
11
        }
79
792
        if (aes256_gcm_dec(key, &blob->nonce, aad, &blob->ciphertext,
80
792
            plaintext) < 0) {
81
344
                fido_log_debug("%s: aes256_gcm_dec", __func__);
82
344
                goto fail;
83
344
        }
84
85
448
        ok = 0;
86
819
fail:
87
819
        fido_blob_free(&aad);
88
89
819
        if (ok < 0)
90
371
                fido_blob_free(&plaintext);
91
92
819
        return plaintext;
93
448
}
94
95
static int
96
largeblob_get_nonce(largeblob_t *blob)
97
1.61k
{
98
1.61k
        uint8_t buf[LARGEBLOB_NONCE_LENGTH];
99
1.61k
        int ok = -1;
100
101
1.61k
        if (fido_get_random(buf, sizeof(buf)) < 0) {
102
7
                fido_log_debug("%s: fido_get_random", __func__);
103
7
                goto fail;
104
7
        }
105
1.61k
        if (fido_blob_set(&blob->nonce, buf, sizeof(buf)) < 0) {
106
3
                fido_log_debug("%s: fido_blob_set", __func__);
107
3
                goto fail;
108
3
        }
109
110
1.60k
        ok = 0;
111
1.61k
fail:
112
1.61k
        explicit_bzero(buf, sizeof(buf));
113
114
1.61k
        return ok;
115
1.60k
}
116
117
static int
118
largeblob_seal(largeblob_t *blob, const fido_blob_t *body,
119
    const fido_blob_t *key)
120
1.62k
{
121
1.62k
        fido_blob_t *plaintext = NULL, *aad = NULL;
122
1.62k
        int ok = -1;
123
124
1.62k
        if ((plaintext = fido_blob_new()) == NULL ||
125
1.62k
            (aad = fido_blob_new()) == NULL) {
126
3
                fido_log_debug("%s: fido_blob_new", __func__);
127
3
                goto fail;
128
3
        }
129
1.62k
        if (fido_compress(plaintext, body) != FIDO_OK) {
130
5
                fido_log_debug("%s: fido_compress", __func__);
131
5
                goto fail;
132
5
        }
133
1.62k
        if (largeblob_aad(aad, body->len) < 0) {
134
2
                fido_log_debug("%s: largeblob_aad", __func__);
135
2
                goto fail;
136
2
        }
137
1.61k
        if (largeblob_get_nonce(blob) < 0) {
138
10
                fido_log_debug("%s: largeblob_get_nonce", __func__);
139
10
                goto fail;
140
10
        }
141
1.60k
        if (aes256_gcm_enc(key, &blob->nonce, aad, plaintext,
142
1.60k
            &blob->ciphertext) < 0) {
143
363
                fido_log_debug("%s: aes256_gcm_enc", __func__);
144
363
                goto fail;
145
363
        }
146
1.24k
        blob->origsiz = body->len;
147
148
1.24k
        ok = 0;
149
1.62k
fail:
150
1.62k
        fido_blob_free(&plaintext);
151
1.62k
        fido_blob_free(&aad);
152
153
1.62k
        return ok;
154
1.24k
}
155
156
static int
157
largeblob_get_tx(fido_dev_t *dev, size_t offset, size_t count, int *ms)
158
1.25k
{
159
1.25k
        fido_blob_t f;
160
1.25k
        cbor_item_t *argv[3];
161
1.25k
        int r;
162
163
1.25k
        memset(argv, 0, sizeof(argv));
164
1.25k
        memset(&f, 0, sizeof(f));
165
166
1.25k
        if ((argv[0] = cbor_build_uint(count)) == NULL ||
167
1.25k
            (argv[2] = cbor_build_uint(offset)) == NULL) {
168
10
                fido_log_debug("%s: cbor encode", __func__);
169
10
                r = FIDO_ERR_INTERNAL;
170
10
                goto fail;
171
10
        }
172
1.24k
        if (cbor_build_frame(CTAP_CBOR_LARGEBLOB, argv, nitems(argv), &f) < 0 ||
173
1.24k
            fido_tx(dev, CTAP_CMD_CBOR, f.ptr, f.len, ms) < 0) {
174
27
                fido_log_debug("%s: fido_tx", __func__);
175
27
                r = FIDO_ERR_TX;
176
27
                goto fail;
177
27
        }
178
179
1.22k
        r = FIDO_OK;
180
1.25k
fail:
181
1.25k
        cbor_vector_free(argv, nitems(argv));
182
1.25k
        free(f.ptr);
183
184
1.25k
        return r;
185
1.22k
}
186
187
static int
188
parse_largeblob_reply(const cbor_item_t *key, const cbor_item_t *val,
189
    void *arg)
190
1.18k
{
191
1.18k
        if (cbor_isa_uint(key) == false ||
192
1.18k
            cbor_int_get_width(key) != CBOR_INT_8 ||
193
1.18k
            cbor_get_uint8(key) != 1) {
194
203
                fido_log_debug("%s: cbor type", __func__);
195
203
                return 0; /* ignore */
196
203
        }
197
198
977
        return fido_blob_decode(val, arg);
199
1.18k
}
200
201
static int
202
largeblob_get_rx(fido_dev_t *dev, fido_blob_t **chunk, int *ms)
203
1.22k
{
204
1.22k
        unsigned char *msg;
205
1.22k
        int msglen, r;
206
207
1.22k
        *chunk = NULL;
208
1.22k
        if ((msg = malloc(FIDO_MAXMSG)) == NULL) {
209
4
                r = FIDO_ERR_INTERNAL;
210
4
                goto out;
211
4
        }
212
1.21k
        if ((msglen = fido_rx(dev, CTAP_CMD_CBOR, msg, FIDO_MAXMSG, ms)) < 0) {
213
159
                fido_log_debug("%s: fido_rx", __func__);
214
159
                r = FIDO_ERR_RX;
215
159
                goto out;
216
159
        }
217
1.05k
        if ((*chunk = fido_blob_new()) == NULL) {
218
3
                fido_log_debug("%s: fido_blob_new", __func__);
219
3
                r = FIDO_ERR_INTERNAL;
220
3
                goto out;
221
3
        }
222
1.05k
        if ((r = cbor_parse_reply(msg, (size_t)msglen, *chunk,
223
1.05k
            parse_largeblob_reply)) != FIDO_OK) {
224
69
                fido_log_debug("%s: parse_largeblob_reply", __func__);
225
69
                goto out;
226
69
        }
227
228
987
        r = FIDO_OK;
229
1.22k
out:
230
1.22k
        if (r != FIDO_OK)
231
235
                fido_blob_free(chunk);
232
233
1.22k
        freezero(msg, FIDO_MAXMSG);
234
235
1.22k
        return r;
236
987
}
237
238
static cbor_item_t *
239
largeblob_array_load(const uint8_t *ptr, size_t len)
240
565
{
241
565
        struct cbor_load_result cbor;
242
565
        cbor_item_t *item;
243
244
565
        if (len < LARGEBLOB_DIGEST_LENGTH) {
245
0
                fido_log_debug("%s: len", __func__);
246
0
                return NULL;
247
0
        }
248
565
        len -= LARGEBLOB_DIGEST_LENGTH;
249
565
        if ((item = cbor_load(ptr, len, &cbor)) == NULL) {
250
3
                fido_log_debug("%s: cbor_load", __func__);
251
3
                return NULL;
252
3
        }
253
562
        if (!cbor_isa_array(item) || !cbor_array_is_definite(item)) {
254
0
                fido_log_debug("%s: cbor type", __func__);
255
0
                cbor_decref(&item);
256
0
                return NULL;
257
0
        }
258
259
562
        return item;
260
562
}
261
262
static size_t
263
get_chunklen(fido_dev_t *dev)
264
5.44k
{
265
5.44k
        uint64_t maxchunklen;
266
267
5.44k
        if ((maxchunklen = fido_dev_maxmsgsize(dev)) > SIZE_MAX)
268
0
                maxchunklen = SIZE_MAX;
269
5.44k
        if (maxchunklen > FIDO_MAXMSG)
270
1.00k
                maxchunklen = FIDO_MAXMSG;
271
5.44k
        maxchunklen = maxchunklen > 64 ? maxchunklen - 64 : 0;
272
273
5.44k
        return (size_t)maxchunklen;
274
5.44k
}
275
276
static int
277
largeblob_do_decode(const cbor_item_t *key, const cbor_item_t *val, void *arg)
278
2.48k
{
279
2.48k
        largeblob_t *blob = arg;
280
2.48k
        uint64_t origsiz;
281
282
2.48k
        if (cbor_isa_uint(key) == false ||
283
2.48k
            cbor_int_get_width(key) != CBOR_INT_8) {
284
0
                fido_log_debug("%s: cbor type", __func__);
285
0
                return 0; /* ignore */
286
0
        }
287
288
2.48k
        switch (cbor_get_uint8(key)) {
289
836
        case 1: /* ciphertext */
290
836
                if (fido_blob_decode(val, &blob->ciphertext) < 0 ||
291
836
                    blob->ciphertext.len < LARGEBLOB_TAG_LENGTH)
292
9
                        return -1;
293
827
                return 0;
294
827
        case 2: /* nonce */
295
827
                if (fido_blob_decode(val, &blob->nonce) < 0 ||
296
827
                    blob->nonce.len != LARGEBLOB_NONCE_LENGTH)
297
8
                        return -1;
298
819
                return 0;
299
819
        case 3: /* origSize */
300
819
                if (!cbor_isa_uint(val) ||
301
819
                    (origsiz = cbor_get_int(val)) > SIZE_MAX)
302
0
                        return -1;
303
819
                blob->origsiz = (size_t)origsiz;
304
819
                return 0;
305
0
        default: /* ignore */
306
0
                fido_log_debug("%s: cbor type", __func__);
307
0
                return 0;
308
2.48k
        }
309
2.48k
}
310
311
static int
312
largeblob_decode(largeblob_t *blob, const cbor_item_t *item)
313
839
{
314
839
        if (!cbor_isa_map(item) || !cbor_map_is_definite(item)) {
315
0
                fido_log_debug("%s: cbor type", __func__);
316
0
                return -1;
317
0
        }
318
839
        if (cbor_map_iter(item, blob, largeblob_do_decode) < 0) {
319
20
                fido_log_debug("%s: cbor_map_iter", __func__);
320
20
                return -1;
321
20
        }
322
819
        if (fido_blob_is_empty(&blob->ciphertext) ||
323
819
            fido_blob_is_empty(&blob->nonce) || blob->origsiz == 0) {
324
0
                fido_log_debug("%s: incomplete blob", __func__);
325
0
                return -1;
326
0
        }
327
328
819
        return 0;
329
819
}
330
331
static cbor_item_t *
332
largeblob_encode(const fido_blob_t *body, const fido_blob_t *key)
333
1.63k
{
334
1.63k
        largeblob_t *blob;
335
1.63k
        cbor_item_t *argv[3], *item = NULL;
336
337
1.63k
        memset(argv, 0, sizeof(argv));
338
1.63k
        if ((blob = largeblob_new()) == NULL ||
339
1.63k
            largeblob_seal(blob, body, key) < 0) {
340
389
                fido_log_debug("%s: largeblob_seal", __func__);
341
389
                goto fail;
342
389
        }
343
1.24k
        if ((argv[0] = fido_blob_encode(&blob->ciphertext)) == NULL ||
344
1.24k
            (argv[1] = fido_blob_encode(&blob->nonce)) == NULL ||
345
1.24k
            (argv[2] = cbor_build_uint(blob->origsiz)) == NULL) {
346
6
                fido_log_debug("%s: cbor encode", __func__);
347
6
                goto fail;
348
6
        }
349
1.23k
        item = cbor_flatten_vector(argv, nitems(argv));
350
1.63k
fail:
351
1.63k
        cbor_vector_free(argv, nitems(argv));
352
1.63k
        largeblob_free(&blob);
353
354
1.63k
        return item;
355
1.23k
}
356
357
static int
358
largeblob_array_lookup(fido_blob_t *out, size_t *idx, const cbor_item_t *item,
359
    const fido_blob_t *key)
360
910
{
361
910
        cbor_item_t **v;
362
910
        fido_blob_t *plaintext = NULL;
363
910
        largeblob_t blob;
364
910
        int r;
365
366
910
        memset(&blob, 0, sizeof(blob));
367
910
        if (idx != NULL)
368
883
                *idx = 0;
369
910
        if ((v = cbor_array_handle(item)) == NULL)
370
4
                return FIDO_ERR_INVALID_ARGUMENT;
371
1.29k
        for (size_t i = 0; i < cbor_array_size(item); i++) {
372
839
                if (largeblob_decode(&blob, v[i]) < 0 ||
373
839
                    (plaintext = largeblob_decrypt(&blob, key)) == NULL) {
374
391
                        fido_log_debug("%s: largeblob_decode", __func__);
375
391
                        largeblob_reset(&blob);
376
391
                        continue;
377
391
                }
378
448
                if (idx != NULL)
379
438
                        *idx = i;
380
448
                break;
381
839
        }
382
906
        if (plaintext == NULL) {
383
458
                fido_log_debug("%s: not found", __func__);
384
458
                return FIDO_ERR_NOTFOUND;
385
458
        }
386
448
        if (out != NULL)
387
10
                r = fido_uncompress(out, plaintext, blob.origsiz);
388
438
        else
389
438
                r = FIDO_OK;
390
391
448
        fido_blob_free(&plaintext);
392
448
        largeblob_reset(&blob);
393
394
448
        return r;
395
906
}
396
397
static int
398
largeblob_array_digest(u_char out[LARGEBLOB_DIGEST_LENGTH], const u_char *data,
399
    size_t len)
400
923
{
401
923
        u_char dgst[SHA256_DIGEST_LENGTH];
402
403
923
        if (data == NULL || len == 0)
404
3
                return -1;
405
920
        if (SHA256(data, len, dgst) != dgst)
406
5
                return -1;
407
915
        memcpy(out, dgst, LARGEBLOB_DIGEST_LENGTH);
408
409
915
        return 0;
410
920
}
411
412
static int
413
largeblob_array_check(const fido_blob_t *array)
414
931
{
415
931
        u_char expected_hash[LARGEBLOB_DIGEST_LENGTH];
416
931
        size_t body_len;
417
418
931
        fido_log_xxd(array->ptr, array->len, __func__);
419
931
        if (array->len < sizeof(expected_hash)) {
420
8
                fido_log_debug("%s: len %zu", __func__, array->len);
421
8
                return -1;
422
8
        }
423
923
        body_len = array->len - sizeof(expected_hash);
424
923
        if (largeblob_array_digest(expected_hash, array->ptr, body_len) < 0) {
425
8
                fido_log_debug("%s: largeblob_array_digest", __func__);
426
8
                return -1;
427
8
        }
428
429
915
        return timingsafe_bcmp(expected_hash, array->ptr + body_len,
430
915
            sizeof(expected_hash));
431
923
}
432
433
static int
434
largeblob_get_array(fido_dev_t *dev, cbor_item_t **item, int *ms)
435
3.01k
{
436
3.01k
        fido_blob_t *array, *chunk = NULL;
437
3.01k
        size_t n;
438
3.01k
        int r;
439
440
3.01k
        *item = NULL;
441
3.01k
        if ((n = get_chunklen(dev)) == 0)
442
1.78k
                return FIDO_ERR_INVALID_ARGUMENT;
443
1.22k
        if ((array = fido_blob_new()) == NULL)
444
3
                return FIDO_ERR_INTERNAL;
445
1.25k
        do {
446
1.25k
                fido_blob_free(&chunk);
447
1.25k
                if ((r = largeblob_get_tx(dev, array->len, n, ms)) != FIDO_OK ||
448
1.25k
                    (r = largeblob_get_rx(dev, &chunk, ms)) != FIDO_OK) {
449
272
                        fido_log_debug("%s: largeblob_get_wait %zu/%zu",
450
272
                            __func__, array->len, n);
451
272
                        goto fail;
452
272
                }
453
987
                if (fido_blob_append(array, chunk->ptr, chunk->len) < 0) {
454
23
                        fido_log_debug("%s: fido_blob_append", __func__);
455
23
                        r = FIDO_ERR_INTERNAL;
456
23
                        goto fail;
457
23
                }
458
987
        } while (chunk->len == n);
459
460
931
        if (largeblob_array_check(array) != 0)
461
366
                *item = cbor_new_definite_array(0); /* per spec */
462
565
        else
463
565
                *item = largeblob_array_load(array->ptr, array->len);
464
931
        if (*item == NULL)
465
6
                r = FIDO_ERR_INTERNAL;
466
925
        else
467
925
                r = FIDO_OK;
468
1.22k
fail:
469
1.22k
        fido_blob_free(&array);
470
1.22k
        fido_blob_free(&chunk);
471
472
1.22k
        return r;
473
931
}
474
475
static int
476
prepare_hmac(size_t offset, const u_char *data, size_t len, fido_blob_t *hmac)
477
82
{
478
82
        uint8_t buf[32 + 2 + sizeof(uint32_t) + SHA256_DIGEST_LENGTH];
479
82
        uint32_t u32_offset;
480
481
82
        if (data == NULL || len == 0) {
482
0
                fido_log_debug("%s: invalid data=%p, len=%zu", __func__,
483
0
                    (const void *)data, len);
484
0
                return -1;
485
0
        }
486
82
        if (offset > UINT32_MAX) {
487
0
                fido_log_debug("%s: invalid offset=%zu", __func__, offset);
488
0
                return -1;
489
0
        }
490
491
82
        memset(buf, 0xff, 32);
492
82
        buf[32] = CTAP_CBOR_LARGEBLOB;
493
82
        buf[33] = 0x00;
494
82
        u32_offset = htole32((uint32_t)offset);
495
82
        memcpy(&buf[34], &u32_offset, sizeof(uint32_t));
496
82
        if (SHA256(data, len, &buf[38]) != &buf[38]) {
497
2
                fido_log_debug("%s: SHA256", __func__);
498
2
                return -1;
499
2
        }
500
501
80
        return fido_blob_set(hmac, buf, sizeof(buf));
502
82
}
503
504
static int
505
largeblob_set_tx(fido_dev_t *dev, const fido_blob_t *token, const u_char *chunk,
506
    size_t chunk_len, size_t offset, size_t totalsiz, int *ms)
507
827
{
508
827
        fido_blob_t *hmac = NULL, f;
509
827
        cbor_item_t *argv[6];
510
827
        int r;
511
512
827
        memset(argv, 0, sizeof(argv));
513
827
        memset(&f, 0, sizeof(f));
514
515
827
        if ((argv[1] = cbor_build_bytestring(chunk, chunk_len)) == NULL ||
516
827
            (argv[2] = cbor_build_uint(offset)) == NULL ||
517
827
            (offset == 0 && (argv[3] = cbor_build_uint(totalsiz)) == NULL)) {
518
14
                fido_log_debug("%s: cbor encode", __func__);
519
14
                r = FIDO_ERR_INTERNAL;
520
14
                goto fail;
521
14
        }
522
813
        if (token != NULL) {
523
84
                if ((hmac = fido_blob_new()) == NULL ||
524
84
                    prepare_hmac(offset, chunk, chunk_len, hmac) < 0 ||
525
84
                    (argv[4] = cbor_encode_pin_auth(dev, token, hmac)) == NULL ||
526
84
                    (argv[5] = cbor_encode_pin_opt(dev)) == NULL) {
527
10
                        fido_log_debug("%s: cbor_encode_pin_auth", __func__);
528
10
                        r = FIDO_ERR_INTERNAL;
529
10
                        goto fail;
530
10
                }
531
84
        }
532
803
        if (cbor_build_frame(CTAP_CBOR_LARGEBLOB, argv, nitems(argv), &f) < 0 ||
533
803
            fido_tx(dev, CTAP_CMD_CBOR, f.ptr, f.len, ms) < 0) {
534
66
                fido_log_debug("%s: fido_tx", __func__);
535
66
                r = FIDO_ERR_TX;
536
66
                goto fail;
537
66
        }
538
539
737
        r = FIDO_OK;
540
827
fail:
541
827
        cbor_vector_free(argv, nitems(argv));
542
827
        fido_blob_free(&hmac);
543
827
        free(f.ptr);
544
545
827
        return r;
546
737
}
547
548
static int
549
largeblob_get_uv_token(fido_dev_t *dev, const char *pin, fido_blob_t **token,
550
    int *ms)
551
1.08k
{
552
1.08k
        es256_pk_t *pk = NULL;
553
1.08k
        fido_blob_t *ecdh = NULL;
554
1.08k
        int r;
555
556
1.08k
        if ((*token = fido_blob_new()) == NULL)
557
5
                return FIDO_ERR_INTERNAL;
558
1.07k
        if ((r = fido_do_ecdh(dev, &pk, &ecdh, ms)) != FIDO_OK) {
559
815
                fido_log_debug("%s: fido_do_ecdh", __func__);
560
815
                goto fail;
561
815
        }
562
263
        if ((r = fido_dev_get_uv_token(dev, CTAP_CBOR_LARGEBLOB, pin, ecdh, pk,
563
263
            NULL, *token, ms)) != FIDO_OK) {
564
205
                fido_log_debug("%s: fido_dev_get_uv_token", __func__);
565
205
                goto fail;
566
205
        }
567
568
58
        r = FIDO_OK;
569
1.07k
fail:
570
1.07k
        if (r != FIDO_OK)
571
1.02k
                fido_blob_free(token);
572
573
1.07k
        fido_blob_free(&ecdh);
574
1.07k
        es256_pk_free(&pk);
575
576
1.07k
        return r;
577
58
}
578
579
static int
580
largeblob_set_array(fido_dev_t *dev, const cbor_item_t *item, const char *pin,
581
    int *ms)
582
2.42k
{
583
2.42k
        unsigned char dgst[SHA256_DIGEST_LENGTH];
584
2.42k
        fido_blob_t cbor, *token = NULL;
585
2.42k
        size_t chunklen, maxchunklen, totalsize;
586
2.42k
        int r;
587
588
2.42k
        memset(&cbor, 0, sizeof(cbor));
589
590
2.42k
        if ((maxchunklen = get_chunklen(dev)) == 0) {
591
714
                fido_log_debug("%s: maxchunklen=%zu", __func__, maxchunklen);
592
714
                r = FIDO_ERR_INVALID_ARGUMENT;
593
714
                goto fail;
594
714
        }
595
1.71k
        if (!cbor_isa_array(item) || !cbor_array_is_definite(item)) {
596
102
                fido_log_debug("%s: cbor type", __func__);
597
102
                r = FIDO_ERR_INVALID_ARGUMENT;
598
102
                goto fail;
599
102
        }
600
1.61k
        if ((fido_blob_serialise(&cbor, item)) < 0) {
601
6
                fido_log_debug("%s: fido_blob_serialise", __func__);
602
6
                r = FIDO_ERR_INTERNAL;
603
6
                goto fail;
604
6
        }
605
1.60k
        if (cbor.len > SIZE_MAX - sizeof(dgst)) {
606
0
                fido_log_debug("%s: cbor.len=%zu", __func__, cbor.len);
607
0
                r = FIDO_ERR_INVALID_ARGUMENT;
608
0
                goto fail;
609
0
        }
610
1.60k
        if (SHA256(cbor.ptr, cbor.len, dgst) != dgst) {
611
5
                fido_log_debug("%s: SHA256", __func__);
612
5
                r = FIDO_ERR_INTERNAL;
613
5
                goto fail;
614
5
        }
615
1.60k
        totalsize = cbor.len + sizeof(dgst) - 16; /* the first 16 bytes only */
616
1.60k
        if (pin != NULL || fido_dev_supports_permissions(dev)) {
617
1.08k
                if ((r = largeblob_get_uv_token(dev, pin, &token,
618
1.08k
                    ms)) != FIDO_OK) {
619
1.02k
                        fido_log_debug("%s: largeblob_get_uv_token", __func__);
620
1.02k
                        goto fail;
621
1.02k
                }
622
1.08k
        }
623
827
        for (size_t offset = 0; offset < cbor.len; offset += chunklen) {
624
752
                if ((chunklen = cbor.len - offset) > maxchunklen)
625
210
                        chunklen = maxchunklen;
626
752
                if ((r = largeblob_set_tx(dev, token, cbor.ptr + offset,
627
752
                    chunklen, offset, totalsize, ms)) != FIDO_OK ||
628
752
                    (r = fido_rx_cbor_status(dev, ms)) != FIDO_OK) {
629
500
                        fido_log_debug("%s: body", __func__);
630
500
                        goto fail;
631
500
                }
632
752
        }
633
75
        if ((r = largeblob_set_tx(dev, token, dgst, sizeof(dgst) - 16, cbor.len,
634
75
            totalsize, ms)) != FIDO_OK ||
635
75
            (r = fido_rx_cbor_status(dev, ms)) != FIDO_OK) {
636
66
                fido_log_debug("%s: dgst", __func__);
637
66
                goto fail;
638
66
        }
639
640
9
        r = FIDO_OK;
641
2.42k
fail:
642
2.42k
        fido_blob_free(&token);
643
2.42k
        fido_blob_reset(&cbor);
644
645
2.42k
        return r;
646
9
}
647
648
static int
649
largeblob_add(fido_dev_t *dev, const fido_blob_t *key, cbor_item_t *item,
650
    const char *pin, int *ms)
651
1.21k
{
652
1.21k
        cbor_item_t *array = NULL;
653
1.21k
        size_t idx;
654
1.21k
        int r;
655
656
1.21k
        if ((r = largeblob_get_array(dev, &array, ms)) != FIDO_OK) {
657
651
                fido_log_debug("%s: largeblob_get_array", __func__);
658
651
                goto fail;
659
651
        }
660
661
566
        switch (r = largeblob_array_lookup(NULL, &idx, array, key)) {
662
180
        case FIDO_OK:
663
180
                if (!cbor_array_replace(array, idx, item)) {
664
0
                        r = FIDO_ERR_INTERNAL;
665
0
                        goto fail;
666
0
                }
667
180
                break;
668
385
        case FIDO_ERR_NOTFOUND:
669
385
                if (cbor_array_append(&array, item) < 0) {
670
8
                        r = FIDO_ERR_INTERNAL;
671
8
                        goto fail;
672
8
                }
673
377
                break;
674
377
        default:
675
1
                fido_log_debug("%s: largeblob_array_lookup", __func__);
676
1
                goto fail;
677
566
        }
678
679
557
        if ((r = largeblob_set_array(dev, array, pin, ms)) != FIDO_OK) {
680
554
                fido_log_debug("%s: largeblob_set_array", __func__);
681
554
                goto fail;
682
554
        }
683
684
3
        r = FIDO_OK;
685
1.21k
fail:
686
1.21k
        if (array != NULL)
687
566
                cbor_decref(&array);
688
689
1.21k
        return r;
690
3
}
691
692
static int
693
largeblob_drop(fido_dev_t *dev, const fido_blob_t *key, const char *pin,
694
    int *ms)
695
817
{
696
817
        cbor_item_t *array = NULL;
697
817
        size_t idx;
698
817
        int r;
699
700
817
        if ((r = largeblob_get_array(dev, &array, ms)) != FIDO_OK) {
701
500
                fido_log_debug("%s: largeblob_get_array", __func__);
702
500
                goto fail;
703
500
        }
704
317
        if ((r = largeblob_array_lookup(NULL, &idx, array, key)) != FIDO_OK) {
705
59
                fido_log_debug("%s: largeblob_array_lookup", __func__);
706
59
                goto fail;
707
59
        }
708
258
        if (cbor_array_drop(&array, idx) < 0) {
709
7
                fido_log_debug("%s: cbor_array_drop", __func__);
710
7
                r = FIDO_ERR_INTERNAL;
711
7
                goto fail;
712
7
        }
713
251
        if ((r = largeblob_set_array(dev, array, pin, ms)) != FIDO_OK) {
714
248
                fido_log_debug("%s: largeblob_set_array", __func__);
715
248
                goto fail;
716
248
        }
717
718
3
        r = FIDO_OK;
719
817
fail:
720
817
        if (array != NULL)
721
317
                cbor_decref(&array);
722
723
817
        return r;
724
3
}
725
726
int
727
fido_dev_largeblob_get(fido_dev_t *dev, const unsigned char *key_ptr,
728
    size_t key_len, unsigned char **blob_ptr, size_t *blob_len)
729
620
{
730
620
        cbor_item_t *item = NULL;
731
620
        fido_blob_t key, body;
732
620
        int ms = dev->timeout_ms;
733
620
        int r;
734
735
620
        memset(&key, 0, sizeof(key));
736
620
        memset(&body, 0, sizeof(body));
737
738
620
        if (key_len != 32) {
739
273
                fido_log_debug("%s: invalid key len %zu", __func__, key_len);
740
273
                return FIDO_ERR_INVALID_ARGUMENT;
741
273
        }
742
347
        if (blob_ptr == NULL || blob_len == NULL) {
743
0
                fido_log_debug("%s: invalid blob_ptr=%p, blob_len=%p", __func__,
744
0
                    (const void *)blob_ptr, (const void *)blob_len);
745
0
                return FIDO_ERR_INVALID_ARGUMENT;
746
0
        }
747
347
        *blob_ptr = NULL;
748
347
        *blob_len = 0;
749
347
        if (fido_blob_set(&key, key_ptr, key_len) < 0) {
750
2
                fido_log_debug("%s: fido_blob_set", __func__);
751
2
                return FIDO_ERR_INTERNAL;
752
2
        }
753
345
        if ((r = largeblob_get_array(dev, &item, &ms)) != FIDO_OK) {
754
318
                fido_log_debug("%s: largeblob_get_array", __func__);
755
318
                goto fail;
756
318
        }
757
27
        if ((r = largeblob_array_lookup(&body, NULL, item, &key)) != FIDO_OK)
758
19
                fido_log_debug("%s: largeblob_array_lookup", __func__);
759
8
        else {
760
8
                *blob_ptr = body.ptr;
761
8
                *blob_len = body.len;
762
8
        }
763
345
fail:
764
345
        if (item != NULL)
765
27
                cbor_decref(&item);
766
767
345
        fido_blob_reset(&key);
768
769
345
        return r;
770
27
}
771
772
int
773
fido_dev_largeblob_set(fido_dev_t *dev, const unsigned char *key_ptr,
774
    size_t key_len, const unsigned char *blob_ptr, size_t blob_len,
775
    const char *pin)
776
3.83k
{
777
3.83k
        cbor_item_t *item = NULL;
778
3.83k
        fido_blob_t key, body;
779
3.83k
        int ms = dev->timeout_ms;
780
3.83k
        int r;
781
782
3.83k
        memset(&key, 0, sizeof(key));
783
3.83k
        memset(&body, 0, sizeof(body));
784
785
3.83k
        if (key_len != 32) {
786
2.19k
                fido_log_debug("%s: invalid key len %zu", __func__, key_len);
787
2.19k
                return FIDO_ERR_INVALID_ARGUMENT;
788
2.19k
        }
789
1.63k
        if (blob_ptr == NULL || blob_len == 0) {
790
2
                fido_log_debug("%s: invalid blob_ptr=%p, blob_len=%zu", __func__,
791
2
                    (const void *)blob_ptr, blob_len);
792
2
                return FIDO_ERR_INVALID_ARGUMENT;
793
2
        }
794
1.63k
        if (fido_blob_set(&key, key_ptr, key_len) < 0 ||
795
1.63k
            fido_blob_set(&body, blob_ptr, blob_len) < 0) {
796
3
                fido_log_debug("%s: fido_blob_set", __func__);
797
3
                r = FIDO_ERR_INTERNAL;
798
3
                goto fail;
799
3
        }
800
1.63k
        if ((item = largeblob_encode(&body, &key)) == NULL) {
801
417
                fido_log_debug("%s: largeblob_encode", __func__);
802
417
                r = FIDO_ERR_INTERNAL;
803
417
                goto fail;
804
417
        }
805
1.21k
        if ((r = largeblob_add(dev, &key, item, pin, &ms)) != FIDO_OK)
806
1.21k
                fido_log_debug("%s: largeblob_add", __func__);
807
1.63k
fail:
808
1.63k
        if (item != NULL)
809
1.21k
                cbor_decref(&item);
810
811
1.63k
        fido_blob_reset(&key);
812
1.63k
        fido_blob_reset(&body);
813
814
1.63k
        return r;
815
1.21k
}
816
817
int
818
fido_dev_largeblob_remove(fido_dev_t *dev, const unsigned char *key_ptr,
819
    size_t key_len, const char *pin)
820
3.01k
{
821
3.01k
        fido_blob_t key;
822
3.01k
        int ms = dev->timeout_ms;
823
3.01k
        int r;
824
825
3.01k
        memset(&key, 0, sizeof(key));
826
827
3.01k
        if (key_len != 32) {
828
2.19k
                fido_log_debug("%s: invalid key len %zu", __func__, key_len);
829
2.19k
                return FIDO_ERR_INVALID_ARGUMENT;
830
2.19k
        }
831
821
        if (fido_blob_set(&key, key_ptr, key_len) < 0) {
832
4
                fido_log_debug("%s: fido_blob_set", __func__);
833
4
                return FIDO_ERR_INTERNAL;
834
4
        }
835
817
        if ((r = largeblob_drop(dev, &key, pin, &ms)) != FIDO_OK)
836
814
                fido_log_debug("%s: largeblob_drop", __func__);
837
838
817
        fido_blob_reset(&key);
839
840
817
        return r;
841
821
}
842
843
int
844
fido_dev_largeblob_get_array(fido_dev_t *dev, unsigned char **cbor_ptr,
845
    size_t *cbor_len)
846
639
{
847
639
        cbor_item_t *item = NULL;
848
639
        fido_blob_t cbor;
849
639
        int ms = dev->timeout_ms;
850
639
        int r;
851
852
639
        memset(&cbor, 0, sizeof(cbor));
853
854
639
        if (cbor_ptr == NULL || cbor_len == NULL) {
855
0
                fido_log_debug("%s: invalid cbor_ptr=%p, cbor_len=%p", __func__,
856
0
                    (const void *)cbor_ptr, (const void *)cbor_len);
857
0
                return FIDO_ERR_INVALID_ARGUMENT;
858
0
        }
859
639
        *cbor_ptr = NULL;
860
639
        *cbor_len = 0;
861
639
        if ((r = largeblob_get_array(dev, &item, &ms)) != FIDO_OK) {
862
624
                fido_log_debug("%s: largeblob_get_array", __func__);
863
624
                return r;
864
624
        }
865
15
        if (fido_blob_serialise(&cbor, item) < 0) {
866
1
                fido_log_debug("%s: fido_blob_serialise", __func__);
867
1
                r = FIDO_ERR_INTERNAL;
868
14
        } else {
869
14
                *cbor_ptr = cbor.ptr;
870
14
                *cbor_len = cbor.len;
871
14
        }
872
873
15
        cbor_decref(&item);
874
875
15
        return r;
876
639
}
877
878
int
879
fido_dev_largeblob_set_array(fido_dev_t *dev, const unsigned char *cbor_ptr,
880
    size_t cbor_len, const char *pin)
881
3.26k
{
882
3.26k
        cbor_item_t *item = NULL;
883
3.26k
        struct cbor_load_result cbor_result;
884
3.26k
        int ms = dev->timeout_ms;
885
3.26k
        int r;
886
887
3.26k
        if (cbor_ptr == NULL || cbor_len == 0) {
888
3
                fido_log_debug("%s: invalid cbor_ptr=%p, cbor_len=%zu", __func__,
889
3
                    (const void *)cbor_ptr, cbor_len);
890
3
                return FIDO_ERR_INVALID_ARGUMENT;
891
3
        }
892
3.26k
        if ((item = cbor_load(cbor_ptr, cbor_len, &cbor_result)) == NULL) {
893
1.64k
                fido_log_debug("%s: cbor_load", __func__);
894
1.64k
                return FIDO_ERR_INVALID_ARGUMENT;
895
1.64k
        }
896
1.61k
        if ((r = largeblob_set_array(dev, item, pin, &ms)) != FIDO_OK)
897
1.61k
                fido_log_debug("%s: largeblob_set_array", __func__);
898
899
1.61k
        cbor_decref(&item);
900
901
1.61k
        return r;
902
3.26k
}